2018 09 27 GS1 Digital Link Call Agenda.Pptx

GS1 Digital Link Structure MSWG Lisbon physical meeting

Chairs, Phil Archer, Mark Harrison & Greg Rowe

12 September 2019 WiFi internet access

• Select network “Sheraton Lisboa” and connect • Username: GS1events • Password: GS1events

• GS1 operates under the GS1 anti-trust caution. Strict compliance with anti- trust laws is and always has been the policy of GS1. • The best way to avoid problems is to remember that the purpose of the group is to enhance the ability of all industry members to compete more efficiently. • This means: - There shall be no discussion of prices, allocation of customers, or products, boycotts, refusals to deal, or market share - If any participant believes the group is drifting toward impermissible discussion, the topic shall be tabled until the opinion of counsel can be obtained. • The full anti-trust caution is available via the link below, if you would like to read it in its entirety: GS1 Anti-Trust Caution

• Relevant to the features of the specification that are being developed in this Work Group, if anyone has knowledge or information about intellectual property rights, such as, patents or patent applications; please promptly convey this information to the Work Group Facilitator.

• The intellectual property rights can either be in development or owned by persons, companies or third parties within this WG or outside this WG.

• We do this under the guidance of the IP Policy, so that GS1 can seek to avoid the uncertainty regarding intellectual property claims against the Specification.

Open session that 1 2 Scroll to the bottom 3 Begin the survey you want to survey for Session Survey

Standard • Standard has finished public consultation now in IP review Awareness • Demonstration at GS1 Connect Denver (June) and Lisbon this week Videos • Four videos have been produced Training • Training materials are in Beta testing - Training sessions set up in Asia region Implementation Guide • Sub-team Working session on the implementation guide (25th July) • Implementation guide in draft Use Cases • We have started to see early addition of Digital Link which we will look at today

We are reaching the end of the current phase • GSMP Work Group – Produce the standards and Imp Guide

So What next – Typically we now move into implementation • We need to review items for 1.2 of the standard • We have to enable the MOs to educate and promote DL • We also need to engage the Service Providers and Industry Sectors

We will spend some time today looking at these

© GS1 2018 8 The agenda for today is therefore The agenda for today is therefore 1. Provide and update of where we are 1. Provide and update of where we are 2. Share experiences and viewpoints on DL 2. Share experiences and viewpoints on DL 3. Review items for 1.2 of the standard 3. Review items for 1.2 of the standard 4. Take a look at the implementation guide 4. Take a look at the implementation guide 5. Start to look at the next phase of work 5. Start to look at the next phase of work

EST Topic 8:30-8:45 Welcome, Anti-trust and IP Statement & Reminder, Introductions Topic 1: Experiences and viewpoints on GS1 Digital Link Dom Guinard – EVRYTHNG Tatjana Pathare – Roche Jeanne Duckett – Avery Dennison & Jo Anna Stewart – GS1 US Raad Ali, GS1 Jordan Elizabeth Waldorf - Tracelink 10:30 – 11:00 BREAK Topic 2: What’s coming up in GS1 Digital Link 1.2? Lisa Sandberg – GS1 GO Marketing Kevin Dean – Delegating Authority Phil Archer – Standards ingestion model and semantics Heinz Graf – Implementation in Switzerland Grant Courtney – Regulatory oversight 12:30 – 13:30 Lunch

EST Topic 13:30 – 17:00 Implementation issues Implementation Guide – progress so far. Paul, Grant, Phil Review training deck – Phil The view from the marketing department – Lisa Sandberg Industry engagement options – do we need an MOIG? Time line from now to End of 2020

1 2 GS1 Industry & Standards Event 2019

September 2019 in Lisbon, Portugal

Tatjana Pathare, F. Hoffmann La Roche About F. Hoffmann-La Roche About F. Hoffmann-La Roche

• Company headquarters are located in Basel, Switzerland

• In 1934, it became the first company to mass-produce synthetic Vitamin C, under the brand name Redoxon

• In 1957 it introduced the class of tranquilizers known as benzodiazepines – brand names Valium and Rohypnol

• To present date we manufacture several cancer drugs

• Today Roche ranks among the world’s leading healthcare companies and has two strong core businesses: Diagnostics and Pharmaceuticals

• Frontrunner in personalised healthcare -With our combined strength in pharmaceuticals and diagnostics, we are better equipped than any other company to further drive personalised healthcare FIRST AND FOREMOST HURDLE

EDUCATION DIFFERENCE BETWEEN THE 2 CODES

GS1 DataMatrix Verification? GS1 QR code Information?

