POET is not designed to serve as the system of record for regulated processes, therefore not subject to GxP requirements. It is designed to enable cross-organizational collaboration and process orchestration, while the system of record for each process remains within the respective enterprise systems.

Type = Troubleshooting,; Topic = Multienterprise Information Network Tower (MINT),;Persona = TraceLink Administrator, User,; Orchestration = Manufacturing, Logistics, Commerce, Transportation, Clinical Supply,; Function = Supply Chain, IT, Procurement, Spare 2,

DSCSA Exception Management

Compliance Exceptions refer to tracked deviations or variances from defined compliance requirements, business rules, or quality standards within a process.

What is a compliance exception

Compliance exceptions under the DSCSA (Drug Supply Chain Security Act) framework refer to events or conditions where serialized product data, verification, or transaction information does not meet regulatory or operational expectations. These exceptions may arise from discrepancies, delays, or inaccuracies along the pharmaceutical supply chain—typically between manufacturers, wholesalers, distributors, and dispensers.

Types of compliance exceptions

  • Serialization data mismatches: This occurs when product serial numbers are missing, duplicated, or invalid across systems such as Serialized Operations Manager (SOM) or partner EPCIS files.
  • Verification failures: This occurs when Product Information Manager (PIM) or Verification Router Services (VRS) cannot confirm product authenticity.
  • Transaction Information (TI), or Transaction Statement (TS) discrepancies: Refers to discrepancies or missing data in the DSCSA transaction documents exchanged between trading partners. These issues may include incomplete transaction statements or incorrect product identifiers.
  • Product traceability and reporting exceptions: Occurs when serialized or shipment data is missing for certain transaction events.
  • Timing violations: Occurs when compliance data submissions to authorities (e.g., EMVS, KPIS, or DSCSA partners) are delayed beyond SLA timelines, risking regulatory non-compliance.

How to configure the DSCSA exception management marketplace solution

Before using the compliance exception marketplace solution, Solution Designers must first configure the solution in OPUS Solution Environment (OSE) by following the steps listed below:

Solution Designers must first save the latest version of the marketplace solution from the marketplace catalog as a company solution.

  1. Select the Main Menu icon.
  2. Select OPUS Solution Environment.
  3. Select Catalog from the left menu.
  4. Select Marketplace Solutions.
  5. On the Search Solutions page, filter the list of solutions to find the required solution.
  6. Find the latest version of the solution and select the Solution Name to open the solution.
  7. On the Solution Details page, select Save As.
  8. On the Save As panel, fill in the following fields:
    1. Solution Name field – The name of the solution that will be saved as a company solution.
    2. Description field – (Optional) The description of the solution.
  9. Select Apply.
    The marketplace will be saved as a company solution in the Available tab on the left menu.

After saving the solution as a Company Solution, Solution designers must create a network for the solution from OPUS Administration.

  1. Select the Main Menu icon.
  2. Select Administration.
  3. Select Network and Apps from the left menu.
  4. Select New.
  5. In the Network Information section, fill in the following fields:
    1. Application drop-down – Select the application for which you want to configure the marketplace solution. For e.g. Process Orchestration for Empowered Teams.
    2. Network Name field – The name of the network being created.
    3. Network Description field – (Optional) The description of the network being created.
  6. In the Solution section, fill in the following fields:
    1. Standard Solution toggle – This value must be no as the solution for which the network is being created is a marketplace solution.
    2. Company Solution field – Select the solution that you saved as a company solution in the previous procedure.
  7. Select Save.
    The new network is created and the solution is ready for use.

After creating a network for the solution, Solution Designers must define roles for accessing the network.

  1. Select the Main Menu icon.
  2. Select Administration.
  3. Select Users from the left menu.
  4. Select Network Members from the left menu.
  5. On the Search Network Members page, filter the list of network members by the network created in the previous procedure.
  6. Select the user email of the user who created the network.
  7. Select Edit.
  8. In the Roles section, select the role required to access the network.
  9. Select Save.
    The role to access the new network is configured.

For more information about configuring or customizing marketplace solutions as per your business needs, see OPUS Solution Environment Help Center.

Add a compliance exception

Compliance exceptions is a sub-type of the Work Item business object and contains fields that are specific to compliance exceptions. By default, a compliance exception is created by a set of basic fields, which are widely used. However, depending on your business needs, you may need to include additional fields in the compliance exception. To include additional fields, edit the compliance exception to view all available fields and update the required fields.

