Tag Archives: risk

Matt Engle
Soapbox

Insurers Must Play Catch-Up to Meet Cannabis Industry Needs

By Matt Engle
No Comments
Matt Engle

As the cannabis industry continues to grow, demand for insurance products is also increasing. While insurers have been cautious about entering a market that carries the stigma of a Schedule I drug, the cannabis industry is clamoring for insurance coverage options tailored to meet the needs of key players— distributors, growers, processors and retail dispensaries.

The escalating need for insurance products tailored to these cannabis business sectors has not expedited an increase in coverage offerings. The slow entry of insurance carriers into the cannabis sector can be tied to a reluctance to insure an industry with emerging and often unknown risks. This will begin to change as more information becomes available on what loss ratio trends look like in the cannabis industry.

For now, there is a wait-and-see stance held by insurance carriers. This presents a major concern for cannabis-related businesses that are subject to risk at every stage of the supply chain, with particular exposure for theft, general liability, crop loss, and product liability.some degree of crime and theft coverage is needed for these enterprises to help manage the risks associated with a cash-based business

Theft

For cannabis companies, the use of paper currency is a huge part of their risk exposure. Federal banking regulations have limited these businesses to dealing mostly in cash, which makes them a prime target for crime and fraud. Currently, only one carrier will insure coverage for cash and theft risk, and the policy is limited to $1 million for most risks. This is inadequate coverage since many operators have more than that amount on-site.

In states with legislation legalizing cannabis, the cannabis sector will be able to move away from operating in cash if Congress passes the Secure and Fair Enforcement (SAFE) Banking Act, which would protect financial institutions from liability for federal prosecution that could arise from servicing cannabis-related businesses authorized under state law. Until banking regulations give the cannabis industry the ability to operate as legitimate businesses with the stability and safety that would deter criminal activity, some degree of crime and theft coverage is needed for these enterprises to help manage the risks associated with a cash-based business.

General Liability

Cannabis-related businesses need the same general liability coverage as other businesses to protect their premises and operations from lawsuits involving public contact. However, standard general liability policies—which exclude Schedule I substances from coverage—were not created with cannabis businesses in mind. It is still difficult for these businesses to obtain adequate general liability as a result of the legal uncertainty associated with the industry.

Product Liability

Product liability exposures for cannabis businesses encompass a wide range of areas, including edibles, vaporizers, pesticides, mold/fungus, misrepresentation, label claims, breach of warranty, deceptive practices, and failure to warn.

A major area of exposure concerns accidents resulting from impairment. A cannabis cultivator, processor, distributor, or retailer potentially may be considered liable in the event a product defect results in injury after reasonable use or when label defects fail to warn users that a product may have psychoactive effects.

Another area of risk exposure involves products that contain THC, the psychoactive compound that gives cannabis users a high. As the number of THC-containing products such as edibles and tinctures increases, so does the potential exposure to product liability claims for manufacturers and retailers.

The California Cannabis Track-and-Trace (CCTT) system also has implications for product liability. The CCTT is a statewide system used to record the inventory and movement of cannabis and related products through the commercial supply chain. All state cannabis licensees, including those with licenses for cultivation, manufacturing, retail, distribution, testing labs and microbusinesses, are required to use this system. The product liability impact lies in its capacity to determine responsibility along the supply chain from seed to sale.

For example, if a plastic vape pen explodes, a product liability lawsuit could have repercussions for many touch points across the supply chain beyond the manufacturer of the pen–all of which can be identified through CCTT. Entities that touch cannabis products such as soil suppliers or delivery persons also have product liability risk exposure. Personal injury attorneys can find incident-related parties easily and determine liability. This makes it particularly important to add these parties to the policy as additional insureds to help reduce claims exposure.

Crop Loss

Another area of concern for risk exposure is crop loss. Crop insurance is generally hard to obtain due to the significantly different nature of cannabis crops compared to traditional crops like corn or soybeans.

Fires in Sonoma County devastated cannabis crops in Northern California back in 2017.

An indoor crop insurance policy covers cultivators when there is loss resulting from threats such as fire, theft, and sprinkler leakage. However, crop insurance policies generally do not cover losses resulting from mold, rot, disease, changes in climate, or fertilization issues. Many growers forgo this coverage and instead elect to absorb losses and regrow their crops.

Outdoor crop coverage is generally unavailable, or the cost is prohibitive. Any potential for writing outdoor crop insurance for the cannabis industry essentially disappeared as a result of the recent wildfires in California. These devastating fires highlighted the pressing need for property damage and business interruption coverage for growers and dispensaries and other downstream businesses whose supply was disrupted. This lack of available outdoor crop insurance is one of the more notable gaps in available cannabis business insurance coverage.

