Saleable Unit Serialization

Saleable Unit Serialization is the process of assigning, printing or marking, commissioning, and managing a unique identifier for each package intended for commercial distribution. In pharma, this is the DSCSA “product identifier” encoded as a 2D DataMatrix with GTIN (carrying the NDC), randomized serial, lot, and expiry; in medical devices, it manifests as the UDI (DI/PI). Serialization enables verification at receipt and return, unit-level recall precision, anti-diversion controls, and electronic trace interoperability (e.g., EPCIS).

From a MES perspective, serialization is an execution-time control: it selects/generates valid serials, triggers the print/apply operation, verifies symbol content and quality, binds the serial to the physical pack and the batch/device record, and aggregates to cases/pallets. Unlike lot-only models, serialization requires event-level data integrity, strong interfaces to printers/vision, and robust exception handling to maintain a trustworthy pedigree.

In the U.S., DSCSA requires that trading partners affix or imprint a product identifier at the package level and exchange interoperable tracing information. The product identifier comprises the standardized numerical identifier (GTIN with embedded NDC) plus the serial number, lot number, and expiration date in a 2D DataMatrix. FDA guidance further clarifies package-level interoperable verification and data exchange expectations for enhanced security, as well as verification for saleable returns. While aggregation is not explicitly mandated by statute, it is operationally necessary to support distribution efficiency and inference-based verification.

In the EU, safety features for prescription medicines include a 2D code containing a unique identifier and an anti-tamper device, with verification and decommissioning in national repositories at dispense. Medical devices globally implement UDI at the unit level, linking the device to a UDI-DI and production identifiers (e.g., lot/serial/expiry). Across jurisdictions, computerised system controls (EU GMP Annex 11, 21 CFR Part 11) and data integrity principles (e.g., MHRA guidance) govern how serialization data is generated, recorded, reviewed, and retained in validated systems.

Serialization depends on a precise data model: a globally unique product key (GTIN for drugs; UDI-DI for devices), a non-repeating serial number per GTIN, and production attributes (lot and expiry). The 2D symbol encodes GS1 Application Identifiers (AIs). Serial generation should be non-sequential and sufficiently random to resist guessing at scale. MES must maintain a serial state machine (available, commissioned, packed, aggregated, shipped, decommissioned, destroyed) and complete genealogy from unit through case (SSCC) to pallet SSCC.

• Serial policy: randomized, length and character set governed by GTIN-specific rules; enforce uniqueness and collision checks.
• Symbol grading: enforce minimum print quality (2D grading) to avoid downstream scan failures; verify AI syntax and check digits.
• State transitions: only a verified, good-read serial may be commissioned; damaged or duplicate codes must be quarantined with recorded rationale.

Operational serialization hinges on reliable print/apply and verification. MES triggers the print job with the exact data payload, records the device ID, firmware, and recipe parameters, and orchestrates camera/vision systems for in-line verification. Good reads advance to commissioning; failed reads route to reject bins or rework. Symbol quality grading and human-readable text must be validated at defined sampling plans, and on-rework flows need controls to prevent double-commissioning.

To support high OEE, the line should buffer serial requests (edge store-and-forward) and degrade gracefully on momentary network interruptions. All exceptions—duplicate detection, unreadable code, format violations—require operator e-signatures and contemporaneous justification. The equipment interface (e.g., via OPC UA/DA or proprietary drivers) should be version-controlled, time-synchronized, and validated to GAMP 5 expectations.

Serialization requires clear allocation of responsibilities across ISA-95 levels and ISA-88 procedural models. Level 4 (ERP) governs GTIN lifecycle, material masters, and commercial orders; Level 3 (MES) executes serialization within the batch/lot context, manages serial states, and aggregates; Level 2 (control) runs printers, cameras, and reject mechanisms; Level 1/0 encompass devices and sensors. ISA-88 recipes embed serialization steps (operations) and interlocks to prevent out-of-sequence or unauthorized prints.

• Master data alignment (GTIN, packaging hierarchies) must be versioned and effective-dated.
• MES should expose a phase or operation for serialization with permissives (e.g., line clearance complete, correct label recipe).
• Bidirectional acknowledgments ensure every serial move (commission, pack, ship) is atomic and auditable.

Unit-level traceability depends on capturing events and relationships. Commission events bind the serial to the GTIN and batch; aggregation events express parent-child links (unit→case SSCC; case→pallet SSCC); shipping/receiving events record custody changes. EPCIS data models standardize event structure, vocabularies, and times/locations so trading partners can interoperate without custom mappings.

• Commission: Create serial at pack line, link to GTIN and lot/expiry.
• Aggregation: Link multiple child serials to a parent SSCC; maintain rework-safe disaggregation/re-aggregation history.
• Shipping: Capture ReadPoint and BizLocation; include case/pallet parents for inference-based verification.
• Receiving: Verify against expectations; reconcile shortages/overages; detect duplicates/diversion.
• Decommission: Record reason codes (e.g., destroyed, sampled, expired, stolen, return to stock).

