In the last article we talked about publishing serialisation information and the simplest of serialisation models, Authentication. In this article we will discuss arguably the most complex serialisation model, Track and Trace.
Track & Trace
Track and trace legislative models attempt to further improve the protection against the entry of falsified medicines into the legitimate supply chain.
Typically this is achieved by also requiring every change of ownership (and potentially location) of product to be recorded in the external agency database. Such legislation then also requires purchasers to verify the legitimacy of the product they are receiving by ensuring that the external agency database confirms that the seller had legitimate ownership of the product prior to sale. Rules are also required in the external agency database to ensure that the same product was not introduced illegitimately into the supply chain, or sold more than once from any single owner.
This is a similar model to that used in many countries to control the legitimate buying and selling of motor vehicles, which also present a significant threat to the health and safety of the public if they are not legitimate. Many such models adhere to the following basic principles. Each car is identified by a unique licence plate. When a seller sells a motor vehicle, they have to complete a sales transaction which is registered in the transport agency’s database stating which vehicle (licence plate) they have sold and to whom. When a buyer purchases the motor vehicle, they register their ownership with the same agency and indicate who they purchased the vehicle (licence plate) from. The external agency database also contains other information that helps confirm the identity of the vehicle to anyone concerned, such as make, model, colour. This information is also used by buyers and sellers to confirm the legitimate identify of individual vehicles. If the sale and purchase information matches then all is ok. If not, then investigation activity is triggered.
These additional track & trace requirements necessitate two very significant additional elements to be implemented over and above the Authentication serialisation model:
- Many, if not all, supply chain nodes handling product will need to be equipped to scan product and relate the unique identifier information to purchase, sales and other transactions and then communicate it to the external agency database. If they break product shippers down, they may also be required to serialise new shippers.
- To make (1) practical, many if not all levels of packaging shippers (e.g. bundles, cases and pallets) need to be serialised and the physical relationship between a shipper and it’s serialised contents built, communicated and maintained in the external agency’s database.
Element (1) is required to track the purchase and sales transactions down to the individual uniquely identified pack. For example, whenever a sale is made, all products which are physically changing ownership would need to be identified and the associated sale information updated in the external agency database. This requires the location in the supply chain handling the product at the point of sale to physically identify all the product being sold, down to its unique identifier. This is normally achieved by incorporating serialisation technology into the order processing and picking activities at a distribution location.
Element (2) is required to avoid the need for every such distribution location to break open all shippers and identify all uniquely identified packages within. A situation which would quickly bring the product supply chain to an effective halt.
This is one in a series of articles outlining the requirements of serialisation and related product coding legislation, discussing what needs to be done to address it and identifing some next steps to effectively manage the risk. Please help me improve the thinking by adding your comments and share this with others who may have a view.
To obtain an e-copy of our paper on the topic, go to www.be4ward.com or contact me directly at firstname.lastname@example.org.