Open Credentialing Initiative

View Original

Drummond Group Announces Completion of Legisym OCI Credential Issuer Conformance Criteria Audit

Reposted from EINPresswire.

Legisym First to Complete Compliance Audit to OCI Credential Issuer Conformance Criteria to Validate Pharmaceutical Authorized Trading Partners (ATP)

DURHAM , NC, UNITED STATES , March 5, 2024 - Drummond Group, LLC, a trusted provider of compliance, standards, and cybersecurity testing, certification, and validation services, today announced that Legisym has completed the Open Credentialing Initiative (OCI) Credential Issuer Conformance Criteria. Legisym is the first credential service provider to successfully complete the OCI Credential Issuer conformance criteria audit.

OCI is a collaborative industry effort enabling pharmaceutical supply chain actors to establish digital proof of identity, licensure status, and information authorship using digital wallets and verifiable credentials.

Legisym demonstrated all required criteria during the audit and thus demonstrated a documented process to both validate a pharmaceutical organization’s existence and identity as well as the identity and authority of the organization’s representative to act on behalf of that Organization and to verify an organization’s Authorized Trading Partner (ATP) status as defined by DSCSA. OCI Credential Issuers are required to follow Section 2 of NIST Special Publication 800-63A for remote identity proofing to NIST Identity Assurance Level 2 (IAL2). Beyond the required due diligence to issue verifiable credentials, Legisym, as an OCI Credential Issuer, is required to and demonstrated full compliance to all required OCI Credential Issuer credential monitoring criteria. During a credential’s validity period, Legisym performs continuous monitoring to identify possible triggers for revocation or recertification.

“I am pleased to announce that Legisym has successfully passed all required OCI Credential Issuer Conformance Criteria, including some optional conformance criteria, and has now achieved Drummond CertifiedTM status,” said Aaron Gomez, Supply Chain Security Business Unit Leader.

David Kessler, Co-Owner, and President of Legisym said, “Patrick Paschall, Supply Chain Security Auditor, and the team at Drummond Group always perform at the highest level of professionalism and thoroughness. This makes us better and ensures our solution offerings exceed expectations”.

Brittany Payson, Director of Product Management & Marketing for Legisym added, “Thank you for all your efforts to thoroughly examine our Credential Solutions™ against OCI’s Conformance Criteria.”

OCI’s requirement for service providers who are directly involved with issuance and maintenance of credentials to be audited, follows the public-private Partnership for DSCSA Governance (PDG)’s directive. The PDG Foundational Blueprint for 2023 Interoperability (https://dscsagovernance.org/blueprint/) incorporates advice from FDA, pharmaceutical businesses, and other pharmaceutical supply chain stakeholders. It is foreseen that the OCI Digital Wallet and Credential Issuer Conformance Criteria will be the standard way of validating organizations as ATPs for use by VRS systems to meet DSCSA compliance.

The audit was conducted by Drummond expert auditors, who developed an audit plan based on OCI Credential Issuer Conformance Criteria. Drummond is the sole auditor and has developed a testing plan that successfully executes OCI audits.

About Drummond Group, LLC
For over 25 years, Drummond Group, LLC (www.drummondgroup.com) has helped organizations in highly regulated industry sectors (health, finance, pharmacy, and retail sectors) by providing compliance, standards, and cybersecurity consulting, testing, certification, and validation services. Drummond promotes and supports the adoption of interoperability and security mandates, standards, and best practices that drive the secure industry digital transformation, including B2B EDI (AS2, AS4), ONC Health IT, HIPPA, PCI, FTC, FHIR, DEA EPCS, DEA CSOS, GS1 GDSN, GS1 EPCIS 1.2, NIST AI RMF 1.0, NIST 8374, NIST 800-53, and more.

About Legisym
Credential Solutions™.  Now, after more than a decade of successfully providing the pharmaceutical industry with affordable and effective regulatory compliance technologies, Legisym’s Product Development Team took on another challenge brought to them by the industry. In early 2020, driven by the 2023 Authorized Trading Partner (ATP) requirements under the Drug Supply Chain Security Act (DSCSA), Legisym began leveraging their experience and existing achievements in Express222™ CSOS (the 100% web-based solution that enables suppliers and buyers to securely process electronic controlled substance orders with real-time DEA compliance) and License Verify™ technologies (a comprehensive service for verifying federal, state, and local licensing across the nation), to engage as a credential issuer through a new offering, Credential Solutions™ (https://legisym.com/credentialsolutions/). By performing thorough credential issuer due diligence and monitoring services in alignment with both the Open Credentialing Initiative’s (OCI) Conformance Criteria and the Partnership for DSCSA Governance’s (PDG) Foundational Blueprint for 2023 Interoperability, Legisym promotes confidence in trading partner digital identities and ATP status through interoperable, verifiable credentials.