How Do I Write a Food Safety Plan?

Congratulations! You are looking for expert help in writing a food safety plan, and you found ConnectFood. ConnectFood developed software for an on-line food safety plan builder with you in mind, every step of the way. You are not alone. Behind the screen there is a cadre of food safety experts to help you. Through our knowledge, experience, and connections, we can help you write your food safety plan quickly. I have known Matthew Botos, CEO of ConnectFood, since 2000. I know Matthew to work tirelessly for the food industry, to travel worldwide for training and helping the food industry, and to network with government agencies from local to federal.

FDA recently published their on-line food safety plan builder for food manufacturers. Like usual, FDA is late to the party and behind industry. I have worked alongside some fine people at FDA. They work hard to steer a huge, government system. Like the Titanic, reaction time is slow and often too late.

ConnectFood has been working with the food industry to write food safety plans for over three years. My biggest concern for companies writing their food safety plans is getting their questions answered in a timely fashion. FDA has a Technical Assistance Network (TAN) which will answer questions on the rule only. Don’t expect an answer within 24 hours. At FDA pace, it would take months to write a single food safety plan. If the question is outside the realm of the rule, companies will be referred to the Food Safety Preventive Controls Alliance (FSPCA) TAN. Matthew, ConnectFood Experts, and I have access to members of the FSPCA TAN too.

Getting questions answered is one of the reasons that a Preventive Controls Qualified Individual (PCQI) is required to supervise the writing of a food safety plan. Do you know who is a PCQI? Matthew Botos, CEO of ConnectFood, and I are. Not only are we PCQIs, but we are also Lead Instructors of the workshop for PCQIs. Matt Botos also is a Trainer of Trainers. Collectively, we have delivered over 50 PCQI workshops since the end of 2015. It is pretty safe to say we know the rule. Matthew is a food engineer, and I am a food microbiologist. Along with our network of food safety experts, ConnectFood has you covered. The ConnectFood software is a cost-effective method to get your food safety plan written. ConnectFood continues to develop cutting-edge easy-to-use software for an on-line food safety plan builder that can be used to showcase food safety either on-line or printed out to be shared with clients or regulators.

ConnectFood is not just for food manufacturing. Restaurants are using the ConnectFood software to build their Hazard Analysis and Critical Control Points (HACCP) plan. While the application is a bit different, the process of building a HACCP plan is the same. ConnectFood is the perfect solution for chefs and our foodservice friends: restaurant food safety could look like HACCP, the important part is to know your product, ask yourself if you have any hazards, and have a good safety plan!.

The ConnectFood website has free resources, and the folks at ConnectFood are here to help! Contact us.

Kathy Knutson, Ph.D., Lead Instructor for Preventive Controls for Human Food (PCHF), Preventive Controls Qualified Individual (PCQI), and trained in prevention of Intentional Adulteration (IA). She has food safety expertise in microbiology, hazard analysis, and risk assessment. As a recovering academic, she resides in Green Bay home-of-the-Packers, Wisconsin with her brilliant husband and two handsome sons. Learn more about her consulting services at

Cyber Security; the Threat is Real but Manageable

I got my socks scared off me. It is really not surprising, because I was at a Food Defense workshop, by the way at my alma mater, the University of Minnesota. The day started out predictably and smoothly. In the afternoon things turned dark, when John Hoffman of the Food Protection and Defense Institute spoke about the challenge of cyber security in the food industry.

If you work in the food industry, think of every device you have that is connected to your company network and then every access point to the internet. There are hackers out there who can get in to your data, and they will, if you do not actively monitor and stop them. If you work for a large corporation, there is a hacker out there right now trying to get in to your system. The hacker may be hired by your competitor or a foreign government. They are not phishing; it is targeted hacking. Scared yet?

Let’s think about our devices. At every step from Receiving to Shipping there are electronic devices to document data and store information. Think of supplier information, warehousing records, lab data, batching, packaging codes. Can you access that data from anywhere on the network? Can you monitor data from home? If you can get on the network, so can a hacker. If I have your email address, can I guess the email address of the President or CEO? I actually did that once. It was easy. A colleague of mine had a new job, and I didn’t have his new email address yet. I looked on the website of the company to find email addresses of others and guessed his email. Easy.

Where do you have a security camera? Is the recording separate, so that no one can hack in? I don’t normally watch spy movies, but I have seen by-passing of security cameras in enough movies to know it is not a unique concept. One of my favorite movies, National Treasure, uses the override of a security camera to steal the Declaration of Independence.

Where is the electronic image stored? Who has access to not only the folder but the network where it is stored? Really think through how security cameras are used for recording images, monitoring of the data, storage of the data, and how are you going to be certain it is not hacked. You must have continuous monitoring for intrusion of the data.

Luckily, my colleague at ConnectFood, Chris Metz, ConnectFood’s CTO, had recently warned me to remain diligent on using a unique password for every account and using systems like LastPass to manage it. Also, one of the biggest mistakes companies make is the misconception that just because their files and trade secrets are on their local drives, they are safer than in cloud storage because they seem more tangible. This is unfortunately not true as many companies do not properly invest in proper encryption and firewalls to keep hackers or ‘backdoor’ viruses from accessing their files and are not able to detect an intrusion since they don’t have monitoring in place. Even though hacks of larger storage providers make the news in a more sensational way, the hacks of smaller systems of everyday companies happen far more frequently and rarely if ever get reported. Using 3rd party cloud storage providers for the majority of companies is still by far the best option to protect their data because of the large investments made by those providers in several tiers of security and intrusion detection. Armed with this mindset, I came to the food defense/Intentional Adulteration (IA) workshop in Minneapolis.

Matt Botos, ConnectFood CEO, developed a food defense program after 911 while Director of the Illinois Center for Food Safety and Technology. There was no government mandate then- just the need to protect the food supply. Now we have FSMA. The Intentional Adulteration rule is the seventh rule under FSMA to be enforced. Luckily, industry has time as enforcement dates start to roll out in 2019. Then, FDA intends to tack on an Intentional Adulteration inspection quick-check to a food safety plan audit and inspection. It will be years after 2019 and with appropriate funding before full Intentional Adulteration inspections will be done.

Watch this blog for more information. And as always, contact the folks at ConnectFood with your questions and food defense issues.

Dr. Kathy Knutson has food safety expertise in microbiology, hazard analysis, and risk assessment. As a recovering academic, she resides in Green Bay home-of-the-Packers, Wisconsin with her brilliant husband and two handsome sons. Learn more about her consulting services at