How Outdated Tech in the Supply Chain Threatens Your Safety

In September 2006, people started to get sick from spinach contaminated with E. coli bacteria. As more people were hospitalized, investigators narrowed the list of suspects but couldn’t pinpoint the source of the contamination. 

Incomplete electronic data, unreliable verbal reports and long trudges through too many paper files hindered progress. The FBI served search warrants. Even the Bioterrorism Act, which was enacted after 9/11 in part to tighten monitoring of the American food supply, didn’t work as envisioned.

[Related: See “Tracing Guns Is a Low-Tech, Inefficient Process” at the end of this article] 

A frustrated Food and Drug Administration made a bold move: It advised the public, flat out, to stop eating bagged spinach. The next day, grower Natural Selection Foods launched a recall, followed by several distributors and packagers. The investigation continued into November as officials tried to piece together where and exactly how E. coli got onto the spinach. A final report wouldn’t be issued until March 2007.

Ultimately 205 people in 26 states became ill. Two elderly women and a toddler died.

“The information we had wasn’t good enough,” says Ed Treacy, vice president of supply chain efficiencies at the Produce Marketing Association, a trade group.

Data disconnects threaten public safety in other ways. Serious drug shortages continue to surprise doctors and hospitals as pharmaceutical companies and a long chain of distributors and other sellers fail to share the right data soon enough to avoid problems. Four hundred twenty-nine drug shortages in 2010 and 2011 prompted federal legislation last year to require the pharmaceutical industry to notify the FDA of potential shortages of certain kinds of drugs.

Cancer drugs and anesthetics, in particular, frequently fall into short supply. “The worst situation,” says Patty Morrison, CIO of $108 billion drug distributor Cardinal Health, “is when a patient is scheduled [for treatment] and they don’t have the drug.”

To make fundamental safety changes, companies must make big strides to share data with each other, government agencies, and even the public. But unstandardized product codes and incompatible systems block data sharing. Traceability is further complicated in the food business by the many processes a food or ingredient undergoes between farm and fork.

As products move between origination, sorting, shipping, re-sorting and repacking before the consumer ever sees them, the traditional supply chain becomes a tangled supply web. In the drug world, companies can exchange some data, but competitive strategy deters them from showing anyone too much information about manufacturing plans or problems.

Yet some food and drug companies are tearing down barriers and dropping old habits to share information for public safety, compliance and, to some extent, for a business advantage. If sharing data means improving quality or heading off problems, that’s a plus.

In pharmaceuticals, Cardinal Health, for example, is looking forward in the supply chain, using predictive analytics to avert or mitigate drug shortages. Food companies, meanwhile, are looking backward, trying to track the origins of their products, sometimes all the way to seeds in the field. They want to please consumers curious about where their food comes from but also make recalls faster, more accurate and less devastating. As Treacy puts it, “If our consumers don’t have confidence in us, we’re out of business.”

Food Recalls: Backwards and in High Heels

Salmon that carries listeria, baby incubators that delete or overwrite patient care data, blood products potentially tainted with germs, lawn mowers that can catch fire–hundreds of products in dozens of industries have been recalled this year. CIOs who want to keep their companies out from under headlines about ever-expanding or botched recalls must understand that you won’t know how good your supply-chain traceability is until you have to run it in reverse.

The killer spinach crisis revealed communication gaps as the greens were picked, bagged, sorted into different brands, sent to grocers and purchased for consumer dinner plates.

The Bioterrorism Act of 2002 fell short: It calls for food companies to track one step forward and one step back–that is, where they got a product and who they handed it off to. But farmers are exempt and although the act calls for identification codes on food products, it doesn’t require them to be in a format that’s standardized among all the parties handling a product. Plus, it doesn’t mandate that the data be digital, which leads to paper-as-usual at many companies.

The Food Safety Modernization Act (FSMA) signed in 2011 tries to shift from reacting to crises to preventing them, says Faye Feldstein, a senior adviser in Deloitte Consulting’s food and product safety practice. The act “puts the responsibility on the industry to understand the hazards in their system and how to minimize or eliminate them,” she says.

The act, which is the first overhaul of food-safety rules since 1938, calls for the FDA to create record-keeping requirements for tracing high-risk foods, including a full pedigree of the food’s distribution history. The FDA has overseen required pilot traceability tests–on peanuts, tomatoes and frozen dinners–but hasn’t written the data requirements yet, nor defined what foods count as high-risk.

