The U.S. Food and Drug Administration (FDA) recently announced that beginning in March, they will start routine inspections of small businesses (those with fewer than 500 employees) to verify compliance under the Intentional Adulteration (IA) Rule, which requires facilities to develop and implement a Food Defense Plan. FDA also recently announced that they will resume routine domestic onsite inspections, following a months-long pause due to the COVID-19 pandemic.
With inspections coming up for operations small and large, it’s time to assess your Food Defense Plan for areas of improvement.
The requirements of a Food Defense Plan include conducting a vulnerability assessment that considers all products and each processing step and is specific to the individual facility. It must also consider, in some way, the following three elements:
- The potential public health impact if a contaminant were added;
- The degree of physical access to the product; and
- The ability of an attacker to successfully contaminate the product.
When conducting the vulnerability assessment, you should consider an insider – an employee – as the aggressor. If a significant vulnerability is identified at a processing step, this would then be considered an actionable process step and as such requires a mitigation strategy to reduce or eliminate the significant vulnerability. If you have a mitigation strategy, then you are required to also develop and implement food defense monitoring, food defense corrective actions for deviations, and food defense verification activities. Each of these means that it’s important to review and refine your plans starting now.
Regarding the IA Rule for small businesses specifically, it’s important to note that when announcing the inspection date, FDA did not extend the compliance date. Facilities were still required to develop and implement these plans by July 26, 2020 for small and very small businesses, and by July 27, 2019 for all other businesses.
Should you have any questions or need additional information, please contact us at firstname.lastname@example.org.