GUDID data deficiency communication - IS THIS A SCAM?

#1
Hello all -

Recently received an very plain looking email (no branding) from GS1 (maybe?) regarding GUDID device records. In essence, it said they reviewed data submitted to GUDID and identified several device identifier (DI) records that were incorrect. The issue they gave was a mismatch between GS1 Global Company Prefix (GCP) company name and GUDID company name. They gave an email to respond to: [email protected].

Is this legit? Has anybody else received a "data deficiency communication" from GS1 or otherwise had their data submissions to GUDID reviewed? Trying to determine if this is some sort of scam.
 
Elsmar Forum Sponsor

Beth1212

Inactive Registered Visitor
#3
Hello all -

Recently received an very plain looking email (no branding) from GS1 (maybe?) regarding GUDID device records. In essence, it said they reviewed data submitted to GUDID and identified several device identifier (DI) records that were incorrect. The issue they gave was a mismatch between GS1 Global Company Prefix (GCP) company name and GUDID company name. They gave an email to respond to: [email protected].

Is this legit? Has anybody else received a "data deficiency communication" from GS1 or otherwise had their data submissions to GUDID reviewed? Trying to determine if this is some sort of scam.

Mark,
I can assure you that this is legitimate. GS1 is an accredited Issuing Agency of the US FDA UDI System and reviews GUDID for records submitted using GS1 as the Issuing Agency to create UDIs. If we find records that are not correct with regards to the GTIN assigned we notify those companies as required of us by the US FDA. Please feel free to respond to the email address in the notice for assistance.
 

Ronen E

Problem Solver
Staff member
Moderator
#4
Mark,
I can assure you that this is legitimate. GS1 is an accredited Issuing Agency of the US FDA UDI System and reviews GUDID for records submitted using GS1 as the Issuing Agency to create UDIs. If we find records that are not correct with regards to the GTIN assigned we notify those companies as required of us by the US FDA. Please feel free to respond to the email address in the notice for assistance.
"We"? "Us"? Are you from GS1? How can anyone tell?...
No offence, but this feels like a scam follow-up more than reassurance. I wouldn't click on anything or respond directly to a suspicious email. Instead, I'd contact the relevant body independently (call them or send a message through the official website which I'd find through a search engine).
 

Watchcat

Trusted Information Resource
#5
Beth1212, that doesn't mean the email itself was legit. Spoof emails typically mimic the legitimate activity of the sender they are spoofing.
 

Marc

Fully vaccinated are you?
Staff member
Admin
#6
It appears that gs1us. org is a commercial company owned by GS1 US, Inc.
This is from their website:
*For information about the rule, see the U.S. FDA Unique Device Identification System

Disclaimer: GS1 US is the local GS1 Member Organization that supports implementation of the GS1 System in the United States. GS1 US employees are not representatives or agents of the U.S. FDA, and the content herein has not been reviewed, approved, or authorized by the U.S. FDA.

GS1 is a U.S. FDA-Accredited Issuing Agency for UDI, and GS1 Standards are authorized for use in implementing the requirements of the U.S. FDA UDI Rule.

In this publication, the letters “U.P.C.” are used solely as an abbreviation for the “Universal Product Code”, which is a product identification system. They do not refer to the UPC, which is a federally registered certification mark of the International Association of Plumbing and Mechanical Officials (IAPMO) to certify compliance with a Uniform Plumbing Code as authorized by IAPMO.

As a neutral and not-for-profit membership-based organization, we are guided and governed by our users. In this unique role, GS1 US actively brings together the business community under our leadership to identify issues impacting their business or industry and build consensus around best practices using standards-based solutions.
We also work with individual organizations to help implement company-level solutions that use global standards to make supply chain business processes better.
Emails from US government agencies typically have a .gov email address. For example:
Code:
https://www.federalregister.gov/
I would say it's likely you are on a "spam" type of email list.
 
Last edited:
#8
look at "view source" to see the email headers and info, spoofed addresses may be seen there, as well is the "originating IP address". They are getting very sophisticated, but I agree, go directly to the supposed source, not through any info in the email, unless you wish to invite a ransomware attack.
 

Beth1212

Inactive Registered Visitor
#9
"We"? "Us"? Are you from GS1? How can anyone tell?...
No offence, but this feels like a scam follow-up more than reassurance. I wouldn't click on anything or respond directly to a suspicious email. Instead, I'd contact the relevant body independently (call them or send a message through the official website which I'd find through a search engine).
I am from GS1 US and you are welcome to visit our website (Google "GS1US" since this blog site will not allow me to post a live link) or the US FDA UDI website (Google "FDA UDI" since this blog site will not allow me to post a live link). GS1 (and its global affiliates like GS1 US) is a not-for profit standards organization that is one of 3 accredited issuing agencies of the US FDA UDI Rule.
I am sorry the communication came across in a questionable format. It was properly formatted and sent from our Customer Relationship Management system for tracking purposes. I will report back to our IT Team that the formatting may be getting lost in some instances.
In the meantime markg123 you are welcome to reach out to me directly at [email protected] if you are more comfortable doing that. The objective of the communication was to notify your organization that there are incorrectly formatted GS1 Global Trade Item Numbers (GTINs) in GUDID. These entries are in need of correction to avoid a warning letter from the US FDA.
 

