On November 27, 2019, the Drug Supply Chain Security Act (DSCSA) will considerably change how wholesale distributors must process serialized pharmaceutical returns from customers. Every wholesaler will have to verify that the identifier on the product corresponds to the standardized numerical identifier (SNI) assigned by the manufacturer and a manufacturer will have to reply within 24 hours to a verification request.

Verification router service (VRS) is coming together for DSCSA compliance

This guide does not establish legally enforceable responsibilities. Instead, this document describes DOit’s current thinking on the DSCSA 2019 requirements and should be viewed only as a recommendation.


You only need VRS if you do receive returns and intend to sell it again.  If you business rules (SOP) do not allow returns from customers, or the volume is insignificant to the point you would destroy, YOU DO NOT NEED VRS.

COMPLIANCE LEVELS (if intend to resell returned products)

The $ column indicated a scale of cost involved in each level.  Level 0, has a higher cost than 1 for the simple reason that someone will need to fetch the information manually ‘out there’ and this will take time, organization and clear ‘manual’ controls.

Level 1 is a result of you operation (shipping) workflow thus it’s ‘free’ in the sense that will hardly add any time or effort.  You just DOit !

Other levels will need to add a 3rd party directory such as LSPedia’s, Tracelink or RFExcel’s.  It is cost efective depending on the $ volume of you returns.

Level 3 is now irrelevant since it’s only for 2023.  We will be ready by then and rules / cost are still to be established.


Scan lot number and expiration date on inbound and outbound. Does not keep record of SNIs. Manually verify the SNIs of salable returns by contacting (calling or emailing) the manufacturer.


Scan SNIs on outbound (build an internal database).  Verify SNIs using the internal database upon product return. Manually verify the SNIs of salable returns by calling or emailing the manufacturer if the SNI is not found on the internal database (e.g. a unit returned from a case that was shipped in the first place).


Scan SNIs on outbound (build an internal database). Verify SNIs using the internal database upon product return. Use a Verification Router Service (VRS) Directory to check SNIs not found.


Electronic Product Code Information Services (EPCIS) is a global GS1 Standard for creating and sharing visibility event data, both within and across enterprises. EPCIS exchange between manufacturers and wholesalers will allow a tighter verification of SNIs across the entire distribution chain.


Our understanding is that your company is complaint with the new DSCSA requirements on any of the mentioned levels. Level 0 requires more manual work and may not be viable depending on the average number of returns per month.  Level 1 provides automation for most cases (however it doesn’t support disaggregation). Level 2 has more automation at the cost of a new service. Depending on the number of returns, having a VRS Directory Lookup may not be viable.

If you have the time we would suggest ou take a look at the Healthcare Distribution Alliance (HDA) Saleable Returns Pilot Program Report on the  Wholesale Distributor Perspective section (page 13).

DOit ERP has EVERYTHING required to delivery compliance up to Level 2.  We’re preparing the system to comply with Level 3 for DSCSA 2023 requirements.


Q: Are there other ways to comply with the DSCSA requirements?

A: Yes. There are many ways to comply with the 2019 requirements. We’ve only listed what we believe are cost-effective and viable approaches to verifying salable returns. We recommend reading the HDA salable Returns Pilots Report for alternative scenarios.

Q: Can I sell a valid returned product that wasn’t shipped by me in the first place?

A: No, you can’t. The DSCSA already requires that you provide transaction information, transaction history, and transaction statement for each prescribed drug you sell. It’s not possible to provide transaction history for a product that wasn’t originally purchased by your company.

Q: Do I need to scan each unit of a container individually before shipping sealed homogeneous cases?

A: No. Scanning each individual product package is not practical or economically feasible. You’ll have to verify the SNIs manually (calling/emailing the manufacturer or through VRS)if your customer returns units out of a container.

Q: Can I receive products if their package doesn’t have an SNI after Nov 2019?

A: According to the ‘Grandfathering Policy’ guidance document, medical products that are packaged without a traceable product identifying 2D barcode before the DSCSA deadline of 27 November 2018, but are in the supply chain after that date, can continue to be distributed.

To be considered eligible as a grandfathered product, there must be documentation, such as transaction information or a transaction history, proving the product was packaged by a manufacturer before 27 November 2018, the FDA says. It is recommended that such information is shared with trading partners.

Q: What compliance level is required to meet the DSCSA requirements for 2019?

A: Levels 1 or 2 meet the requirements for 2019. Level 0 also works if you opt to discard returned drugs or verify their validity manually – which may work depending on the volume of returns.

Q: WHAT should i do if the barcode is incorrect or impossible to read?

A: The product should be returned to the manufacturer for proper relabeling.

Q: What about prescription drugs not identified by a standardized serial identifier?

A: The product should be returned to the manufacturer for proper relabeling.


A: Manufacturers and wholesalers are not sending SNI and aggregation data to their peers yet. For this reason, scanning SNIs on the inbound doesn’t add much to the process compliance-wise. You can use the scanners in the inbound, though, to assist in the input of lot numbers and expiration dates.

Q: Do I need to track SNIs if I’m paying for a VRS service?

A: VRS services can answer if a SNI is genuine, recalled or discontinued. VRS services cannot tell if your company sold a particular SNI to your customer. An internal database of SNIs allows an even more accurate verification. Your company can track if returns were originally shipped from your company, maintaining the traceability properties required by the DSCSA requirements.


Setting up business rules (SOPs) in you organization also helps on compliance and avoid additional unneeded costs.  Here a just a few

  • If you ship factory sealed close box, only accept factory sealed close box returns.  This avoids disaggregation.
  • Open boxes or tampered items should not be accepted
  • Reject serial numbers that were NOT shipped by you.  DOit’s RMA process you ensure of that
  • Establish clear rules on return policy and add them to you invoice notes


DISCLAIMER: this document contains some of the personal thoughts, ideas and opinions of DOit ERP Team. This is not legal advice.  The reader must make their own decisions about the accuracy of the opinions expressed here. Readers are encouraged to consult their own legal counsel and trading partners before taking any actions based on information found in this document.