  1. Select the Main Menu icon.
  2. Select My Networks.
  3. Select a [POET Network] from the Select your Network drop-down in the header.
  4. Select a Partner or location from the Select your Partner or Location drop-down in the header.
  5. Select Go.
  6. Select Compliance Exception from the left menu.
  7. Select New.
  8. In the General section fill in the following fields:
    1. Title field – The title of the new compliance exception.
    2. Business Priority field – The level of priority for the compliance exception. Select from Low, Medium, High, and Critical.
    3. Category field – The category of the compliance exception.
  9. Select Save.
    The compliance exception is created in the Draft state.
  10. To move the compliance exception to To Do state, select Move to.

Owners and Partners who are on the TraceLink network but do not use the Web UI can create a compliance exception by sending an email in an HDA-compliant format. To enable compliance exception creation through email, Owners and Partners must follow the steps listed below:

  1. Create an SMTP B2B connection in Extensible TraceLink Transfer, which generates a unique TraceLink email (e.g. apt_owner_6bba37c60eeb56@tracelink.com). For more information about adding an SMTP B2B connection, see the Extensible TraceLink Transfer Help Center.
  2. Share the TraceLink-generated email address (e.g. apt_owner_6bba37c60eeb56@tracelink.com) with a TraceLink Service Representative to map the email address with Process Orchestration for Empowered Teams.

Draft a compliance exception email

TraceLink suggests using the email format recommended by Healthcare Distribution Alliance. Process Orchestration for Empowered Teams will create a compliance exception if the email has a subject line and body, but will not filter spam. A sample format for a compliance exception email is provided below:

  • A standard subject line: Trading partners involved + Exception Category + Issue tracking #

  • A brief narration of the exception: Be as brief as possible in explaining the incident, refraining from stating any pieces of information already specified in the field list below.

  • Fields in the body of the email: The responding trading partner will typically need the following information (where applicable:).

    • PO Number:
    • Delivery #/Shipment ID/DESADV:
    • NDC(s) involved in the exception:
    • 2D Barcode scan:
      • For product, no data exceptions where output of the scan cannot be provided, a photo of the 2D data matrix barcode inclusive the human readable [i.e. (GTIN (01), Serial # (21), batch/lot#(10), expiry(17) ] adjacent to the 2D barcode.
      • For data no product exception where there is no physical product to scan, capture the GTIN, Serial number, batch and expiry from the incoming file.
    • SSCC-18 (00) as applicable
    • Exception category (Product and No Data, Data and no product)
    • Where/when the exception occurred (e.g., receiving, outbound picking, returns processing),
    • Scope of exception (e.g., entire shipment, pallet, case, inner pack, package, etc.)
    • Product description (Drug/Biologic Name)
    • Source owning/location GLNs
    • Destination owning/location GLNs or ship-to address if GLN is not known
    • Carrier tracking number
    • Contact info (name/email/phone)

Modify a compliance exception

  1. Select the Main Menu icon.
  2. Select My Networks.
  3. Select a [POET Network] from the Select your Network drop-down in the header.
  4. Select a Partner or location from the Select your Partner or Location drop-down in the header.
  5. Select Go.
  6. Select Compliance Exception from the left menu.
  7. Select the Display Identifier of the compliance exception to edit.
  8. Select Edit.
    In addition to the fields updated when creating the compliance exception, additional fields will be displayed which can be updated if required.
  9. In the General section update the following fields:

    1. Issue Tracking Number field - Displays the identifier of the Compliance Exception as in their internal system or ERP. While creating exceptions via Serialized Operations Manager (SOM), it represents the Exception ID of SOM.

    2. Title field – The title of the new compliance exception.
    3. Due Date field – The date by which the compliance exception must be completed.
    4. Business Priority field – The level of priority for the compliance exception. Select from Low, Medium, High, and Critical.
    5. Business Unit field – The business unit for the compliance exception.
    6. Category field – The category of the compliance exception.
    7. Sub Category field – The sub category of the compliance exception.
    8. Description field – The description of the new compliance exception.
    9. Source of Exception drop-down – Displays the source of the exception.
    10. Scope of Exception drop-down – Displays the scope of exception.
  10. If you require to collaborate with an external partner, enter the following Assignee Company details under the Participants section:
    1. Business Name field – The name of the Partner company that is assigned to take action on the compliance exception.
    2. Identifier Type field – The type of document that is associated with the compliance exception, such as Purchase Order, Invoice etc.
    3. Identifier Value field – The identifier value document associated with the compliance exception, such as PO number, Invoice number, etc.
  11. You can specify the user who is assigned the compliance exception under the Assignee User section:
    1. Email field – The email address of the user to whom the compliance exception is currently assigned