16 Which code should I scan to get the relevant information on a single item? GS1 DataMatrix Barcode

1D Barcode Folding

box QR Code

GS1 DataMatrix QR Barcode Code Vial label MOST COUNTRIES WOULD LIKE TO IMPLEMENT THE QR CODES ON THE PATIENT INFORMATION LEAFLETS Teaser Use the existing barcode on the folding box and label so that the end users can use this code to get digital information

Linking to verification as protection against counterfeiting Linking to information about the product (videos, audios, illustrations, texts…) Information on Recall, Expiry Date, Tamper Evidence feature

GTIN BATCH EXP Eventually Serial Number SCOPE

• USE DIGITAL LINK

• USE GS1 STANDARD

• USE existing1D CODE and if available

• 2 D DATA MATRIX BARCODE What do you require?

• An app to scan the 2D Data Matrix code (some countries have their own apps / some solution providers)

• GS1 Digital Link standard

• Resolver

• Database containing the information (e.g. e- compendium.be; felleskatalogen.no) CHALLENGES WE FACE NOW

BUILD A ROCHE APP

NO GENERAL APP EXISTING IN MARKET CHALLENGES WE FACE NOW

DATA BASE

If it exists (external companies) can we use it? e.PI (Felleskatalogen) If it does not exist who will provide the affiliates with

• Patient Information in xml format? Many Health Authorities are using the pdf format and many companies are using pdf on their websites

• If it exists one language for 3 territories ? Other • Where do we store ‘other’ information ? info CHALLENGES WE FACE NOW

GS1 Resolver or Resolver Company based Resolver or Country based Resolver

Who does what ? Work on-going Could we leverage GDSN to feed Digital Link Resolvers?

• What GDSN could provide? • What does the Resolver need as minimum – GTIN information? – GLN of the information – GTIN provider – Language – Target Market – Territory – And many other data – Link Type – URL of the source content

Manufacturer Could this also be a Resolver??

Source: GS1 THINGS ARE GOING FAST - NOW THAT WE HAVE THE BUY IN FROM SOME COUNTRIES

• NO PILOTS

• JUST IMPLEMENT ! Doing now what patients need next Our Road to Digital Link

Preparing Products for Consumer Internet of Things (C-IoT)

Jo Anna Stewart – GS1 US and Jeanne Ducket – Avery Dennison

• GS1 Overview • GS1 C-IoT Research Summary • GS1 Digital Link – Connecting Products • Digital Link Proof of Concept Work • Digital Link Demo

• Pioneer - 40+ year history transforming the way we work and live with U.P.C. and RFID • Expertise - Most widely used system of standards in the world • Reach & Impact - Over 2.5 million businesses - 6 billion scans daily - 112 member organizations representing 120 countries

We hypothesized that GS1 has a role in the C-IoT space because:

• A globally unique persistent identity has a role in consumer interaction beyond the point of purchase. • Standards have a role to play in the messaging between a thing and a consumer. • Standards have a role to play in post purchase.

2018 research proved our hypothesis to be TRUE!

• Looked at Core/Advanced Business Drivers as well as Architecture Components • GS1 determined our continued focus in this area should remain centered on the GS1 identity, capture, and share mission and the application of that mission to C-IoT • Led to industry support to do proof of concept work focused on more granular, web-resolvable, identity for ‘things’ – which is a building block for C-IoT

Core Business Drivers Architecture Components • Product Information • Data Carriers • Product State • Digital Identity • Provenance/Chain of Custody • Authentication and Advanced Business Drivers Authorization • Dynamic Product Delivery • Data Modelling and Vocabulary • Consumer Engagement • Specific Services • Compliance • Payment • Replenishment • Customization

Drivers to Expand Data Encoded on Pack

Results from GS1 US and VDC Research across Tier 1 retailers and brand owners: • Inventory Accuracy • Improved Consumer Engagement • Freshness/Waste Prevention • Returns Management • Product Authenticity • Traceability

Current State • 1D U.P.C. barcode that limits available information at the class level and limits consumer engagement • Starting to see multiple data carriers per pack, utilizing proprietary formats, to better engage with consumers and provide additional information

Future Vision • A single data carrier on pack utilizing a standard format, providing value to the brand, retailer, and consumer that also works at POS • Access to brand authorized sources of information by all with the ability to customize experiences for consumers

GS1 Digital Link has the opportunity to help transform current labeling into an efficient, empowering platform for retailers & consumers that can enable limitless linked information, improve data latency, and more.

