Functionality: What does it do?

Depending on the breadth and location(s) of a company’s operations, managing permits and their associated requirements and due dates without a centralized system in place can present significant challenges: How many permits does your operating system have–and what are the associated requirements? Who is responsible? Are there key/critical dates? How do you manage all that information and verify compliance? KTL’s permit tracking tool provides a central repository to track, manage, and communicate permit activity tracking. 

Benefits: Why do you need it?

A web-based permit tracking system can help:

• Catalog and track permits and associated requirements and timeframes in one database.
• Manage change information.
• Store critical documents for easy access and effective record control.
• Send and receive notifications of permits about to expire.
• Coordinate and communicate with project contractors.
• Establish accountability and a standardized approach for reporting, monitoring, and performance measurement.
• Improve permit compliance assurance reliability, efficiency, and consistency.

Technology Used

• Microsoft Power Automate: send/receive notifications
• Canvas PowerApp: catalog permits, trigger notifications, create user interface
• SharePoint Lists: tracking changes, store data
• SharePoint Document Library: store attachments, permits, contracts, etc.

The threat of terrorism against our food supply is as real today as it ever has been. Whether it’s an attack on the products themselves, such as product tampering or sabotage, or a cyberattack against a company’s internet infrastructure, it can be harmful and costly if not recognized in advance. Plans should be in place to not only respond to such an attack but also to prevent it. ~ Rod Wheeler, NSF.org

National Security Memorandum

On November 10, 2022, President Joe Biden signed National Security Memorandum-16 (NSM-16) to strengthen the security and resilience of U.S. food and agriculture. This critical sector has continued to face increasing deliberate and naturally occurring threats to security and resilience, including intentional adulteration (IA), catastrophic events (e.g., pandemics that impact critical infrastructure), consequences of climate change, and cyber- and technology-related vulnerabilities.

NSM-16 replaces Homeland Security Presidential Directive 9 (Defense of United States Agriculture and Food – HSPD-9) and outlines the Administration’s guidance to:

1. Identify and assess the threats of greatest consequence. This includes redefining how chemical, biological, radiological, and nuclear threats are defined; focusing on increased cyber threats and climate change impacts; and enhancing threat and risk assessments by mandating a continuous process to assess and mitigate risks and vulnerabilities.
2. Strengthen partnerships to enhance the resilience of the workforce, who are typically the first line of response, and coordinate our government to act more efficiently and effectively. Essential critical infrastructure workers need guidance to work safely, while supporting operations during high-consequence incidents.
3. Enhance preparedness and response by training partners on how to prepare for and respond to threats, increasing testing and diagnostic surge capacity, and standardizing diagnostic and reporting tools to facilitate timely information sharing.

Ongoing Security Actions

NSM-16 builds upon ongoing actions by the Administration to strengthen the resilience of the U.S. food and agriculture supply chains.

• U.S. Department of Agriculture (USDA) considers defense of the food and agriculture sector critical. USDA’s Food Safety and Inspection Service (FSIS), Animal and Plant Health Inspection Service (APHIS), and National Institute of Food and Agriculture (NIFA) have launched numerous programs to protect these sectors, including FSIS working to help industry partners develop effective food defense plans.
• U.S. Department of Homeland Security (DHS) Office of Health Security Health, Food, and Agriculture Resilience (OHS/HFAR) directorate is also working to help safeguard the American food supply against catastrophic incidents by bringing a national security perspective to the food and agriculture sector.  In recent years, OHS/HFAR has engaged directly with partners to perform risk assessments, develop strategic guidance, and design and deliver tailored exercises to better prepare for, respond to, and recover from catastrophic events.
• U.S. Food and Drug Administration (FDA) is engaging with federal; state, local, tribal, and territorial (SLTT) governments; the private sector; and academia on the following activities:
  • Conduct of vulnerability assessments
  • Risk mitigation analysis
  • Federal risk mitigation strategy
  • Strengthening existing efforts for information sharing procedures
  • Research and development

Roles of Food Safety and Food Defense

According to USDA-FSIS, to prevent, protect against, mitigate, respond to, and recover from threats and hazards of greatest risk to the food supply, preparedness efforts must encompass food safety and food defense.

