- My staff are fully aware of what DSCSA is, and they are routinely educated on how we comply from an operational perspective.
- I have an organization or corporate-level policy and procedure outlining DSCSA regulations.
- I routinely (at least semi-annually), self-audit my compliance with DSCSA regulations.
- I have had an independent audit of my organization for DSCSA compliance in the past 2 years.
- When product serialization is mandatory in November of 2017, I am prepared for the changes this may entail for my inventory management and EMR systems.
Making Notification and Responding to Notification
- I have a defined system in place for responding to investigation, including identifying product, quarantining suspect product, and making notice of cleared product..
- I know to whom all of my product has been transferred, and can notify any recipients in the event of investigation that they may possess illegitimate or otherwise contaminated product.
- I can complete identification and response to an investigation within 2 business days of request by a government investigator.
- I am familiar with FDA Form 3911 for the purposes of reporting suspect or illegitimate product.
Selling, Loaning or Accepting Product
- I only do business with authorized trading partners.
- I ensure all necessary components of transaction information that are specified in DSCSA regulations are included with product transfers (FD&C, section 581(26)) .
- I ensure that a transaction statement is included, and contains all necessary components of Transaction Statement that are specified in DSCSA regulations (FD&C, section 581(27)) .
- I ensure that history of prior ownership including the business entities name and address, and contains all necessary components of Transaction History that are specified in DSCSA regulations are included (FD&C, section 581(25)) .
- I have a system in place that allows me to verify history of ownership, transaction statements and product detailed information, prior to accepting a product.
- I maintain a list of all suppliers from which I receive product.
- I retain a detailed listing of all products that I have received or sold, and can search this data by lot number, NDC and/or product description, to further identify products in my inventory.
- My data is backed up routinely and stored, to guard against common data loss scenarios, such as inadvertent deletion, disaster, malware, and/or ransomware.
- My data is stored in a format that can be reported on, and I am planning on storing the data for at a minimum 6 years.
- I can identify any gaps in DSCSA documentation, such as missing transaction history and quickly fill those gaps.