While cannabis businesses operating in states that have legalized medical and/or recreational cannabis use have challenges getting adequate insurance coverage, there is some good news on the insurance front for those in California. Last year, California’s insurance commissioner announced approval for carriers to offer insurance coverage specifically to cannabis businesses. The state also approved a cannabis business-owners policy (CannaBOP) program that provides a package policy containing both property and liability coverage for qualifying dispensaries, distributors, manufacturers, processors and storage facilities. Colorado is on the verge of being the second state to approve its version of a CannaBOP program.

While more insurance carriers are beginning to write cannabis coverage, the limited insurance options and policies with restrictive plans currently offered todaydo not meet the needs of the cannabis industry. Insurers must catch up to the coverage requirements of this sector by offering more options tailored to growers, retail dispensaries, processors and distributors with better terms and better pricing.

Soapbox

Third-Party Cannabis Safety Audits & How to Prepare in 7 Steps

By Tyler Williams
1 Comment

Unlike the food industry, the cannabis industry is still in its infancy. Which means there is not a push from retailers demanding cannabis farmers, extractors or manufacturers to get third-party audits. In fact, most grow operations supply into their own dispensaries. So why should a cannabis farmer, extractor or manufacturer get a third-party audit? Third-party audits are crucial to maintaining product safety and quality by providing a third set of eyes to verify what is working and what is not. Besides regulatory requirements and customers requiring your facility to get a third-party audit, there are numerous other benefits to receiving an audit. Some of these benefits include:

  • Improvement to product safety
  • Improvement to product quality and consistency
  • Meeting regulatory compliance
  • Eliminating potential risks and possible recalls
  • Marketing advantages over competitors who are not audited by a third-party
  • Improvement to consumer confidence and an increase to brand loyalty

How to Prepare for a Third-Party Audit

Working for a certification body, I am in the unique position to see numerous sites go through the certification process. In this position I have seen both extremes: Sites that spend 6-8 months and a lot of resources preparing for an audit, as well as sites that wait until the day before to even look at the audit standard. Unfortunately, the latter is almost always going to fail the audit. Here are seven steps for preparing for your next third-party audit.“By failing to prepare, you are preparing to fail.”– Benjamin Franklin

  1. Start Preparing Early

Think of your third-party audit as a college exam one month away. You could start studying for the exam now and get a real understanding of the material or you could wait until the day before to start your no-sleep, energy drink-fueled, 24-hour cram session. We all know which preparation method will get a better score on the exam. Now let’s apply that same strategy to your third-party audit. Once you have decided what audit is best for your site and have those specific standards in your hand, the clock starts ticking and you should already be preparing for the audit, whether it is one month or six months away.

  1. Get Management Commitment

It is essential to the entire cannabis safety and quality system to have commitment from top down. Without this, the site will not get the resources (people, equipment, money, time, etc.) they need to pass a third-party audit. Management commitment is so important that it is often seen as its own section in most modern audit standards. It is very easy for third-party auditors to identify when there is a lack of management commitment in a site. Therefore, if you don’t get management commitment, then you are already starting off the audit on a bad note.

  1. Create a To-Do-ListGMP

Think of the entire audit checklist or standard as your long to-do list. Some things, like attaining a certificate of analysis (COA) from a supplier, may only need to be done annually. While other things, such as ensuring employees are following Good Manufacturing Practices (GMPs), will need to be done continuously throughout day to day operations. Go through the audit checklist and separate what needs to be done annually, semiannually, quarterly, monthly and continuously throughout day to day operations. This will give you a list with all of the frequencies of each different requirement.

  1. Teamwork“Teamwork makes the dream work, but a vision becomes a nightmare when the leader has a big dream and a bad team.” – John C. Maxwell

The preparation of an audit should never rest on the shoulders of one person. Yet this is something I tend to see too often in both food and cannabis facilities alike. Your site should establish a cannabis safety and quality team of multidiscipline personnel that have an impact on product safety and quality. Once the team is established, various tasks from the to-do-list can be disbursed among all the members of the team. Collaboration is key to successfully preparing for a third-party audit, especially when the timelines are very stringent.

  1. Training

Training is essential to preparing for your third-party audit. This is what closes the gaps between what the safety and quality department have developed and what your front-line employees are applying. All employees should know what part of the audit standard applies to them. Additionally, employees should be trained on interview questions that the auditor might ask them during the audit. Helping them prepare for these types of questions will help ease their nerves and allow them to answer the questions with self-assurance when it comes time to the actual audit.

  1. Conduct Internal Audits

Conducting internal audits is not only a great way to prepare for your third-party audit, it’s a requirement. You should always use the audit checklist to observe your documents and facility to see where there are gaps. If possible, the person or team conducting the internal audit should never review their own work. Additionally, all issues or non-conformances should be noted, evaluated, corrected and closed out.

