As a dispenser, you must comply with the 2015 Drug Supply Chain Security Act (DSCSA) by July 1. You probably already know the basic requirements: that you receive, verify, and retain transaction information for all purchased products. What you might not realize is that full compliance brings hidden complexities. As you evaluate how to meet DSCSA requirements while still running your day-to-day business, here are five things to keep in mind.

#1: In the eyes of the law, you may not be just a dispenser

A business’ DSCSA requirements depend on their operations, not how they define themselves. If you strictly receive product that you ultimately dispense to patients, you fall under dispenser compliance guidelines. But if you occasionally resell product to wholesalers or other pharmacies, then you face multiple sets of regulatory requirements – those of dispensers and distributors. If that’s the case, you are already out of compliance since wholesaler requirements went into effect on January 1.

#2: Paper is permissible but comes with risk

There’s nothing in the law that says you can’t manage compliance with paper. But there are business, cost, and compliance reasons to consider. Some upstream partners will want to send you electronic ASNs and may refuse orders if you require paper. Paper also comes with a steep price tag in terms of both cash output and staff time: the typical independent dispenser will spend approximately $3,500 each year on paper and will need to dedicate part of a staff person’s day—every day—to process it. Paper may put your compliance in jeopardy, as well. Shipment errors are more difficult to fix, and retrieving paper records within the 2-business day verification timeline is questionably achievable.

#3: You share responsibility with supply chain partners

When it comes to DSCSA compliance, getting your own house in order isn’t enough. You are now highly dependent on strong communication with your partners and need to work together in a whole new way. How many upstream suppliers do you have? In what format will they be sending compliance documents – paper or electronic ASN? You will need to adapt to different solutions, and be able to collaborate with partners when what you receive isn’t what you expected.

#4: Technical know-how is no longer optional

Your partners will send compliance documents in different formats because DSCSA does not prescribe data standards: they have left that up to the industry. Not only will some companies choose ASNs instead of paper, but they might choose one of 200 different ASN formats. The data diversity challenges will be significant with DSCSA. If you don’t have an IT team or technical savvy in-house, you’ll need to outsource it.

#5: The only constant is change

With the deadline right around the corner, you might assume that all the details are set in stone. The only safe assumption, though, is that things will change. The regulations you need to follow will change over time as different requirements come into play; the FDA will continue to fine-tune their implementation rules; and the format of data you receive will shift as partners evolve their systems. 

Like it or not, regulatory requirements are here to stay. But you don’t need to manage the intricacies of DSCSA alone. For tips on how to select a system, read Five Questions to Help you Pick a DSCSA Solution.