This series originally ran in the LedgerDomain newsletter. Don't miss out on industry updates and insights – subscribe below:
In just 8 weeks, the saleable returns verification requirement comes into full effect. 2-3% of all drug packages are reintroduced up into the supply chain and will be subject to a saleable return verification. Many wholesalers will be requiring serialization-level data alignment to process returns from their customers, so distribution centers and pharmacies are gearing up to keep products moving.
But verification is about more than just saleable returns. Let’s take a look at how verification actually works and how credentialing adds an essential layer of security.
What is Verification?
Under the DSCSA, most human prescription drug saleable packages must have a unique product identifier (PI) with four data elements – NDC, lot, serial, and expiry date – in both human-readable and barcode form. All trading partners must have systems to verify these PIs against the manufacturer’s source data.
- Wholesalers & dispensers: Must be able to submit requests for verification. Reasons for verification include saleable returns processing, suspect & illegitimate product investigations, status checks, exceptions management, and compliance with state inspections.
- Manufacturers & repackagers: Must be able to respond to requests for verification from FDA and Authorized Trading Partners (ATPs) within 24 hours.
What is the VRS?
The Verification Router Service (VRS) is an interconnected network of vendor systems designed to automate verification requests and responses. It consists of four major components:
- A requestor service that takes scan or inventory data from a wholesaler or pharmacist and prepares a request.
- A lookup directory that acts as a “phone book” for the requestor service to identify where the request should go.
- A responder service that checks the request against the manufacturer or repackager’s serialization database and provides a response.
- A digital wallet to both share your Authorized Trading Parther (ATP) status and confirm the counterparty’s ATP status.
For each component, there are a number of solution providers that host and operate the service. A few of them are shown below. These solution providers work with wallet providers, namely LedgerDomain and Spherity, to confirm ATP status.
Why Credentialing on the VRS?
Under the DSCSA, manufacturers and repackagers on the VRS are only required to respond to requests from Authorized Trading Partners (ATPs). Typically, messages over the VRS are unsigned. While GLNs (13-digit codes assigned by GS1) are included with the messages, these do not demonstrate ATP status and lack any signature protections.
To address this problem and ensure CFR 21 compliance, industry stakeholders like PDG, HDA, GS1, and the National Community Pharmacists Association (NCPA) have recognized OCI-compliant Authorized Trading Partner (ATP) credentials for interoperability. Getting a credential is quick and easy, and a standard integration allows your VRS provider to access your wallet for signing and checking operations.
Different Strokes for Different Folks
1. Check Your Policies & Procedures. Be sure your P&Ps include verification activity as applicable.
- Wholesalers & dispensers: Know when and how to verify, and be ready for the saleable returns verification requirement.
- Manufacturers & repackagers: Know how to validate and respond to an inbound verification request. (Our Example SOP for Response to Verification Request in Electronic Format can help).
2. Get Your XATP Wallet & Credential for VRS. Everyone using the VRS will want a credential before November 27.
- Wholesalers & dispensers: Don’t get rejected by for not having a credential.
- Manufacturers & repackagers: Ensure you can see others’ credentials coming in.
3. Not on VRS? Talk to Us. We’ve got you covered.
- Wholesalers & dispensers: Our compliance solution integrates with the VRS, and includes tooling for those drug packages either not on VRS or for some reason showing a false negative.
- Manufacturers & repackagers: The XATP Portal makes it easy to handle verification requests in a DSCSA-compliant way.
DSCSA Action Items
1. Check Your Policies & Procedures. Be sure your P&Ps provide coverage on the 6 areas of DSCSA compliance identified by the Board’s State of DSCSA report. Our example SOPs provide a solid grounding for ATP validation, trace, and verification.
2. Electronic Interoperability. Ask your solution provider about “secure, electronic” methods for ATP validation and tracing. Some providers make it easy for you to find the source data, but may not provide a PDG-compliant method to send, receive, and validate trace messages. The DSCSA requires “interoperable, electronic tracing” among ATPs, and ATP credentials are the only available method that meets all three elements of the law.
3. Get Your XATP Credential. Only LedgerDomain’s XATP Credential supports the trace workflows critical to achieving compliance out of the box. Get your credential set up or schedule a demo.