Tag Archives: compliance

FSMA to Expand Lab Responsibilities, Partnerships Essential

By Maria Fontanazza
No Comments

Partnerships between research and regulatory labs should strive to bridge information gaps with the goal of harmonizing standards, integrating lab networks, and expanding surveillance programs.

FSMA will add more responsibility to a laboratory’s plate, stressing the need to maximize research and develop an integrated approach to prioritizing risks. Under its general requirements, research and regulatory labs will be expected to examine performance standards, cooperate with federal partners within HHS and the Department of Homeland Security, and build a domestic capacity that encompasses federal, state and international partners.

Partnerships between research and regulatory labs should strive to bridge information gaps with the goal of harmonizing standards, integrating lab networks, and expanding surveillance programs. During the Food Labs Conference in March, Palmer A. Orlandi, PhD, CAPT, U.S. Public Health Service Sr. Science Advisor in the Office of Foods and Veterinary Medicine at FDA, discussed how partnerships in the era of FSMA are crucial to facilitate innovation. “We’re not necessarily looking for someone to take our responsibilities, but we’re looking for someone to walk with us to do this,” said Orlandi.

For research and regulatory analytical capabilities to move forward, several needs and goals must be addressed:

Needs

•    Burden sharing
•    Expansion of the scope of testing programs (and the methods to support them)
•    Development of sampling strategies
•    Risk-informed prioritization strategy

Goals

•    Capacity building
•    Methods that are rapid, sensitive, specific, easy to use, robust and portable
•    Ability to test at the source
•    Database of information that shows susceptibility for contamination and root cause, while also providing solutions for prevention
•    Targeted and statistically significant surveillance, with the ability for sharing

Examples of capacity-building partnerships include the Food Emergency Response Network (FERN), which is run by FDA and USDA. FERN is comprised of more than 170 state and federal labs, and has gone beyond its roots in emergency capacity, expanding into a food safety network that also participates in large-scale surveillance. The Integrated Food Safety System incorporates a Lab Task Group with seven subcommittees to develop standards in areas that include accreditation, methods, regulatory requirements, reporting, and sampling. International partnerships are currently being forged in Mexico and Canada.

View excerpt from Palmer Orlandi’s presentation about Partnerships & Innovation at the Food Labs Conference

 

What’s Next: Innovation, Technology and the Possibilities

Portable technology: A user-friendly, handheld rapid-screening instrument that requires minimal sample prep and is cost effective. Think Tricorder. Will it be possible to wave an instrument over a head of lettuce and detect bacterial contamination? What about detecting a spectrum of approved or unapproved pesticides or active pharmaceutical ingredients?

“This is where we would like to go,” said Orlandi. “Is it pie in the sky? Absolutely.  But if you don’t ask the big questions, if you only take the incremental steps, you’re only going to get so far.”

Orlandi pointed to X-ray fluorescence, which takes less than two minutes to perform sample analysis and ion mobility spectrometry, which can detect a small range of selected compounds in just 30 seconds, as technologies that have future potential.

FDA has a goal of bringing such innovative technologies to bear through its Broad Agency Announcements, a program that provides funding from $200,000 to $50 million to harness new technologies.

Orlandi also cited the Whole Genome Sequencing (WSGS) Collaborative as the next big technology. The GenomeTrakr is a federal and state network of 24 labs that collect and share genomic data from foodborne pathogens. This enormous data flow provides the ability to sequence and transmit and store data, involving domestic and international partners. One application example includes identifying antimicrobial resistance markers.

As FSMA increases industry requirements, “partnerships are going to spawn our capabilities to harmonize standards that will involve, then leads to mutual reliance,” said Orlandi. “We rely our partners’ data and their processes. This will lead to greater capabilities for surveillance and data sharing. All of these combined will lead to a greater food safety network.”

Related Content: Five Questions with Palmer Orlandi

Paul Dewsbury, B.Sc.

Honey Laundering: Food Fraud That’s Not So Sweet

By Paul Dewsbury
No Comments
Paul Dewsbury, B.Sc.

ThermoFisherpodcastAs a result of my research, I found two fantastic resources describing the background of food fraud, the first is an excellent 3-minute podcast on our website, titled, Food Fraud by Dr. Jennifer McEntire, who at the time was VP and Chief Science Officer at The Acheson Group and is now the newly appointed VP of Science Operations at the GMA. Dr. McEntire succinctly gets to the crux of the reasons pertaining to food fraud and it is well worth a listen.

The second is a 3-minute slide deck narrated by renowned food safety expert Professor Chris Elliot, Director of the Institute of Global Food Safety at Queens University Belfast. Professor Elliot highlights the impact of various food frauds including melamine adulteration in milk, spices, meat and he specifically expands on the topic of honey laundering.

