The EU-FMD ‘Safety Features’ Delegated Act in 10 steps

Meeting the ‘Safety Features’ requirements of the EU Falsified Medicines Directive can be daunting, particularly as some details are as yet not well understood. Serialisation expert Christoph Krähenbühl summarises what is required from the final draft Delegated Act

The general consensus among close observers of the EU-Falsified Medicines Directive (EU-FMD) ‘Safety Features’ Delegated Act (DA), is that the final draft posted 13 August on the EU Commission website is very close to the definitive version that was due to be adopted by the end of the year. This means that by early 2019 (or possibly even late 2018), every pharma manufacturer that supplies Europe – whether originators, generics manufacturers, virtual pharma companies, parallel traders, re-packagers or contract manufacturers (CMOs) – must have adapted their packs, implemented their tamper evidence capability, and established the systems, processes and master data to be in full compliance with the EU-FMD. If they do not, they are no longer in a position to sell their products in the European Market.

As practitioners, 3C Integrity is working extensively with pharma companies to implement these capabilities, and is fully aware of the size of the task ahead. The deadline for implementation is approaching at rapid speed, the challenges are many and the capacity to provide equipment and solutions for the hundreds of pharma manufacturers and the thousands of manufacturing lines producing for the European market is being booked as we speak. So below is an outline of the 10 major considerations for pharma manufacturers:

1. Timelines for EU states: The EU-FMD will impact every participant in the healthcare supply chain in 32 states in Europe from late 2018 or early 2019. This includes the 28 EU member states and three Non-EU European Economic Area (EEA) members, Norway, Iceland and Liechtenstein, as well as Switzerland. The exceptions are Belgium, Italy and Greece, which are deemed to have pre-existing features in place that will see their compliance timeline extended by a further six years.

2. Scope of products: All prescription-only medicines supplied to the public are in the scope of this legislation and the first items on the OTC blacklist have already been announced. The list of prescription medicines that are excluded contains radionuclides, medicinal gases, IV solutions in ATC therapeutic subgroup B05B ‘blood substitutes and perfusion solutions’, contrast media as well as homeopathic medicinal products among others. The proposed black-list of OTC products that will be subject to the safety features requirements is even shorter and currently consists of two strengths of omeprazole capsules. The inclusion of this product gives a good indication of how the risk-based approach will be administered: This is not only a product that is OTC in some markets and prescription only in others, but omeprazole was also subject to falsification alerts in April 2013.

3. Unique Identifier and Data Carrier: Every manufacturer therefore now needs to establish the capability to generate, print, capture, verify and store and manage the four- or possibly five-element Unique Identifier carried in a 2D Data Matrix printed on each and every pack. Getting the right code on the right pack sounds trivial but there are a number of practical challenges associated with this. It requires a sound understanding of product codes, in particular the GTIN/NTIN situation, a robust master data management system and process, high data quality and above all the mature understanding in the organisation that what is required is a step change from managing the product code carried on the sales pack as part of the of the artwork to a online process that ensures the correct code is printed alongside the other data elements.

4. Pack, Artwork, Tamper-Evidence: The key concept that has been at the core of the EU-FMD from the outset is the systematic mandatory verification of all packs at the point-of-dispense. This verification includes both the Unique Identifier and the Tamper-Evidence device. Chapters 3­–6 (Articles 10­–30) describe what this means in practice for many of the alternative dispensing practices found in the rich and complex healthcare supply chain in Europe e.g. for pharmacists and people operating within healthcare institutions.

5. Item-level but also ‘aggregation ready’: While the European approach focuses on the pack/item-level for the major use case envisioned (point-of-dispense verification), there are a number of situations where operating at a higher level of aggregation will make a lot of sense – and has been deemed acceptable by the law-maker. It does, therefore, make sense that even if manufacturers limit their implementation initially to item-level, their requirements should specify the aspiration to provide at least ‘aggregation ready’ equipment.

Cristoph Kraehenbuehl of 3C Integrity

6. Europe-wide ‘repositories’ infrastructure: The responsibility to upload the data to the repositories has now been clearly assigned to the Marketing Authorisation Holders supplying pharmaceutical products into the European Market. This obliges every MAH to establish a secure and capable company repository to fulfil their data reporting, data management and record-keeping obligations.

7. Obligations on parallel distributors/repackagers: Article 40 sets out the obligation on all brand owners and repackagers, to ensure the decommissioning of the unique identifier of a medicinal product in every national or supranational repository for products that have been recalled (temporarily), withdrawn, or – and that is new in this version of the DA – have been stolen or will be provided as free samples (Article 41). This means that brand owners and parallel distributors will require the system capability to upload additional ‘status changes’ of the serial numbers and – as an additional obligation on repackagers – to capture and upload the serial numbers of the packs that have been ‘consumed’ when creating the new packs that will be parallel distributed.

8. Challenges for contract manufacturers: CMOs may not fall under the direct data upload obligation but it is difficult to see how they would be in a position to control the supply of the appropriate information to their customers without also establishing a CMO company repository. In fact, given the typical CMO’s position of supplying multiple customers and possibly managing a complex mix of prescription and OTC products for a wide range of markets, the size of the challenge facing them may well dwarf the challenges faced by other pharma manufacturers.

9. Cost implications: In addition to establishing, maintaining and operating their in-house serialisation and tamper-evidence capability at line and at corporate repository level, pharma manufacturers are required to fund the establishment and on-going operation of the Europe-wide repositories system infrastructure. This will add to the cost on manufacturers, although the good news is that, through the various organisations representing their interests at the European level, much work has already been done to establish a capable and cost-effective approach in the form of the European Stakeholder Model.

10. Technology and support: What is required to be covered in terms of technology – at line and at the corporate level – is significant. However, establishing that serialisation technology stack is only part of the work that needs to be undertaken, and against the background of tight timelines, companies setting off now on their implementation journey cannot afford to risk getting things wrong at this late stage.

The budget for every EU-FMD readiness programme therefore needs to make provision not just for the technology but also for expert help and support that will more than pay for itself in the long run.

The author

Christoph Krähenbühl is a serialisation expert who (along with partner Ian Haynes) runs 3C Integrity, which provides serialisation expertise and support.