EPCIS 1.2 to EPCIS 2.0 Migration Guide for Pharma Traceability Programs
EPCIS 2.0 is not simply an upgrade. It is a meaningful re-architecture of how traceability data is structured, transmitted, and consumed across the pharmaceutical supply chain. For organizations that built their DSCSA programs on EPCIS 1.2, with XML-based messages, AS2 transmission, and batch-file-oriented workflows, the move to EPCIS 2.0 changes event formatting, transmission patterns, vocabulary usage, and often the surrounding integration architecture itself.
That does not mean the transition needs to become a compliance disruption. The right sequence makes a major difference. This guide focuses on the practical migration path: what changes, what stays the same, and how pharma teams can move from EPCIS 1.2 to EPCIS 2.0 without destabilizing active DSCSA obligations. For the broader operational implications of EPCIS 2.0, see SCW’s companion post on what EPCIS 2.0 changes operationally in pharma.
What changes in EPCIS 2.0
Data format moves beyond XML
EPCIS 1.2 used XML as its primary serialization format. EPCIS 2.0 supports XML as well, but adds JSON and JSON-LD as first-class formats. GS1 also provides OpenAPI-based REST interface guidance, which shifts the practical implementation model toward more modern API patterns. For pharma teams, this is one of the most significant changes because it often requires reworking event generation, transformation logic, partner mappings, and receiving-system configurations. GS1 EPCIS standard and GS1 EPCIS 2.0 artefacts
Transmission architecture becomes more API-friendly
Many EPCIS 1.2 implementations in pharma still rely on AS2 or SFTP for batch file transfer. EPCIS 2.0 aligns far more naturally with REST-based exchange patterns. That changes how systems publish, ingest, and query events, especially for organizations whose L4 and L5 serialization stacks were designed around scheduled file movement rather than event-driven API exchange.
AssociationEvent expands the event model
EPCIS 2.0 introduces AssociationEvent, which formalizes relationships between physical objects and identifiers in ways that extend beyond classic aggregation. This supports richer packaging hierarchy documentation and can be useful for more complex IoT, condition-monitoring, and packaging-linkage use cases.
Sensor data becomes native
EPCIS 2.0 supports sensor data more directly within the event structure. For cold-chain and condition-sensitive pharma products, this opens a path to combining traceability and environmental condition data within a more integrated event model.
| Dimension | EPCIS 1.2 | EPCIS 2.0 |
|---|---|---|
| Data format | XML | XML, JSON, JSON-LD |
| Integration pattern | Primarily file-based | REST API and modern exchange patterns |
| Event types | ObjectEvent, AggregationEvent, TransactionEvent, TransformationEvent | All prior core events plus AssociationEvent |
| Sensor data | Limited and indirect | Native support through sensor elements |
| Vocabulary basis | CBV 1.2 | CBV 2.0 |
| Industry alignment | Often tied to earlier implementation guidance | Aligned to current GS1 2.0 standards and current DSCSA interoperability planning |
What stays the same
Despite the technical changes, the conceptual foundation of EPCIS does not reset. The core event logic remains the same: what happened, to what, where, when, and why. The GS1 identifier model remains intact as well, including GTIN, SGTIN, SSCC, and GLN. Business vocabulary concepts like shipping, receiving, commissioning, and decommissioning continue forward, even though CBV 2.0 expands and modernizes the vocabulary layer rather than replacing it outright.
This is why strong EPCIS 1.2 programs still carry forward valuable knowledge. The migration is not a compliance strategy reset. It is an implementation and integration migration. Organizations with a mature EPCIS 1.2 foundation are migrating their technical architecture more than they are relearning traceability itself. The GS1 US R1.3 implementation guideline reinforces that continuity while also pointing to the practical realities of industry transition.
The migration sequence: a phased approach
Phase 1: Inventory and dependency mapping
Before technical changes begin, map the full EPCIS 1.2 deployment. That includes every system generating events, every trading partner receiving them, every protocol in use, and every ERP, WMS, MES, or repository dependency feeding event generation. This inventory becomes the real migration scope document.