There are too many honey adulteration frauds to list here and while some have resulted in huge fines and criminal charges, there is one that will not go away is the mislabeling of Manuka honey. This premium product (and premium price) is a rare honey from New Zealand produced by bees that pollinate the manuka bush and has numerous claimed medicinal properties that can be extremely profitable for the fraudsters through substitution with a basic product. As food fraud is an international issue, various organizations likeInterpol and Europol have food fraud units and here in the UK the government has committed to, and is setting up a dedicated Food Crime Unit.

Moving into the science, one of the best literature resources I would like to share is the Food Fraud Resources website which has some highly cited articles including reviews, thought leadership and analytical methods that are available for download. There are various techniques for honey analysis in the journals and I want to briefly focus on one of the most powerful for authentication, the use of isotope analysis. In our Application Note 30177, Detection of Honey Adulteration with FlashEA Elemental Analyzer and DELTA V Isotope Ratio Mass Spectrometer, we describe a fully automated system for the detection of honey adulteration with C4-syrups according to the AOAC 998.12 guidelines and is routinely used in many laboratories.

Is honey analysis or food fraud of interest to your laboratory? If so, share your thoughts and experiences in the comments below. 

Check out Thermo Fisher’s Food Community page for more resources, on-demand webinars, videos, and application notes.

 

Getting a Handle on Cleanliness

No Comments

Hand hygiene is a crucial aspect of food production and processing. How can food companies reduce the risks associated with human error in hand hygiene?

Ensuring that employees maintain a proactive and responsible attitude to hand cleanliness is worth a great deal to companies in food processing and production. This can be in regards to financial aspects- a contamination of food materials could cripple a company financially, as well as the damage to reputation that may result from poor cleanliness. In addition poor hand hygiene is a significant factor in individual illness; with employee illness hampering productivity. The costs associated with employee illness and the absences associated with such are also surprisingly high. While the vast majority of food production companies have in place a proactive approach to hand hygiene, ensuring employees themselves actually abide by hand hygiene practices can be more difficult.

CDCKeepCalm_WashyouhandsYou’d be forgiven for thinking that workers handling food would be proactive in terms of ensuring hand hygiene, deeming hand washing initiatives and education campaigns unnecessary. Yet research from the Environmental Health Specialists Network (ESH-Net), the collaborative forum of environmental health specialists associated with the Centers for Disease Control and Prevention (CDC), questions whether sufficient hand hygiene compliance is as widespread as one may have thought. ESH-Net found in one study that 12 percent of food workers had been into work despite suffering from a sickness bug and/or diarrhea1. Illnesses such as these can spread through a working environment very quickly and one sick employee can spiral into many more ill workers in a short period of time.

Other studies focusing on the economic cost of workplace absence due to sickness in the United Kingdom demonstrate the financial issues associated with avoidable illnesses. A report carried out by the Chartered Institute of Personnel and Development in conjunction with Simplyhealth found that the average cost of employee absence is £673 per employee, per year, with two-thirds of cases involving short-term (fewer than 7 day) absences2. The British Health and Safety Executive (HSE) put the annual cost of employee illness at more than £12billion3.

The potential for the spread of infection from an ill employee coming into work is high. It is also exacerbated by the fact that a large minority of workers do not practice adequate hand hygiene. The ESH-Net found that the average worker in facilities where food is handled will carry out an activity which would require hand washing before and after nine times an hour. The same ESH-Net report discovered that only 27 percent of workers fulfilled their hand hygiene obligations in carrying out these activities. It is also true that in many cases the quality of hand washing is insufficient and not enough to properly kill germs4. The guidelines for proper hand washing recommend the use of hot water and soap and for the whole process to take at least 20 to 25 seconds. One recommendation is that a sufficient hand washing session should take the same amount of time as singing the Happy Birthday song twice. Despite this it is clear that many people do not wash their hands for anywhere near as long as these guidelines. A report from Michigan State University found the average time spent washing hands was barely 6 seconds5.

Another piece of research suggested that 95 percent of people do not wash their hands to an adequate standard6. In addition to insufficient time spent washing hands, the efficacy of hand washing techniques employed by many people can be questionable. The Michigan State University report detailed how more than a third of people did not use soap when washing their hands, with 1 in 10 not washing their hands at all.

Although these data outline public hand hygiene practices, not specifically the practices of food workers, the findings still paint a worrying picture of ignorance of the dangers of the spread of germs or a lack of concern afforded to hand hygiene. This is especially clear when we consider how data indicating that in the food industry 89 percent of instances where workers were the source of food contamination, such contamination originated from the spread of germs directly from the hands of workers to the food itself.7  

Feb2015_FoodHandleMany food facilities do attempt to tackle the issue of hand hygiene amongst its workforce, with measures including hand washing ‘stations’ situated before entrances to production areas. Other measures include minimising direct hand contact with raw food by using utensils and wearing disposable gloves. However the latter measure, disposable gloves, can cause more problems than it solves with people forgetting that some germs can be spread on the gloves just the same as on bare hands. The frequency to which hands should be cleaned, and the number of different situations that warrant hand washing can also be underestimated. Workers should clean their hands whenever it is required, not merely at regular intervals.

