Medicine Thefts And Their Prevention: Current Approach In Italy And Future Perspectives

Introduction

In recent years, medicine thefts have been increasing and have become a European challenge. For example, in Italy the number of thefts, especially in hospitals, has increased exponentially since 2011 ¹ and rapidly became a ‘media emergency’, with weekly articles and reports in nationwide media. This emergency situation resulted in the AIFA (Italian Medicines Agency) Counterfeiting Prevention Unit setting up a project with the Pharma Industry Association in Italy (Farmindustria) in order to create a shared database. One of the primary targets of this initiative was for industry to share with AIFA information about stolen medicines, that is, product, manufacturer, batch details, quantity and so on: the database was populated, and the data were then collated and analysed in order to better understand the real framework. Another action was to organize that information in order to let AIFA both investigate and respond to theft cases, and refer to those data against pharmaceutical crime in general.

The trend and economic impact of medicine thefts

According to the research of Transcrime, ² the Joint Research Center on Transnational Crime of the Sacred Heart Catholic University of Milan and the University of Trento, during the period from 2006 to May 2014, 1 hospital out of 10 in Italy was victim of theft of medicines with an economic loss between €250,000 and €330,000 per event (Table 1). ² Before 2011, this crime was almost non-existent (only two cases were reported). The number of thefts has increased exponentially in the last few years, and from 2012 to 2014, 98 robberies occurred ² ; however, these data are likely to be underestimated because the Transcrime research relied only on data collected from online news portals and other media, due to the lack of systematic scientific researches and availability of updated official data.

OPEN IN VIEWER

Table 1.

Direct losses caused by thefts of medicines.

Year	Total value (€)	Average value (€)	Thefts (n)
2011	5,000,000	2,500,000	4
2012	10,452,000	406,000	10
2013	10,452,000	227,217	51
2014 (January–May)			37
Total 2006–2014	18,719.000	328.404	110
Variations 2011–2013	+109%	−91%	+1.175%
Variations 2012–2013	+221%	−44%	+410%

Source: Transcrime (2014, 2015).

Overall, from 2011 to 2013, the thefts of medicines from Italian hospital pharmacies (HPs) caused a total loss of 18,704,000 euro. The main attractions of illegal markets were the more expensive medicines, such as cancer medicines, which could yield higher profits. Organized criminal groups may act in different segments of the supply chain. The most vulnerable ‘rings’ of the logistic process are the transport and the storage into the hospitals. Other important factors influencing the illegal trade of stolen medicines besides the price of the medicine itself were the price differentials between countries and the different reimbursement regimes adopted in the European Union (EU). Although the use of international pricing benchmarks still prevailed in most countries, countries where medicines had a relatively low price, such as Italy, became involuntary exporters of stolen pharmaceuticals to high-price-level countries, for example, Germany, the United Kingdom and the Netherlands.

The Herceptin case

The so-called ‘Operation Volcano’, ³ , ⁴ also known as ‘Herceptin Case’, originated upon receipt of an alert by a German parallel distributor; further investigations following the alert uncovered that vials of the cancer medicine Herceptin (Trastuzumab), stolen from Italian hospitals, had been manipulated, falsified and reintroduced under false credentials by unauthorized wholesalers into the legal supply chain. Authorities in Germany, Finland and the United Kingdom have carried out seizures of falsified vials. The distribution of the falsified vials to other EU Member States (MS) was also proved (Figure 1).

OPEN IN VIEWER

Figure 1.

Outline of the supply chain model in the Herceptin case: (a) bogus operator sells to Italian operator who sells to German operator; and (b) bogus operator sells to Italian operator who sells to operator in another MS who subsequently sells to a German operator.

Interestingly, the structure of the German pharmaceutical market is attracting products from all other EU MS, and in particular from Italy, Greece and Romania. Parallel trade is fostered through ad hoc regulation aimed at obtaining saving on pharmaceutical expenditure, and difference in prices between Germany and other EU MS is a key driver for the process. Due to this situation, the level of checks on trades should be as high as possible, since undetected infiltration of illegal products was proven to be possible: after the Volcano Operation, Germany set up a cooperation scheme between authorities, similar to the one established in Italy since 2006, that identified other dangerous infiltration channels.

Upon further investigation by the Italian authorities, additional medicinal products have been identified as stolen in Italy and subsequently reintroduced under false credentials by a criminal organization connected to Italy. This has been facilitated through unauthorized wholesalers connected with the Italian criminal organization. These wholesalers were formally based in Cyprus, Hungary, Latvia, Romania, Slovak Republic, Slovenia and Greece, and they were issuing fake invoices to sell the stolen medicines to authorized Italian and Maltese operators. These authorized operators have subsequently exported the medicines to other EU markets. The vulnerability of the parallel import channel to this kind of attack and the lack of enforcement actions with respect to Good Distribution Practice (GDP) (e.g. inspections to wholesalers) were major causes for the case. Strong protection of the network via strict importing rules for parallel distribution and traceability systems for medicines, cooperation between enforcement and health authorities and sharing of information and intelligence allowed Italy to counteract criminals and avoid the infiltration of illegal medicines into the legal supply chain. Web tools such as Fakeshare also contributed to the disruption of this illegal network. ‘Fakeshare’ is a project coordinated by AIFA and co-funded by the ‘Prevention of and Fight against Crime’ Programme of the EU—aimed at developing coordinated initiatives (such as investigation, campaigning, training) against the illegal distribution of medicines, with the goal of optimizing the use of resources in activities developed at national and international level, by

Fakeshare developed and offered a web platform and cooperative web tools for strategic prevention and action against the use of the Internet as a support to the distribution of falsified medicines and, in general, for counteracting pharmacrime.

