FSMA: Get Inspection-Ready with These Best Practices
20 October 2015 Melanie J. Neumann, J.D., M.S. Executive Vice President The Acheson Group
Although FDA immediately gained increased authority for records access upon the signing of the Food Safety Modernization Act (FSMA) in January 2011, some companies haven’t gotten the memo yet.
The following best practices will help food and beverage manufacturing facilities get inspection ready and offer guidance on how to push back if overreaching occurs.
- Keep a paper trail. Documentation and recordkeeping is crucial. Disclosure is relevant only to the documents that FDA is allowed to have, such as production documentation. This does not apply to proprietary/trade secret information (i.e., financials and recipes).
- Appoint a designated person to guide FDA during the inspection. This person should be the sole contact for all requests of documents, information, samples, etc., and accommodate requests for information from the inspector, as long as they are reasonable and in scope. This point person must have adequate training and experience in regulatory requirements and recent changes to have an awareness of what records inspectors are and are not technically authorized to review or access. If you are unsure of what the inspector is asking for at any point, we have a word of advice: Never speculate; always ask for clarification.
- Duplicate everything. If the inspector takes swabs or photos, shadow him/her and take duplicate swabs and/or photos so you have a record of what was taken by the agency. It’s another question whether to take the swabs to test or not—but at least have a replica of what the agency has so you have the same or very similar information.
- Engage legal if you feel that lines are being crossed. When you think inspectors have crossed the line into records to which they should not have access, it’s okay to respectfully state that you would like to speak with your legal counsel prior to disclosing the record. Make it clear you are not outright refusing to produce the document; rather that you are unsure what the company policy and/or regulation is on disclosure of that particular document/piece of information; and, as such, you wish to seek legal counsel prior to disclosing.
- If you do refuse outright to produce requested information, do so wisely. Inspectors are given clear guidance on what actions to take if met with refusals. Criminal provisions of the Act may be invoked but this is in the most egregious of cases. Some of the guidance relevant to inspectors that food companies should be aware of are stated in the FDA Inspector Inspection Manual and are included below to give you an idea of the response you may receive to an outright inspection refusal or refusal to allow copying of records:
- 2.6 – INSPECTION WARRANT. A refusal to permit inspection or a refusal to permit access to or copying of records may invoke criminal provisions of sections 301(e) and 301(f) of the FD&C Act [21 U.S.C. 331(e), (f)].
- However, as stated in 5.2.5, the request still needs to be fair and reasonable:
- 2.5 – INSPECTION REFUSAL. Refusal as used in your IOM means refusing to permit an inspection or prohibiting you from obtaining information to which FDA is entitled under the law. In the case of a refusal you must show your conduct was reasonable, fair, and you exercised reasonable precaution to avoid refusal. You must have shown your credentials and given the responsible individual a properly prepared and signed Notice of Inspection, FDA 482.
- 2.5.2 – Refusal to Permit Access to or Copying of Records. If management objects to the manner of the inspection or coverage of specific areas or processes, do not argue the matter but proceed with the inspection. However, if management refuses to permit access to or copying of any record to which you are entitled under law, call attention to Section 301(e) of the FD&C Act[21 U.S.C. 331] or applicable sections of the PHS Act. If management still refuses, proceed with the inspection until finished.
- Mark documents confidential/proprietary. Mark all documents and materials disclosed to the inspector as Confidential/Proprietary or Company Confidential Information if you wish to even attempt to maintain confidentiality and keep the information from being disclosed in a Freedom of Information Act (FOIA) release. If not marked as such, 483 information is generally discoverable through FOIA requests.
- Request your own FOIA. After the inspection, the FDA inspector will write a report called the Establishment Inspection Report (EIR). Best practice is for the company to submit a FOIA request for both a redacted (confidential information removed) and an unredacted copy of the EIR to ensure the information in the report matches the one that the inspector provided to the company. This is requested through the FDA Freedom of Information Office in Rockville, Maryland.
For more details on the topic, see Neumann’s blog, “How Do you Graciously Push Back in an FDA Inspection?”
Reprinted with permission. View original article here.
- If you don’t agree with a 483 item, it can be disputed/appealed. This is done in the standard 483 response in which a firm provides information on corrective actions it will take on issues that do need correcting. As stated in the FDA Field Directive No. 120, “The firm may request clarification, criticize FDA 483 items, disagree with the FDA 483, or raise other questions or issues. In these cases, the District will evaluate the firm’s information and send the District’s conclusion to the firm. A copy shall also be sent to the official establishment file.”
Melanie Neumann, J.D., M.S. is the Executive Vice President & Chief Financial Officer of The Acheson Group, a global food safety risk management, recall and crisis management consulting firm to the food and beverage industry. Melanie has over 17 years experience advising food and beverage companies leveraging her legal education and years as a food law attorney and Master’s degree in food safety to help industry clients understand legal and regulatory risks and requirements. This involves working with companies to find ways to manage risk by identifying cost- effective and risk-based strategies through an enterprise risk management lens in order to tackle the ever changing emerging risks and food safety-related regulations in the US and internationally.