The installation of full-compliance, non-optional hand hygiene measures has been a success for many food companies. The most significant benefit of products which provide this service is clear- they cannot be missed or bypassed, therefore helping to ensure far greater levels of hand hygiene.

Some criticize hand sanitizers, arguing that it discourages thorough hand washing. It may be argued that points such as these misunderstand the role hand sanitizers play in hand hygiene. A proactive and effective approach to hand hygiene should combine comprehensive hand washing with sanitizing. This is why hand sanitizing products in places such as corridors can be useful as they act as a clean barrier in places where hand washing is not feasible. Hand sanitizers are most effective as an addition to hand washing, and should never be regarded as a stand-alone alternative. Using sanitizers alone is insufficient but in conjunction with thorough hand washing, it makes for is an effective hand hygiene regimen. Full-compliance products are already available. Their specific function varies from specialist hygienic door handles which dispense gel upon grip, to badges and other technology that reminds workers to wash their hands and notes when they do not, as well as simple products such as specialist self-cleaning sticker material.

Any company that includes aspects of work where food is handled face a difficult task in ensuring proper hand hygiene. Human error on the part of the worker, such as forgetting to wash hands before entering sensitive areas, or failing to wash hands to an adequate standard can result in serious consequences. This is why full-compliance products are becoming far more popular. To continue to make progress in fighting contamination in the food industry there must be a culture change amongst hygiene managers in addition to food workers as a whole towards ensuring, rather than merely encouraging hand hygiene. When hand hygiene is made compulsory the risks of human error become far less significant.

References:

  1. http://www.cdc.gov/nceh/ehs/ehsnet/plain_language/food-workers-working-when-sick.pdf
  2. CIPD Absence Management Report 2011, http://www.cipd.co.uk/hr-resources/survey-reports/absence-management-2011.aspx
  3. hse.gov.uk June 2011
  4. http://www.cdc.gov/nceh/ehs/ehsnet/plain_language/food-worker-handwashing-food-preparation.pdf
  5. http://msutoday.msu.edu/_/pdf/assets/2013/hand-washing-study-1.pdf http://www.wgtacc.com/wash-hands-after-bathroom.html
  6. http://www.cdc.gov/nceh/ehs/ehsnet/plain_language/food-worker-handwashing-food-preparation.pdf
Sangita Viswanathan, Former Editor-in-Chief, FoodSafetyTech

Top 5 FSMA Challenges

By Sangita Viswanathan
No Comments
Sangita Viswanathan, Former Editor-in-Chief, FoodSafetyTech

The year 2015 is almost two months in, and the U.S. Food and Drug Administration has got its head down looking at the comments to the re-proposed rules under the Food Safety Modernization Act (FSMA), with the first of several deadlines – August 31, 2014 – looming ahead.

Against this backdrop, food safety experts Dr. David Acheson, and Melanie Neumann, at The Acheson Group, discussed the Top 5 Challenges for becoming FSMA Compliant with SafetyChain Software’s Barbara Levin.

The top 5 challenges were identified as:

  1. Determining exactly which rules apply to you and what compliance will involve;
  2. Building a food safety plan – migrating from HACCP to HARPC;
  3. If you are a registered firm – building a supply chain management program;
  4. Determining what testing you will need to do; and
  5. Determining recordkeeping requirements for FDA.

Why have the above been identified as the top 5?

FSMA has thrown out a number of different rules, and for food companies, figuring out where you should fit can be difficult. For instance, should you be looking at Preventive Controls, or Foreign Supplier Verification Program? The language in the Produce Rule is complicated, so if you are a mixed type facility, it can be challenging. While most companies are familiar with Hazard Analysis at Critical Control Points or HACCP, the concept of migrating into Hazard Analysis and Risk-based Preventive Controls or HARPC is not that easy.

Getting a handle around your supply chain and its various components is just difficult, and just understanding what this requirement will involve will be a huge challenge.

While testing of agricultural water was addressed in the initial Produce Rule, the re-proposed Preventive Controls rule included environmental monitoring and finished product testing as requirements for compliance. It will be a challenge for companies to determine what kind of testing they will need to do.

Keeping track of the variety and volume of records that FDA will need to for FSMA will be a huge challenge.

While we could have picked up many more than five, these were the top five that we think will be the most challenging.

To determine what rules will apply to you and what will compliance involve, what are the top things you should be doing now?

Firstly, if you are not starting already to see what applies to you, then you are already behind. Do a FSMA readiness assessment and look at all the rules to determine which ones apply to you. For instance, if you are a company that makes cereal and cookies, then you probably don’t need to worry about the produce rule.

Once you determine the rules that are applicable to you, then the heavy lifting begins. You need to do a gap analysis to see where you are now and where you need to get to. Drawing out this road map to compliance then becomes critical, and that’s what companies need to do be doing now.

Building a food safety plan and migrating from HACCP to HARPC, what are the top things that you should be doing?

