Data Quality Issues At The Heart Of FDA's DSCSA Troubles
By Matt Campasano, Criterion Consulting LLC
With the FDA’s newly extended Drug Supply Chain Security Act (DSCSA) deadlines for 2025, pharmaceutical supply chain partners now have additional time to meet compliance requirements — but that doesn’t mean they should delay their implementations. Managing data quality and mitigating exceptions between trading partners remain critical for ensuring smooth compliance with the DSCSA.
Common data challenges — such as incorrect product master data and discrepancies between physical products and digital records — often lead to compliance exceptions. Another key factor contributing to these issues is the prevalence of undocumented system configurations, which complicate interoperability between systems and lead to preventable data errors.
In this article, we’ll explore the most common data quality issues and exceptions, while providing actionable solutions to help trading partners address these challenges and meet the FDA’s new DSCSA deadlines: May 2025 for manufacturers, August 2025 for wholesale distributors, and November 2025 for dispensers.
How Did We Get Here?
The FDA’s decision to extend the DSCSA compliance deadlines into 2025 was driven by the ongoing challenges the industry faces in managing data quality and exceptions. After granting small dispensers an exemption and introducing a one-year stabilization period in 2023, the FDA simultaneously launched the Waivers, Exceptions, and Exemptions (WEE) program. This allowed supply chain participants to apply for temporary relief from certain DSCSA requirements. However, the sheer volume of WEE applications proved overwhelming, leaving many without clear direction or responses from the FDA.
Meanwhile, wholesalers had been sending DSCSA scorecards to their suppliers for some time, but the frequency and seriousness of these evaluations ramped up significantly by mid-2024. Wholesalers began issuing letters that made it clear: noncompliant products could be removed from supply chain contracts, and some contracts were even set to be re-bid. This sharpened the focus on DSCSA compliance, creating a new sense of urgency across the industry.
However, despite this increased attention, many organizations are only just becoming aware of the full scope of the challenges they face. In particular, the need to address data exceptions — such as missing or malformed transaction data — has not been adequately prioritized, and significant progress has not been made. The industry remains behind in its efforts to ensure compliance, which ultimately forced the FDA to issue yet another set of deadline extensions to prevent potential drug shortages.
Common Data Quality Issues
- Missed scans: Human error or system failures can lead to missed scans during product receiving, shipping, or transfer, creating gaps in traceability. These gaps pose a serious compliance risk, especially as the deadlines approach.
- Incorrect master data: Many data exceptions arise from discrepancies in product and location master data between trading partners. When outdated or incorrect versions of master data elements are used, mismatches occur during data exchange, triggering costly exceptions.
- Innumerable undocumented system configurations: One of the most significant root causes of DSCSA compliance issues is the existence of undocumented system configurations. Over time, as systems evolve or new updates are implemented, configurations may go undocumented, causing discrepancies in how data is processed or shared between partners. These undocumented configurations lead to preventable data exceptions that complicate compliance efforts.
- Product vs. data mismatch: Physical products that don’t match the corresponding digital data cause exceptions like "data no product" or "product no data." This issue often results from packaging errors, mislabeling, or inaccurate serialization, creating delays in the supply chain.
Types Of Data Exceptions
- Data without product: This occurs when a digital transaction record is sent but no corresponding physical product arrives.
- Product without data: In this scenario, a physical product arrives without the corresponding digital transaction data.
Solutions For Managing Data Quality And Exceptions
- Process development and training: Developing robust processes and investing in comprehensive staff training are key to managing data quality and exceptions. By equipping staff with the right knowledge and standardized procedures, organizations can reduce the frequency of exceptions and maintain compliance as deadlines approach.
- Document all system configurations: The presence of undocumented system configurations can introduce significant risk to DSCSA compliance efforts. Regularly documenting, reviewing, and aligning these configurations between trading partners ensures consistency and prevents unexpected data discrepancies.
- Clear protocols with trading partners: Establishing standardized data-sharing protocols with trading partners reduces the likelihood of data mismatches and exceptions. All partners should agree on data formats, validation processes, and how exceptions will be managed.
- Regular data audits: Conducting regular audits of both data systems and system configurations ensures that any inconsistencies are identified and addressed before they create significant compliance issues.
Outdated Systems Will Hobble Compliance Efforts
While these solutions are effective, significant challenges remain. Many pharmaceutical companies are still working with outdated systems that lack the necessary features for DSCSA compliance. Upgrading these systems is expensive and time-consuming, posing a barrier to smaller companies.
Managing DSCSA compliance also requires specialized knowledge in both regulatory requirements and technical system configurations. Without properly trained staff, even advanced tools can fall short of resolving underlying data issues.
Lastly, coordinating with trading partners is often complicated by undocumented system configurations or differing data processes. Building strong relationships and maintaining communication are essential for addressing these challenges and ensuring smooth compliance.
Conclusion
As the 2025 DSCSA deadlines for manufacturers, wholesale distributors, and dispensers approach, pharmaceutical companies must act now to ensure data quality and mitigate exceptions. Managing issues like undocumented system configurations, missed scans, and incorrect master data is critical to avoiding compliance risks and penalties.
By developing and training appropriate processes and resources, documenting system configurations, using exception management software, and conducting regular audits, companies can confidently prepare for the upcoming compliance deadlines:
- May 2025 for manufacturers,
- August 2025 for wholesale distributors, and
- November 2025 for dispensers.
With the right strategies in place, trading partners can ensure a compliant, secure supply chain that meets FDA standards.
About The Author:
Matt Campasano is the principal consultant at Criterion Consulting LLC, where he specializes in DSCSA compliance, serialization, and traceability for the pharmaceutical industry. He has more than a decade of experience helping companies manage data quality and resolve exceptions to meet regulatory standards. Connect with him via email at mcampasano@criterionconsultingllc.com or find him on LinkedIn.