White Paper Aggregation Projects – Guidelines for OBPs
EMVO is currently undertaking a study to determine the most effective way to support the concept of aggregation/consolidation within the overall EMVS system. An update of functionality to support this has a major effect on all aspects of the system and therefore must be undertaken carefully with due
consideration for security, effectiveness and overall cost.
We are aware that several projects have been started to provide some form of aggregation/consolidation capabilities and that often, the requirements for these are being written into supply contracts. If there is a prerogative to undertake such pilot programs and initiatives, it is essential that the work
undertaken does not place the security of the overall EMVS at risk.
Over the past years, we have collectively invested huge sums into an EMVS that has security of the data at its heart. External (to EMVS) aggregation solutions that are not governed by and sympathetic with EMVS have a high chance of being less secure which becomes a threat to the EMVS overall.
We cannot condone activities that place the system at risk. Therefore, we are outlining practical instructions for OBPs stating the activities that should not be carried out during the aggregation/consolidation process. As such, the following issues should be addressed prior to undertaking or agreeing to undertake any such activity.
1. Aggregation/Consolidation explicitly requires the knowledge of lists of ACTIVE pack serial numbers. It is vital that any initiative that looks at aggregation/consolidation does not publish pack serial numbers in an unsafe manner e.g.
a. Sending via standard email (even within password protected files)
b. Sending via USB memory stick
c. Exchanging Excel files, the list goes on.
2. Security has to be the number 1 top priority – these systems could weaken the effectiveness of the entire EMVS.
3. By undertaking any form of initiative that handles lists of serial numbers outside of the EMVS, you are risking not only the reputation of your own organisation (through unintended publication of the serial number details and potential subsequent falsification) but you are risking the reputation of the entire EMVS and thus that of the industry and partners at large.
4. Ad-hoc external systems may not be GxP tested. Would you normally allow business critical confidential data to be handled by non-GxP systems?
5. These ad-hoc initiatives could end up representing de-facto standards, potentially weak and insecure de-facto standards of which there may be many. This represents a costly challenge going forward with the potential for industry having to support multiple different systems and incompatibilities.
6. To securely implement an aggregation/consolidation solution that is maximally efficient and effective, it will have to become part of the EMVS. This will take time both with EMVS and within the various partner systems that connect with EMVS. There is no “quick fix” that is also “secure” and “effective” for all parties involved. A solution is likely but must be specified correctly to maximise the effectiveness and value for money. Investing in pilot initiatives now, that maybe insecure, will only require additional investment later with much of that initial cost being wasted.
Anything that looks like a low-cost, quick route to increased sales revenue is likely to be insecure and problematic. If it looks too easy, there is probably a reason!
It is also worth bearing in mind that within the hospital using aggregation should only be tailored towards mass/bulk verification and not mass/bulk decommissioning. The FMD (Falsified Medicines Directive) requires that decommissioning be undertaken at the point of dispense and not ahead of time or in different locations. As such, if such programs must be undertaken, given all of the above cautionary notes, it is imperative that systems are not built which end up as non-compliant with the FMD.
As a final note of caution, be aware that any system of this nature will require extensive testing to assure correct operation and no loss or corruption of data occurs at either end of the chain or during transmission.
In the event of any questions or uncertainty, please do not hesitate to contact our Helpdesk:
Tel. Helpdesk: +32 (0)2 657 00 08