Access control and monitoring of bulk liquid receiving and loading is deemed critical by FDA to prevent deliberate adulteration in food plants.
With December’s release of proposed rules for food security, FDA completed the last significant preliminary step toward implementation of the Food Safety Modernization Act (FSMA), the legislation the agency calls the most sweeping change to the Code of Federal Regulation governing the food industry in 70-plus years.
Three years after FSMA passage and 18 months behind schedule, the implementation roadmap for the act’s Section 106, Protection Against Intentional Adulteration, arrived as a stocking stuffer on Christmas Eve. Comments are due by the end of March, preceded by a series of public meetings for additional stakeholder feedback in Anaheim, Calif., Chicago and College Park, Md.
“This is the final preventative control rule, and it’s filling a slightly different gap: the purposeful human element of food contamination,” notes John Shapiro, a partner with law firm Freeborn & Peters LLP, Chicago. FDA is under a court order to finalize FSMA regulations by June 30, 2015, he points out, but Shapiro advises, “Get the ball rolling in 2014 to figure out how you’re going to comply rather than wait for the final rule to be published.”
In many respects, the rules are a continuation of a security focus that began with passage of the Bioterrorism Preparedness and Response Act of 2002, the legislative reaction (along with U.S. Department of Homeland Security and other initiatives) to the Sept. 11 attacks on the World Trade Center and Pentagon. The Bioterrorism Act touched off a wave of physical security initiatives at production facilities, with guard checkpoints, access cards, container seals and restricted-access policies becoming common practices.
The key difference under FSMA -- as with the other preventive rules -- is that food companies must establish a written plan backed by the logic of their vulnerability assessments and a record of ongoing procedures to enforce controls, take corrective actions and maintain continuous improvement.
To a large extent, FSMA proposals are an attempt to harmonize the rules of the separate regulatory authorities. FSMA affects food companies that answer to FDA, and the preventive rules for food safety reflect USDA’s HACCP approach by a different name. Likewise, intentional adulteration proposals mirror guidelines strongly encouraged by USDA’s Food Safety and Inspection Service.
“Technically, there is no requirement for food defense in FSIS-inspected plants, but there absolutely is a template for it,” observes Jennifer McEntire, vice president and chief science officer at the Acheson Group, a consultancy with close ties to FDA. The agency “very strongly encourages establishment of a food defense plan,” and most meat, poultry and other processors have taken the hint.
Eight years ago, 27 percent of USDA-inspected facilities had functional defense plans. By 2012, the ratio had climbed to 77 percent, and by 2015, the agency wants more than 90 percent to have a plan. “The writing is on the wall,” says McEntire.
McEntire has helped develop some of the security assessment tools available on the FDA website and was involved in the evaluation of 30 different food products and processes to determine common areas of vulnerability and the amount of contamination that would be necessary to kill people and cause large-scale public harm. As a result of that assessment, four specific activities are highlighted in the rules for special attention. They are:
- Bulk liquid receiving
- Liquid storage and handling
- Secondary ingredient handling
- Mixing, blending and similar ingredient-combination processes.
Those processes were flagged not only because they are deemed vulnerabilities but because the cost of hardening them was judged to be justified by the risk reduction they provide. Primary raw materials were excluded because there is a greater focus on them and because they usually go through a kill step, according to Don Hsieh, director of commercial and industrial marketing for Tyco Integrated Security in Boca Raton, Fla. Secondary ingredients, on the other hand, often are added after the kill step -- think icing on a Danish or salt on a chip.
Bulk storage tanks often are in remote areas of a facility, Hsieh adds, and agitation often is done to keep the liquid homogenous. Agitation also would help disperse a contaminant, making detection more difficult.
Mixing and blending operations like those at CK Products in Fort Wayne, Ind., are among the four areas flagged by proposed food-defense rules for special attention under the Food Safety Modernization Act.
