Worry-Free Compliance, from the Industry Leading DSCSA Compliance Provider
2025 DSCSA Requirement Deadline:
Frequently Asked Questions:
The utilization of barcode scanning, a proven technology in healthcare, is not a DSCSA requirement; if you do not scan you must complete all of the verification requirements manually. This can be labor intensive and leaves room for human error.
Some manual processes you may have to complete include detecting: duplicate serial numbers, mismatches between the physical product and data in the EPCIS file, amongst others.
Yes. DSCSA requires all that all transacted product be verified as being legitimate, along with its required transaction data. Even without DSCSA, it is in your best interest to verify all wholesaler orders – to identify any exceptions and possible savings.
Barcode scanning is not a requirement, but if you do not scan you must complete all of the verification requirements manually. This can be labor intensive and also leaves room for human error. Barcode Scanning is a proven technology in healthcare, for a reason.
To address this need ConsortiEX developed Verify on Receipt™, a barcode scanning tool that protects your inventory and patients by verifying product at the point of receipt, before it reaches your shelves.
ConsortiEX introduced ScanCast™ to address the problem of abundant scanning in the pharmacy. ScanCast removes redundant scans from your receiving process.
DSCSA requires all product that you take ownership is verified. Partial verification or tote level scanning is not compliant with DSCSA. Scanning and verifying 100% of product provides the highest level of supply chain security, and possible cash savings in the form of exception identification.
ConsortiEX works with all vendors to ensure accuracy of EPCIS data; we do not enable EPCIS accounts for our customers until that vendor has proven an ability to provide accurate data. Many vendors are still working towards EPCIS readiness today.
No; Drugs that are under an Emergency Use Authorization are considered exempt from DSCSA.
Below is a list of DSCSA Product Exemption Types:
• Compounded Drugs (from Registered Outsourcing Facilities)
• Imaging Agents
• OTC Products
• Drug Samples
• Solutions for replenishment of fluids or electrolytes
• Emergency Medical Situations
A T3 is required for transfers of product to EMS Providers. However, the EMS Provider is not legally obligated to receive the T3. In other words, the sending party must provide the T3 documentation.
The requirement of secure interoperable electronic product data exchange facilitated tracking and tracing (auditing). This eliminated the need for the Transaction History to be appended to each product because the products can be discovered electronically.
Interface: In healthcare, an interface typically requires multiple vendors to exchange data, preferably in a standard format, on a regular basis for day-today operations. Interfaces are often made as ‘one-offs’, and, depending on the configuration of each product, require significant time and coordination before they are operational.
Integration: In healthcare pharmacy receiving, integrations are used to ensure that systems work together seamlessly. With ScanCast, an integration of barcode scanning into other receiving systems can be achieved without any additional vendor participation, and can be enacted immediately.
Barcode verification is the most efficient way to meet the DSCSA Product Verification Requirement. ConsortiEX introduced ScanCast™ to address the problem of duplicate/or redundant scans in the pharmacy, by removing these scans from your receiving process. By design, ScanCast cannot add any additional steps to your receiving process – it can only remove them.
Industry Terms and Acronyms:
340B refers to a U.S. federal drug pricing program that requires drug manufacturers to provide outpatient drugs at significantly reduced prices to eligible organizations, known as covered entities ( hospitals, health centers, and clinics), serving uninsured and low-income patients.
The 340B program helps ensure access to medications and healthcare services for vulnerable populations.
A 3911 is a form that is filled out by trading partners to notify the FDA about illegitimate product they have received; manufacturers may file a 3911 to notify others of products that are at high risk of being illegitimate. Filing a 3911 is the first step in submitting a recall, and may also be used to account for lost/stolen product.
Learn More about 3911s with the FDA FAQ:https://www.fda.gov/drugs/drug-supply-chain-security-act-dscsa/drug-notifications-frequently-asked-questions/
A 503B, designated as an outsourcing facility under the Drug Quality and Security Act (DQSA), is a compounding pharmacy that produces large batches of medications. 503Bs must comply with stringent FDA regulations to ensure safety and quality.
503Bs provide hospitals and clinics with reliable access to compounded drugs, especially during shortages or when specific formulations are needed.
An Automated Dispensing Machine (ADM) is a computerized device that securely stores and dispenses medications, improving safety and efficiency. ADMs often integrate with pharmacy systems to reduce errors, manage inventory, and ensure timely medication administration in hospitals and clinics.
EDI stands for Electronic Data Interchange, and refers to the exchange of information, such as purchase orders, invoices, and shipment notices, between organizations using standardized formats. EDI improves efficiency, accuracy, and speed in transactions, replacing paper-based processes with automated digital exchanges.
EDI was the primary method of exchanging electronic T3 data until the widespread adoption of Electronic Product Code Information Services (EPCIS). EDI files contained all three required portions of a T3, the Transaction Information, History, and Statement.
Electronic Product Code Information Services (EPCIS) is a GS1 standard for capturing and sharing supply chain event data. An EPCIS file stores details about the “what, when, where, and why” of products’ movements and status changes, including:
- Serial Number
- Lot Number
- Product Code/NDC
- GLN
- Transaction History
GS1 is a global, non-profit organization that develops and maintains standards for business communication and identification systems. These standards include barcodes, data exchange formats (like EDI and EPCIS), and RFID technologies.