Food safety provides for the protection of food products from unintentional contamination. Food defense involves the protection of food products from intentional contamination or adulteration (e.g., biological, chemical, physical, or radiological) that causes harm to public health or disrupts the economy in other ways.

The anticipated outcome of combined food safety and food defense efforts is food security. Food security exists when all people, at all times, have physical, social and economic access to sufficient, safe and nutritious food which meets their dietary needs and food preferences for an active and healthy life (United Nations Food and Agriculture Organization (FAO)).

Your Role: Food Defense Plan

Food defense involves putting security measures in place to reduce the chances of someone intentionally contaminating the food supply. FDA’s Food Safety Modernization Act (FSMA) rule on Mitigation Strategies to Protect Food Against Intentional Adulteration (IA) establishes requirements for industry to play an active role in improving the nation’s food security and resilience. This rule requires covered facilities to prepare and implement food defense plans.

The food defense plan incorporates four major elements:

• The vulnerability assessment identifies those areas in the process that pose the greatest IA risks. Each step in the facility’s process should be evaluated for the following:
  • Potential severity and scale of the impact on the public.
  • Physical access to the product.
  • Ability to successfully alter/contaminate the product.
• Facilities must develop and implement mitigation/preventive strategies at each step in the process to address vulnerabilities and minimize the risks of IA.
• A system must be put in place to ensure implementation of mitigation strategies and to effectively manage the following:
  • Monitoring mitigation strategies, including frequency.
  • Corrective action response.
  • Verification activities.
• Appropriate recordkeeping must be maintained for food defense monitoring, corrective actions, and verification, and key personnel must receive appropriate training.

The safety and security of our country’s food products requires developing, implementing, and enforcing policies and programs to support strong food defense. And it requires continually involving all employees in these food defense and security efforts to create a robust food safety culture. The threats to our nation’s food supply—and to those companies who work in the food supply chain—will continue. Taking an active role in controlling what you can and proactively managing your organization’s food defense efforts can play a significant role in securing the food supply chain.

According to the Occupational Safety and Health Administration (OSHA), successful safety and health programs can proactively identify and manage workplace hazards before they cause injury or illness, improving sustainability and the bottom line. An organization’s safety culture is ultimately reflected in the way that safety is managed in the workplace, and having a strong safety and health program can help create:

• Fewer accidents, losses, and disruptions by preventing workplace injuries and illnesses.
• Engaged employees and improved morale.
• Increased productivity and enhanced overall business operations.
• Lower workers’ compensation and insurance claims.
• Improved compliance with OSHA regulations.
• Improved reputation to attract new customers and employees and retain existing ones.
• Better brand and shareholder value that tie to social responsibility.

H&S Observations

The National Safety Council (NSC) cites that more than 4,400 preventable workplace deaths and 4.26 million injuries occurred in 2021. Raising public awareness about workplace safety can significantly decrease the number of preventable injuries and deaths. Every June, NSC observes National Safety Month to do just this by encouraging employers and individuals alike to be safety role models.

Much like NSC, OSHA created Safe + Sound Week (August 7-13, 2023) as a year-round campaign to encourage America’s workplaces to commit to workplace safety and health by starting a health and safety program, energizing an existing one, or recognizing health and safety successes.

Taking the Pledge

This year, both NSC and OSHA are encouraging companies to reaffirm their commitments to safety and health by taking a pledge:

Safe + Sound pledge: I pledge to make safety a core workplace value. Everyone has the right to a safe and healthy workplace, and I will work to ensure everyone goes home safe and sound every day. My workplace will be taking action to improve our safety and health program during Safe + Sound Week 2023.

NSC SafeAtWork pledge: I commit to:

• Actively help my employer improve our safety programs.  
• Report hazards promptly and suggest solutions.  
• Be a good safety role model for my friends and family, even off the job.  

Core Elements of Workplace Health and Safety

OSHA reiterates that the core elements of a workplace health and safety program include the following elements:

• Management leadership. Management must provide the leadership, vision, and resources needed to implement an effective safety and health program.
• Worker participation. Engaging workers at all levels in establishing, implementing, evaluating, and improving safety and health in the workplace creates buy-in.
• Systematic approach to finding and fixing hazards. Finding and fixing hazards in the workplace is an ongoing process to better identify and control sources of potential injuries or illnesses.