Watchcat

Trusted Information Resource
#10
Beth1212, I realize you are "just tryin' to help," but you aren't.

I suggest you tell IT that the problem is that GS1 US seems to be lacking in expertise it comes to matters of cybersecurity, not that its formatting may be getting lost. This isn't a marketing email. (Or is it?)

Apparently cybersecurity is yet another area in which CDRH might not be walking its talk lately. And with UDI, of all things.
 
Thread starter Similar threads Forum Replies Date
I GUDID listing - Inputting data into the GUDID database Other US Medical Device Regulations 3
C GUDID Device record history Medical Device and FDA Regulations and Standards News 2
A GUDID - Packaging Levels 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 8
D How to list multi-product sample pack in GUDID 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
Q Must product name be listed the same name in FURLS, UDI, GUDID and Company Website? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
S Which department manages Establishment Registration, Device Listing and GUDID? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
M FDA News USFDA Proposes to End Temporary Extension of GUDID’s Grace Period Medical Device and FDA Regulations and Standards News 3
M Medical Device News FDA News - 27-08-18 - 2018 Learning program and GUDID updates Other US Medical Device Regulations 0
shimonv Commercialisation challenge related to FURLS & GUDID Other US Medical Device Regulations 0
M GUDID - Change in Quantity Other US Medical Device Regulations 0
Pmarszal Label Printing: Medical Device related UDI Requirements - GUDID Aspects Other US Medical Device Regulations 0
K GUDID / UDI and Company Relocation Other US Medical Device Regulations 3
Pmarszal GUDID Packaging - Two part package Other US Medical Device Regulations 5
J GUDID Labeling and Levels of Packaging 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 3
I Request an FDA GUDID Account - Problems Other US Medical Device Regulations 3
M GUDID/UDI Packaging and Labeling Questions Other US Medical Device Regulations 6
bio_subbu USFDA issues final guidance on Global Unique Device Identification Database (GUDID) Other US Medical Device Regulations 1
N Barcode Registration Requirements for Japan and GUDID Japan Medical Device Regulations 2
Fjalar ISO 20417:2021: Technical Data (6.6.4 c) Other Medical Device Related Standards 0
Z PMS Data collection for SAMD SaaS from clients EU Medical Device Regulations 3
S How too Bulk data upload on EUDAMED EU Medical Device Regulations 5
M Validation of Data verification tool per 21 CFR 820 Quality Assurance and Compliance Software Tools and Solutions 1
J Stage 2 audit initial cert, few data points ISO 13485:2016 - Medical Device Quality Management Systems 4
placebo_master Risks of executing a verification protocol against existing data ISO 13485:2016 - Medical Device Quality Management Systems 4
Z Why Control Limits are not the same depending on type of exclusion of data points Using Minitab Software 7
D Question: How to analyze numerical and attribute data Reliability Analysis - Predictions, Testing and Standards 11
N Simple statistics questions on labor data Statistical Analysis Tools, Techniques and SPC 2
T Data verbiage Inspection, Prints (Drawings), Testing, Sampling and Related Topics 6
S QR/2D Codes & Data Strings Misc. Quality Assurance and Business Systems Related Topics 1
A Need to calculate tolerance Intervals with a set of non-normal data and 3-Parameter Weibull distribution Using Minitab Software 0
B GR&R Destructive Data Analysis Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 13
E Raw data retention for Diagnosis Results EU Medical Device Regulations 4
Y Exporting data to the cloud is a "Significant Change"? EU Medical Device Regulations 5
Z Data sheet from McMasterCarr enough for RoHS/REACH documentation? REACH and RoHS Conversations 4
S Eudamed data fields EU Medical Device Regulations 5
J Need Help with FPY Data in Assembly Process Manufacturing and Related Processes 7
Q AMS 2750 E or F Continuous Furnace TUS Data Collection AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 5
M Reduce occurrence rating based on the PMS data and customer complaint data ISO 14971 - Medical Device Risk Management 2
J Customer Complaint & SCAR, false data Nonconformance and Corrective Action 14
Brizilla Employee Data Privacy Policy - ISO 9001:2015 requirement(s)? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
D Safety data sheets software REACH and RoHS Conversations 3
M Data Protection and Privacy Policy - looking for a template/example EU Medical Device Regulations 1
S Non parametric test for semi-quantitative data. Statistical Analysis Tools, Techniques and SPC 5
M Disabling measurement data during fault conditions IEC 60601 - Medical Electrical Equipment Safety Standards Series 5
C EU MDR - Annex II 6.1 Pre-clinical and clinical data EU Medical Device Regulations 4
P Ppk results shown as asterisk after the transformation of Non-normal data Using Minitab Software 4
lanley liao How to correctly understand the bullet list d) of 6.3 Analysis of Data for API Spec Q1 Oil and Gas Industry Standards and Regulations 7
Steve Prevette Informational I am presenting a webinar Thursday - "Data Driven Decision Making" - 19 November 2020 Statistical Analysis Tools, Techniques and SPC 5
qualprod Best practice to ensure inputting of data in production Lean in Manufacturing and Service Industries 19
D Preservation of Electronic Data / Information Technology ISO 13485:2016 - Medical Device Quality Management Systems 5

Similar threads

Top Bottom