Links to Additional Simplifies Data Removes Data Reduces Label Types Extends Uniqueness Information Sharing Ecosystems Latency

Limited product Identical codes on Multiple barcodes on info & use cases 1D labeled products Retailers aggregate data 1 Day refresh rate label

DataMatrix QR Code

Limitless product info Unique codes Single barcode on label & use cases (product on all products Retailer link to data sources Real time refresh origin, ingredients, etc.)

Products will have more than a fingerprint; they’ll have a birth certificate and a digital life that consumers will interact with!

● Impact on Business: The research findings make a direct connection between transparency and commercial benefit for brands. More than three quarters of shoppers say they are more likely to buy food products that make available information beyond what appears on a physical label. Moreover, more than seven in 10 shoppers say they are willing to switch from their usual brand to one that provides more in-depth information beyond what appears on the label.

● Trust and Loyalty Impacted: Transparency from brands has a direct impact on building consumer trust and boosting loyalty, according to shopper feedback. About half of shoppers are even willing to pay more for a product that offers more in-depth product information beyond what is on the physical label.

53% of consumers are willing to pay more for transparency 75% said they would switch brands for a more transparent brand https://info.labelinsight.com/

Transparency for Food Service - Building Trust in the Food Supply Chain | Classification: Avery Dennison - External AVERY DENNISON® | PRINTER SOLUTIONS GS1, WalMart P&G Proof Of Concept Digital Link Transparency Matters to Suppliers

• Boston Consulting Group Dec 2018: 0.8% of annual revenue is wasted due to friction

• Average Food Item 12 different IT systems other than excel – only 3 are interoperable

Transparency for Food Service - Building Trust in the Food Supply Chain | Classification: Avery Dennison - External AVERY DENNISON® | PRINTER SOLUTIONS TRANSPARENCY FOR FOOD SERVICE

Did they avoid What’s in my food? harsh chemicals?

Where did my Were the animals and food come from? THESE MACRO people treated fairly? TRENDS HAVE SEVERAL SIMILARITIES Was the planet How was it farmed? taken care of?

Transparency for Food Service - Building Trust in the Food Supply Chain | Classification: Avery Dennison - External © Avery Dennison 2019 AVERY DENNISON® | PRINTER SOLUTIONS TRANSPARENCY FOR FOOD SERVICE

Where are we coming from? 2018 USA Multistate Outbreak of E. coli: Romaine Lettuce

2 DISTINCT OUTBREAKS IN 2018 Affected Restaurants and Retailers may not have know where their lettuce came from

March 2018 Nov 2018 Case Count: 210 Reported Cases: 62 States: 36 States: 16 Deaths: 5 Hospitalizations: 25 Hospitalizations: 96 Deaths: 0 Recall: No Recall: Yes Outbreak over Jun 28, 2018 Outbreak over Jan 9, 2019

Consumer Trust – How do we achieve it

– Transparency Valued: FMI & Label Insights

– 93 percent consumers

‣ What is in food ‣ How it’s made

Transparency for Food Service - Building Trust in the Food Supply Chain | Classification: Avery Dennison - External © Avery Dennison 2019 AVERY DENNISON® | PRINTER SOLUTIONS GS1, WalMart P&G Proof Of Concept Digital Link Why?

I scanned an organic cauliflower UPCA barcode with my phone…

I came up with a page describing it: https://www.upcindex.com/73574820008

Transparency for Food Service - Building Trust in the Food Supply Chain | Classification: Avery Dennison - External AVERY DENNISON® | PRINTER SOLUTIONS GS1, WalMart P&G Proof Of Concept Digital Link

Today this information is not controlled by retailer or brand owner!

Another site that told me inventory levels at major retailer https://brickseek.com/walmart-inventory- checker?sku=44391028 … Very soon you will also be able to see traceability information.