KTL’s Series on Investing in Safety

Throughout OSHA’s Safe + Sound Week (August 7-13, 2023), KTL will be featuring a series of articles and posts on our blog and social media (i.e., Facebook, LinkedIn, Twitter) reinforcing these concepts from OSHA and NSC and discussing why businesses should invest in safety. Topics will include the following:

• Speaking safety
• Lone worker safety
• Heat stress
• Safety Management Systems (SMS)
• Root cause analysis

Watch for these articles! For more information on what your organization can do to participate and promote a strong safety culture, visit the websites for OSHA Safe + Sound Week and NSC National Safety Month.

According to the World Health Organization (WHO), foodborne diseases affect 1 in 10 people worldwide each year. Safe food is a key contributor to reducing these foodborne illnesses and other poor health conditions, including impaired development, micronutrient deficiencies, noncommunicable and communicable diseases, and mental illnesses. Only when food is safe can we fully benefit from its nutritional value.

FAO Strategic Priorities for Food Safety

In March 2023, the Food and Agriculture Organization of the United Nations (FAO) published its Strategic Priorities for Food Safety 2022-2031 to “support members in continuing to improve food safety at all levels by providing scientific advice and strengthening their food safety capacities for efficient, inclusive, resilient and sustainable agrifood systems.”  

The Strategic Priorities document is structured around four strategic outcomes:

• Governance (intergovernmental and intersectoral) is coordinated and reinforced at all levels.
• Scientific advice and evidence provide the foundation for decisions made about food safety.
• National food control systems are continually strengthened and improved by supporting members in:
  • Evaluating food control systems, identifying needs, and designing programs.
  • Developing and transitioning economy countries to participate in Codex Alimentarius work.
  • Developing and updating food safety standards, legal frameworks, government policies, and operational procedures and guidelines.
  • Generating relevant food safety data to reflect the national situation.
  • Implementing technology developments in food control and food safety management.
• Public-private partnerships along the food chain are being fostered to ensure food safety management and controls.

World Food Safety Day

On June 7, countries around the globe celebrated World Food Safety Day, focusing this year on “Food Standards Save Lives” as the theme. Established by the United Nations General Assembly in 2018, World Food Safety Day is an annual observation intended to mobilize action to prevent, detect, and manage foodborne risks and improve human health. The WHO and the FAO jointly facilitate the observance of World Food Safety Day.

This year’s theme coincides with the 60th anniversary of Codex Alimentarius, a collection of food standards, guidelines, and codes of practice that encourage governments and food safety advocates around the world to focus on the importance of applying safety standards.

Along with WHO and FAO, the U.S. Food and Drug Administration (FDA) is calling on everyone to join in the efforts to ensure safe food for all. Check out FDA’s information on ways to reduce foodborne illnesses and the Guide to World Food Safety Day 2023 for ideas on how you can participate in World Food Safety Day every day.

KTL is pleased to introduce our newest team members:

Estefania Lopez, Consultant, is an FSQA professional with nearly 10 years of experience working in the food industry. She is an SQF Practitioner and PCQI with specialized expertise in managing supplier and manufacturer compliance with state and federal food safety regulations, certification standards, supplier requirements, and internal programs. In addition, Estefania has significant laboratory experience conducting nutrient, chemical, environmental, and sensory testing. She is based in California.

Victoria Gutierrez, Consultant, is an FSQA professional with experience working across many areas of the food and beverage industry, including supply chain, distribution, and retail. She has working knowledge of FDA and USDA food safety regulations and GFSI certification standards. Victoria has experience developing and implementing digital platforms and IT systems to help manage food safety programs. She excels at finding IT solutions to improve data management and create operational efficiencies. She is based in Iowa.

Kyle Weiher, Consultant, is a Power Platform Developer with experience developing and implementing digital platforms and IT solutions to help clients manage business processes and improve performance, reliability, and compliance. Kyle is expert in various IT systems (e.g., Microsoft® SharePoint, Power Apps, Power Automate, Dataverse) and has been involved in the design, development, and implementation process of building out Power Platform solutions. He is based in Wisconsin.