The goal of the preventive controls rule is to encourage food companies to start thinking much more about prevention. While HACCP principles are a great start, in some areas, it could be limited in scope, and focused only on critical control points that we can measure. But HARPC expands our thinking to risks that we can control that are beyond classic HACCP thinking, and don’t fit nicely into the seven steps of HACCP. For instance, hand washing – we may not be able to measure this, but this would still be a critical step to control risk. So it will be a challenge for food companies to take their HACCP program and elevate it to HARPC thinking.

If you are a registered firm, building a supply chain management program has been identified as the third challenge. How do you know if you have to register? What can you do now to build a supply chain management program? And would you consider this the biggest challenge for FSMA compliance?

The requirement for food companies to register has nothing to do with FSMA; it was included as part of Bioterrorism Act. According to this, if you are packing, holding, processing or manufacturing food, you need to register with FDA. FSMA added the requirement that this registration would need to be updated every two years. This requirement is now important as several of the supply chain management program rules, which are part of the Preventive Controls rule, apply to companies that need to register.

The requirement to have a supply chain management program was in very early versions of FSMA and then got pulled out, and then now it’s back. And it’s not going away. What can you do to prepare for this rule? Look at all your suppliers, look at who they are, what they are shipping to you – do a hazard analysis of all their products, know their risks and understand what they are doing to control that risk.

For instance, your supplier Mr. Smith is supplying you ground black pepper, which you are using in a variety of products. We have determined that ground black pepper has a potential for Salmonella risk and has been historically linked to Salmonella. So you need to do a hazard analysis and determine if it is a risky food and who is controlling that risk. Is it you or Mr. Smith, and that depends on what you are using that ingredient for. If you use it as a garnish in based potato chips, then there is no cooking or kill-step involved, so the risk should be controlled by Mr. Smith. Thus, FDA will expect you to figure out that Mr. Smith is indeed controlling that risk, which you can do through site visits and data.

Another scenario is that you get that pepper from Mr. Smith, but you are using it in soup, and thus, have your own kill step to control that risk. So you don’t need to pay that visit, put have your own procedures to address risk with that ingredient.

While ground black pepper is a straightforward example, where it gets tricky is when you have to do this will ALL your ingredients. Companies typically have hundreds of suppliers and thousands of ingredients. So start NOW to understand how this little part of the preventive controls rule will affect you; you only have about 18 months to figure this out. And for that reason, I think this will be a huge challenge.

How can companies determine what testing they will need to do? What should companies starting doing now?

While the original produce rule included testing requirements for water, the other testing requirements mandated by FSMA are mostly new. The preventive controls rule now requires food companies to have an environmental monitoring program in place. FDA has also laid out a strategy in which finished product testing can be used as a risk control system. It’s not mandated per se, but it may be a way to exercise the preventive controls rule. Companies need to plan right now to determine what kind of testing they will need to do, how to document it etc. The environmental monitoring program and product testing requirements are new. So start looking at these programs, understand the rules to determine which of these rules apply to you, and do the gap analysis and FSMA readiness assessment now.

You have identified that record keeping requirements for FDA will a major challenge. How can companies prepare for this?

Record keeping will be an area where companies are most likely to struggle. There will be mounds and mounds of documents that will be generated because of the FSMA rules. The days of filing cabinets are over, and it will be really hard to do this in a manual environment. Companies need to look at technology and automation to manage all this data. If companies happen to be regulated by dual agencies, we are talking about even more information that they need to collect and keep track of. So automate NOW.

We often notice that companies are keeping track of the right data and documentation, but are unable to prove this, and retrieve the information when needed. With FSMA, the agency is going to say, ‘if you can’t prove it, it didn’t happen.’ So companies need to get smart about having effective document retrieval systems.

Are there any additional challenges that FDA isn’t talking about that companies need to look out for?

While the above challenges broadly capture the most significant challenges, we think the following may also be something that companies would need to prepare for:

  1. High-risk list: This year, we expect FDA to announce some rules regarding this.
  2. Traceability requirements: FDA may reveal more about this and how his will link to the high-risk list.
  3. Voluntary Qualified Importer Program or VQIP: The needs and requirements for this are still not clear. We expect some rules to be proposed this year.
  4. Additionally, while we don’t expect it to happen, if FDA makes any radical changes with the final rules, that could generate some new challenges.

For more on this discussion, click here.

What’s the Long-Term Value of Compliance Management Software?

By Brenda Percy
No Comments

When looking for an enterprise software solution, it is important to take into consideration its potential for long-term value. What exactly does this mean?

EtQComplianceManagementCost-Nov2014In a nutshell, long-term value is the amount of savings you can expect after using the software for a long period of time. Are you paying less in the long run or do you end up paying more? Keep in mind that lower upfront costs don’t always equate to lower long-term costs. It’s important to consider this when evaluating software vendors in order to choose the vendor that will provide more for your money…even years down the line.

To make the case for long-term value, EtQ commissioned Forrester Consulting to conduct a Total Economic Impact (TEI) study to examine the potential Return on Investment (ROI) enterprises may realize by deploying the EtQ Reliance platform. This TEI study provides readers with a framework to evaluate the potential financial impact of the EtQ Reliance platform within their organizations.

