FDA DSCSA Mandates Pharmaceutical Supply Chain Partners to Finalize Enhanced Drug Distribution Security by November 27, 2024

DURHAM, NC, March 7, 2024 – Drummond Group, LLC, a trusted provider of compliance, standards, and cybersecurity testing, certification, and validation services, today announced that LedgerDomain has successfully completed the Open Credential Initiative (OCI) Digital Wallet Conformance Criteria Audit. OCI supports pharmaceutical industry collaboration to achieve electronic interoperability and meet the authorized trading partner (ATP), interoperable tracing, and enhanced U.S. Drug Supply Chain Security Act (DSCSA) verification requirements.

By November 27, 2024, the U.S. pharmaceutical supply chain must exchange product compliance information, including drug verification and tracing data, in a fully interoperable manner. To ensure seamless authentication and prevent bad actors from accessing sensitive information, OCI provides open-source specifications built on interoperable standards defined by GS1, W3C, and NIST to support FDA’s guidance for “all electronic” enhanced drug distribution security. These specifications have been developed in close collaboration with industry stakeholders, including the Partnership for DSCSA Governance (PDG) and the Healthcare Distribution Alliance (HDA) VRS Working Group.

Working alongside a coalition of other solution providers, LedgerDomain delivers credential-secured messages to the Verification Router Service (VRS), a network of solution providers established to handle enhanced drug verification under the law. With ATP credentials, manufacturers and repackagers can automatically confirm the ATP status and identity of requesters on the network. In addition, credentials allow secure interoperability of electronic messages through other channels, including emails and integrations for tracing.

As an OCI Digital Wallet provider, LedgerDomain partners with OCI Credential Issuers, who validate trading partners via identity proofing and assign ATP credentials. Undertaking the audit in line with the FDA public-private partnership’s PDG Blueprint for 2023 Interoperability, Drummond auditors reviewed LedgerDomain’s technical implementation, policies, and internal controls.

“With more than 25 years of conformance certification testing and auditing experience, Drummond is a natural choice to help the pharmaceutical industry meet the PDG Blueprint’s auditing and accreditation requirements,” said Aaron Gomez, Supply Chain Security Business Unit Leader. “I am pleased to announce that LedgerDomain has passed all required Digital Wallet Conformance Criteria, including optional criteria, and has achieved Drummond CertifiedTM status.”

“Trust isn’t something that can be granted in the digital age, but has to be earned,” said Alex Colgan, Head of Marketing & Partnerships at LedgerDomain and a co-chair of OCI’s Steering and Policy & Architecture committees. “Drummond’s independent expert assessment of our systems and controls has proven invaluable—not just a certification, but a validation of our hard work bringing robust interoperable software into production,” he added.

About LedgerDomain

LedgerDomain is the identity and secure messaging platform for modern decentralized healthcare. Their XATP solution enables trading partners, including global enterprises, health centers, and independent pharmacists, to comply with DSCSA requirements for authentication, enhanced verification, tracing, and more – helping prescription drugs remain safe and effective for patients.

For more information, email LedgerDomain at info@ledgerdomain.com, or join them at booth 106 at HDA’s Distribution Management Conference and Expo, March 10-13, 2024, in Palm Desert, California.

About Drummond Group, LLC

For over 25 years, Drummond Group, LLC (www.drummondgroup.com) has helped organizations in highly regulated industry sectors (health, finance, pharmacy, and retail sectors) by providing compliance, standards, and cybersecurity consulting, testing, certification, and validation services. Drummond promotes and supports the adoption of interoperability and security mandates, standards, and best practices that drive the secure industry digital transformation, including B2B EDI (AS2, AS4), ONC Health IT, HIPPA, PCI, FTC, FHIR, DEA EPCS, DEA CSOS, GS1 GDSN, GS1 EPCIS 1.2, NIST AI RMF 1.0, NIST 8374, NIST 800-53, and more.