Transparency for Food Service - Building Trust in the Food Supply Chain | Classification: Avery Dennison - External AVERY DENNISON® | PRINTER SOLUTIONS GS1, WalMart P&G Proof Of Concept Digital Link

Inventory levels at stores not controlled by the retailer

Transparency for Food Service - Building Trust in the Food Supply Chain | Classification: Avery Dennison - External COMPANIES ARE ON A DIFFERENT PLACE ON THE TRANSPARENCY PATH

Transparency for Food Service - Building Trust in the Food Supply Chain | Classification: Avery Dennison - External © Avery Dennison 2019 GS 1 Digital Link Proof of Concept

• Show the value of more granular identity across the retail ecosystem, and across physical and digital commerce. • Show relevance and develop a value proposition for each stakeholder including Suppliers, Retailers, Consumers, and Technical Providers. • Demonstrate the ability of standards to increase value today and to set the foundation for more advanced use cases into the future. • Define and share next steps and increase industry support for needed changes that are identified through the demo.

Focus Area Demonstrate Distribution Center • ASN Verification • Product State • Hazmat information Retail Store – • Reduce counterfeit product Back Room • FIFO/Date for product rotation • Expired product • Recalled product • Hazmat/Safety Retail Store Shelf / POS • Recall by batch vs. all • Recall POS stop sale by batch • Expired product stop sale

Consumer at Home • Hazmat/Safety • SmartLabel • Reorder • Expired product

Transparency for Food Service - Building Trust in the Food Supply Chain | Classification: Avery Dennison - External WHY NOW? GS1 Digital Link - the Golden Age of Digitization

• Technology now affordable and ubiquitous The number of connected “things” in the world has • Less distinction between physical and digital world: “weird that it skyrocketed from about a million in the early 1990s to 13 billion today; . . . Expect to see 50 billion connected doesn’t work” devices by 2020. • Change in consumption of technology in companies

• PAST: companies worked with specialized integrators for specific, GS1 GLOBAL UNIQUE IDENTITIES customized solutions • Right decisions only possible if data is → resulting in: islands of incompatible data everywhere in the accessible organization • Product data and information has to be • NOW: seek technology providers that can pull together business- collected, tracked and traced when it relevant solutions based on open standards and architectures traverses the supply chain → resulting in: consolidation of data islands • Class Level product identification levels not GOALS: granular enough for supply chain visibility • Un-interrupted flow of data • Increased productivity, efficiency, flexibility, and agility • Batch level data does not provide the level of → Faster decision making process information needed to track products through the supply chain and minimize risks

Information based decisions, leading to action, aided by machine learning and Unique identification KEY to track and access data; protect analysis of data autom. collected locally or remotely by connected “things” brands & customers

Source: Cisco To Summarize - In the FUTURE:

Every product could be: Every scan could: 1. Self describing 1. Tell you when and where it was scanned 2. Its own media channel, personalised to 2. Whether the scan was by a known a consumer customer (and if so who) 3. Its own authoritative source of 3. What else they scanned information

One barcode could: 1. Do everything, everywhere 2. Support B2B and B2C functions 3. Remove the need to aggregate multiple sources of data

• Jo Anna Stewart • Jeanne Duckett • Director, Business • Transparency Solutions Design Analysis and Program • 937 672 3182 Management • [email protected] • 615.268.7023 • [email protected]

Resolver and Beyond

Kevin Dean, Special Projects Consultant, GS1 Canada

June 17, 2019 Problem Statement

• Multiple parties will have data about any given product • Data may be tied to… - A product - A group of products (e.g. by GS1 Company Prefix) - A category of products (by GPC brick, family, class, or segment) • Data may be provided by… - The brand owner - Industry - A regulator - An interested party

• Any party can declare that they have data of interest • In order for data to be trusted, it must be known to have come from party authorized to provide it • Untrusted data may still be valuable, but some data must be trusted • Trusted data needs a chain of trust - Chain must have a well-known, trusted starting point - Each link in the chain must declare that the next link is authorized to provide data - Declarations may be made in any order, provided that the chain is complete • Declarations may be suspended or revoked, breaking the chain

• Need a vocabulary to establish a chain of trust and to declare that a party has data of interest • Each imperative verb needs an optional parameter to undo the operation • Operations can be expressed in any order by individual parties (i.e. chain of trust is valid as long as all parties in the chain make the appropriate declaration regardless of the order) but operations within a party are treated sequentially