Forrester derived its conclusions in large part from information received in a series of in-depth interviews conducted with executives and personnel at four customers, each of which had been using EtQ’s Reliance platform between 1 and 9 years. Forrester’s findings break down the cost saving potential of EtQ Reliance. Through interviewing these customers, Forrester created a composite organization to describe the TEI of EtQ Reliance.

Forrester classified the organization as a North American-based F-1000 company that manufactures and sells a wide variety of products and associated services, and with overseas operations in EMEA and APAC. This study projects the costs and benefits received over the course of three years. The composite organization has been using EtQ Reliance for three years to manage and track compliance and to meet its strategic goals. The study measured the use of the organization’s Document Control, Nonconformance Management, Change Management, Audits, Corrective Action and Delegation and Escalation tools.

The TEI methodology consisted of four components to evaluate the investment value of EtQ—benefits, costs, flexibility and risks. So what was the outcome?

  • The research shows a three-year risk-adjusted ROI of 77 percent for organizations using the Reliance platform.
  • Net Present Value (NPV) of more than $1.6 million attributed to modules such as Document Control, Nonconformance Management, Corrective Action and others.
  • Savings of more than $3 million over the course of three years.
  • 30,000 manufacturing labor hours saved.

The organization had a goal of achieving the following benefits which it was able to do with EtQ:

  • Increased productivity through compliance tracking and reporting.
  • Reduced employee time and effort in managing and tracking compliance processes.
  • Reduced risk of nonconformance in safety and quality.
  • Grow revenue and profits.

EtQ has been proven to provide long-term value and we are pleased with the results. To see more highlights from this study, see the TEI infographic (click on it to enlarge).

*This is a commissioned study conducted by Forrester Consulting on behalf of EtQ. It is not meant to be used as a competitive analysis.

 

Roberta Wagner, Director, Office of Compliance, for the Center for Food Safety and Applied Nutrition at FDA

How is FDA Surveillance Keeping Pace with FSMA Changes?

By Sangita Viswanathan
No Comments
Roberta Wagner, Director, Office of Compliance, for the Center for Food Safety and Applied Nutrition at FDA

Proposed rules under the Food Safety Modernization Act will mandate more inspections, more testing, and better risk-based profiling of food products – both sourced domestically and imported. How is FDA planning to keep pace with these changes? Roberta Wagner, Director, Office of Compliance, for the Center for Food Safety and Applied Nutrition at FDA, provided some insights, while speaking at the recent Food Safety Consortium, organized by Food Safety Tech

Section 201 under the Food Safety Modernization Act requires the Food and Drug Administration to designate food facilities at high-risk and non high-risk facilities, and accordingly, establish minimum frequency of inspection of these facilities. While high-risk facilities will have to be inspected by FDA once every three years, facilities deemed non high-risk will be inspected once every five years. Wagner described that the following factors have been considered so far for determining if a domestic food manufacturing facility is determined to be high-risk or otherwise:

  • Whether the facility has been involved in a Class 1 outbreak or recall;
  • Whether the facility has a history of non-compliance (based on Official – Action Indicated (OAI) or Voluntary Action Indicated (VAI) data);
  • If the facility has had any significant violations;
  • Future data considerations (see below);
  • Type of activity the facility is involved in; and
  • Date of last inspection.

Future data for consideration of high-risk and non high-risk categorization will include:

  • Inherent risk factors at product level (for instance is the product bakery goods, or seafood/ fresh produce etc);
  • Has the facility been linked to an outbreak, recall or adverse event (if so the risk profile gets elevated);
  • If any sample testing (product or environmental) is positive;
  • If there’s a history of customer complaints;
  • Robustness of QA/QC programs and 3rd part audit reports;
  • Financial viability of the company; and
  • Food safety culture of the facility/ company.

Foreign facility inspections

Under FSMA, FDA has also been mandated to increase the number of inspections the agency does on foreign facilities, to ensure the safety of imported foods. Wagner explained that FDA currently conducts about 1200 foreign facility inspections a year to determine if those facilities meed FDA regulations. With FSMA rules, FDA will have increased authority to conduct such inspections of foreign faciligies, and look at Foreign Supplier Verification Programs, and Voluntary Qualified Importer Program records, adds Wagner.

Under the new regimen, FDA has been mandated to conduct at least 600 foreign inspections during the first year of FSMA rule implementation. And the target is to double this number every year, for the next five years, taking it to 19,200 inspections by Year 6. Wagner feels this is an impractical number as FDA does not have the resources to do so many foreign inspections. “If we get the Foreign Supplier Verification Program under FSMA rule right, we effectively place the responsibility for ensuring safety of imported foods on the food industry and importers. FDA cannot, and should not be doing this,” she explains.