  1. Third-Party Pre-Assessment or Mock Audit (Optional)

A third-party pre-assessment or mock audit is the closest thing you can get to an actual audit. This is where a company would come in and evaluate your site to the specific standards and give a formal report over any deficiencies found during the assessment and how to fix them. This is a great way to test your preparedness before the actual audit.

The New ISO/IEC 17025:2017: The Updated Standard

By Ravi Kanipayor, Christian Bax, Dr. George Anastasopoulos
No Comments

As state cannabis regulatory frameworks across the country continue to evolve, accreditation is becoming increasingly important. Because it provides consistent, turnkey standards and third-party verification, accreditation is quickly emerging as an important tool for regulators. For cannabis testing laboratories, this trend has been especially pronounced with the increasing number of states that require accreditation to ISO/IEC 17025.

As of 2017 there were nearly 68,000 laboratories accredited to ISO/IEC 17025, making it the single most important benchmark for testing laboratories around the world. ISO/IEC 17025:2005 specifies the general requirements for the competence to carry out tests including sampling. It covers testing performed using standard methods, non-standard methods and laboratory-developed methods. It is applicable to all organizations performing tests including cannabis labs. The standard is applicable to all labs regardless of the number of personnel or the extent of the scope of testing activities.  Developed to promote confidence in the operation of laboratories, the standard is now being used as a key prerequisite to operate as a cannabis lab in many states.

There are currently 26 states in the United States (also Canada) that require medical or adult-use cannabis to be tested as of February 2019. Of those states, 18 require cannabis testing laboratories to be accredited – with the vast majority requiring ISO/IEC 17025 accreditation. States that require testing laboratories to attain ISO/IEC 17025 accreditation represent some of the largest and most sophisticated cannabis regulatory structures in the country, including California, Colorado, Maryland, Massachusetts, Michigan, Nevada and Ohio. As a consequence, many cannabis testing laboratories are taking note of recent changes to ISO/IEC 17025 standards.

ISO/IEC 17025 was first issued in 1999 by the International Organization for Standardization. The standard was updated in 2005, and again in 2017. The most recent update keeps many of the legacy standards from 2005, but adds several components – specifically requirements for impartiality, risk assessment and assessing measurement uncertainty. The remainder of this article takes a deeper dive into these three areas of ISO/IEC 17025, and what that means for cannabis testing laboratories.Objectivity is the absence or resolution of conflicts of interest to prevent adverse influence on laboratory activities.

Impartiality

ISO/IEC 17025:2005 touched on an impartiality requirement, but only briefly. The previous standard required laboratories that belonged to organizations performing activities other than testing and/or calibration to identify potential conflicts of interest for personnel involved with testing or calibration. It further required that laboratories had policies and procedures to avoid impartiality, though that requirement was quite vague.

ISO/IEC17025:2017 emphasizes the importance of impartiality and establishes strict requirements. Under the new standard, labs are responsible for conducting laboratory activities impartially and must structure and manage all laboratory activities to prevent commercial, financial or other operational pressures from undermining impartiality. The definitions section of the standard defines impartiality as the “presence of objectivity.” Objectivity is the absence or resolution of conflicts of interest to prevent adverse influence on laboratory activities. For further elaboration, the standard provides similar terms that also convey the meaning of impartiality: lack of prejudice, neutrality, balance, fairness, open-mindedness, even-handedness, detachment, freedom from conflicts of interest and freedom from bias.

To comply with the new standard, all personnel that could influence laboratory activities must act impartially. ISO/IEC 17025:2017 also requires that laboratory management demonstrate a commitment to impartiality. However, the standard is silent on how labs must demonstrate such commitment. As a starting point, some cannabis laboratories have incorporated statements emphasizing impartiality into their employee handbooks and requiring management and employee training on identifying and avoiding conflicts of interest.

Risk Assessment

Both the 2005 and 2017 versions contain management system requirements. A major update to this is the requirement in ISO/IEC 17025:2017 that laboratory management systems incorporate actions to address risks and opportunities. The new risk-based thinking in the 2017 version reduces prescriptive requirements and incorporates performance-based requirements.

Under ISO/IEC 17025:2017, laboratories must consider risks and opportunities associated with conducting laboratory activities. This analysis includes measures that ensure that:

  • The lab’s management system is successful;
  • The lab has policies to increase opportunities to achieve its goals and purpose;
  • The lab has taken steps to prevent or reduce undesired consequences and potential failures; and
  • The lab is achieving overall improvement.

Labs must be able to demonstrate how they prevent or mitigate any risks to impartiality that they identify.To comply with ISO/IEC 17025:2017, labs must plan and implement actions to address identified risks and opportunities into management systems. They must also measure the effectiveness of such actions. Importantly, the standard requires that the extent of risk assessments must be proportional to the impact a given risk may have on the validity of the laboratory’s test results.

