A New Approach to Pharmaceutical E-Pedigrees

By Mark Harrison

EPCIS can support chain-of-custody verification—without a cumbersome data burden.


Many countries have been seeking ways to stem the flow of counterfeit drugs into the pharmaceutical supply chain. RFID and 2-D bar codes enable serial-level traceability of individual packages of medicines, giving each package its own history—or electronic pedigree. This provides robust proof of the chain of custody, from manufacture through distribution to pharmacies. An e-pedigree is an effective anticounterfeiting technique, because it is difficult to falsify the information trail.

California, Florida and other states passed e-pedigree laws, but there were significant variations in their requirements. The Drug Pedigree Messaging Standard (DPMS), developed by GS1 EPCglobal to satisfy all the requirements, was ratified in January 2007, providing a way to format and digitally sign e-pedigree data as it moved through the supply chain. But DPMS involved collection of large quantities of data that had to be exchanged and stored, placing an operational and financial burden on small, independent retail pharmacies, which lacked the IT infrastructure to handle large data files containing nested layers of digitally signed information.

Since then, the Cambridge Auto-ID Lab and workgroups within GS1 EPCglobal have been developing a new approach to e-pedigrees. It takes advantage of the EPC Network and the Electronic Product Code Information Services (EPCIS) standard, which had not been ratified when DPMS was developed for e-pedigrees. EPCIS allows for the secure exchange of information about events—such as movement of individual items identified with a unique EPC—at each stage in the chain of custody from a manufacturer to a retailer. An EPC can be encoded in, and read from, an RFID tag or a 2-D bar code (pallets and cases likely will be identified with RFID tags, and items with 2-D bar codes). An infrastructure that employs EPCIS could support e-pedigrees as well as other track-and-trace applications, such as product recall or authentication.

To develop the event-based approach, we have been gathering requirements for robustness and considering the data content and architectural options for message-flow choreography. A new key concept is a “shared checking service”: As soon as pedigree data is captured, the service could automatically check to ensure the information is complete and consistent with the previous pedigree history for that item package. It also would be able to perform a number of configurable checks, according to regulations in different regions, as well as any additional tests users might specify.

This approach would let us move from a paradigm of passing a cumbersome, multilayered pedigree document downstream to a service that can provide a prechecked list of EPC numbers for which the pedigree information has been verified before the physical goods arrive, so the receiver knows the items are correct. Detailed pedigree reports could be generated on request.

End users within the health-care sector are considering the service and other architectural approaches to event-based pedigrees.

Mark Harrison is director of the Cambridge Auto-ID Lab.