IT Solutions for Food Safety Mangement

This is the pre-peer reviewed version of the following article:
George Howlett. IT Solutions for Food Safety Mangement, October 2012, which has been published in the final form at:

The last decade has seen a major shift in how the safety of our global food supply is managed. High profile food safety incidents have driven a regulatory response, increased consumer consciousness and placed new demands on food business operators.

This shift can be characterised by three key events, the first being the European Union’s (EU) 178 General Principles of Food Safety Regulation. Introduced in 2002, following the BSE and Belgium Dioxin incidents, this regulation represented a radical shake-up in how food businesses in the EU operated. It saw the introduction of the European Food Safety Authority (EFSA), risk assessments as the basis for all food regulatory decisions, the euro-wide rapid alert system and new obligations for food business operators.

The second key event is the emergence of the Global Food Safety Initiative (GFSI) as a core driver in defining what exactly constitutes an effective food safety management system. In May 2000, following a number of food safety incidents, the CEO’s of a group of international retailers identified the need to enhance food safety, ensure consumer protection and to strengthen consumer confidence. The result was the GFSI which sets the requirements for food safety schemes. GFSI benchmarks existing food standards against food safety criteria and looks to ensure these standards have the same core requirements. This facilitates mutual recognition between the requirements of participating standards thus avoiding duplication of audits. GFSI recognized standards include the SQF, BRC, IFS and FSSC 22000. These are rapidly becoming the standards for food certification and many food businesses are required to operate food safety to one of these approved schemes.

Finally, and more recently, is the signing into law in January 2011 of the FDA Food Safety Modernization Act (FSMA). It aims to ensure the US food supply is safe by shifting the focus of federal regulators from responding to contamination to preventing it. It represents a radical development of food safety law in the US and will have wide reaching impacts. The law will bring in changes in how the FDA manages food safety in the areas of prevention, inspection and compliance, food imports and food defense.

But what does all this mean? For Governments it means they are being reactive in order to protect the health of its citizens, and consumers can be assured that their political leaders and major food retailers are on the job. For food businesses, these events have proven to be a powerful motivator to invest in food safety systems to both protect the health of their customers and the value of their brands. However, the practical impact of these events on food businesses can be distilled down even further. In short, they all require food businesses to have in place a food safety plan.

For example, the EU 178 Regulation requires food business operators to identify and regularly review the critical points in their processes and ensure that controls are applied at these points. GFSI standards place HACCP at the core of the internal food safety management system. Moreover, the FSMA will require 165,000 domestic and 254,000 foreign food businesses to have in place a certified food safety plan and herein lays the challenge.

Regulators and retailers require a food safety plan to be implemented. On the face of it this appears to be a reasonable and straight forward requirement. For those on the coal face such as the food technologist, quality manager and consultant the difficulties presented on the ground are clear.

So, what is a food safety plan? Well, at its most basic level it is a written plan defining how a food business ensures the food it produces is both safe and legal. It is developed from a process whereby the management defines how it produces the food, what can go wrong in its production and how the company can detect this and then take action to prevent it reaching the consumer. This is a simple explanation for what in reality is a complex process described in the principles of Hazard Analysis Critical Control Point (HACCP). As any practitioner on the ground will tell you, this is just the beginning. Add to this the need to base your plan on scientific data, develop numerous pre-requisite programme (PRP’s), implement management systems, establish document control, train employees, conduct reviews, improve and revise, and pretty soon the food safety plan develops into a full blown management system requiring significant resources, time, investment and energy. Soon you are introduced to the newly created monster that is your food safety plan.

There is an amusing story about a man who is lost and seeks directions from a stranger he meets on the road. After enquiring about the best route to take to his final destination the stranger calmly informs the man “Well if it was me, I wouldn’t start from here!”

