New U.S. Drug Security Law Requires Review of Track-and-Trace Strategies


Analyst(s): |

  Free preview of Gartner research


A new U.S. law requires pharmaceuticals to be tracked and secured across the healthcare supply chain. Pharmaceutical supply chain leaders must re-evaluate their current and future track-and-trace strategies now.

News Analysis


On 28 November 2013, U.S. President Barack Obama signed H.R. 3204 — the Drug Quality and Security Act (DQSA) — into law. The law calls for the U.S. Food and Drug Administration (FDA) to set standards for tracking and tracing pharmaceuticals, and phases in requirements for specified trading partners across the U.S. healthcare supply chain. It requires manufacturers of pharmaceuticals sold in the U.S. to:

  • Begin capturing and reporting product transaction histories by 1 January 2015.

  • Implement systems to report suspect or illegitimate products by 1 January 2015.

  • Serialize individual products by 2017.


This law is a positive step for securing the U.S. pharmaceutical supply chain and has encouraging implications for the industry globally. The DQSA removes uncertainty around governance, enabling manufacturers to move forward with investments and serialization deployments with increased confidence. Pharmaceutical manufacturers can begin to make decisions to ensure traceable electronic records of custody for their manufactured products. This tracking will protect their revenue streams against the risk of counterfeited products.

The law provides the FDA with the authority to oversee all nodes of U.S. pharmaceutical supply chains for the first time. It sets out staggered compliance timelines for manufacturers, repackagers, third-party logistics providers, wholesalers, distributors and pharmacies. The law will offer the potential for a more network-centric approach to track and trace, and more flexibility in compliance.

The law will require the phased implementation of standardized numerical identifiers on a 2D data matrix bar code. This requirement is consistent with identifier trends in Europe, China and many other countries. The law proposes guidance on standards for the interoperable exchange of transactional data as well as governance for potential waivers and enhanced packaging security measures.

The DQSA may also help shape global standards, bringing further direction to a diverse patchwork of national and geographic regulations. In particular, China and Europe have proactively centered deployment models around track and trace, and verification, respectively. Due to the high maturity of deployments in these regions, they are likely to influence emerging global standards and best practice adoption.


Pharmaceutical manufacturers and downstream trading partners:

  • Start or continue initiatives for serialization. Phase deployments well in advance of U.S. and other global initiatives with earlier compliance timelines (such as China's).

  • Shift the focus of compliance efforts from item-level serialization to lot-level transaction capture and reporting with a target of January 2015.

  • Develop an architecture design for track and trace that accommodates the production and tracking of serialized and nonserialized products simultaneously.

  • Define a migration path to move to either point-of-dispense authentication or full track and trace built on item-level serialization.

  • Favor providers with experience in e-pedigree management and compliance reporting, preferably in a cloud-based environment or similar capability to support interoperability networks.

  • Consider enterprise solutions based on emerging global standards. Do not overstandardize at the expense of performance or compliance.

  • Think beyond compliance. Collaborate with partners to enforce the business case and strategy for track-and-trace capabilities by enhancing existing architecture and processes.

Gartner Recommended Reading

© 2013 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Not a Gartner Client?

Want more research like this?
Learn the benefits of becoming a Gartner client.

Contact us online



Why Gartner

Gartner delivers the technology-related insight you need to make the right decisions, every day.

Find out more