Faced with delays at ports and possible product recalls, industry hopes the DGFT will fix the issues with the DAVA portal as well as issue clarifications.But with just three months to go to the mid November deadline, time is running out fast.
India’s serialisation and traceability journey has been a series of extensions and delays. This defines the Government of India’s dilemma of dealing with a very diverse sector, comprising companies of all sizes. The latest extension came this May.
The Directorate General of Foreign Trade (DGFT) public notice dated May 9 specifies that export of drugs manufactured by SSI and non-SSI units, manufactured on or before November 15, 2018, are exempted from maintaining data in the parent-child relationship for three levels of packaging and uploading this data on the central DAVA portal. All drugs manufactured after this date can be exported only if both tertiary and secondary packaging carry barcoding as applicable and the relevant data is uploaded in the DAVA portal.
For more than two years, pharma companies have expressed significant concerns regarding the DAVA database, including in a detailed white paper published in May 2017 by RxGPS, an alliance of pharma stakeholders. (See story: http://www.expressbpd.com/pharma/pharma-technology-review/making-sense-of-serialisation/389701/)
Will the two sides, DGFT and pharma companies, use this extension of six months address these issues?

As is to be expected, companies have their expectations and wish list. For example, Aditi Kare Panandikar, Managing Director, Indoco Remedies says, “It is essential that the DGFT audit and certify the line level and software level vendors for compliance. This will be a major help to pharma companies in vendor selection. The DGFT authorities should also finalise the minimum set of machinery for compliance and also publish the same, so that small/ mid-sized pharma companies know where to invest, as vendors confuse them with requirements.”

Shivaji Chakraborty, Asst General Manager, Packaging Development, Fresenius Kabi Oncology suggests three steps to be taken during this period of delay for DGFT to address the technical problems. The first step would be to organise meetings with industry to understand the difficulties faced by the companies and take actions accordingly. The next step should be to evaluate the requirement and come up with a proposal in line with global requirements. For example, in the case of tertiary level packaging, the US requirement is to print the serial shipping container code (SSCC) number (an 18-digit number used to identify logistics units) on the logistic pack, irrespective of homogeneous and heterogeneous pack while India’s requirement is for the SSCC number, along with the GTIN and other batch detail. The third step he suggests is that DGFT sets up a technical support team.
Equipment manufacturers like Gaurav Mohite, Product Manager, Global Track & Trace Portfolio, ACG are hoping that pharma companies will use the extension to “gear up and set-up the process to enforce critical aspects of serialisation within their organisation. As per the market feedback, most customers have been struggling in implementing complete control over the process, so as to ensure that the correct data gets uploaded to DAVA portal.”
Data security a must …
Kare Panandikar echoes most of her peers when she says that while the pharma industry has welcomed the DAVA system, there are still a few concerns like the non-availability of a good knowledgeable vendor for serialisation, the very high cost of equipment procurement and the non availability of trained resources for serialisation qualification and implementation. She also points out that many vendors claim to be compliant, however, there are very few who are actually capable of complying with the regulations.
Data that need to be uploaded to the portal, include details of the product, distribution point, batch, production, movement and aggregation but Chakraborty points out that there is lack of clarity about distribution point and movement details. (See box: Challenges faced on DAVA portal and some suggested solutions)

Overriding all of these concerns, is the possibility that this data could be visible to other companies and the lack of technical support to address these issues.
ACG’s Mohite too echoes this point, saying, “Considering the increase in cyber threats globally on databases and the potential manipulation of the market perceptions by some organisations using this data, the data security and integrity becomes one of the key concerns for any organisation.”
..but what about “dummy data”?
DGFT’s requirement that manufacturers upload “dummy” or fake serial numbers for primary packages (i.e. individual vials, blister cards, or bottles) that are not serialised is possibly the most confusing requirement. Since the DAVA system requires the upload of serial numbers for these primary packages, DGFT advised manufacturers to upload “dummy” or fake serial numbers for primary packages that are not serialised.
As a result, millions of fake serial numbers are being added to the DAVA database. There are concerns that these fake serial numbers could be applied to counterfeit drugs destined for countries all over the world.
“Dummy upload will not serve the purpose of traceability. This will increase cost to the company, as these numbers, if saved on the external server, will be charged,” points out Kare Panandikar. This use of serial number identifiers along with the requirement that serial number identifiers be unique at the company and not the product level will result in large manufacturers depleting serial number data pools as well, point out some industry sources.
Chakraborty minces no words when he says, “Dummy serial numbers is a data integrity issue. Serial numbers available in the database but physically not present may lead to confusion. And secondly, at present it may not be misused, but once authentication is implemented, the dummy serial numbers can be misused by the counterfeiter.”
On the other hand, some observers see this issue as a step in the journey and do not seem too perturbed. “We believe uploading “dummy” or fake serial numbers for primary packages that are not serialised is just a step towards making DAVA portal equipped for future primary packaging implementation. In our opinion, when DGFT enforces primary serialisation, the data handling and management requirements for DAVA are going to increase drastically.”
Industry sources list more technical challenges that made it difficult to use the DAVA system and export to waiting countries. For example, DGFT requires the use of a product numbering scheme that is inconsistent with global data standards. As a result, manufacturers are forced to choose between changing their entire numbering scheme—a cost that cannot be justified—and applying multiple product numbers to packages. The latter has caused significant operational challenges in countries of import and slowed or stopped the distribution of pharmaceuticals made in India.
Further, manufacturers seeking exemptions from the export requirements for product destined to countries with existing traceability requirements (permitted under the law) are forced to apply for exemptions product by product. This not only slows the process, but can create confusion if product exemptions have not yet been approved—leading to a situation where a product must comply with two different sets of serialisation and traceability requirements. The suggestion is to exempt all products exported to markets with existing regulations, which can alleviate this burden and confusion.
Safety and security
There have been questions on the safety of the DAVA database in terms of controlling access to the system and data to legitimate users and protecting data from competitors. There are concerns that data uploaded to the DAVA system is also unsecured: manufacturers (or any other entity with access to the system) are currently able to see product and batch information from other contributors, including competitors, which could be used for anti competitive purposes—or to make counterfeit product look legitimate, and either outcome could position India as an undesirable place to do business.
Users seem divided on this front. Chakraborty of Fresenius Kabi Oncology doubts that the DAVA database is secure as anyone having the digital signature to log-in to DAVA portal can access the data of the competitors. “Although we have not yet faced any problem, but this easily available data can be misused by the counterfeiter.”
Kare Panandikar of Indoco Remedies on the other hand opines that it is secure as one has to digitally sign to login to the portal. In Mohite’s assessment too, the dummy data currently uploaded on the DAVA portal cannot be used for authentication purpose, which means that at this point the misuse of the dummy data cannot arise.