In defining what exactly is a food safety plan we must learn from the simple wisdom of the stranger and start from a different place and a more fundamental definition. A food safety plan is in essence a management process that collects, collates, analyzes and records data. In this sense it is no different from any other management process. This data drives management decisions, demonstrates compliance and is used as a tool to improve. Few would argue against the need for a clear legal and regulatory framework requiring those who produce and sell food products to have in place a robust food safety plan. The reasons are self-evident and supported by well documented events. Nonetheless, it would be hard to find a CEO in a food business that would support the application of significant resources or investment where there exists technology and tools to do the job smarter, quicker and better. After all, haven’t almost all other management processes within food businesses benefited from the introduction of information technology (IT) solutions? Who would dream of operating their financial accounting, human resources or payroll systems without the application of IT? Yet, the question arises; why has food safety management remained the poor relation in the family? Given that the majority of food safety plans are paper based (even in large blue chip food businesses) this is a question that deserves some consideration.

There are a number of reasons, many of which are beyond the scope of this article, however two stand out.

1. Traditional software solutions have not addressed the real needs of the local food safety practitioner. Enterprise software solutions have proven too costly for most food businesses, are sold in modules and are often generic in nature. Even when used the food company still needs to operate certain paper based systems to maintain compliance.
2. The lack of agreement on what exactly constitutes a food safety plan or management system has prevented development of a solution capable of meeting the needs of a global market.

In understanding that a food safety plan centres on data we are taking a step closer to supporting those individuals who will ultimately have to implement the worthy aspirations of regulators and retail buyers.

For example, in developing a HACCP plan the food safety manager must identify and collect data on hazards. This data must then be used to assess risk which again depends on good quality data, much of which is contained on various web based sources. Validating information and data must be generated for critical controls and records maintained to demonstrate compliance against the plan. Controlling potential hazards associated with sourcing suppliers and raw materials is another excellent example. Food businesses must collect significant volumes of data to qualify and monitor suppliers including HACCP plans, specifications, allergen data, questionnaires, audits and certificates. This situation can be replicated across the various other elements of a food safety plan.

Many of the requirements of food safety management are repetitive in nature, involve work flows that are well established and require routine actions. On the other hand, they are living, breathing systems that need to be revised on an on-going basis as new information and events come to light. Here again we see the role information and data play in meeting compliance.

All this lends itself well to the application of IT solutions. The obligations set out in global legislation and commercial standards will undoubtedly require acceleration in the development and use of IT. Two major changes make this a realistic possibility. The first is increasing agreement on what a food safety plan or system is. The GFSI has provided a global standard and framework under which food safety standards can align and this allows for the development of standard IT solutions. The second development is the emergence of web based or cloud technologies as a viable platform upon which these solutions can be delivered. Web technologies change the economics of software and allow enterprise solutions to be delivered and used by both large and small food companies. Software can be quickly updated and users can do work and maintain oversight anywhere in the world with a web enabled device.

When we approached the task of developing our web based software we solicited input from users such as food safety managers, consultants, auditors and retailers and from this defined a number of core principles. The software solution needed to be:

• easy to use, intuitive and meet the needs of the user (food safety manager).
• fully integrated addressing all the requirements of global food safety standards and embody best practice.
• capable of being updated quickly in line with changes in global food standards and regulations.
• designed around the needs of retailers, consultants, external inspectors and certification auditors.
• provide real time data on key food safety events such as recalls, outbreaks and changes in legislation.
• supported by real value adding and time saving enhancements.
• capable of allowing real-time monitoring of multiple production sites within a large corporate structure.
• allow users to access and work on their food safety systems remotely.
• able to generate pertinent reports quickly.

In May of 2011 we launched Safefood 360, a complete online food safety management system designed for food processing and service operations. It contained all the core principles as expressed by our users and was the product of a forensic analysis of global legislation and the GFSI. The solution is fully integrated covering the main pillars of a food safety plan including HACCP, PRP’s, Management and Documents. It has been designed to provide users with a readymade solution addressing food safety requirements and best practice yet is flexible enough to assimilate the specific requirements of local food businesses.

The last decade has indeed been a busy time in food safety management and more changes are on the horizon. Regulation is crucial for maintaining compliance standards in the industry but this is only part of the story. The food industry ultimately is responsible for ensuring its products are both safe and legal and the adoption of new web technologies will play both an increasing and positive role in meeting this challenge.

George Howlett

About the author

George Howlett is the CEO of Safefood 360° and one of Europe’s leading food safety experts. Before establishing Safefood 360° he worked at some of Ireland’s most prominent companies and brings the expertise with him. George also lectures in the MSc for Food Safety Management in the Dublin Institute of Technology.