ISO/IEC 17025:2017 does not require that labs document a formal risk management process, though labs have discretion to develop more extensive methods and processes if desired. To meet the requirements of the standard, actions to address risks can include sharing the risk, retaining the risk by informed decision, eliminating the risk source, pinpointing and avoiding threats, taking risks in order to pursue an opportunity, and changing the likelihood or consequence of the risk.

ISO/IEC 17025:2017 references “risks” generally throughout most of the standard. However, it specifically addresses risks to a laboratory’s impartiality in section 4.1. Note, the new standard requires that labs must not only conduct activities impartially, but also actively identify risks to their impartiality. This requirement is on-going, not annually or bi-annually. Risks to impartiality include risks arising from laboratory activities, from laboratory relationships, or from relationships of laboratory personnel. Relationships based on ownership, governance, shared resources, contracts, finances, marketing, management, personnel and payment of a sales commission or other inducements to perform under pressure can threaten a laboratory’s impartiality. Labs must be able to demonstrate how they prevent or mitigate any risks to impartiality that they identify.

Assessing Measurement Uncertainty With Decision Rules

ISO/IEC 17025:2005 required (only where necessary and relevant) test result reports to include a statement of compliance/non-compliance with specifications and to identify which clauses of the specification were met or not met. Such statements were required to take into account measurement uncertainty and if measurement results and uncertainties were omitted from the statement, the lab was required to record and maintain the results for future reference.

ISO/IEC 17025:2017 requires similar statements of conformity with an added “decision rule” element. When statements of conformity to a specification or standard are provided, labs must record the decision rule it uses and consider the level of risk the decision rule will have on recording false positive or negative test results. Like the 2005 version, labs must include statements of conformity in test result reports (only if necessary and relevant- see 5.10.3.1 (b)). Now, test result reports on statements of conformity must include the decision rule that was employed. 

Moving Forward

Because many states require ISO/IEC 17025 accreditation for licensing, cannabis testing labs across the country would be well advised to closely monitor the implications of changes in ISO/IEC 17025:2017 related to impartiality, risk assessment and measurement uncertainty. If you run a cannabis testing lab, the best way to ensure compliance is education, and the best place to learn more about the new requirements is from a globally recognized accreditation body, especially if it is a signatory to the International Laboratory Accreditation Cooperation (ILAC) for testing laboratories, calibration laboratories and inspection agencies.


References

Facts & Figures

ISO/IEC 17025:2005: General requirements for the competence of testing and calibration laboratories

ISO/IEC 17025:2017: General requirements for the competence of testing and calibration laboratories 

Blockchain Controversies Continue To Rock The Cannabis Industry

By Marguerite Arnold
2 Comments

Disclaimer: Marguerite Arnold is the founder of MedPayRx, a blockchained ecosystem that does not use utility tokens, and that is currently going to pilot in Europe designed to eliminate such risks.


As reported here in Cannabis Industry Journal last year in a three part series, there are considerable dangers of utilizing blockchain in the cannabis industry (as well as other industry sectors) that directly affect all commercial operators as well as consumers of both the recreational and medical kind. These remain largely unsolved.

These include regulatory and compliance issues in every direction, starting with banking and securities law, but also include privacy and consumer protections. They also fly in the face of regulations imposed by governments to control inflation, set prices for medications and food, and prevent monopolies.

Beyond that, they also pose considerable if so far unexamined liabilities for businesses operating in this space (including uncontrollable volatility in basic business operations) that very much impact the basic cost of doing business.As of the beginning of this year, however, the situation is back in the news. 

The Skinny On Paragon
As of November last year, the company was sanctioned by the SEC in a precedent setting case on the issue of whether “utility tokens” are securities or not. In fact, the SEC found that Paragon illegally marketed and distributed digital securities under the false pretension that they were not securities. Paragon, in turn, reached a settlement with the SEC that it would return any funds received by investors prior to October 15, 2017 and pay a fine to the SEC.

As of the beginning of this year, however, the situation is back in the news. Because of the settlement agreement, it appears that a pump and dump group operating through the exchange YoBit managed to raise the token briefly from about $.10 a token to $10 in an effort to raise the cost of compensation from Paragon. This absurd rally was completely unsustainable, and as a result, fell back to $0.3 per token (albeit tripled the price of the token). But the fact that it happened at all is illustrative of the extreme risk now faced by the industry itself from this kind of tech and financial model.

Why? It means that all users (token holders) of such an ecosystem and for any purpose, would be directly exposed to such risks in the future. And on literally an hour-by-hour basis.

Utility tokens in other words, as defined by all such models (and Paragon is far from the only one), are used not only for investment in such businesses, but then bought downstream, via exchanges, by people who wish to transact in the network itself. And that is the real danger to businesses themselves by adopting such models.

