DSCSA Solution Questions from Pharmacy Legal & Compliance Teams
As a pharmacy legal or compliance
Does Product Track capture any patient-specific data? Should I be concerned about HIPAA requirements when using it?
DSCSA’s product tracing requirements cover dispenser receipt of compliance documentation from suppliers, but do not require any transmission of data related to the patients receiving the medications. Because of this, Product Track does not collect any patient-centric data so there are no related HIPAA concerns.
Does your system capture any financial information?
No. Product Track has no access to financial information related to product purchases. The system processes only supply chain data associated with the transfer of product ownership, which does not include financial information.
Why do TraceLink’s Terms of Service provide for the collection and use of “aggregated, anonymous data” by TraceLink?
TraceLink’s development, operations, and engineering teams use aggregated, non-identifiable data from the system to continually improve our product for customers. Analyzing this data allows us to design and share product enhancements with you at no additional charge. Because security is our highest priority, we never use identifiable data for any of these purposes.
Can TraceLink data be shared with any of our partners? For example, with our external buyers with whom we loan, borrow, or resell product?
In certain situations, it may be possible for Product Track users to share data with a partner with whom you want to provide secure access. In addition, Product Track can be set up to provide access to downstream trading partners to whom you resell or loan product. These scenarios should be discussed with your TraceLink team during contracting and implementation so that you choose the system configuration that best fits your needs.