Fakeshare II extended the area of use and the scope of the web platform: first, by enlarging the cooperation to MS in which there is a history of regulating (and investigating) e-pharmacies, to non-EU MS bordering the Union (a possible ‘door of access’ for illegal medicines) and to other countries; and second, by extending the gathering and the sharing of data to all activities against pharmaceutical crime (including thefts of medicines and investigations on social networks), instead of limiting the activities to rogue e-pharmacies. Up to July 2015, these preventive measures led to the arrest of more than 60 people in eight different police operations in Italy.

The effect of the investigation and of the preventive measures put in place through the Volcano Operation has impacted on the occurrence of thefts as a whole (Figure 2): the number of packages stolen during transportation has clearly decreased, shown in the AIFA thefts database figures (covering the key marketing authorization holders products) and Italian Ministry of Health Track & Trace System figures (covering all products).

OPEN IN VIEWER

Figure 2.

Number of hospital thefts by semester.

With respect to the 2016 events, it should be noted that they were mainly focused on products that were not aimed at being recycled on the European parallel trade network, as, for example, the Hepatitis C–related ones, that is, medicines with limited access in Italy, were already found in the Italian black market.

Thefts of medicines and HPs’ safety: the PADLOck project

The growing threat from medicine thefts triggered a first joint initiative by Police Unit (Carabinieri) for the Protection of Public Health (NAS) and the Italian Society of Hospital Pharmacists (SIFO) aimed to help HPs to manage their stock preventing thefts and managing thefts when they occur. The main document (i.e. the ‘Decalogo’) published in 2014 contains a list of practical instructions, including preventive and corrective actions.

Afterwards, due to the severity of the security issue of HP, from the perspective of both scientific associations and pharma companies, SIFO, through its Logistic and Innovation Area, and Roche, the pharmaceutical company that developed and marketed Herceptin and other high-cost treatments, started the PADLOck study (Project of Adaptation of HP safety levels against the risk of theft and definition of technical standards). The group also included researchers from the Institute of Management of the Scuola Superiore Sant’Anna of Pisa, who designed the methodology of the study and coordinated the scientific committee of the project team, and of Logplus srl, the company supporting the project in matter of security that was involved in the security assessments to the HPs included into the panel.

PADLOck was the first national study that assessed through accurate on-site visits the security of HPs in Italy. The main objective of the study was the dissemination of a culture of prevention against thefts in HPs and the definition of an operative tool for the assessment of their safety.

During 2014–2015, a sample of 30 HPs with different characteristics were assessed by a team of experts. Each site was evaluated in detail taking into account its gap from an acceptable minimum condition of protection against thefts and tampering, considering both the prevention capacity and the adequacy of the response to events. The score construction was based on the combined assessment of the following five protection criteria:

HPs were classified in five classes according to a risk score based on the criteria illustrated in Table 2.

OPEN IN VIEWER

Table 2.

Risk class matrix.

Class 1: Seriously inadequate	Lack of basic passive and active safety systems. Failure of security criteria. It requires an overall design of safety systems and major adjustment actions.
Class 2: Inadequate	Partial fulfilment of some criteria. Although some safety characteristics are present, the gaps need to be filled to ensure minimum levels of security for medicines.
Class 3: Sufficient	Minimum acceptable level of safety. Meet the first three safety criteria (in order of importance), but it still presents a risk level to manage in order to protect the medicines effectively.
Class 4: Good	First four security criteria are met. Although improvements are possible, it represents a good level of safety for the management and storage of the medicines. It should be recommended to integrate with missing systems (CCTV).
Class 5: Very good	All safety criteria are met.

The overall evaluation was based on the assessment of two main properties of an effective safety system: (a) the ability to prevent and hinder criminal action and (b) the ability to protect from and react to criminal action.

Only 10% of the sample satisfied the video systems, Perimeter Protection and Alarms/interventions security criteria and had on average a sufficient security risk level (Figure 3). Almost a quarter (24%) of the sample was classified as seriously inadequate for what concerns both passive and active protection systems and 66% of the sample was on average inadequate.

OPEN IN VIEWER

Figure 3.

Overall evaluation for each of the 30 sites, with colour coding.