GS1 played a role in standardizing two critical components of DSCSA. The 2D data matrix barcode used as the unique product identifier, and the use of EPCIS to electronically exchange required product information.
Access these Links for More Information:
GS1 EPCIS DSCSA
Because the enhanced drug distribution security requirements in section 582(g)(1) of the FD&C Act, FDA recommends using EPCIS data to enable secure, interoperable, electronic data exchange among the pharmaceutical distribution chain.
You may need to obtain GLNs for your organization. GLNs are a data element of EPCIS, and a requirement to facilitate data exchange using EPCIS
Access these Links for More Information:
GS1 EPCIS DSCSA
sGLN stands for Serialized Global Location Number. An sGLN is a more specific type of GLN that also includes unique information to identify serialized product within a location.
GCP stands for Global Company Prefix, a GS1 standardized identifier to identify a company or organization within their global standards framework. This identifier is used to distinguish one company or organization from another within the GS1 system and supply chain.
A Group Purchasing Organization (GPO) is an entity that leverages collective buying power to negotiate discounts and favorable terms on behalf of its members, typically healthcare providers. GPOs help reduce procurement costs for medical supplies, equipment, and services, enhancing efficiency and cost-effectiveness in healthcare purchasing.
As defined in the law, the term “illegitimate product” means a product for which credible evidence shows that the product:
- is counterfeit, diverted, or stolen;
- is intentionally adulterated such that the product would result in serious adverse health consequences or death to humans;
- is the subject of a fraudulent transaction; or
- appears otherwise unfit for distribution such that the product would be reasonably likely to result in serious adverse health consequences or death to humans.
Follow this link for more information:
ConsortiEX uses the term ‘invalid document’ to refer to paper documents that do not meet the DSCSA T3 (Transaction History, Information and Statement) requirements. This is often due to a missing ‘transaction statement’; however the term would apply to any uploaded document that is not a T3. Please refer to “What is a T3” to learn more about T3s.
- A lot number is a unique identifier assigned to a specific group of products/medication that was manufactured together. It is used to track and trace products throughout the supply chain, enabling recall management, quality control, and regulatory compliance.
Dispensers are currently required to capture the Lot Number under DSCSA.
NDC stands for National Drug Code. It is a unique numeric identifier assigned to each medication listed under the Drug Listing Act of 1972 in the United States. This standardized code facilitates the identification and tracking of drugs for dispensing, billing, and regulatory purposes.
The NDC includes three segments: the labeler code, the product code, and the package code.
In 2017, the FDA issued a guidance for industry outlining requirements for manufacturers to include a unique product identifier on prescription drug packages. DSCSA Adopted the GS1 2D Data Matrix Barcode to serve as the product identifier.
This identifier serves two purposes:
- A unique identity for individual prescription drug packages and cases, which will allow trading partners to easily trace drug packages as they move through the supply chain.
- Includes the product’s lot number, expiration date, national drug code (or NDC), and a serial number. The serial number is different for each package or case. This creates a unique identifier – human and machine readable – to enable product tracing throughout the supply chain and enable all trading partners to better detect illegitimate products within the supply chain.
Follow this link for more information:
SOP stands for Standard Operating Procedure. It’s a document that outlines the step-by-step instructions on how to perform a particular task or process within an organization.
Within the scope of DSCSA, the SOP is the first thing you will be audited on. You should have an SOP documenting how you plan to satisfy each of the DSCSA requirements.
SNI stands for Standardized Numerical Identifier. It is a unique identifier required for the serialization of pharmaceutical products, typically composed of a combination of the National Drug Code (NDC) and a unique serial number.
As defined in the law, the term “suspect product” means is a product for which there is reason to believe the product:
- is potentially counterfeit, diverted, or stolen
- is potentially intentionally adulterated such that the product would result in serious adverse health consequences or death to humans
- is potentially the subject of a fraudulent transaction; or
- appears otherwise unfit for distribution such that the product would result in serious adverse health consequences or death to humans.
Follow this link for more information:
T2 is shorthand for two required data points as outlined by the FDA, Transaction Information, and Transaction Statement. This can be a physical, paper, document, or an electronic file. Come November the transaction history can be obtained by tracing the product.
Track and Trace is a component of the DSCSA that enables trading partners
Tracking refers to a dispensers ability to receive and capture relevant transaction information upon receipt of a product; tracing refers to the collective ability of trading partners to provide product information on its journey through the supply chain, from manufacturer to dispenser.
The Drug Supply Chain Security Act (DSCSA), part of the Drug Quality and Security Act (DQSA) of 2013, establishes a national system for tracing prescription medications through the U.S. supply chain. Its aim is to enhance drug security, prevent counterfeit drugs, and improve the ability to trace and verify the history of drug products. The DSCSA mandates enhanced product identification, tracing, and verification requirements for manufacturers, repackagers, wholesalers, and dispensers.
The Drug Quality and Security Act (DQSA) is U.S. federal legislation aimed at enhancing drug safety.