- Document all EPCIS event types currently generated and where they originate
- List all trading partners and their version support status
- Map every transmission protocol, whether AS2, SFTP, or direct API
- Identify upstream integrations that influence event content
Phase 2: Partner readiness assessment
Migration cannot happen unilaterally. If the sender moves to EPCIS 2.0 but the receiving partner does not support it, interoperability does not improve. It breaks. A partner readiness assessment should identify which trading partners already support EPCIS 2.0, which are on a migration roadmap, and which still require EPCIS 1.2 support in parallel. In practical DSCSA environments, dual-version support is often the reality during the transition period.
Phase 3: Technical implementation
This phase includes three major workstreams: updating event generation to support JSON or JSON-LD where needed, implementing or configuring REST-based exchange capabilities where the architecture supports it, and preparing receiving systems to consume the updated event structure reliably. For some organizations, this is also the point where AssociationEvent and sensor-data use cases begin to enter the roadmap.
- Update target event-generation templates for the selected 2.0 format
- Deploy REST-friendly capture endpoints where applicable
- Maintain AS2 or SFTP fallback for partners not yet ready for newer exchange patterns
- Update vocabulary handling to align with CBV 2.0 expectations
Phase 4: Partner testing and parallel operation
Before any live cutover, run parallel operation. Exchange EPCIS 1.2 and 2.0 events for a defined period, validate that the partner receives and processes the 2.0 events correctly, and resolve discrepancies before they impact production. This is one of the strongest controls against avoidable disruption.
Phase 5: Cutover and decommission
Cut over partner by partner, not all at once. Maintain EPCIS 1.2 capability for partners that are still migrating. Decommission legacy configurations only after the receiving partner has completed a stabilization period under 2.0 exchange without recurring failures.
Common migration mistakes to avoid
- Migrating all partners simultaneously: this multiplies risk and makes root-cause isolation harder
- Assuming JSON is just XML with different syntax: JSON-LD requires real template and mapping redesign
- Skipping inventory and dependency mapping: unknown integrations surface late and create schedule risk
- Ignoring CBV 2.0 changes: business-step and disposition handling can break downstream processing if not tested
- Treating migration as a one-time project: EPCIS 2.0 capabilities create ongoing operational and architectural opportunities after cutover
Another frequent mistake is separating the migration conversation from broader data quality and exception management work. In reality, these topics are tightly connected. The same teams planning the migration also need to understand the common data-quality failures that will undermine the new environment. That is why this guide pairs naturally with SCW’s post on EPCIS data errors that break interoperability and the operational controls discussed in the DSCSA exception handling playbook.
How to sequence the transition without disrupting DSCSA compliance
The safest migration posture is a phased one that preserves continuity while expanding capability. Keep current partner exchange stable. Build inventory first. Align on partner timelines early. Test in parallel. Then cut over selectively. That sequence allows organizations to move forward without turning migration into a compliance event of its own.
Industry commentary from solution providers such as Covectra also reflects this broader trend. The move to EPCIS 2.0 is tied not only to standards modernization, but to cleaner partner exchange, faster onboarding, and better support for modern serialization operations. Covectra EPCIS and DSCSA overview
Final thought
EPCIS migration guide DSCSA discussions often focus too narrowly on format conversion. In reality, the challenge is broader. It includes integration architecture, partner readiness, event governance, testing discipline, and operational sequencing. The good news is that it is manageable when approached in phases. Organizations that begin with a full dependency map, engage trading partners early, and run controlled parallel exchange will be better positioned to adopt EPCIS 2.0 without compromising live DSCSA operations.
Ready to build your EPCIS 2.0 migration roadmap?
SCW helps pharma traceability teams assess current EPCIS 1.2 implementations, identify migration dependencies, and move partner by partner toward EPCIS 2.0 with less risk and stronger operational control.
Contact Us Explore Track & Trace