    2. Name field – The name of the user to whom the compliance exception is currently assigned

  12. If you need to add delivery details, update the following fields under the Delivery Information section:
    1. Delivery Number field - Delivery Number of the shipment/receipt against which the exception is being recorded.
    2. PO Number field - Purchase Order Number associated with the delivery.
    3. Carrier Tracking Number field - Carrier Tracking Number associated with the delivery.
    4. (From Business) Business Name field – The name of the company that sent the consignment.
    5. (From Business) Primary Identifier Type field – The identifier type of the company, such as GLN, SGLN, etc.
    6. (From Business) Primary Identifier Value field – The identifier value of the company.
    7. (Shipped From Business) Business Name field – The name of the company that sent the consignment.
    8. (Shipped From Business) Primary Identifier Type field – The identifier type of the company, such as GLN, SGLN, etc.
    9. (Shipped From Business) Primary Identifier Value field – The identifier value of the company.
    10. (To Business) Business Name field – The name of the company that received the consignment.
    11. (To Business) Primary Identifier Type field – The identifier type of the company, such as GLN, SGLN, etc.
    12. (To Business) Primary Identifier Value field – The identifier value of the company.
    13. (Shipped To Business) Business Name field – The name of the company that received the consignment.
    14. (Shipped To Business) Primary Identifier Type field – The identifier type of the company, such as GLN, SGLN, etc.
    15. (Shipped To Business) Primary Identifier Value field – The identifier value of the company.
  13. If you need to contact information, update the following fields under the Contact Information section:
    1. Name field – The name of the contact.
    2. Email field – The email address of the contact.
    3. Phone field – The phone number of the contact.
  14. In the attachments section, add a supporting document for the compliance exception under Documents.
  15. In the Impacted Products section, add product information in the following fields:
    1. Product Name field – The name of the impacted product.
    2. Lot Number field – The lot number of the impacted product.
    3. Primary Item Code Type field – The item code type of the impacted product.
    4. Primary Item Code Type field – The item code value of the impacted product.
    5. Product GTIN field – The GTIN of the impacted product.
    6. Expiration Date field – The expiration date of the impacted product.
  16. In the Transaction ID section, add information about the transaction in the following fields:
    1. Transaction Identifier Type field – The type of transaction associated with the impacted product, such as Purchase Order, Supplier Order, Delivery Receipt.
    2. Transaction Identifier Value field – The ID of the transaction for the impacted product.
  17. In the Suspect Product section, add detailed information about the impacted product in the following fields:
    1. Drug Composition field – The composition of the impacted product.
    2. Incident Number field – The incident number associated with the impacted product.
    3. Product Label Name field – The product label name of the impacted product.
    4. Request For Notification Termination field – Request for notification termination for the impacted product.
    5. Business Type field – The business type of the impacted product.
    6. Drug Description field – The description of the impacted product.
    7. Drug Use field – The use of the impacted product.
    8. Notification Classification field – The notification classification of the impacted product.
    9. Report Type field – The report type of the impacted product.
    10. Submitted Through Alternate Mechanism field – Indicated if the impacted product was submitted through an alternate mechanism.
    11. Date Product Identified As Illegitimate field – The date when the impacted product was identified as illegitimate.
    12. Initial Notification Date To FDA field – The initial notification date to FDA for the impacted product.
  18. In the Comments and Attachments section, add a comment in the Comment Text field and name of the user in the Commented By field, or attach a file under Attachment.
  19. Update the required information.
  20. Select Save.
    The compliance exception is updated.
Owners can edit the Assignee Details section while the compliance exception is in the Draft state. Once the work item moves to the To Do state, the Assignee Details section can be edited only once.

Compliance exceptions workflow

The following workflow states are used to track the progress of a compliance exception:

Base State Workflow State Description
Draft Draft The compliance exception is newly created and remains in its initial stage. At this point, it is visible to users in the owner company.
To Do To Do The compliance exception has been assigned and is awaiting action. When the assignee is a partner, the partner is notified and the compliance exception becomes visible to them.
In Progress In Progress The compliance exception is actively being worked on. When assigned to a partner, the partner can take action, while the owner can continue to edit the compliance exception in this state.
Done Done The compliance exception has been completed and moved to its final closed state.

Monitor compliance exceptions

A high level understanding of the state of all compliance exceptions that you have access to.