Functionality: What does it do?

Certification standards are designed to ensure an organization’s customers, suppliers, and stakeholders that its products/services meet best practices. Each of these standards (e.g., ISO, GFSI, industry-specific) has a set of requirements that must be met to achieve certification. An electronic standards register organizes all of an organization’s standards requirements into an online tool, allowing for better management, tracking, and overall compliance.

Benefits: Why do you need it?

An electronic standards register:

• Assists with compliance demonstration and document control by allowing mapping of documents to specific certification standard requirements.
• Facilitates activities during remote or onsite audits.
• Ensures standard version support during future updates.
• Identifies common requirements and allows documentation to be linked between standards, as needed.
• Allows the internal audit team to complete and keep notes for the internal audit.

Technology Used

SharePoint

The National Bioengineered Food Disclosure Standard defines bioengineered foods (a/k/a genetically modified organisms (GMOs)) as “foods that contain detectable genetic material that has been modified through certain laboratory techniques and for which the modification could not be obtained through conventional breeding or found in nature.”

Genetic engineering allows scientists to take a beneficial gene (e.g., insect resistance or drought tolerance) and transfer it to a plant. Genetic modifications can create many desirable results, including higher crop yields, less crop loss, longer storage life, better appearance, enhanced nutritional value, or some combination thereof.

Genetic engineering can also be used to create a plant-based protein. The Food and Drug Administration (FDA) is aware that some developers are now exploring transferring genes for proteins that are known food allergens (including the “Big 9”) into new plant varieties for foods. Managing this introduction of food allergens into bioengineered food is a significant concern.

Regulatory Framework

The FDA, Environmental Protection Agency (EPA), and U.S. Department of Agriculture (USDA) work together to ensure bioengineered foods are as safe and healthful for humans, plants, and animals—or even more so—as their non-GMO counterparts.

• FDA ensures those who produce, process, store, ship, or sell bioengineered foods or foods with bioengineered ingredients meet the same food safety standards as all other foods. FDA’s voluntary Plant Biotechnology Consultation Program allows developers to work with FDA on a product-by-product basis to evaluate the safety of bioengineered foods before they enter the market. 
• EPA regulates the safety of the substances that protect bioengineered plants to make them resistant to insects and disease and monitors all types of pesticides used on crops.
• USDA Animal and Plant Health Inspection Service (APHIS) establishes regulations to ensure bioengineered plants do not harm other plants.

Warning Letter

In April 2023, FDA issued a letter to developers and manufacturers who intend to transfer genes for proteins that are known food allergens into new plant varieties for foods. The letter serves as an important reminder that developers of these new plant varieties are obligated to make sure the products they market are safe for consumers and implement all measures needed to comply with the Food, Drug, and Cosmetic (FD&C) Act.

If not appropriately managed, the development of these plants could result in the presence of an unexpected allergen in the bioengineered food product. And if an unexpected allergen enters the food supply, there is real risk of a severe or even life-threatening allergic reaction and, subsequently, needing to recall affected products.

Early Actions

The FDA implores, “We are specifically reminding those developers who are now exploring development of these types of plant varieties of their responsibility for food safety. In particular, we are reminding them to consider the allergenicity issues related to their products, and how they would be stewarded from production to manufacturing to consumption so that they do not inadvertently or unexpectedly enter the food supply.”

The FDA is asking developers to consider the food safety risks posed by such allergens and to plan early in development to manage those risks. Developers who intend to create these plant varieties using proteins that are food allergens need to:

• Take advantage of the Plant Biotechnology Consultation Program early in the development process to ensure new varieties meet FD&C Act requirements and consumers are protected.
• Develop a robust risk management plan that includes significantly stronger mitigation strategies and practices (e.g., crop segregation) to provide assurance that foods containing the transferred allergen are not mixed with other foods.
• Consider whether the entire supply chain can maintain appropriate conditions to prevent allergens from inadvertently entering the food supply.
• Properly label bioengineered foods by declaring the presence of an allergen on the food label.