• Used to grant permission to make declarations associated with a range • GS1 Global Office grants itself permission for the entire range (*) • GS1 Global Office grants GS1 Member Organisation permission for its GS1 Prefix range (e.g. 754*) • GS1 Member Organisation grants GS1 Member permission for its GS1 Company Prefix (e.g. 754123*) • GS1 Member Organisation grants another permission for its GS1 Company Prefix (e.g. GS1 US Alliance) or subrange of its GS1 Prefix (e.g. GS1 UK prefixes given to Irish companies before the formation of GS1 Ireland) • Have to include flag to prevent further grants (i.e. prevent GS1 Member from subdividing its GS1 Company Prefix)

• Used to declare a URI for a service associated with an identifier or range • Some services (e.g. product recall) may require a chain of trust whereas others (e.g. product review) may not - Chain of trust may be established by simple chain of grants from GS1 Global Office - Some services may require additional permission for declaration from outside agency (e.g. regulator) over and above GS1 chain of trust

• Used to delegate declare authority from GS1 Member to a Solution Provider • Delegation may be for all possible services or a limited list of services • Delegation must be at the GS1 Company Prefix or individual GS1 identification key level

• Used to suspend a previous grant, declare, or delegate operation • Undoing the suspend returns everything as it was before - Useful for suspending services for a GS1 Member that is behind in license payments

• Interaction model must be standardized - How to request data (GET) - How to provide data (POST) - How to invalidate data (callback) • Data model must be standardized - Standard format - Well-defined attributes - Access to a descriptive schema - Support for localization

• A declaration that data is available doesn’t mean that it is accessible - May be sensitivity even in declaring the link itself • Context defines what is accessible - Security (role) - Connectedness (proof of chain of custody) - Location - Language - Device - etc. • Service providing the data may return different subsets depending on the context in which the query is made

• Ability to make declarations should be open and should not require GS1 membership - Blockchain? - Distributed Identity? • Resolver should be able to read all declarations and build a lookup table based on well-defined rules • Some resolvers may not support untrusted data - That is an implementation choice • Resolvers can be chained together so that private or industry- specific resolvers can defer to public resolver for non-specific queries

• For this to work, all declarations will have to be public • Highly sensitive products (e.g. narcotics) may have to self-limit the declarations they make • Won’t be able to do traceability with this due to known problems with business intelligence in the declarations • Should satisfy 90% of use cases for access to services and data

• Link types that reference schema.org or GS1 web vocabulary provide well-defined data sets for ingestion by client applications and should be encouraged • Link types referencing human-readable pages (e.g. gs1:pip, gs1:nutritionalInfo) are useful for humans but hard for client applications to understand • Use of web vocabulary will allow client applications to present data, even if they don’t understand it

• Regulators may prohibit specific link types within their market - e.g. Cannabis in Canada may not be allowed to provide marketing links - In this case, the regulator should provide the mapping from their attribute to the GTIN in a way that is accessible to the resolver • Regulators may want to suspend brand owners’ ability to declare links - e.g. Brand owner’s content is out-of-date or links are broken, regulator suspends ability to declare links until issues are resolved • Regulators may require specific link types to be satisfied by specific resolvers

• Declarations need to handle full and partial mergers and acquisitions - Full is easy (done by the MO), partial is hard • Support for other identification schemas is out of scope for GS1 but solution should not explicitly bar them - Generic solution based on Linked Data could conceivably support any identification schema

Kevin Dean Special Projects Consultant

GS1 Canada Telephone: +1 416-775-9821 1500 Don Mills Road, Suite 800 Toronto, Ontario M3B 3K4 Canada Email: [email protected]

www.gs1ca.org

Product Catalogue – GS1 Digital Link

Raad Ali, Senior Technical Specialist Ahmed Bataineh, Head of IT Department

GS1 GSMP –12 September 2019 Lisbon, Portugal GoScan Project – Phase 1

1. Online Member Management platform

2. GoScan Search Engine

3. Pilot Project with 50 member companies

• Prefix managements • More than 500,000 product record • 13 attributes (7 mandatory attributes + Sub Brand Name + Sub Sub Brand + Level of Packaging + Gross /Net Weight + Product Dimensions) • Provide photography and measurement services • Enabling planogram and marketing images • Print barcode and other services

New developments • Barcodes number management • Marketing channel • Enabling data analysis / data quality