Risk-based foreign facility site selection

FDA will also adopt a risk-based approach to select foreign facilities for further inspection. This approach will consider:

  • Food safety risk associated with the sector or commodity;
  • Risk associated with manufacturing process;
  • Compliance history of facilities associated with an industry sector commodity in a given country or region (for instance, look at refusal rates for products denied try into the U.S. by country);
  • Quantity or volume of imported product from country or region;
  • Robustness of food safety system in the country; and
  • Portion of resources retained by the facility for compliance, follow up inspections and emergency response situations.

Based on this FDA will continue to diversify the product that it considers high risk, for instance dairy, baby food, candy… Wagner added that economically motivated adulterated continues to be a concern and cause for focus on food products such as oils, honey and dietary supplements.

Wagner also talked about Predictive Risk-based Evaluation for Dynamic Import Compliance Targeting or PREDICT, a risk management tool used by FDA to efficiently and effectively make entry admissibility, decisions that prevent entry of adulterated, mis-branded or otherwise violative imported goods into the U.S., while expediting the entry of non-violative goods. Based on risk scores allocated to different products, this computerized tool targets entries of highest risk for further scrutiny, including field reviews and sampling.

She explained that this dynamic tool, which constantly adapts to different risk situations and products, provides automatic data mining and pattern recognition, provides automated queries of FDA databases including facility registration information, and thus, allows for risk-based allocation of FDA resources.

Tim Lozier, EtQ, Inc.

What are the 4 Key Elements in Compliance Management Software?

By Timothy Lozier
No Comments
Tim Lozier, EtQ, Inc.

Compliance is a broad term in business today. It’s a term that gets thrown around in meetings, operations, regulations, and covers so many definitions. It almost borders on cliche – compliance is broad. But what does it mean?

In simplest terms, “Compliance” means that you are able to do business with confidence. You can operate your business in a manner that means less risk, better quality, safety and governance. It means that you are doing business as you should – as people will expect you to. Compliance management software is designed to help foster this concept, but again, it becomes broad in definition on what can be offered.

What do people need in compliance management software solutions? Here are 4 basics:

A flexible platform

You cannot necessarily place compliance into one operational area. Quality Management Systems, EHS Management Systems, Governance and Risk Systems, and others all fall under the umbrella of compliance. But the core common theme is that you want a solution that will track all your processes, manage them and put controls in place to fix any adverse events quickly and effectively. Trouble is, that you will change processes, you will need to adapt to market changes, business changes and beyond. Having a flexible platform that enables you to periodically make changes easily is a key to compliance management software. You want to make sure the platform you select has this flexible for rapid business process change. Look for a solution that has this flexibility; it enables you to change workflows, and forms as you need to – without any signifcant effort.

Risk management

More and more, compliance is centered around Risk. This is because in the rapdi pace of business today, you cannot easily keep up with compliance without having some level of objective and systematic means to measure events and make decision on those events. Risk tools, and quantitative risk methods are paving the way to enable businesses to quantify their events that are out of compliance, and make decisions on how to mitigate the risk of those events. You want to ensure that your compliance management platform incorporates some level of risk management solution, or builds in a risk assessment to ensure that not only are you addressing the most critical events, but you are also building our a risk based strategy on how to ensure they are mitigated.

Integration and Scalability

Compliance, as stated above is broad. It does not live in a silo; many compliance processes span multiple facilities, departments and operational areas. It also spans multiple business systems. You want a solution that provides a macro-view on the data, and pulls in from other systems, as well as pushes compliance information to other business systems. This way you are creating a “Hub” for compliance that touches all other areas of the business. Similarly, you want to be able to harmonize and standardize your processes related to compliance throughout the enterprise. This requires a system that can span multiple facilities, and create a single source for compliance data. Having a solution that can operate across several business units and locations, while remaining centralized the the core enterprise location is important to maintain control over compliance processes.

Visibility into compliance data

Having a system that can automate the processes related to compliance is immensely valuable, but it is only half the battle. Without visibility into the data, it becomes difficult to get an accurate picture on top-down compliance. You want to make sure that you are building in enterprise reporting and analytics tools to the compliance information. This way, you can see any trends, make decisions on continuous improvement, identify areas for preventive action, and generate compelling and accurate reports on the overall “health” of your compliance management system.

These 4 elements are just basics on compliance management software. Again, there are broad categories to which compliance falls under, and each category will have its own specifics. The key is that with a robust, yet simplistic framework, built upon a enterprise-level platform, you can achieve the goal of doing business with confidence.

Dan Okenu, Ph.D., Food Safety Manager, H-E-B
Retail Food Safety Forum

Supplier Qualification and Compliance using GFSI Benchmarking

By Dan Okenu, Ph.D.
1 Comment
Dan Okenu, Ph.D., Food Safety Manager, H-E-B

An efficient supply chain is very important in retail food operations. To safeguard the supply chain, a comprehensive supplier food safety program should be an integral part of retail foodservice (see my previous blog on Combating Norovirus Hazards in Retail Foodservice). This becomes even more challenging because one, retail foodservice chains don’t own their suppliers; they’re independently managed businesses, and two, the new regulatory burden placed on retailers by FDA through the proposed FSMA rule to ensure that retailers are accountable on the sources and safety of their products to continue serving safe quality foods to their customers.