The most effective way to respond to an emergency is to properly plan for it before it happens. That’s precisely why so many federal, state, and municipal laws and regulations require many facilities to develop and implement some sort of Emergency Response Plan (ERP).

Effective Emergency Response

An ERP is intended to outline the steps an organization needs to take in an emergency—and after—to protect workers’ health and safety, the environment, the surrounding community, and the business itself. The requirements developed by various agencies are important, as they establish the components that must be included in an ERP to comply with regulations and respond effectively.

Most ERPs contain the same basic information. However, it can get complicated when a facility is subject to more than one regulation requiring an ERP, because even though the various regulations share many similarities, they also contain important differences (e.g., command structures, training requirements, equipment needs, operating protocols). Often, facilities end up creating a different ERP to respond to the different regulatory requirements. In an actual emergency, this can create inconsistencies or, worse yet, an implementation nightmare trying to figure out which ERP to follow.

Importance of Integration

The solution lies in integration. For example, consider an integrated management system that allows organizations to align standards, find common management system components (e.g., terminology, policies, objectives, processes, resources), and add measurable and recognizable business value. The same can be done with the various ERPs required within a facility.

It shouldn’t come as a surprise that in 1996, the U.S. National Response Team (NRT) published initial guidance for consolidating multiple ERPs into one core document. The Integrated Contingency Plan (ICP or One Plan) is a single, unified ERP intended to help organizations comply with the various emergency response requirements of the Environmental Protection Agency (EPA), U.S. Coast Guard, Occupational Safety and Health Administration (OSHA), Department of Transportation (DOT), and Department of Interior (DOI). The ICP Guidance does not change any of the existing requirements of the regulations it covers; rather, it provides a format for consolidating, organizing, and presenting the required emergency response information.

While the ICP does not currently incorporate all federal regulations addressing emergency response, it does establish a basic framework for organizations to pull in ERPs for any applicable regulations. And the benefits of doing so are many:

• Streamlined planning process. A single document simplifies the planning, development, and maintenance process. When plans are integrated, it minimizes duplication of effort, eliminates discrepancies and inconsistencies, and helps the organization identify and fill in gaps.
• Improved emergency response. It is much easier—and faster—for emergency responders and employees to navigate one plan rather than multiple separate ones. One plan allows for a single command structure with defined roles rather than potentially conflicting responsibilities. This all allows responders to act quickly and decisively to minimize potential disruption to the organization and public.
• Greater compliance. An integrated ERP provides improved visibility to all parts of the organization’s emergency response and helps reveal gaps that could prove costly and/or dangerous. This is especially important for organizations that must comply with several regulations.
• Potential cost savings. Streamlined and simplified planning reduces the resources required to build the plan. An integrated ERP may also help eliminate regulatory fines and minimize the need for and associated costs of emergency response/cleanup efforts.

Find Your Format

The goal of an integrated ERP is not to create new requirements but to consolidate existing concepts into a single functional plan structure. Regardless of what the plan looks like, it should start with:

1. An assessment of the facility’s vulnerabilities to various emergency situations.
2. An understanding of the various applicable emergency planning laws and regulations to determine which specific requirements must be incorporated. For example, food emergency response has different implications that must be integrated, particularly when it comes to recovery. A food production facility that is ordered or otherwise required to cease operations during an emergency may not reopen until authorization has been granted by the regulatory authority. Food facilities also have strict guidelines to follow for salvaging, reconditioning, and/or discarding product.

With this understanding, the ERP should then comprise step-by-step guidelines for addressing the most significant emergency situations. The core plan should be straightforward and concise and outline fundamental response procedures. More detailed information can be included in the annex. Most ERPs should include the following basic elements:

• Facility information. Consolidate common elements required in various plans, including site description, statement of purpose, scope, drawings, maps, roster of emergency response personnel, emergency response equipment, key contacts for plan development and maintenance, etc.
• Steps to initiate, conduct, and terminate a response. Outline essential response actions and notification procedures, with references to the annex for more detailed information. Provide concise and specific information that is time-critical in the earliest stages of the response and a framework to guide responders through key steps to deliver an effective response.
• Designated emergency responders. Develop a single command structure for all types of emergencies. Assign qualified, high-level individuals who are familiar with emergency procedures to fill emergency roles. In addition, list the appropriate authorities for specific emergencies, as well as their contact information.
• Evacuation plan/routes and rally points. Clearly mark evacuation routes and identify rally points where employees should meet upon exiting. Do not allow employees to leave designated rally points until it has been documented they have safely left the building.
• Data and information backup technology. Develop provisions for data backup to secondary/off-site systems, as well as alternate options for communications and power.  
• Designated plan for communication. Outline who is communicating what, when they are communicating it, and how it is being communicated. This includes internal communication, as well as communication to customers/clients/suppliers/vendors that may be impacted, the media, and the appropriate regulatory authorities.
• Supporting materials. The annex should provide detailed support information based on the procedures outlined in the core plan and required regulatory compliance documentation. Importantly, facilities should create a table that cross-references individual regulatory requirements with the plan to ensure there are no gaps and to demonstrate compliance.

Ensuring Success

The goal of emergency response planning is to minimize impacts to the environment and workers’ health and safety, as well as disruptions to operations. An integrated ERP has the potential to significantly reduce the number of decisions required to respond in an emergency, eliminate confusion and disagreement regarding roles and responsibilities, and enable a timelier, more coordinated response.

That all being said, an integrated ERP will only be effective if it is thoroughly and consistently communicated to all employees. These best practices will help ensure that the integrated ERP functions not only on paper, but also in practice:

• Periodic training is vital to ensure employees understand the ERP and are fully aware of emergency response procedures. It is especially important in an integrated ERP that first responders are trained to handle all potential emergencies rather than more narrowly trained on response for a single regulation.
• Routine drills significantly improve understanding of the ERP, clarify employee roles, test procedures to ensure they work, and diminish confusion during an emergency.
• Posting an abbreviated version of the ERP throughout the plant provides easy access to all employees if an emergency occurs. This summary version of the ERP should highlight the most vital information for quick response: recognized hazards, high-level emergency procedures, evacuation routes, and key contacts.

Since corporations do not act independently, the only way to hold them accountable for a violation and to enforce the law is to hold corporate directors who are responsible for the violations accountable. They may be held to the same standard as the corporation in terms of accountability (United States v. Park, 421 U.S. 658 (1975)).

The Park Doctrine—also known as the Responsible Corporate Officer (RCO) Doctrine—imposes strict, vicarious criminal liability upon RCOs for misdemeanor Food, Drug, and Cosmetic (FD&C) Act violations. The word vicarious is important, because it means RCOs can be penalized without having personally participated in the violation, having been an accessory to it, or even being aware of it. And recently, there have been increasing cases of holding corporate leaders accountable for food safety issues that negatively impact public health.

Setting Precedent

A legal doctrine is a set of rules or principles typically established through legal precedent that courts widely follow. The following two landmark cases set the precedent for the Park Doctrine.

The Park Doctrine has its roots in a 1943 Supreme Court case—United States v. Dotterweich. In this case, the jury determined that Dotterweich, as President of the company, was guilty of FD&C Act violations because he shared in the responsibilities related to the transaction of mislabeled product, even though he had no knowledge of the violation. With this decision, the Court held that individuals could be held criminally liable for the company’s FD&C Act violations.

1975 marks the Supreme Court decision on the United States v. Park. In this case, Park (the President and CEO of a national retail food chain) knew about a rat infestation issue but delegated responsibility to employees to resolve the issue. When it was not resolved by the FDA’s inspection, Park and the company were both charged with FD&C Act violations for introducing adulterated food into interstate commerce. Again, the Court maintained that RCOs are held to strict accountability standards, and—very importantly—liability does not require proof of negligence, intent, involvement, or even awareness of wrongdoing. Rather, liability is based solely on the RCO’s role and responsibilities. Park had a duty to remedy the violations and to implement measures to prevent them—he did neither.

Park Doctrine Criteria

In January 2011, the Food and Drug Administration (FDA) published criteria for recommending Park Doctrine prosecutions that factor in the individual’s position in the company, his/her relationship to the violation, and whether the RCO had the authority to correct or prevent the violation. Specific factors under consideration also include the following:

• Whether the violation involves actual or potential harm to the public.
• Whether the violation is obvious.
• Whether the violation reflects a pattern of illegal behavior and/or failure to heed prior warnings.
• Whether the violation is widespread.
• Whether the violation is serious.
• The quality of the legal and factual support for the proposed prosecution.
• Whether the proposed prosecution is a prudent use of Agency resources.