• Develop new services for member companies

• Provide services for non-member Companies

• A platform to collect product images & information

• Improve GS1 Jordan’s capabilities

• Create a platform/search engine to promote Jordanian products

• A platform to help companies adding product information and marketing materials

• Bringing GS1 Standards to life

• A trusted source of data

• A tool to share / exchange Product information

• A search engine to promote companies and their products

• Enabling Mobile Applications

• Enabling members data analysis

• 50 companies participate in this pilot project. • Food, Detergents, cosmetics, paper and paperboard, Plastic, Cosmetics and pharmaceutical. • 5 products from each company in this pilot

• Project process: ✓ Check physical Product ✓ Product data entry (Attributes + promotional materials) ✓ Product photography and photo editing ✓ Check Data quality ✓ Company approval

• GTIN + GLN • GS1 Jordan data source • Capture Barcodes (EAN/UPC + QR CODE ) • through mobile app • View information

Opportunities Challenges Technical advantages • Completeness and quality of • Web Search engine/product data. • Mobile app • Companies Lake of • RESTful API awareness of importance of data quality. • Our source of data. • Limited investment in • Discussions with regulatory technology. bodies to mandate barcode • Different used technology. on Jordanian products. • GoScan Pilot project with 50 companies. • Healthcare work group.

Elizabeth Waldorf

12 September 2019 TraceLink

GS1 Standards enable us to seamlessly interoperate, our network of supply chain stakeholders depend on industry’s adherence to standards. • Traceability is a multi-party, multi-chain challenge. • Alignment and collaboration with supply chain partners is essential. • Open supply chain standards enable interoperability between all parties by establishing a common set of rules for identification, data capture, data sharing and data usage. • The GS1 System of Standards is an integrated suite of global standards that provides supply chain visibility through the accurate identification, capturing, and sharing of information regarding products, parties, locations, assets, and services.

Manufacturer Repackager Wholesale Dispenser (Nov. 2017 + enforcement (Nov. 2018) Distributor (Nov. 2020) disc.) (Nov. 2019)*

Serialization May only transact (buy/sell) with product that has been encoded with a product identifier** • Grandfathered product is granted an exemption from these rules Verification Product is determined to be suspect or request for verification received from FDA, etc. • Promptly conduct investigation in coordination with trading partners • Validate applicable T3 • Verify product identifier at the package level

Saleable Verify product identifier for sealed homogeneous case or saleable unit Return before resale. Request for Verify product identifier within 24 hours** Verification • Request for verification from any authorized trading partner (repackager, wholesale distributor, or dispenser) Aggregation Not DSCSA legal requirement** © GS1 2018 * No official enforcement discretion has been announced for upcoming Nov. 27, 2019 requirements ** Trade partners may require/request additional requirements beyond DSCSA legal requirements (such as sub-second response time) Regulatory Compliance DSCSA requires verification & interoperability

• Verification Requirements • Interoperability

a) Saleable Returned Product:, Under DSCSA § - The Enhanced Drug Distribution Security 582 ( c) (4)(D), beginning November 27, 2019, Requirements effective November 27, 2023, wholesaler distributors are required to verify the stipulates system interoperability and compliance product identifier including Standardized Numeric with recognized international standards. Identifier (SNI) of products returned to them - “Systems and processes for verification of product at the before the returned products can be placed into package level, including the standardized numerical inventory for resale. identifier, shall be required in accordance with the - DSCSA defines verification as the process of standards established under the guidance issued pursuant “determining whether the product identifier affixed to, to subsection (a)(2), paragraphs (2), (3), and (4) of or imprinted upon on a package or homogeneous case subsection (h), including any revision of such guidances corresponds to the [SNI] … assigned to the product by issued in accordance with paragraph (5) of such subsection, the manufacturer or the repackager….” [§ 581(28)] which may include the use of aggregation and inference as § b) Suspect or Illegitimate Product necessary.” Sec. 203, [ 582(g)(1)(C)] Investigation: Enhanced Verification - Supply chain parties are expected to exchange information requirements for manufacturers (2017), in “a secure, interoperable, electronic manner in repackagers (2018), wholesalers (2019) and accordance with the standards established under the dispensers (2020) require them to “verify the guidance issued pursuant to paragraphs (3) and (4) of product at the package level including the subsection (h), including any revision of such guidance standardized numerical identifier” issued in accordance with paragraph (5) of such subsection.” Sec. 203, [§ 582(g)(1)(A)]. “The form and format of exchanges shall comply with widely recognized international standards development organization.” Sec. 203, [§ 582(h)(4)(A)(i)].