A few examples of significant fallacies identified are worth mentioning: (a) The presence of areas without volumetric protection detector systems in proximity of windows, leading to the possibility of breaking in without triggering an alarm bell; and (b) the control unit of the alarm system is located in the warehouse, and accessible to everyone for tampering with.

Figure 4 shows the overall evaluation of the five protection criteria. For each criterion, the average coverage degree is reported. Three criteria in yellow had on average an inadequate adoption: video systems, alarm transmission devices and volumetric protection detectors. The last two in red were on average seriously inadequate: perimeter protection systems for windows/walls and entrances control.

OPEN IN VIEWER

Figure 4.

Average coverage of risk classes of the five protection criteria.

The results of PADLOck clearly indicated a high vulnerability of HPs due to the lack of protective systems and planning for increasing the security and stressed the need for a more systematic approach to prevention.

It was clear that safety should become one of the main objectives for the managing directors of the hospitals: being victim of thefts of medicines means not only being subjected to losses of goods and material damages to buildings but also not pursuing patients’ care and personnel’s safety, and, ultimately, paying more expensive insurance premiums.

Learning from PADLOck

A set of specific Guidelines ‘Benchmarks for the Safe Hospital Pharmacy’ ⁵ represented one of the main outputs of PADLOck 1.0, useful for assessing and increasing the safety level of HPs. Main beneficiaries were top managers and decision makers of hospitals, and managers and personnel of the HP. In the guidelines, decision makers and top managers could find, in a unique document, both practical guidelines on how to perform a first self-assessment of exposure to risk and practical guidelines on methods, instruments and resources to be implemented to develop an efficient security programme. In the guidelines, HP managers could find a guide on the principal components of a good security management system, and HP personnel could better understand the relevance of technical instruments, procedures and the impact of incorrect behaviours for the achievement of the safety.

The specific guidelines have three sections. The first section contains the description of the organization of the HP, its main functions and the infrastructural changes that may be implemented for gaining higher levels of safety.

The second section contains the specific guidelines for the security assessment of HPs summarized below:

The third section provides additional information regarding already existing initiatives both at European level and at Italian level useful to extend the awareness of the problem of safety.

The evolution of the project: PADLOck 2.0

The project has now been expanded with a second phase—once again thanks to the unrestricted grant of Roche—named PADLOck 2.0. The SIFO project indeed has attracted the attention of other major stakeholders, in the world of healthcare and beyond, which have decided to join and participate in this new phase of the project. PADLOck 2.0 now includes FIASO (Italian Federation of Health and Hospital Companies), AIFA, NAS, ANIA (National Association of Insurance Companies) and AIBA (Italian Association of Insurance and Reinsurance Brokers). The new guidelines from PADLOck 2.0 will be developed and finalized by all the stakeholders, under the scientific coordination of the Institute of Management of the Scuola Superiore Sant’Anna of Pisa (partner of the PADLOck project since its start). To implement the analysis in these new pharmacies, SIFO will appoint a multidisciplinary scientific committee, having the task to draw up a formal document covering the requirements for excellence against thefts in hospitals; those security criteria will be agreed by all PADLOck 2.0 Partners. The idea is that adopting these security standards will allow qualified hospitals (through specific assessments) to obtain the ‘Qualify for Excellence’, recognized by ANIA and AIBA, hopefully enabling the renegotiation of insurance terms thanks to reduced risk of thefts. Also, the PADLOck 2.0 project will provide 10 of the 50 HPs audited during the project with an advanced consultancy/audit to achieve the PADLOck Qualify for Excellence. Finally, the three pharmacies found to have the greatest exposure to risk of thefts will be admitted to a personalized study to improve prevention, including a compliance programme. The PADLOck 2.0 project has been presented and launched during the 37th National SIFO Congress (Milan, 1–4 December 2016) in the session, ‘Innovation in the logistics of medicines and medical devices: traceability, security and sustainability’.

Final considerations

Since 2011, Italy had a major problem with pharmaceutical thefts. The joint intelligence/investigation exercise coordinated by AIFA and NAS, supported by Ministry of Health medicines traceability system and by private stakeholders’ associations such as Farmindustria and Assoram (the association grouping the logistic providers), was crucial to eradicate the phenomenon since April 2014.

The key points in managing the joint investigation were the intelligence approach (AIFA gathered data about thefts, set up scenarios and fostered verifications for identifying the channels where stolen medicines were recycled), real time sharing of data between stakeholders (through web platforms such as Fakeshare), coordination of efforts in all EU MS (infiltration of stolen/falsified medicines, having Germany as core target) and transparency of the results (AIFA published rapid alerts and reports on the case, allowing all interested Italian Prosecutors to use the data for their own single investigation).

The Italian model for channelling signals and fostering cooperation between administration and private stakeholders is now considered as a reference even at the European level: formal ‘theft alerts’ have already implemented at European Medicines Agency level, and the new signalling systems under development use the ‘Volcano operation’ tools.

Within this scenario of an even more effective tackling of medicine thefts, the results from PADLOck will help to address the issue of HP safety and lead to the implementation of preventive and corrective measures.