  1. Select the Main Menu icon.
  2. Select My Networks.
  3. Select a [POET Network] from the Select your Network drop-down in the header.
  4. Select a Partner or location from the Select your Partner or Location drop-down in the header.
  5. Select Go.
  6. Select Compliance Exceptions Dashboard from the left menu.
    View the widgets in the dashboard, which display pre-defined queries to demonstrate the state of all compliance exceptions at a high level.
Metric Description
Current Trends
Status - Open Compliance exceptions classified according to workflow status (Draft, To Do, In Progress) which are not done.
Business Priority Compliance exceptions classified according to business priority (Critical, high, medium, low) combined with workflow status.
Category - Open Compliance exceptions classified by exception category with status open.
Due Date Monitoring
Compliance Exceptions Overdue Compliance exceptions past Due Date by currentState. Escalates compliance and execution risks.
Compliance Exceptions Due in Next 24 Hours Compliance exceptions due within 24 hours by currentState. Highlights items requiring immediate executive attention.
Compliance Exceptions Due in Next 7 Days Compliance exceptions due within 7 days by currentState. Supports short-term workload planning.
Compliance Exceptions Due in Future Compliance exceptions due beyond 7 days by currentState. Supports capacity forecasting.
Network Performance
Ship From Location Compliance exceptions classified by the From Business entity.
Ship To Location Compliance exceptions classified by the Ship To Location entity.
Status Compliance exceptions classified according to workflow status (Draft, To Do, In Progress, Done).
Organizational Performance
Business Unit Compliance exceptions classified by business unit combined by workflow status.
Product Name Compliance exceptions classified by product name combined by workflow status.
  1. Select the Main Menu icon.
  2. Select My Networks.
  3. Select a [POET Network] from the Select your Network drop-down in the header.
  4. Select a Partner or location from the Select your Partner or Location drop-down in the header.
  5. Select Go.
  6. Select Compliance Exceptions Dashboard from the left menu.
    View the widgets in the dashboard, which display pre-defined queries to demonstrate the state of all compliance exceptions at a high level.
Metric Description
Open Exceptions Compliance exceptions in the open state assigned to the partner.
Business Priority Compliance exceptions classified according to business priority (Critical, high, medium, low) combined with workflow status.
Assigned User Compliance exceptions classified by assignee.
Category - Open Compliance exceptions classified by exception category with status open.
Due Date Monitoring
Compliance Exceptions Overdue Compliance exceptions past Due Date by currentState. Escalates compliance and execution risks.
Compliance Exceptions Due in Next 24 Hours Compliance exceptions due within 24 hours by currentState. Highlights items requiring immediate executive attention.
Compliance Exceptions Due in Next 7 Days Compliance exceptions due within 7 days by currentState. Supports short-term workload planning.
Compliance Exceptions Due in Future Compliance exceptions due beyond 7 days by currentState. Supports capacity forecasting.
Network Performance
Ship From Location & Business Unit Compliance exceptions classified by the Ship From Location and Business Unit.
Ship To Location & Business Unit Compliance exceptions classified by the Ship To Location and Business Unit.
Product Impact
Product Name Compliance exceptions of status To Do, In Progress, and Done, categorized by product name
  1. Select the Main Menu icon.
  2. Select My Networks.
  3. Select a [POET Network] from the Select your Network drop-down in the header.
  4. Select a Partner or location from the Select your Partner or Location drop-down in the header.
  5. Select Go.
  6. Select Compliance Exceptions from the left menu.
  7. Select Filter.

  8. In the Filters panel, fill in one or more of the following fields to filter the results:

    1. State field – The state in which the compliance exception is, such as To Do, In Progress, or Done.
    2. Title field – The title of the compliance exception.
    3. Creation Time field – The time when the compliance exception was created.
    4. Display Identifier field – The display identifier of the compliance exception.
    5. Category field – The category of the compliance exception.
    6. Sub Category field – The sub-category of the compliance exception.
    7. Business Unit field – The business unit responsible for the compliance exception.
    8. Business Priority field – The business priority of the compliance exception.
    9. Last Modified Time field – The period of time in which the compliance exceptions was last updated.
    10. Due Date field – The due date of the compliance exception.
    11. Initiator Company field – The business name and identifier of the company which initiated the compliance exception.
    12. Assignee Company field – The business name and identifier of the company which is assigned the compliance exception.

  9. Select Apply.
    All compliance exceptions matching the filter criteria are displayed.

Tag end