How can we help?

Are you looking for some specific information? Please use the search options below. Either type key words into the 'How can we help you?' box, then choose a category and your user type, or simply use the Category / User type selections. Then press the search icon and a series of articles will be generated for you.

Dispensing Doctor and GPs have been informed by the DDA not to commit to any SSPs currently. Is this correct?

“Article 3 of the Delegated Regulation lists a number of definitions including a ‘healthcare institution’ as meaning ‘a hospital, in-or outpatient clinic or health centre’. The UK has classed General Practitioners (GPs) and Dispensing Doctors as health centres and therefore healthcare institutions.

Do Wholesalers performing QP batch release need to register with SecurMed?

Wholesalers are not allowed to perform QP batch release. All Wholesalers need to register with SecurMed to verify and decommission medicines as required under the Delegated Regulation. Only MAHs and holders of parallel import authorisations will be expected to pay fees to SecurMed.

Systematic Certificate Renewal v1.0

Intended Audience:  Software Suppliers

Date:  01 July 2020


User certificate sare valid for 2 years and will start to expire from Autumn 2020, with large numbers expiring in Q1 2021.

I am designing my software solution connection to the NMVS. Are Concentrator/Aggregator type architectures acceptable in the UK?

Following consultation with UK national competent authorities we can provide some clarification on connection methodologies:

Software solutions for the wholesaler and dispensing communities must provide for transparency of end-user locations (i. e.

Why is the ‘mixed bulk transaction’ not available to Wholesalers?

The ‘mixed bulk transaction’ is a bulk of individual transactions, as opposed to a single transaction applied to a bulk of packs. It should only be used to enable cached individual transactions when connectivity has been interrupted.

Why is it essential to present a unique certificate as well as a unique username and password?

The use of multi-factor authentication is mandated by the Delegated Regulation.

Is there further guidance on False Negatives – out of date, recalled pack, status error, data error, etc?

Several groups, including FMD Source, SecurMed UK and others, are working on establishing guidance for the various stakeholders. This guidance will be communicated in due course.

Will anti-tamper devices be allowed on OTCs and other out-of-scope products after February 2019?

The MHRA has confirmed that subject to the outcome of a public consultation anti-tamper devices may continue to be placed on out-of-scope products after 9th February 2019 if the relevant manufacturer considers that it is necessary to do so in the interests of patient safety.

Where the MAH or Manufacturer has a separate WDA, how will packs be decommissioned?

Each Manufacturer who also holds a WDA needs to review their business operations and wholesaling processes and, where applicable, connect to SecurMed for medicines verification and decommissioning as a Wholesaler.  

It is up to each MAH or Manufacturer to perform this assessment.

Is each GP a separate legal entity?

Each GP Practice (with one or more GP partners) is a separate legal entity. SecurMed registers Locations, not people.

Can a single location have multiple sets of credentials for different software solutions?

Yes. Duplicate credentials can be requested for the same location. SecurMed UK will validate the request.

Is multi-factor authentication required?

Yes. The use of multi-factor authentication is mandated by the Delegated Regulation and has been implemented in the UK MVS using an X509 Certificate.

Will the endpoints be different for new versions of the interfaces?

Yes. New interfaces will have different endpoints, URLs may be subject to change but will remain on the same domain.

Need more info?

If you can't find what you're looking for, please use the link below to get in touch.

Get in touch