What is required for the FDA Intentional Adulteration Rule?
The Intentional Adulteration Rule must be part of the facilities food defense plan, which is in addition to the HARPC plan. The proposed rule for Intentional Adulteration Rule was published for comment in December 2013 and the final rule is due by 31st May 2016. The information provided below is based on the proposed rule and may be subject to change on the publication of the final rule.
Who does the rule apply to?
The rule applies to all food facilities in the US and also to those that import food into the US. It does not apply to farms or other facilities that are not required to register under section 415 of the FD&C Act.
What is food defense?
Food defense is a complex subject, but it is well described in the foreword that Chris Elliott (Professor of Food Safety & Director of the Institute for Global Food security at Queen’s University Belfast) wrote for our book ‘Assessing Threat Vulnerability for Food Defence’:
“Food defence is a term that many haven’t heard of or if they have don’t quite understand the meaning. In simple terms it’s about putting a robust plan in place to deter those wishing to deliberately contaminate food supply systems. The motivations for such actions can vary from seeking economic gain, revenge or a deliberate attempt to cause harm to consumers. While many food companies may think that it is something that does not affect them history often shows otherwise. Criminals and food terrorists will seek out those companies which are easiest to breach in terms of being the most vulnerable to attack. Having in place a system to deter such actions, in my opinion, is of immense importance in terms of protecting your business and those that consume your products.
To implement such measures can seem like a near impossible task. Where do you start as a business to think about what your points of vulnerability might be, and how a criminal or terrorist may try and exploit them? I am a great believer in implementing a systems based approach to deal with complex problems.
I have studied the system developed by Adele Adams & Kassy Marsh, to provide a shield against food business infiltration by those seeking to cause damage, either directly or indirectly. It uses the well-known and acknowledged methodology of Hazard Analysis and Critical Control Point (HACCP). To me the implementation of their system seems logical and if followed correctly, will no doubt leave your business in a much better place in terms of defending against those who seek to commit criminal activities.”
What is intentional adulteration?
Acts of intentional adulteration may take several forms:
- those where the intention is to cause large-scale public health harm
- acts of disgruntled employees, consumers, or competitors (typically to cause harm to the business)
- economically motivated adulteration
The FSMA focuses only on intentional adulteration threats that are intended to cause large scale public health harm, including acts of terrorism.
The FDA have identified four key parts of the manufacturing process which are vulnerable to such threats:
- bulk liquid receiving and loading
- liquid storage and handling
- secondary ingredient handling (the step where ingredients other than the primary ingredient of the food are handled before being combined with the primary ingredient)
- mixing and similar activities
In order to comply with the FSMA, food facilities are required to carry out a vulnerability assessment, as part of their food defense plan.
The food defence plan
The food defence plan takes the vulnerability assessment and applies actions and mitigations to provide protection.
This food defence plan must include:
- Actionable process steps
- Focused mitigation strategies
- Corrective action
- Record keeping
The U.S. Department of Defense produced a military targeting method called CARVER + Shock, which is based on the following assessment:
Criticality – the impact on health and also economic impacts
Accessibility – the ability to carry out the attack
Recuperability – ability of system to recover from an attack
Vulnerability – the exposure to the attack
Effect – loss in production due to the attack
Recognizability – ease of identifying the attacker
Shock – the combined impact of an attack
Overall it is a complicated system, that was originally based on the risk to very high numbers of people, which perhaps does not link directly to the food industry.
I published a methodology for threat assessment for food defense with my co-author Adele Adams in March 2015. This methodology has become a recognized system for the assessment of raw materials and also on-site threats. It is becoming very well known in the UK and is gaining popularity in other international countries.
The book ‘Assessing Threat Vulnerability for Food Defence’ provides a step-by-step process which can be used to assess threats and provide mitigation through protection measures.
Assessing Threat Vulnerability for Food Defence
The steps defined by the FDA map directly to those detailed in our methodology, as explained below:
Assessing Threat Vulnerability Methodology
Actionable process steps
|A process flow driven assessment is conducted, where each step in the process is draw in a flow chart. Allowing each process step to be assessed individually for pertinent threats.|
Focused mitigation strategies
|Once the threats have been assessed, protection measures must be applied to each where possible. Each protection measure is then assessed through the decision tree to determine how it should be managed. Protection measures are either managed through new or existing prerequisite programmes (PRPs) or as vulnerable threat points (VTPs). Where no protection measures can be applied at that time, it goes onto the risk register.|
Monitoring, corrective action, and verification
|Each protection measure must be managed to ensure that it is effectively providing the protection required. The system provides guidance on each type of management technique (risk register, PRP, or VTP) to ensure that it is being monitored, routinely verified and corrective action is applied where it goes out of the set criteria or critical limits.|
|Prior to carrying out the vulnerability assessment a team is needed. This team must be trained in order to be suitably competent to carry out the assessment.|
|The final element of the system is called ‘Maintaining the system’, this includes keeping records of the monitoring, corrective action and verification as well as, an ongoing process of continuous improvement and review, to ensure that the assessment is kept live and effective.|