Mixing and blending are the most common of the flagged activities and arguably the most difficult to control. “Because they are done in the heart of the plant, there usually aren’t any doors to lock down,” he says. “A virtual hot zone can be created with sensors to detect motion and cameras with analytics to provide alerts if a rule is broken,” such as the presence of someone in clothing that violates a color-coding rule. Whether or not technology is brought into play, “the key point is that plants should only allow authorized people to have access to these areas,” concludes Hsieh.
Burden or blessing?
Cases involving deliberate adulteration of food seem few and far between. A study by Singapore-based Centre of Excellence for National Security documented 398 confirmed events globally over a 59-year period ending in 2008, including 220 in the U.S.
However, law enforcement officials deliberately suppress public disclosure of such cases, according to Ann Draughton, a professor and co-director of the Food Safety Center of Excellence at the University of Tennessee in Knoxville. To illustrate, she cites an incident involving a disgruntled Michigan supermarket employee who mixed pesticide into ground beef, sickening 92 individuals. Though known to federal authorities, the case didn’t register a media blip.
Fear of copycat incidents is law enforcement’s rationale for suppressing public disclosure, though it also fosters an it-can’t-happen-here attitude in the industry. As a result, many companies may approach the food defense mandates as just another compliance program, food-plant security specialists say, rather than an element of an effective security system that considers all possible hazards.
Every plant must have a food defense plan specific to its location and vulnerabilities, points out Peter Hayes, director of manufacturing operations support for Frito-Lay North America, Plano, Texas. In the wake of 9/11, the snack company’s CEO threw his support behind “a top-down, comprehensive food defense program,” Hayes told attendees at Tyco’s Food Defense Strategy Exchange last year in Chicago. Management support was essential to ensure financial support, but effectiveness required giving plant personnel the information and resources needed to implement and maintain the program, he said.
Most of the facilities in Frito-Lay’s network lacked effective security at the outset. Upgrades differed depending on the existing physical security and the results of a threat assessment. Seasonings were determined to be the area of greatest risk. “Reason? It was the only ingredient that didn’t go through a thermal process,” explains Hayes. Criminal activity in the neighborhood surrounding the facility factored into the vulnerability score, and plants in isolated areas were judged to be high risk.
Guard stations, CCTV, fencing and other defenses were deemed unnecessary at low-risk plants like the company’s Canton, Ohio, pretzel factory, Hayes says, though proximity card controls became common elements in every location. Plant leadership conducted the first defense review and considered the severity, likelihood and detectability of various events, but the scenarios those leaders devised proved too broad and ill defined. Bringing in security experts caused “HR angst,” but “that made the list of what could occur much more robust,” says Hayes.
Once the plans were implemented, the firm commissioned third-party audits to assess them. Food safety audits had been conducted by AIB International for more than 30 years, and the auditors who conducted those assessments were commissioned to conduct separate security reviews. “Both audits are unannounced,” he says, with the auditor spending one day on site to assess security and three days for safety systems.
A long-term commitment of capital resources and personnel is necessary for a viable plan, Hayes emphasizes. “This is not free.”
Several self-help guides to assessing the vulnerabilities in a plant are available on the FDA’s web site, beginning with the CARVER + Shock tool, a risk management system that helps prioritize security needs based on Criticality, Accessibility, Recuperability, Vulnerability, Effect, Recognizability and shock value. Food Defense 101 training courses for front-line workers and managers is another useful guidance, along with the Food Related Exercise Bundle.
A workforce that is aware of the need for proper defense protocols and alert to possible threats is much more important than expensive hardware, according to Bryan Fort, corporate security manager for McCormick & Co., Sparks, Md. “Whenever we have had problems, we’ve been fortunate to have an engaged workplace,” he says. “I’m not going to be the one who catches a bad guy on the third shift.”
McEntire seconds the sentiment. “If you want more technology, there’s always someone willing to sell you something,” she says, but awareness and training for front-line workers at vulnerable points in the supply chain will contribute more to an effective and productive defense program than automation hardware that satisfies compliance issues.