A robust repository should ensure immutability of event history, support late data arrival, and preserve ordering semantics via event time plus system time. It must provide query APIs for verification at point of receipt or return and support bulk responses at distribution tempo. Where internet connectivity is constrained, edge buffering and eventual consistency patterns are essential.

Serialization records are GxP-relevant. Systems must be validated commensurate with risk (GAMP 5), and electronic records and signatures must meet 21 CFR Part 11/EU Annex 11. Minimum controls include secure, computergenerated audit trails for create/change/delete actions on serial numbers, event records, and configuration; unique user IDs with role-based access; contemporaneous, attributable entries; and time synchronization across devices to maintain a defensible sequence of events.

MHRA data integrity guidance emphasizes ALCOA+ principles—records must be attributable, legible, contemporaneous, original, and accurate, with extended completeness, consistency, and enduring availability. Audit-trail review should be risk-based and periodic; exceptions (duplicate, overwrite attempts, backdating) must be investigated via CAPA. System interfaces (e.g., MES–WMS EPCIS), if used for regulatory decisions (verification, release, returns), must be qualified with traceable testing, change control, and supplier assessments.

• Enforce two-person e-signature on forced overrides (e.g., manual serial commissioning).
• Prohibit orphaned serials by transactional commits that couple physical movement and state change.
• Retain records for the statutory period and ensure readability after technology refreshes (format migration/validation).

Serialization must be anchored to the eBMR/eDHR so QA can release with full visibility into serial commissioning yield, rejects, symbol quality trends, and aggregation completeness. Discrepancies—such as unknown serials in a case, failed verification, or short packs—should automatically raise deviations with linked evidence (images, machine data) and block downstream aggregation or shipment until disposition.

For recalls, serialization enables precise queries—identify shipped serials by lot, market, date range, or distribution node, then issue targeted notifications. Granular decommissioning codes support accurate accounting of rework, destruction, and returns. When a serialized saleable return is received, verification against authoritative repositories can prevent counterfeit reintroduction, and any verification failure must trigger quarantine, investigation, and, where applicable, notifications.

Aggregation ties serialized units to logistics identifiers (SSCC at case/pallet) so warehouse operations can infer unit contents without opening cases. In high-throughput distribution, inference is essential to maintain performance while preserving unit-level traceability. At outbound, shipping EPCIS events should include parent SSCCs and destination, while inbound receiving should verify serials either by inference or scan, reconciling exceptions immediately.

Saleable returns verification checks a unit’s product identifier against authoritative data to confirm it was legitimately produced and not previously dispensed or decommissioned. Systems should support both synchronous verification at dock and asynchronous batch verification for large volumes. Results and any anomalies must be tied to the returned item’s disposition to maintain a closed audit trail.

V5 orchestrates serialization as part of the master recipe and electronic record: serial provisioning (pooling or on-demand), deterministic print/verify workflows, and atomic commissioning. It persists EPCIS-grade events, manages aggregation to SSCC, and enforces interlocks that prevent pack/ship if serial state, label content, or quality criteria are not met. Downstream, WMS receives the same authoritative serial graph for verification, picking, and returns, while QMS captures exceptions with linked images and machine context.

Because V5 Ultimate ships MES + QMS + eBMR/eDHR + LIMS + WMS + Maintenance on a single validated record, serial events, deviations, holds, test results, and release signatures are inherently consistent and Part 11/Annex 11 compliant. Integration to ERP and partners is handled via standards-based interfaces (EPCIS) with audit trails, change control, and monitored message queues.

Frequent issues

• Master data drift: GTIN versions, packaging hierarchies, and label templates out of sync between ERP, MES, and line controllers.
• Weak serial governance: duplicate issuance across pools; lack of collision checks; insufficient randomness enabling brute-force guessing.
• Symbol quality escapes: inadequate print validation or poor environmental control (ink, substrate, vibration) causing downstream scan failures.
• Event gaps: missing Commission or Aggregation events break verification and returns processing; no immutable audit trail.
• Overridden exceptions: excessive use of manual overrides without independent review or e-signature challenge/response.
• Latency at scale: synchronous partner lookups without edge buffering stall high-speed lines.

Remediation strategies

1. Establish a single serial authority at MES, with deterministic state transitions and collision-resistant generation; perform periodic uniqueness analytics.
2. Implement closed-loop print/verify with reject capture, symbol grading thresholds, and SPC on code quality; link rejected serials to decommission reasons.
3. Adopt EPCIS for event sharing; enforce completeness checks (Commission before Pack, Pack before Ship) and reconciliation gates at warehouse moves.
4. Harden data integrity: Part 11-compliant audit trails, time sync across assets, role-based access, and periodic audit-trail review per MHRA guidance.
5. Qualify integrations and edge buffering to sustain throughput; design for eventual consistency with clear SLAs and alerting.