The FDA’s recent pilots tried different approaches to analyzing information and defining critical data, such as receiving date, shipping date, lot and serial numbers, and various location identifiers.

FSMA also requires the Department of Health and Human Services to work with the Secretary of Agriculture, among others, to assess technologies that can be used to trace food. They’re not supposed to prescribe specific technologies, but to offer general guidance.

But there are no specifics yet. A lot of the work is going on now and industry groups hope to influence the final product, Feldstein says.

For example, the Produce Marketing Association is helping to implement the Produce Traceability Initiative (PTI), a set of standards it published with three other trade groups in 2008. PTI calls for every case of produce to carry a barcode containing a lot number and Global Trade Item Number that is scanned by every entity that handles it along the supply chain. This would replace the common practice of each company stamping its own lot number on the side of the case, which can’t be scanned or recorded by the receiver.

In their own tests with tomatoes, PTI adopters traced the source and distribution of contaminated product in 24 to 48 hours. “A far cry from spinach,” Treacy notes.

PTI supporters originally projected the produce industry would implement the standard by the end of last year. So far, just 20 percent to 40 percent of produce cases in the supply chain use it, he estimates. That has less to do with any onerous technology investment than the reality that big retailers, such as Wal-Mart and Kroger, haven’t mandated it. Wal-Mart has sent a letter to top suppliers strongly encouraging adoption but hasn’t forced the issue by, say, writing it into contracts.

Many companies go their own way. The berry company Driscoll’s, for example, has its own system based on barcodes, Microsoft’s Dynamics AX software and HarvestMark traceability software. Most berries (except blueberries) are packed in pre-labeled, plastic clamshell containers in the field. Other foods, such as spinach, are brought to processing plants for washing and sorting, and to be readied for store shelves.

Part of a day’s haul may be labeled there; another part may be sent somewhere else, perhaps to another company altogether, to be sorted, packaged and labeled. For many foods, says Erik Olson, senior director of the food portfolio at The Pew Charitable Trusts, “there’s an extraordinarily complex web of interactions between producers, suppliers and consumers.” Each organization that touches a food may keep records differently, he says. “Is it a shoebox or a database with common terminology?”

It is at the handoffs between companies that visibility drops, says Craig Henry, a director in Deloitte Consulting’s food and product safety practice. A big industrial farming company may capture more detail about a crop than the regional distributor that handles it next. No matter the specifications eventually chosen, moving all food companies to standardized digital records will save time and expense during recalls, Henry says. “And in the event of a food-borne illness, it could save lives.”

Drugs: Getting Your Share

Pharmaceutical companies worry about recalls, too, both for the dangers faulty products pose and for the shortages that often follow. Chemical contamination, deviation from approved processes, discoloration and packaging problems have all spurred recalls this year. Pfizer, a $59 billion drug maker, is dealing with the recall of 250,909 bottles of Levoxyl, a thyroid pill, because of a strong odor. An oxygen-absorbing canister in the bottle is to blame, Pfizer says. The company advises patients to discuss alternative medications with their doctors because the recall will cause a temporary shortage.

That’s just one of 241 shortages so far this year, according to the American Society of Health-System Pharmacists. The number of shortages in 2005? Just 61.

Leading causes of drug shortages include manufacturing problems, delays in manufacturing or shipping and scarce active ingredients, the government says. “It has gotten to a crisis state,” says Andy Keller, a VP of inventory management at Cardinal Health, which delivers 50,000 different types of drugs and about one-third of all medications in the U.S.

When problems occur, manufacturers are required to notify regulators but not necessarily business partners, such as distributors or pharmacies. Often, hospitals and doctors don’t find out about the lack of medicines until the FDA posts an alert online.

Christiana Care Health System, a large hospital center with $2.1 billion in patient revenue and 1,100 beds, is typical. Christiana has no internal systems for predicting shortages of medicines its patients need, says Randall Gaboriault, CIO. Rather, pharmacy staff monitor the FDA’s website and rely on conversations with suppliers, among other information-gathering methods, he says. “They troll every day.”

When the pharmacy team hears of a potential shortage of a given drug, the hospital tries to secure extra, he says. “They start doubling up. Everyone’s trying to stockpile.”

