The FDA Intentional Adulteration (IA) rule (21 CFR 121) was spawned through the Food Safety Modernization Act (FSMA) in 2011, and went into effect July 26, 2019 for facilities that process or hold food and have 500 or more employees. Small and very small facilities have until 2020 or 2021 to develop and implement their food defense plans, and inspections won’t begin until March 2020 for the largest companies. The regulation requires food processors to analyze production lines or areas for potential vulnerabilities, and develop preventive measures to guard against malicious contamination. The resulting vulnerability assessment (VA), and identified mitigation strategies (MS), must be documented in a written Food Defense Plan.
Each processing step is evaluated for significant vulnerabilities. These are weaknesses that could be exploited by an attacker to cause wide-spread public health harm. Once identified, these actionable process steps must be protected with one or more mitigation strategies. Mitigation strategies are defined by FDA as “risk-based, reasonably appropriate measures that a person knowledgeable about food defense would employ to significantly minimize or prevent vulnerabilities.” The MS’s must be “consistent with current scientific understanding of food defense at the time of the [vulnerability] analysis.
How does one identify a MS? Like the VA process, trained Qualified Individuals who have been educated with standardized training materials recognized by FDA or who have equivalent job experience must facilitate choosing appropriate mitigation strategies. One of the best resources for this process is the FDA Food Defense Mitigation Strategies Database (FDMSD). It is available at the FDA website, https://www.fda.gov .
The database can be searched by process step type, such as “mixer”, or by the Key Activity Type that was identified during the VA, such as “Liquid Handling and Storage.” Under “Mixer”, the database calls out 28 possible strategies, including “Use surveillance equipment (e.g. cameras) to increase observation.”
Once you have completed specifying a mitigation strategy, a written explanation must be determined that provides the rationale for how it will minimize or prevent significant vulnerabilities. Both the MS and its explanation are mandatory components of the food defense plan (unless your facility has no actionable process steps!).
Each MS is similar to a HACCP critical control point, in that they must be monitored, corrective actions taken if a problem occurs “with implementation of a mitigation strategy,” and they require verification in writing.
There are both on-line and in-person courses to learn how to identify and provide explanations of mitigation strategies. Look for a training program that uses standardized or equivalent materials to meet the QI educational requirement for mitigation strategies. Food Safety Northwest offers a Practical Food Defense Workshop, that teaches how to identify and explain mitigation strategies using FDA-equivalent training materials, along with a vulnerability assessment module.