Problem 1 – Utility Tokens Are Securities

The biggest issue at the heart of this conversation is this: Tokens are recognized now as securities, and further still operating in a world where pump and dump on the exchanges is a major liability for all who buy the tokens for any purpose. This means for example, that anyone who must buy a system cybercoin to transact within a blockchained ecosystem (from consumer to business manager overseeing international distribution of their product from the commercial end) would face unprecedented volatility that does not exist by using regulated currencies. Good old dollars and euros for example do not pose this kind of existential risk to businesses themselves.

In the Paragon case directly, for example, owning Paragon crypto means that monthly rent at the incubator would fluctuate in cost based on the unregulated cost of the coin, not a prenegotiated rental agreement in regular currency for space (which is far less volatile). In the current environment, such space just tripled in price.

Beyond that, no consumer in California, for example, would want to have to face the added cost of buying a hyped token (at artificially raised prices) before they can access the newest, coolest strain of bud.

Such systems in other words, are NOT just a fancy form of a digital payment solution (like Paypal). What they do dramatically increases the risk of price volatility in all business operations (also called “cost of goods sold” or COG), andto the end user while also directly exposing all to such risk at every point of production, processing and sales.

Why?Latency issues are also a major issue.

Because the cost of conducting normal, basic business operations would be directly exposed to speculating investors. Even local businesses, in other words, would be completely vulnerable to not just the fluctuations domestically or even internationally caused by doing business in multiple jurisdictions and traditional currency risk, but have direct and unprecedented exposure to a much less regulated and far more volatile price environment globally. And further one that affects literally the entire manufacturing and distribution process.

Problem 2 – Network Congestion

Latency issues are also a major issue. This is a bit more technical and complicated, but is one of the bigger reasons why most blockchain technology and solutions are still incapable of dealing with commercial industry requirements. Much less keep regulated industries in any space, in compliance.

Here is one way to think of the problem. If you have many users on a blockchain network all at once, speed of transaction goes way down and associated costs go way up.

The tokenized asset in other words, has to compete not only with people buying the token as an investment, but those using them to buy goods and services on the commercial side AND the industry processing taking place behind the scenes to fulfil and track product. This has been easy to see with Bitcoin in particular, but is not limited to the same.

Further, prioritization on a network itself (and the costs involved to overcome them, also paid in tokens) then unfairly creates a monopoly environment because of the added costs involved to speed up otherwise normally processed and critical operations. The biggest boys on the block(chain) win. Always. That is antithetical to anti-trust law.

Problem 4 – Undermining Basic Government Regulations On Cost Of Purchase

Here is the biggest conundrum, particularly facing the international cannabis industry now in the process of exporting across international borders. Governments (particularly in Europe) routinely set prices on medicine (in particular), for large contractual purchases and to insure the continued survival of public healthcare (which in Europe and the UK covers most people). See the German cultivation bid for cannabis as a prime example. The government is forcing the industry to submit prices via competitive bid that are expected to come in somewhere between 1-1.5 euro per gram. This in turn will affect not only domestically grown but imported cannabis – and from all points on the globe as the industry opens up.

That process is impossible in an environment where the cost of production itself would be (in a price volatile blockchained delivery system) inherently unpredictable and unstable because the price of production and distribution is itself a speculated upon commodity that can vary, literally, at the speed of a pump and dumped token, sold on any unregulated exchange, anywhere in the world. And as a result, is also illegal.

Digipath Labs Now ISO 17025:2017 Accredited

By Aaron G. Biros
No Comments

According to a press release published in December, Digipath Labs, based in Las Vegas, Nevada, was recently accredited to the updated ISO standard, ISO 17025:2017. The laboratory received their accreditation from Perry Johnson Laboratory Accreditation (PJLA).

ISO 17025:2005 has long been the standard that labs seek accreditation to, but their newest 2017 edition was recently rolled out and introduced to the market. The new 2017 standard includes some broad changes to terminology, process approach, scope, and it importantly introduces the concept of risk-based thinking.

That concept of risk-based thinking is particularly relevant to the cannabis testing market, where many have argued for more transparency and uniformity in different state regulations and markets. Introducing risk-based thinking in the standard means that assessors also look at the risk of bias, impartiality and assessing measurement uncertainty, which certainly adds a layer of subjectivity to the accreditation.

PJLATracy Szerszen, president/operations manager of PJLA, says the newer standard also includes a provision for a quality management system review among other changes. “We are making sure they are following the standard from a technical standpoint, meaning they have the right equipment, the appropriate personnel and also have a quality management system,” says Szerszen. “November 29, 2020 is the deadline for moving to the new 2017 standard.”

