Mandates Not the Answer
Mandates for RFID implementation have barely spurred industry to action. The California e-pedigree law, set to go into effect in 2009, was closely watched by other states and the FDA, which had enthusiastically endorsed RFID but not issued any requirements for it. The regulations required that any company distributing or selling drugs in the state provide a verifiable electronic track on a product’s ownership down to the small-package (but not individual dose) level. But in March, the California State Board of Pharmacy voted to delay implementation of e-pedigree requirements from 2009 until 2011.
California’s failure to meet its deadlines was due to myriad factors that are normal for implementing broadly applicable standards. RFID technology was probably not mature or robust enough for a 2009 mandate, and many companies balked at the added cost in light of what they viewed as minimal benefits over existing technology, particularly 2-D bar codes.
End-users have always balked about costs of RFID chips as well. But tags represent but a fraction of the expense of deploying RFID, particularly at the large multidose level. Chip readers, software, infrastructure, and harmonization across the supply chain represent significant investments for pharmaceutical/biotech manufacturers, shipping and logistics, distribution centers, and for dosage-level tracking for dispensers and caregivers. Very few drug companies can dictate tracking and inventory terms to suppliers and distributors, as does Walmart, particularly given the drug industry’s labarynthine supply chain.
Many potential users still have reservations about RFID’s benefits. Perry DeFazio, an analyst with Nerac Consulting, notes that, optimizing return on investment, requires that everyone be on the same technological page. “Speed, accuracy, and consistency is everything in biotech,” says DeFazio, “and anything less than 100 percent accuracy diminishes the benefit side of the equation.”
RFID has been hailed as the solution for thwarting counterfeiting, diversion, tampering, and other malefactions that compromise pharmaceutical supply chain integrity. But some view these problems as so complex that reliance on any single technology—or even combinations—is futile.
One skeptic, Roger Johnston, Ph.D., who heads the Vulnerability Assessment Team as Los Alamos National Laboratory, acknowledges RFID’s potential for inventory control. Closed distribution environments, for example hospitals, are another potential sweet spot. But Dr. Johnston has demonstrated that any security technology deployed at the package level is easy to circumvent. He and his group have achieved a level of notoriety by their ability to hack RFID tags in less than one hour. Moreover tags are easy to duplicate, and those with no technical expertise whatsoever may simply lift the tags from one package to another.
Security experts therefore believe that no single solution assures supply chain integrity. Reed believes RFID technology must be part of a comprehensive approach to security that includes bar codes, tamper-proof packaging, nano-inks, sensors, and other technologies.
“You have to look at which business problems need to be solved, in what type of physical environment, then evaluate solutions on a case-by-case level. We have to understand not only the supply chain but where the risks are, and the stakeholders. Often a technology must be made to work for the least-sophisticated player.”