• Per the Drug Supply Chain Security Act (DSCSA), receiving companies must verify the product identifier prior to resale • NDC (GTIN), Serial, Lot, and Expiry *

• For serialized products, manufacturers and repackagers are required to Respond to verification requests from supply chain participants as of Nov 27, 2019 *

• Verification of Saleable Returns – Verification Router Services (VRS)

** HDA Saleable Returns Pilots Report 2017

Manufacturer Distributor Dispenser (Responder) Serialized (Requestor) Serialized Product Product

Saleable Returned Product

Verification Verification Response Request

Lookup Lookup VRS Directory Directory VRS Sync

Manufacturer The GTIN in the populates the request acts as a key Directory with GTIN, in the Directory to tell identity, and me where to send the connectivity request. information. © GS1 2018 PIM Product Verification - TraceLink Capabilities for Successful DSCSA Verification Business Requirement TraceLink Capabilities • Supports HDA VRS Task Force and GS1 • Provides an API for Verification Messaging Standard for Lookup receiving and responding Directory and Verification Request/Response to a request interoperability • Provides a user interface • Automated publishing of GTIN information to for request / response approved industry Lookup Directories • Authenticates the system • Supports automated and user interface that is making the verification verification request • Authenticates the solution provider making the • Verifies the requesting verification request business is legitimate and valid • Verification of requestor GLN to ensure© GS1 2018 legitimate business entity 108 GS1 Lightweight Messaging Standard for Verification of Product Identifiers

• Driven by urgent DSCSA Saleable Returns requirement for Nov 2019, the standard is designed for global sector use as a generic lightweight framework that will support use and extension by other industry sectors or other country regulatory jurisdictions • Specifies a standardized, simple “lightweight” messaging framework for verification request and receiving actionable response • Enables the requestor to determine whether to accept, reject, or quarantine the product • First standard to leverage the new GS1 Digital Link syntax • Release 1.0 – December 2018 • Release 1.1 - July 29, 2019

Learn more - https://www.gs1.org/sites/default/files/docs/standards/gs1_lightweight_verification_messaging_standard_v1-1.pdf

© GS1 2018 109 GS1 US Implementation Guideline - Applying the GS1 Lightweight Messaging Standard for DSCSA Verification of Returned Product Identifiers • The purpose of this document is to assist the U.S. pharmaceutical industry in implementing the GS1 Lightweight Messaging Standard to support DSCSA product identifier verification for returned products.

• It provides essential technical information including localization query parameters and settings, the open API schema, configuration and set-up, verification requests, and verification responses.

• Release date - July 29, 2019

Learn more - https://www.gs1us.org/documents?Command=Core_Download&EntryId=1897

© GS1 2018 GS1 Verification Messaging - Requests use of linkType to request specific type of information service https://example.com/gtin/00361414567894/lot/1908642E/ser/400806?exp=170728 &linkType=verificationService &context=dscsaSaleableReturn &corrUUID=21EC2020-3AEA-4069-A2DD-08002B30309D &reqGLN=0321012345676

GS1 Digital Link Verification Positive ( GTIN, Lot, Serial Number, Expiry Date ) Verification request Response linkType=verificationService (configured for OR context=dscsaSaleableReturn DSCSA Negative corrUUID=21EC2020-3AEA-4069-A2DD-08002B30309D Saleable Verification Returns) reqGLN=0321012345676 Response

• JSON syntax will be used to Respond to all verification requests. • Verification Responses SHALL, at a minimum indicate... - Responder GLN - Correlation GUID indicated by the requestor in the original Verification Request - Whether the request was verified (true) or not verified (false) - Where NOT verified, indication as to whether the reason for non- verification ("verificationFailureReason") was... • "No_GTIN_and_Serial_match": No matching SGTIN • "No_Lot_match": No matching Lot • "No_Expiry_match": No matching Expiry • "No_reason_provided" _ •

We can meet compliance requirements and achieve interoperability by collaborating and agreeing to use GS1 data standards!!!