According to Todd Denkin, CEO and founder of Digipath, obtaining the new ISO accreditation poises them for future growth and expansion. “Digipath Labs has now brought its standard of excellence in cannabis testing under the updated ISO-17025:2017 umbrella as we seek to expand our dominance in cannabis testing markets,” says Denkin. “This is a major step in positioning Digipath as a global leader in testing services.”

Radojka Barycki picture

Food Safety: Do You Know What Is In Your Water?

By Radojka Barycki
No Comments
Radojka Barycki picture

Water is essential for life and it is an important part of agriculture and food manufacturing. Water has many uses in the cannabis industry. Among the most common uses are irrigation, ingredient/product processing and cleaning processes.

Water can be the carrier of pathogenic microorganisms and chemicals that can be transferred to food through agriculture and manufacturing practices. Poor quality water may have a negative impact in food processing and potentially on public health. Therefore, development and implementation of risk management plans that ensure the safety of water through the controls of hazardous constituents is essential to maintain the safety of agricultural and manufactured food or cannabis products.

Chemicals can enter the water stream through several sources such as storm water, direct discharge into fields and city water treatment plans.Although there no current regulations regarding the water used in cannabis cultivation and processing, it is highly recommended that the industry uses potable water as standard practice. Potable water is water that is safe for drinking and therefore for use in agriculture and food manufacturing. In the United States, the Environmental Protection Agency (EPA) sets the standards for water systems under the Safe Drinking Water Act (SDWA.)The regulations include the mandatory levels defined as Maximum Contaminant Levels (MCLs) for each contaminant that can be found in water. Federal Drinking Water Standards are organized into six groups: Microorganisms, Disinfectants, Disinfection Byproducts, Inorganic Chemicals, Organic Chemicals and Radionuclides. The agriculture and food manufacturing industry use the SDWA as a standard to determine water potability. Therefore, water testing forms part of their routine programs. Sampling points for water sources are identified, and samples are taken and sent to a reputable laboratory to determine its quality and safety.

Microbiological Testing

Petri dish containing the fungus Aspergillus flavus
Petri dish containing the fungus Aspergillus flavus.
Photo courtesy of USDA ARS & Peggy Greb.

Determining the safety of the water through microbiological testing is very important. Pathogens of concern such as E. coli, Salmonella, Cryptosporidium parvum and Cyclospora sp. can be transmitted to food through water. These pathogens have been known to be lethal to humans, especially when a consumer’s immune system is compromised (e.g. cancer patients, elderly, etc.) If your water source is well, the local state agency may come to your facility and test the water regularly for indicator organisms such as coliforms. If the levels are outside the limit, a warning will be given to your company. If your water source is the city, regular testing at the facility for indicator microorganisms is recommended. In each case, an action plan must be in place if results are unfavorable to ensure that only potable water is used in the operations.

Chemical Testing (Disinfectants, Disinfection Byproducts, Inorganic Chemicals, Organic Chemicals and Radionuclides) 

Chemicals can enter the water stream through several sources such as storm water, direct discharge into fields and city water treatment plans. Although, there are several regulations governing the discharge of chemicals into storm water, fields and even into city water treatment plants, it is important that you test your incoming water for these chemicals on a regular basis. In addition, it is important that a risk assessment of your water source is conducted since you may be at a higher risk for certain components that require testing. For example, if your manufacturing facility is near an agricultural area, pesticides may enter the surface water (lakes, streams, and rivers) or the aquifer (ground water) through absorption into the ground or pollution. In this case, you may be at higher risk for Tetrahalomethanes (THMs), which are a byproduct of pesticides. Therefore, you should increase the testing for these components in comparison to other less likely to occur chemicals in this situation. Also, if your agriculture operation is near a nuclear plant, then radionuclides may become a higher risk than any of the other components.

GMPFinally, in addition to the implementation of risk management plans to ensure the safety of water, it is highly recommended that companies working in food manufacturing facilities become familiar with their water source to ensure adequate supply to carry on their operations, which is one of the requirements under the 21 CFR 117. Subpart B – Current Good Manufacturing Practices (cGMPs) for food manufacturers under the Preventive Controls for Human Foods Rule that was enacted under the Food Safety Modernization Act in 2015. Also, adequate supply is part of the Good Agricultural Practices (GAP) The EPA has created a program that allows you to conduct a risk assessment on your water source. This program is called Source Water Protection. It has six steps that are followed to develop a plan that not only protect sourcing but also ensures safety by identifying threats for the water supply. These six steps are:

  1. Delineate the Source Water Protection Area (SWPA): In this step a map of the land area that could contribute pollutants to the water is created. States are required to create these maps, so you should check with local and/or state offices for these.
  2. Inventory known and potential sources of contamination: Operations within the area may contribute contaminants into the water source. States usually delineates these operations in their maps as part of their efforts to ensure public safety. Some examples of operations that may contribute to contaminants into the water are: landfill, mining operations, nuclear plants, residential septic systems, golf courses, etc. When looking at these maps, be sure that you verify the identified sources by conducting your own survey. Some agencies may not have the resources to update the maps on a regular basis.
  3. Determine the susceptibility of the Public Water Source (PWS) to contaminate sources or activities within the SWPA: This is basically a risk assessment. In here you will characterize the risk based on the severity of the threat and the likelihood of the source water contamination. There are risk matrices that are used as tools for this purpose.
  4. Notify the public about threats identified in the contaminant source inventory and what they mean to the PWS: Create a communication plan to make the State and local agencies aware of any findings or accidents in your operation that may lead to contamination of the PWS.
  5. Implement management measures to prevent, reduce or eliminate risks to your water supply: Once risks are characterized, a plan must be developed and implemented to keep risks under control and ensure the safety of your water.
  6. Develop contingency planning strategies that address water supply contamination or service interruption emergencies: OSHA requires you to have an Emergency Preparedness Plan (EPP). This plans outlines what to do in case of an emergency to ensure the safety of the people working in the operation and the continuity of the business. This same approach should be taken when it comes to water supply. The main questions to ask are: a) What would we do if we find out the water has been contaminated? b) What plan is in place to keep the business running while ensure the safety of the products? c) How can we get the operation back up and running on site once the water source is re-stablished?

The main goal of all these programs is having safe water for the operations while keeping continuity of the business in case of water contamination.

OLCC-Logo

Audit Finds Oregon Lacking Regulatory Oversight and Proper Security

By Aaron G. Biros
No Comments
OLCC-Logo

Last week, Oregon Secretary of State Dennis Richardson published his office’s audit of The Oregon Liquor Control Commission (OLCC). The audit uncovered a number of inadequacies with the regulatory agency, most notably the problems with their tracking system, designed to prevent cannabis form being sold on the black market.

The report highlights the need for Oregon to implement a more robust tracking system, citing reliance on self-reporting, overall poor data quality and allowing untracked inventory for newly licensed businesses. The audit also found an insufficient number of inspectors and unresolved security issues. According to The Oregonian, the OLCC only has 18 inspectors, roughly one for every 83 licensed businesses.

Auditors also found inadequacies in the application system, saying the OLCC doesn’t monitor third-party service providers and doesn’t have a process in place for reconciling data between the licensing and tracking systems. The audit found there is a risk that decisions made for the program could be based on unreliable data. It also found a risk of unauthorized access to the systems, due to a lack of managing user accounts.

Oregon Secretary of State Dennis Richardson
Oregon Secretary of State Dennis Richardson

This audit’s publication is very timely. Most notably because U.S. Attorney Billy Williams, who called Oregon’s black market problem “formidable,” convened a summit this week to examine how Oregon can prevent cannabis being exported to other states. According to the Oregonian, Williams said Oregon has an “identifiable and formidable overproduction and diversion problem.” The audit’s findings highlighting security issues are also very timely, given that in the same week, Oregon’s neighbor to the North, Washington, experienced a security breach in its own tracking system.

The problems with the Oregon tracking system’s security features are numerous, the audit says. They found that the OLCC lacks a good security plan, IT assets aren’t tracked well, there are no processes to determine vulnerabilities, servers and workstations not using supported operating systems and a lack of appropriately managing antivirus solutions. “Long-standing information security issues remain unresolved, including insufficient and outdated policies and procedures necessary to safeguard information assets,” reads the report’s summary.

The audit proposes 17 recommendations for the state to bolster its regulatory oversight. Those recommendations intend to address undetected compliance violations, weaknesses in application management, IT security weaknesses and weaknesses in disaster recovery and media backup testing. You can read the full audit here.

Steven Burton

Top 4 Food Safety Hazards for the Cannabis Industry

By Steven Burton
15 Comments
Steven Burton

As many US States and Canadian provinces approach legalization of cannabis, the question of regulatory oversight has become a pressing issue. While public awareness is mainly focused on issues like age restrictions and impaired driving, there is another practical question to consider: should cannabis be treated as a drug or a food product when it comes to safety? In the US, FDA governs both food and drugs, but in Canada, drugs are regulated by Health Canada while food products are regulated under the CFIA.There are many food safety hazards associated with cannabis production and distribution that could put the public at risk, but are not yet adequately controlled

Of course, there are common issues like dosage and potency that pharmaceutical companies typically worry about as the industry is moving to classifying its products in terms of percentage of chemical composition (THC, CBD, etc. in a strain), much as we categorize alcohol products by the percentage of alcohol. However, with the exception of topical creams and ointments, many cannabis products are actually food products. Even the herb itself can be brewed into teas, added to baked goods or made into cannabis-infused butters, oils, capsules and tinctures.