There are two titles:Title I: the Compounding Quality Act, which distinguishes 503A and 503B compounding pharmacies and strengthens regulations
Title II: The Drug Supply Chain Security Act (DSCSA) establishes a national system for tracing pharmaceutical products through the supply chain to prevent counterfeit drugs and enhance accountability.
A T3 is a document that is made up of the three core components: Transaction Information, Transaction Summary, and Transaction Statement. Manufacturers are required to include a T3, either physically or electronically. Products without a T3 should not be accepted.
A physical T3 is often included with a physical product; it may be an Invoice, a Packing Slip, a Purchase Order, a different document, or a standalone T3.
An electronic T3 may be delivered via EDI; EPCIS files also contain this information,
Transaction History is one portion of a T3, and refers to a documented record of each prior transaction of the specific product. The Transaction History should include the Transaction Information going back to the manufacturer.
Transaction Information is one portion of a T3, and refers to the documentation of a collection of transaction data points, including:
- Product identifier (including the National Drug Code (NDC)).
- Name and address of the seller and buyer.
- Transaction date.
- Shipment date (if different from the transaction date).
- Transfer of ownership details.
A Transaction Statement is one portion of a T3, and refers to a statement by the entity transferring ownership of the product affirming that they are in compliance with DSCSA requirements. Confirming that the entity:
- Is authorized under DSCSA.
- Received the product from a licensed entity.
- Received the necessary TI, TH, and TS from the prior owner.
- Did not knowingly ship a suspect or illegitimate product.
- Has systems and processes in place to comply with verification requirements.
- Did not knowingly provide false transaction information.
- A 503A is a compounding pharmacy that prepares patient-specific doses of medications. Regulated primarily by state boards of pharmacy and the FDA, 503A pharmacies follow USP guidelines to ensure safety, quality, and positive patient outcomes.
Unlike 503B facilities, 503As cannot produce medications in bulk for office use or resale.
ADC stands for Automated Dispensing Cabinet.
An SSCC (Serial Shipping Container Code) label is used in logistics and supply chain management to uniquely identify a shipping container, such as a pallet or box. It helps track and manage goods through the supply chain by providing a unique identifier for each container, facilitating efficient handling, tracking, and inventory management.
PDG stands for Product Data Group. PDG plays a role in overseeing the development and implementation of standardized data formats and systems for tracking and tracing pharmaceuticals. They assist in ensuring compliance with DSCSA requirements by facilitating accurate and efficient data exchange between trading partners.
A GTIN (Global Trade Item Number) is a unique identifier used to recognize products in the global supply chain. It can be 8, 12, 13, or 14 digits long, depending on the specific GTIN format (e.g., UPC, EAN). GTINs are used to manage inventory, facilitate sales transactions, and ensure accurate product tracking.
An sGLN, is a Serialized Global Location Number.
GCP stands for Global Company Prefix , and is used as the base for an SSCC standard tote/container label. Any customer looking to adapt an Alternative Distribution Model will need a GCP number in order to create shipping/container labels that correctly associate to the EPCIS file for downstream receiving.
A contract pharmacy is an external pharmacy contracted by a covered entity to dispense discounted medications to eligible patients, helping to extend the reach of 340B benefits without the covered entity needing its own in-house pharmacy.
A covered entity is a healthcare provider eligible to purchase medications at discounted prices, including hospitals, community health centers, and specialized clinics, aimed at serving underserved and low-income populations under the 340B program.
An integration is the process of linking different systems, applications, or software to work together as a unified whole, enabling seamless data exchange and functionality across multiple platforms.
An interface is a point of interaction between systems, software, or devices that allows them to communicate and exchange data, often using specific protocols or standards to ensure compatibility and functionality.
To quarantine means to isolate product away from the rest of your inventory to prevent it from being dispensed; often in result to a suspect product investigation or damaged good.
ATP stands for Authorized Trading Partner. Within DSCSA, an ATP is a trading partner within the pharmacy supply chain, whom has been verified as a legitimate partner. The FDA utilizes an electronic credentialing token to identify the valid trading partners across the US supply chain.
VRS stands for Verification Router Services, and serves as a means of electronic communication between ATPs, when responding to track/trace requests, or audits.
The CDER NExtGen portal as an FDA specific VRS system, used to communicate with the FDA, or other trading partners as a part of an FDA investigation or audit.
3911s are also filed in the CDER NExtGen Portal.
An FDA 3911 is a form to be filled out when investigating a quarantined product. The 3911 serves as a notification to the FDA that a suspect product has been identified, and further investigation may follow.
WEE stands for Waivers, Exceptions and Exemptions, and relates to a process introduced by the FDA, where trading partners can file for an extension of the deferment of specific requirements under DSCSA. Applying for a WEE does not mean a WEE has been granted, and enforcement of requirements may take place while a WEE application is pending.
WEEs can cover organizations on the dispenser side, or specific NDCs, on the manufacturer/distribution side.
DUNS stands for Data Universal Numbering System, and is a proprietary system developed and managed by Dun & Bradstreet that assigns a unique numeric identifier, referred to as a “DUNS number” to a single business entity.