Elizabeth Waldorf Director, Global Traceability & Standards

TraceLink, Inc. 400 Riverpark Drive Suite 200 North Reading, MA 01864 www.tracelink.com

M +1 818 203 9080 E [email protected]

...an experience from Switzerland

GS1 Switzerland, Heinz Daniel GRAF 12 September 2019 Once upon a time...

Value GS1 inside • Speed • QR Code with GS1 Digital • Process automation Link • Process quality • AI Standard • Food Safety - AI(01) • Food quality - AI(15) - phase II • B2C communication - AI(21) • M2M communication - AI(91) - programming parameters

https://dt.sisisi.com/01/07640342960117/21/4294967295?91=13,15,15,3,3,100, 55,0,0,0,0,70,0,HASH

https://dt.sisisi.com /01/07640342960117 /21/4294967295 ?91=13,15,15,3,3,100,55,0,0,0,0,70,0,HASH

One single symbol serving two purposes: • B2C communication - ingredients - nutrition facts - allergens • M2M communication - programming parameters for steaming

Heinz Daniel GRAF Senior Standards Expert

GS1 Switzerland Monbijoustrasse 68 CH-3007 Berne

T +41 58 800 72 00 D +41 58 800 72 29 M +41 79 356 45 77 E [email protected]

www.gs1.ch

Grant Courtney – Be4ward

2. The unique serialised number is uploaded into the medicines verification system

4. The Genuine 1. The manufacture will generate and 3. The 2D barcode will be scanned prior to product is apply the unique serialised number to dispense and the serial number verified, to ensure provided to the the package in a 2D barcode the pack is authentic. patient

Article 31 - Establishment of the repositories system • 1. The repositories system where the information on the safety features shall be contained, pursuant to Article 54a(2)(e) of Directive 2001/83/EC, shall be set up and managed by a non-profit legal entity or non-profit legal entities established in the Union by manufacturers and marketing authorisation holders of medicinal products bearing the safety features.

1. National competent authorities shall supervise the functioning of any repository physically located in their territory, in order to verify, if necessary by means of inspections, that the repository and the legal entity responsible for the establishment and management of the repository comply with the requirements of this Regulation. 2. A national competent authority may delegate any of its obligations under this Article to the competent authority of another Member State or to a third party, by means of a written agreement. 3. Where a repository not physically located in the territory of a Member State is used for the purpose of verifying the authenticity of medicinal products placed on the market in that Member State, the competent authority of that Member State may observe an inspection of the repository or perform an independent inspection, subject to the agreement of the Member State in which the repository is physically located. 4. A national competent authority shall communicate reports of supervision activities to the European Medicines Agency, which shall make them available to the other national competent authorities and the Commission. 5. National competent authorities may contribute to the management of any repository used to identify medicinal products and verify the authenticity of or decommission the unique identifiers of medicinal products placed on the market in the territory of their Member State. National competent authorities may participate to the management board of the legal entities managing those repositories to the extent of up to one third of the members of the board.

GS1 DL Resolver

• Authorities will allow industry to operate systems but we should expect them to want oversight, this oversight may include: - Access the system - Reports from the system - Involvement in the management of the system - Auditing - Hosting content

• They will be more likely to allow the use of GS1 Digital Link if they are able to check it is being used correctly and the content is appropriate and control to address if it is not

• Systems will have to meet quality standards (e.g. Tested, Documented, Secure, etc)

Ingestion API

Phil Archer – GS1 Global Office

Adriano

by by Geek ?? Geek

• Resolvers ignore the query string – that’s just attributes that don’t tell you anything about identity

• Start with any links for this serial number, e.g. product registration

• Start with any links for this serial number, e.g. product registration • Add any links for this batch/lot, e.g. recall info, traceability info

• Start with any links for this serial number, e.g. product registration • Add any links for this batch/lot, e.g. recall info, traceability info • Add any links for this GTIN, e.g. product information page, instructions, promotions and more

Explosion by Carlos Bustamante Restre cc-by-nd

• A method to upload links that makes sense for GCP licensees • Include rules, matching things like batch/lot numbers and serial numbers

cc John John Samuel

?exp=201225 by Questioning

Against • Making links conditional on an attribute goes against design principles • Adds another layer of complexity to the data for each record in a resolver • Requires real-time processing by the resolver (currently not necessary) – heavy impact on performance • Where does it stop?

For • We have a clear use case to do so • It’s not uncommon

Greg Rowe – GS1 Global Office