Holding Individuals Accountable

A broad theme in law enforcement these days is holding individuals accountable, said Mary El Riordan, Senior Counsel in the Administrative & Civil Remedies Branch of the U.S. Department of Health and Human Services Office of Inspector General (HHS OIG). Million-dollar settlements do not change behavior, but holding individuals accountable does.

On September 15, 2022, the Department of Justice (DOJ) released the Monaco Memo, affirming its focus on holding individuals accountable. Deputy Attorney General Lisa O. Monaco stated in her address that the DOJ’s top priority for corporate criminal enforcement is going after individuals who commit and profit from corporate crime. The Monaco Memo is fundamentally about individual accountability and corporate responsibility and represents a desire on the part of the DOJ and FDA to use the Park Doctrine to increase the numbers of criminal convictions of RCOs. 

Proactively Mitigating Risks

It is clear the DOJ and FDA are taking an increasingly aggressive stance and prosecuting more RCOs, even without knowledge or intent to commit a violation. In the case of the Price Doctrine, it is a crime to do nothing. It is ultimately the RCO’s duty to be aware of, prevent, and address potential violations.

To do so, there are several best practices companies can take to proactively mitigate risk:

• Implement and maintain an integrated management system (i.e., quality, food safety) to help identify compliance obligations and manage risks through an organized set of policies, procedures, practices, and resources.
• Conduct internal audits. Audits provide an essential tool for continually improving and verifying compliance performance. Routine audits should ensure policies and procedures are being followed and identify concerns before they become major violations.
• Engage in regular monitoring activities. Regular environmental monitoring that focuses heavily Zones 1 and 2 (i.e., food contact surfaces and surfaces directly adjacent to food contact surfaces, respectively) is vital to preventing foodborne illnesses.
• Establish clear roles and responsibilities for all employees, including leadership. Provide training for RCOs on the Park Doctrine so they clearly understand their duties and obligations.
• Resolve corrective and preventive actions (CAPAs) immediately. CAPAs are those actions an organization takes to make improvements and/or eliminate causes of non-conformities. Failure to conduct a CAPA may be considered a major non-conformance.
• Create a culture that encourages employees to speak freely when there are issues. Food safety culture is being integrated more completely and significantly into many of the Global Food Safety Initiative (GFSI)-benchmarked food safety certification standards to encourage widespread adoption.
• Be responsive and work with the FDA. The FDA sends warning letters to companies in violation of the FD&C Act (see example 2022 Warning Letter). The letter specifically outlines the required response and related consequences: You are responsible for investigating and determining the causes of the violations identified above and for preventing their recurrence or the occurrence of other violations. It is your responsibility to ensure your facility complies with all requirements of federal law, including FDA regulations. You should take prompt action to correct or implement corrections to the violations cited in this letter. Failure to do so may result in legal action without further notice, including, without limitation, seizure, injunction, or administrative action for suspension of food facility registration if criteria and conditions warrant.

Functionality: What does it do?

Corrective and preventive actions (CAPAs) are those actions an organization takes to make improvements and/or eliminate causes of non-conformities. The CAPA Tracking Log records, assigns, and tracks CAPAs to closure. This is important, as failure to implement and close a CAPA may be considered a major non-conformance.

KTL’s CAPA Tracking Log also tracks recommendations to improve. Unlike CAPAs, recommendations do not correct a non-conformance; rather, they are suggestions to refine or improve processes.

Benefits: Why do you need it?

The CAPA Tracking Log provides the following:

• Records, assigns, and tracks CAPAs to closure.
• Assigns tasks to specific team members.
• Communicates due dates and sends notifications when tasks are overdue.
• Facilitates verification of completed activities and associated documentation.
• Prevents the occurrence and/or recurrence of issues.
• Optimizes processes and ensures that deliverables are free from defects and other non-conformities. 

Technology Used

• SharePoint
• Power Automate