Thus, continuous verification of supplier qualification and compliance is as important for food manufacturers and food processors, as it is for food retailers. To fulfill this very important business requirement, the retail Food Safety & Quality Assurance job function would usually include the following roles:

  • To conduct continuous food safety audits and monitor suppliers to ensure compliance with all FDA/USDA, State and local regulatory standards;
  • To monitor adherence to product specifications, identify deficiencies and implement corrective actions in a timely manner;
  • To perform internal and external testing to verify risk assessment and risk mitigation procedures.

How do retail folks try to tackle these important business functions, especially since most retail chains have so many domestic and international suppliers? The Global Food Safety Initiative (GFSI) benchmarking provides a common ground for farmers, manufacturers, food processors and retailers on global food safety best practices. GFSI strengthens the supply chain, eliminates multiple auditing, increases confidence in safe quality food delivery while protecting the public health.

The different GFSI schemes which include PrimusGFS, BRC, SQF, GlobalGAP and FSSC2200 are auditing entities involved with several scopes of food safety and quality assurance service standards, while others like AIB, SGS, NSF and SAIGlobal are certification bodies that perform facility audits. As a business-driven initiative, majority of food processing facilities depend on the GFSI Guidance Document for supplier qualification and compliance by using any of their benchmarking schemes. The advantages are tremendous and include less product recalls and voluntary withdrawals, enhanced traceability, clearly defined risk management and HACCP control, acceptable uniform international standards, eliminates redundancy and frees up time and resources for both food manufacturers and retailers.

Apart from supplier compliance and approval, food retail companies also want to ensure that all potential suppliers align with their corporate values and standards of ethics. GFSIschemes however do not cover these corporate needs like environmental sustainability, animal welfare, ethical sourcing, compliant labor utilization, organic and non-GMO product verification. Moreover, the auditing time frame for most GFSI schemes is only about a few days and thus gives just a snapshot of the food safety practices in these GFSI-approved facilities. Retail food companies will therefore require a more elaborate supplier monitoring and approval system to ensure that certified facilities are not just compliant within the FDA auditing time frame of about one to four days, but that their food safety culture and practices are consistent with their corporate mission to deliver safe quality food to customers.

Additionally, such continuous monitoring and verification will ensure that suppliers are also complying with company policies outside the provisions of GFSI schemes. Proper training of retail Food Safety & Quality Assurance managers on FDA/USDA inspection requirements and corporate expectations at the food processing facilities is absolutely required. The use of third party auditors to assist retailers in verifying supplier qualification and compliance is also advisable because of the often overwhelming number of suppliers involved.

Finally, as FDA begins to implement FSMA, it would be pertinent to verify FSMA readiness of the different GFSI schemes. This will ensure that GFSI certified food manufacturing and processing facilities remain in compliance with the new regulatory provisions for FSMA covered facilities. It would help to avoid costly disruptions in the supply chain and allow businesses to meet their projected growth while serving safe quality food to their customers and protecting their business brand. Overall, GFSI certification remains the gold standard that will guarantee supplier qualification and compliance at both domestic and international locations.

 

Traceability Requirements and Best Practices

By Michael Biros
No Comments

What is a traceability system and how is it related to a recall plan? Will FDA require electronic record-keeping? What does FSMA require FDA and industry to do in terms of traceability? These questions and more are answered by The Acheson Group in the latest FSMA Fridays webinar.

What are the latest updates on FSMA?
In response to the substantive nature of the public comments, FDA plans on proposing new versions of the Preventative Controls Rules for Humans and Animals.

The proposed Preventative Control rule requires a recall plan. Is traceability covered through mock recalls?
A recall plan and a mock recall are not the same as a traceability system. A traceability system focuses on the ability to know what came in from where and where it was sent. A mock recall is a much more involved process that looks at production records and many other factors. However, in order to do a robust recall, you need a functional traceability system. The Preventative Control rule requires a recall plan and other parts of FSMA require traceability systems. The two are related, but they are fundamentally different.

How does FSMA address traceability and why is traceability a part of FSMA?
Traceability is distinct from a recall plan and FDA will have to address it separately from the Preventative Controls requirements. Traceability is covered in Section 204 of FSMA which describes the detection and response to food safety problems. While there’s an element of prevention in having a good traceability system, it really focuses on the response side. Traceability continues to be an Achilles’ heel for the regulators. Many of the statute components that are built into FSMA are based on prior experiences and situations. The biggest debacle with traceability was the tomato/pepper issue in 2008 where not only was the commodity wrongly identified, but it took close to eight weeks to figure out that it was wrong.

In this instance, FDA struggled with not having adequate records and being able to do the traceability components correctly and quickly. This and other similar issues has caused the food safety pendulum to swing.

