Q. Does ePedigree require the use of RFID?

A. Let’s start with concept of serialization: Can I uniquely identify each item as it moves through the supply chain? For that you can use RFID or any other unique data character you like, including 2D barcode, which sometimes goes by Data Matrix. From a data carrier perspective, you’ll frequently see high-value, high-volume drugs get RFID because they can support a higher cost; for lower cost drugs you’ll typically see the use 2D bar codes.

A pedigree is simply a document that shows you the chain of custody. Now it can be electronic or paper depending on the state regulator. Florida has said it can be either. In the case of California, they require electronic identification. In the state of Florida they have a non-serialized pedigree, so they’re only tracking things at the batch or lot level. That’s the lowest level they’re identifying to. In California, they’re driving it down to the item level because they feel at the batch level you really can’t get unique enough to know whether this particular drug is valid or hasn’t been counterfeited.

Q. How would you characterize the adoption of RFID ePedigree in the US and elsewhere?

A. RFID ePedigree is clearly much more favored in the US than it is in Europe, largely because of the scenarios they’re trying to implement. In Europe, they’re looking at it from a product validation perspective. They just want to know it is product they produced. In the US, they’re looking at it from a pedigree standpoint. They want to use the pedigree almost as a law enforcement tool. If there is a counterfeiting event, they want to know where it happened in the chain.

Q. Does ePedigree guarantee against counterfeiting?

A. No. ePedigree makes it more difficult to do counterfeiting. I would argue that batch and lot level pedigree doesn’t help much at all; it just gives you an inventory tool. When you move down to the item level and you uniquely identify items, you have a unique identifier on the bottle. So your counterfeiter is going to have to counterfeit the unique serialization on each bottle…which is more difficult.

The RFID chip is also burned with the unique serial number, so when you read those two ID numbers and if you have a match you probably have the original packaging. Duplicating that chip ID is almost impossible without having a semiconductor fab in your back yard. So there’s an added layer of security. But counterfeiters are smart. They are always looking at new methods to counterfeit. We want to be able to identify when those incidents occur and limit the exposure to anybody.

Q. I understand that in 2009, California will become the first US state to enact ePedigree law for pharmaceuticals. Do other countries also have ePedigree legislation?

A. There are 39 states that have pedigree laws on the books. California is the first to do it at the item level, though. California, which is different from almost any other state legislation, is mandating the items are tagged by the manufacturer, whereas most states have started with the wholesaler. Italy, Belgium, France, Spain, The Netherlands, Germany, Greece and Portugal also have legislation and they’re all different.

Q. How do these different laws hamper IBM’s efforts in developing ePedigree RFID infrastructure?

A. It doesn’t. So, a couple of thoughts worth mentioning here. I tend to talk more about it as track-and-trace than pedigree. Pedigree is one aspect we’re trying to address. When you can track drugs that are serialized through the supply chain, you can track other problems, such as shipment verification, within the supply chain.

From the regulatory side, if you think about it, what we have is a software infrastructure that allows for the capturing of all this information. How do I talk to all the RFID readers, and motion sensors, the conveyer belts…anything that might be involved in the packaging and distribution of product? How do I manage and collect all that information? Then how do I store and share that information with trading partners?

The pedigree is almost a different view on the data you’re collecting. My regulatory form, or my transmission for Florida is going to appear in one format, while my transmission to California may look like a different format: it’s just how you organize it that’s different.

From our perspective, it certainly would be easier if we had one consistent standard we’re tying to meet. Fundamentally, you need to be able to uniquely identify the items, interface with all those devices, and you need to be able to store and manage a huge amount of information…including batch numbers, expiration dates, etc, as well as the unique IDs on those items. Once you have all that, then it’s a relatively simple matter of populating out all those forms for state A or state B or state C.

Q. Given that the law is a moving target, how can you assure your customers that the ePedigree technology they buy from IBM will be relevant in, say, five year’s time?

A. Because we’re not looking at this from a simple pedigree perspective but indeed looking at it from more a supply-chain perspective. How do I get a business benefit out of it? That drives a slightly diff thought process…we’ve built a software infrastructure that is device agnostic. So it’s okay if regulations change or devices change. The same infrastructure we deploy for item level serialization can be used for other sensor applications, including manufacturing, asset tracking or real time location services.

Q. Do you think legislative uncertainty has hampered the adoption of ePedigree track-and-trace technology in the US and elsewhere?

A. Yes but not so much as the depth of knowledge on the technical side. While the laws have been evolving the technology has been evolving. A year ago, the debate was how are we going to tag this stuff? With high frequency tags, ultra-high frequency tags or bar codes? And how are we going to do this data collecting without slowing down the process? Now we’ve got that part mostly figured out; so the focus is, How do I share this information with my trading partners? What’s the business benefit of doing this, how do I get RoI on my investment? At the same time, the laws have been evolving.

Q. How do enterprises get RoI out of their RFID ePedigree investment?

A. They don’t out of pedigree. Pedigree is simply a way to comply with regulatory schemes. If you’re going to look at RoI, you have to look at other areas.

A good example is charge-back resolutions. The pharmaceutical manufactures frequently agree to sell the same product to different audiences in different markets at different prices. They do this geographically and they do this within markets.

Let’s say my manufacturer has agreed to sell my product to a nursing home for a 50% discount. The wholesaler buys it for $100 and sells to nursing home to $50. They then ask the manufacturer for a charge-back rebate. Consider that a drug, on average, changes hands up to 10 times. And drug manufactures are paying out of their annual revenue between 5% and 15% in refunds each year. If you have item serialization you know, first of all, if you paid charge-back on that item already and you’re not going to pay it again. So, you eliminate any double charging. Rather than having a small army of people doing this, it could be done electronically.