New FSMA Rules set the stage for Food Safety Management Software

[fa icon="calendar"] Fri, Aug 02, 2013 / by Tim Lozier

Plugging in FSMAThere doesn't appear to be any summer vacation for the FDA this year.  Last week, the FDA put out two new proposals for rules as part of the Food Safety Modernization Act (FSMA, or "FizzMa" as some call it - sounds like a wonky cola to me).  These are proposed rules, not final rules, but their proposal puts into light the FDA's direction on ensuring Food Safety Management in the 21st Century, especially when you look at the context of automated food safety software solutions. We've spoken about the progress of the FSMA at length, this is just another interesting chapter in a long story.

There are two rules out there right now - one outlining the accreditation of third-party auditors, and another outlining the need to verify the compliance activities around foreign suppliers.  And it's the latter I would like to get into, as I think it illustrates an interesting approach to operating a Food Safety Management System in an increasing global world.  It also illustrates how incorporating your suppliers into your Food Safety Software remains of critical importance to the industry. Here are just a few observations at a high level:

1.  Visibility of the Supplier's Compliance:  The rule, "acro-named" FSVP (Foreign Supplier Verification Program) illustrates the need for any company importing from foreign suppliers to research and review compliance documentation from that supplier prior to doing business with them.  This is readily available (apparently) on the FDA website, and looks for compliance information like warning letters or import alerts and the like - basically, "know who you're doing business with."

Where Technology can Help:  In an automated Food Safety Management System, you can keep track of all suppliers, and link into their compliance documentation.  Regular audits help to keep track, but you can also incorporate the ability for them to update any compliance certifications.  Furthermore, in some systems, you can set up alerts to the FDA website to notify you on potential adverse events related to that supplier.  The idea is to centralize your supplier information in a single location that is continually updated in real-time.

2.  Conduct a Supplier Hazard Analysis:  Just like you would conduct a hazard analysis within your food manufacturing process, you would determine supplier hazards as well.  You may even build it within your existing HACCP plan, as you are bringing in suppliers to the process.  Whichever way you do this, you are essentially conducting a Risk Assessment on the supplier, and this strikes to the heart of the FSMA (FizzMah) and the FSVP (FizzZip?) - Risk is a core component to maintain Food Safety, and the FDA recognizes this with this rule.

Where Technology can Help:  Hazard Analysis is a Risk Assessment to determine if there are any potential risks to a supplier.  By conducting Risk in an automated system, you can help make more consistent decisions on the hazard levels, which may warrant further action if the hazards are too great.  The rule itself is built in with a decision tree analysis component.  By automating the decision tree, you can eliminate any subjectivity and "what next?" issues by automatically providing the next step in the decision-making process.  Finally, any resulting decisions can be linked to actions, whether supplier risk rankings, auditing activities, or corrective actions - all automatic with the Food Safety Management System.

3.  Conduct Verifcation Activities of the Supplier:  After a Hazard Analysis is conducted, importers have two options in order to act on the hazards.  Option 1 would require onsite auditing of the supplier in order to ensure that compliance is met and any hazard risks are mitigated.  There's a little bit of flexibility here - for serious hazards, onsite auditing is required, or at the very least the inspection results from FDA or similar recognized food safety regulators.  If there aren't serious hazards in the supplier analysis, then there is flexibility in how you gain assurance - documentation, periodic auditing, or similar procedures to ensure compliance.  Option 2 allows for any uncontrolled hazard to be reviewed in any of these methods - so essentially saying that you are able to review all hazards using any verification methods necessary.

Where Technology can Help:  If you are an organization that regularly imports goods from a foreign supplier, you would want to automate this process as much as possible.  Whether conducting regular audits, collecting inspection results and periodic reviews, you need to have a system in place that manages the records in a centralized location and can kick off auditing activities based on a verification process.  An automated Food Safety Software Solution has the workflow necessary to help foster a streamlined and efficient approach to verification.

4.  Corrective Action and Effectiveness Reviews:  Parts 4 and 5 deal with taking systematic actions to any nonconformances to the compliance of the supplier.  Basically, you need to investigate and take corrective action on any supplier that doesn't conform.  Furthermore, you need to periodically review and re-assess the supplier's compliance, at a minimum of every 3 years - but whenever new information about potential hazards arise.

Where Technology Can Help:  Workflow is key in any Food Safety Management System, but especially when conducting any investigations and Corrective Actions.  This helps to link initial hazard information, supplier information and details of the nonconformance to the workflow and route the process efficiently until completion.  Most corrective action systems build in verification activities, whether as part of a continual improvement project or general good business practices, you can trigger new processes as events occur.  So, if a new hazard type is linked to a supplier, the system can automatically kick off a new process to make sure this analysis is done for the supplier.

5.  Record Keeping is Key:  Parts 6-7 deal with not only keeping track of the supplier's Dun and Bradstreet information (DUNS), but also maintaining records of all their FSVP (FizzVeep?) activities.

Where Technology Can Help:  This strikes to the heart of why we implement software to manage data.  Food Safety Software Solutions are design to be a centralized record of all food safety activities and have the relationships built-in to link activities to a supplier, resulting hazards, risks, corrective actions and reviews - all in a single location.  This creates a level of visibility into your Supplier Management program as it relates to food safety that cannot be duplicated in a manual system.

The Food Safety Modernization Act is looking to finish up all their final rules by 2015, but that doesn't mean this will be the ultimate finalization of the Act.  Experts realistically think that this rule-making period and review will continue on for the next 10 years or so, as the industry comments and provides feedback on these rules (these two rules will currently undergo a 120 day review period in themselves, so we are far off from a final rule yet).  However, this represent a first step in filling the gaps that are needed to establish a true, regulated Food Safety Management program.  The takeaway is that whatever comes next, the need to implement automated Food Safety Management Software systems continues to be at the heart of operating in the global environment we live in today.

Free White Paper
Food Safety, From Farm to Fork:
A Best-Practice Approach to Implementing a Food Safety Management SystemFood Safety, From Farm to Fork: A Best-Practice Approach to Implementing a Food Safety Management System

You will learn:
• Best practices needed to successfully implement and automate the FSMS
• How an FSMS can help automate each process in the HACCP plan
• How an automated FSMS can help stakeholders comply with the various food quality and food safety initiatives

Download the Food Safety White Paper Now


Topics: Food and Beverage Safety

Tim Lozier

Written by Tim Lozier

Tim is the Manager for Marketing and Strategy at EtQ, Inc.

Post a Comment

Subscribe to the Blog

EHS Risk Management Guidebook: A Practical How-To Guide