Hoarding is just what Cardinal Health seeks to stop with its Supply Disruption Program for better predicting shortages. No one–not hospitals, suppliers or drug makers–wants to jeopardize patient care, CIO Morrison says. But hoarding by one organization often means less medication for another and creates the conditions that can lead to the sale of unauthorized, price-inflated, gray-market drugs, she says.

“The unavailability of these products forces doctors to use less-effective options,” she adds. Congress has held hearings on price gouging. One example: Cancer drug Fluorouracil, normally priced at $7 per dose, soared to $600 during a shortage last year.

Cardinal’s predictive analytics system uses statistical analysis tools, including open-source R software and packages from SAS Institute, to reveal potential shortages. The system considers market intelligence from customers, manufacturers and Cardinal’s internal data. For example, a significant uptick in hospital orders for a cancer medicine might signal that customers are buying more because they think it could soon be scarce. The system would combine that tidbit with data from drug makers and other factors to predict the timing and severity of the shortage, Keller says.

An allocation methodology then kicks in to mete out portions of the drug supply among customers clamoring for it. Cardinal doesn’t fill 100 percent of every customer’s order on a first-come, first-served basis.

If a shortage is expected, Cardinal will allocate available products in proportion to what customers have ordered in the past. So if only half the needed supply of a drug is available, customers who normally order 40 doses will get 20 instead. “That’s the best, fairest way to ensure customers have what they need for patients,” he says.

Traceability up, down and sideways through a supply chain can improve public safety. Along the way, transparency will become a competitive advantage, CIO Morrison says. Cardinal will be able to react faster to changing conditions, she says. For example, once it predicts a shortage, the company can launch a search for likely alternatives to offer to customers faster.

To make its predictions more accurate, however, Cardinal needs more information more consistently from drug makers. It can’t force them to reveal supply issues.

“Some of our suppliers are more advanced than others when it comes to providing accurate, timely information about manufacturing and other product availability issues,” Keller says, diplomatically. “We are committed to working closely with our suppliers to enhance collaboration and communication.”

In part to help curb sales of counterfeit drugs–which rise during shortages of the real thing–some states have set new rules for tracing pharmaceuticals. For example, some states require serial numbers on packages that can be used to authenticate a chain of custody down to the dose level. That would help healthcare providers avoid fake medications that may harm patients, says Gabrielle Cosel, manager of drug safety at Pew.

The numbers could also be linked to markings on the product itself. Last year, for example, when attention-deficit pill Adderall was in short supply, a counterfeit version could be bought online. While real Adderall shows “dp” and “30” on either side of the pill, the counterfeits lacked those markings.

In New York last year, 48 people were charged with fraud, accused of buying prescription drugs from patients and repackaging and reselling them into the legitimate supply chain. Medicaid lost $500 million due to the scheme, according to officials.

Had track-and-trace systems been in place, where ideally each entity verified the numbers on the drugs, the crime may have been caught earlier, Cosel says. “We need to do something.”

California is out front, requiring manufacturers, distributors and pharmacies to use unique identification numbers, transaction data, ownership information and other certification material, with phased implementation starting in 2015. A national system would supersede a patchwork of state rules, Cosel says, but there isn’t one–yet.

Last year, Congress, the pharmaceutical industry and various advocacy groups started to hammer out a workable policy, but the effort stalled this year as the Senate and House decided to push separate proposals. The industry is eager for national regulations, Cosel says, in part because complying with different state laws would be more expensive and complicated.

Some companies have forged ahead, using California’s regulations as a guide.

Pfizer recently built a system to trace drugs from the factory floor all the way to patients’ hands. The company applies serial numbers in the form of 2-dimensional and regular barcodes to individual units, cases and pallets, to monitor movements and share data with other companies and government agencies.

Early tests of the system, starting in 2011 with McKesson, a $122 billion drug distributor, revealed how complex the data integration problem is, according to Peggy Staver, director of product integrity at Pfizer. Staver talked about the system in a webinar on traceability last year. Pfizer declined interview requests.

It was 10 months before Pfizer and McKesson were able to complete a transaction using all the required electronic data for a shipment of Viagra without any errors, Staver said. “This is one product between two trading partners. Think about the amount of effort across all trading partners and their trading partners. There’s a whole lot of work to be done before 2015,” she said.

