Simulation finds weakness in system designed to spot fake drugs

A company which helps the NHS to scan and verify genuine drugs (and flag counterfeit meds) has used a pilot simulation to show how one hospital, even when complying with European scanning programs, can still allow illicit cancer drugs to fall through the net, and reach patients.

Systech, which was in essence trying to show the value of its UniSecure product, ran a programme that simulated the flow of pharmaceutical products through a serialized, international supply chain.

They deliberately threw in dozens of fake cancer drugs into a batch of real medicines (again, all simulated), using three batches: Batch 1 used the ESM model, that scans serialized numbers at the supply chain end-points; Batch 2 was the Pedigree model (DSCSA) that scans serialized numbers at each point in the supply chain; while the third uses UniSecure, which captured the original print mark for instant authentication at any point of the supply chain.

Each batch contained 500 cartons, 450 "genuine" products along with 50 "counterfeit" products that were randomly mixed in to simulate a breach in the supply chain.

All three went through the same checking processes that any medicine would, with batches 1 and 3 being shipped out directly to St James's Hospital in Ireland, while batch 2 was further split into two separate parts to simulate the distribution and authentication of product to multiple locations.

Systech's pilot found that in the ESM model, the first batch of medicines, 18 of the 50 counterfeit products were incorrectly verified and dispensed to patients (in simulation only), before their authentic counterparts made it to the point of dispensation and aroused suspicion.

Systech said that this: "Is the inherent weakness of the ESM model because it is an 'End to End' model. In other words, the only verification scan is at the point of dispense." Interestingly, a hospital pharmacy-based assessment also uncovered weaknesses in the ESM model – specifically low compliance rates with verification of product codes on medicine packs as well as a failure to act if suspect codes were scanned.

Things were slightly better in the second batch, the Pedigree model, where 10 of the 50 counterfeit products that were randomly added to the batch were verified and sent out to patients before suspicions were aroused.

The authors note that the added verification step inherent in this model: "Reduced the number of counterfeits reaching the patient to 10 counterfeits. The counterfeits that got through did so because the duplicate serial number was flagged after the counterfeit product had already been distributed to the patient."

Its own UniSecure system saw 100 per cent of the counterfeit products being shown up at authentication, meaning no counterfeit product went to patients.

"This is because the UniSecure solution does not rely on the traditional track and trace of serial numbers but instead, at the time of scanning, compares the scanned barcode against the unique 'fingerprint' produced during the label printing process," its report said.

The report concludes that the ideal solution "would need to offer ubiquitous authentication, as all supply chain parties would need to be able to verify in real time."