Traceability is essential. FDA would love for the traceability requirements to be more robust, but they are limited by what is economically feasible and practical. Looking to the future, it’s entirely reasonable that traceability requirements could be strengthened.

What does FSMA require FDA to do in terms of traceability?
Pre-FSMA, there are record-keeping requirements in place related to traceability coming from the Bioterrorism Act. Basically, the current requirements are one-up, one-down: where did you get the product from, where did you send the product to? In developing the traceability requirements of FSMA, Congress required FDA to conduct pilot studies to determine what practices and technologies work and what doesn’t. FDA also needed to look at the cost/benefit related to technology and changes in traceability systems and what was current practice both domestically and internationally. FDA has the authority through FSMA to require additional records be kept for high risk foods. We expect FDA to issue a proposed regulation for traceability and record-keeping with high risk foods sometime in the future.

What did the traceability pilots recommend and are those recommendations now in effect?
Ten recommendations were made to FDA based on the results of the pilot studies and stakeholder input. The first recommendation was that all foods should be designated as traceable, not just those that are designated as high risk. Another recommendation was that FDA should accept electronic records rather than going in person and getting photocopies and that FDA should develop a system for processing traceability data. It was also recommended that FDA work collaboratively with industry. Over the past few years, there have been several industry led efforts with varying levels of adoption that are generally moving towards standardized and electronic records-keeping systems. Finally, it was recommended that FDA identify subject matter experts to help the agency understand specific industries for when there is an issue with the supply chain.

None of these recommendations are currently in effect because FDA hasn’t released a proposed rule yet and is still reviewing the report and public comments. The full report is available for the public to view, but ultimately it is up to FDA whether they accept the recommendations and if/how they put them into regulation.

Will FDA require electronic record-keeping?
The agency does not have the statutory authority to require companies to use electronic record-keeping. FDA recognizes that electronic record-keeping is the way of the future and prefers it, but they cannot require it. They will let companies keep their records how they want as long as they can be produced within 24 hours if requested.

What should companies do today to prepare and what do you think FDA will do next?
Companies should read the IFT report, read the recommendations, and consider how they would have fared if they participated in the pilot studies. They should give some critical thought to how they would perform if there was an outbreak and they were the focus of a traceability study. Traceability is a byproduct of good record-keeping. If a company has an opportunity to make improvements, consider how traceability can factor in to those changes. Companies should talk to supply partners and understand the whole supply chain. Ultimately, the company is connected to all the other links in the supply chain and any one of those links can impact you.

Ask the Compliance Expert: Unannounced Audits

By Sangita Viswanathan
No Comments

Do you know when your next unannounced audit will be? And can a site refuse entry to an auditor? In this Q&A, Jane Pappin of Cert-ID provides some answers.

Food companies are now handling and preparing for increased number of inspections and audits. Food safety rules under the Food Safety Modernization Act have proposed unannounced audits of food facilities as a way to include another level of security to ensure that these facilities are compliant with the various standards. Such audits, regulators hope, will give a more realistic picture of compliance, rather than facilities appearing to comply just the day of the inspection.

Food companies that have been abiding by all the requirements of the specific food safety standard don’t have to do anything differently than what they have been doing all along, says Jane Pappin, Certification Director at Cert-ID: “If they have a strong food safety and quality management program in place, have been conducting regular internal audits, and gap analysis etc., they shouldn’t have anything to worry about. The auditor is not going ask anything that they would be unprepared for,” she adds.

We present below excerpts from a Q&A with Pappin.

Q: How will my site know if our next audit is unannounced or not?

A: SQF has indicated that the Certification Body (CB) is responsible for telling the site when their unannounced audit will be. As the CB is charged with reminding the site of their upcoming renewal audit approximately three to five months in advance of the re-audit due date, the site could be informed then.

Once the site is told when their unannounced audit will be, there is opportunity to negotiate black-out dates – these are only for days when the site will not be in production. The unannounced audit will always take place within the site’s renewal audit window, which is from 30 days before the site’s re-audit due date (which is listed on your certificate) to 30 days after the re-audit due date. 

A site must have one unannounced audit per three-year cycle. For those sites already certified, their first unannounced audit will take place either in 2014 (from July 3 to Dec 31), 2015 or 2016 and they will be informed by their CB which year it will be in. Their second unannounced audit will take place in either 2017, 2018 or 2019, and so on. Once your unannounced audit year is determined, this will be recorded in SQF’s Reliance Database. Even if you change CBs, this information will go with your facility’s profile and your unannounced audit year will not change.

Q: What happens if the auditor arrives for the unannounced audit and the site refuses entry?

A: The ramifications of disallowing the auditor entry to your facility are far reaching: First, you will still be charged for the visit, including auditor expenses. Second, your facility will immediately be put into suspension. Third, an announced audit must now take place no later than 30 days from the date you denied entry to the auditor. If this doesn’t happen, your certification will be withdrawn. Fourth, because you were put into suspension, you will also be required to have a surveillance audit six months after the 30 day audit. Fifth and last, your next audit will then be your unannounced audit.