Progress Is Slow, Uneven

Disparate systems, and sometimes no electronic systems at all, hide problems in any supply chain. But in food and drugs, the consequences can hurt people. At the very least, a lack of coherent, accessible data prolongs investigations and often magnifies the damage, says Treacy at the Produce Marketing Association. Some spinach companies went out of business after the 2006 debacle sent sales plummeting, he says. Spinach was implicated in another E. coli outbreak late last year.

Part of the problem is that the food industry isn’t monolithic. Safety requirements for meat differ from those for peanuts, which differ from strawberries, which differ from eggs. Even within any one category, companies have invested in tracking systems to varying degrees, says Olson from Pew, which is promoting traceability legislation in both food and pharmaceuticals. “There’s a huge gray area between leading lights and folks who have done virtually nothing,” he says. But everyone sees that standardization will eventually come, “whether from the FDA or for business reasons.”

Drug companies, meanwhile, are pressing forward. At a House hearing on traceability in April, members of key pharmaceutical associations agreed that uniform regulations at the federal level would increase security and patient safety, as well as improve the recall process.

Michael Rose, a vice president of supply chain visibility at Johnson & Johnson, exhorted Congress to move: “What we really need at this point in time as we’re making our investments is a clear end game. We need to know where the goalpost is fixed. If we’re making investments to put serialized numbers on our product and also to exchange data, we want to make sure the other parties in the supply chain are also using those numbers.”

The need for new rules is clear, says Pew’s Cosel. What isn’t clear are the rules themselves.

Tracing Guns Is a Low-Tech, Inefficient Process

Outdated technology, incomplete data, Byzantine processes and political constraints lead to inefficiencies in criminal investigations.

After the shooting deaths at Newtown, Conn.’s Sandy Hook Elementary School in December, a public outcry erupted in favor of stricter gun-control laws. In the weeks after the tragedy, 85 percent of Americans favored making gun sales between individuals and at gun shows subject to the same background checks as those required in retail transactions. And, according to a poll by the Pew Research Center in January, 67 percent wanted a federal database to track gun sales.

But public sentiment hasn’t produced legislative change at the federal level. In April, the politically powerful National Rifle Association took credit for halting Senate legislation that would have required background checks for almost all gun buyers. And current law, backed by the NRA, prohibits federal agencies from creating a central, electronic database of gun sales.

Gun-rights activists worry that an easily searchable national database of gun owners, gun households and gun numbers could be used by an overreaching government to confiscate guns, in violation of the Second Amendment.

So the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), which is the federal agency that traces guns for criminal investigations, often works in the IT Dark Ages. How dark? Microfiche and paper. When a request for a trace comes in, an ATF employee scrolls through microfiche images of paper records to figure out where the gun was originally sold and to whom. ATF handled 344,000 trace requests last year.

“Using this antiquated and inefficient system, a firearms trace can take days, or even weeks, thereby frustrating criminal investigations,” says a report by the Center for American Progress, a liberal think tank.

Background checks on people who want to buy guns is a semi-manual process also. FBI or state officials query the National Instant Criminal Background Check System, known as NICS. Among other information, NICS indexes data about criminal convictions, illegal aliens and people ruled mentally ill by a court or other official body. While NICS is pretty big, with 10.4 million records, it’s incomplete.

For example, states aren’t required to submit mental health records, and some don’t. Most states don’t submit noncriminal records that would be pertinent in a gun background check, such as failed drug tests for people on probation, according to a Government Accountability Office study.

To do a background check, a store clerk has the customer fill out a “firearms transaction form” that asks for information such as name, address, Social Security number, and the person’s criminal history or drug use. If he’s not in the NICS index, he gets to buy the gun.

If he is in the index, the call is transferred to a NICS examiner, who has access to more detailed information. The examiner may make a decision then and there, or he may delay the request pending further investigation.

If the gun is sold, the retailer must store certain data about the transaction, including who the buyer is and what the serial number is on the gun. If the gun is ever recovered in a criminal investigation, law officers can have the ATF trace it by serial number, to help with detective work.

The traceability of guns remains caught in a web of outdated technology, Byzantine processes, incomplete records and political battles. A new Pew survey in May found public opinion virtually unchanged from January, says Carroll Doherty, an associate director there. Eighty-one percent of those surveyed want more background checks and 66 percent want a federal database. “A four-month debate on gun policy hasn’t changed many minds at all,” he says.