FDAlogoAs more people gain access to and ingest cannabis products, it’s only a matter of time before food safety becomes a primary concern for producers and regulators. So when it comes to food safety, what do growers, manufacturers and distributors need to consider? The fact is, it’s not that different from other food products. There are many food safety hazards associated with cannabis production and distribution that could put the public at risk, but are not yet adequately controlled. Continue reading below for the top four safety hazards for the cannabis industry and learn how to receive free HACCP plans to help control these hazards.

Aflatoxins on Cannabis Bud

Just like any other agricultural product, improper growing conditions, handling and storage can result in mold growth, which produce aflatoxins that can cause liver cancer and other serious health problems. During storage, the danger is humidity; humidity must be monitored in storage rooms twice a day and the meter must be calibrated every month. During transportation, it is important to monitor and record temperatures in trucks. Trucks should also be cleaned weekly or as required. Products received at a cannabis facilities should be tested upon receiving and contaminated products must always be rejected, segregated and disposed of safely.

Petri dish containing the fungus Aspergillus flavus. It produces carcinogenic aflatoxins, which can contaminate certain foods and cause aspergillosis, an invasive fungal disease.
Photo courtesy of USDA ARS & Peggy Greb.

Chemical Residues on Cannabis Plants

Chemical residues can be introduced at several points during the production and storage process. During growing, every facility should follow instructions for applying fertilizers and pesticides to crops. This includes waiting for a sufficient amount of time before harvesting. When fertilizer is being applied, signs must be posted. After cannabis products have been harvested, chemical controls must be in place. All chemicals should be labelled and kept in contained chemical storage when not in use to prevent contamination. Only food-grade chemicals (e.g. cleaners, sanitizers) should be used during curing, drying, trimming and storage.

Without a comprehensive food safety program, problems will inevitably arise.There is also a risk of excessive concentration of chemicals in the washing tank. As such, chemical concentrations must be monitored for. In general, water (obviously essential for the growing process) also carries risks of pathogenic bacteria like staphylococcus aureus or salmonella. For this reason, city water (which is closely controlled in most municipalities) should be used with an annual report and review. Facilities that use well water must test frequently and water samples must be tested every three months regardless.

Pathogenic Contamination from Pest Infestations

Insects, rodents and other pests spread disease. In order to prevent infestations, a pest control program must be implemented, with traps checked monthly by a qualified contractor and verified by a designated employee. It is also necessary to have a building procedure (particularly during drying), which includes a monthly inspection, with no holes or gaps allowed. No product should leave the facility uncovered to prevent fecal matter and other hazards from coming into contact with the product. Contamination can also occur during storage on pallets, so pallets must be inspected for punctures in packaging material.

Furthermore, even the best controlled facility can fall victim to the shortcomings of their suppliers. Procedures must be in place to ensure that suppliers are complying with pest and building control procedures, among others. Certifications should be acquired and tracked upon renewal.

Pathogenic Contamination Due to Improper Employee Handling

Employee training is key for any food facility. When employees are handling products, the risk of cross-contamination is highest. Facilities must have GMP and personnel hygiene policies in place, with training conducted upon hiring and refreshed monthly. Employees must be encouraged to stay home when sick and instructed to wear proper attire (gloves, hair nets, etc.), while glass, jewelry and outside food must not be allowed inside the facility. Tools used during harvesting and other stages may also carry microorganisms if standard cleaning procedures are not in place and implemented correctly by employees.

As the cannabis industry grows, and regulatory bodies like the FDA and CFIA look to protect public safety, we expect that more attention will be paid to other food safety issues like packaging safety (of inks and labels), allergen control and others. In the production of extracts, for example, non-food safe solvents could be used or extracts can be mixed with ingredients that have expiration dates, like coconut oil. There is one area in which the cannabis industry may lead the way, however. More and more often, risks of food terrorism, fraud and intentional adulteration are gripping the food industry as the global food chain becomes increasingly complex. It’s safe to say that security at cannabis facilities is probably unparalleled.

All of this shows that cannabis products, especially edibles (and that includes capsules and tinctures), should be treated the same as other food products simply because they have the same kinds of hazards. Without a comprehensive food safety program (that includes a plan, procedures, training, monitoring and verification), problems will inevitably arise.

photo of outdoor grow operation

How to Reduce Mold & Contaminants in Indoor, Greenhouse and Outdoor Grows

By Ketch DeGabrielle
No Comments
photo of outdoor grow operation

Controlling your grow environment doesn’t start when you germinate your first seeds, it starts before you build your grow. There are steps you can take that will have a significant impact on mold growth and contamination, and these will vary based on the grow environment you choose.

Below is a roadmap to where each grow environment stands in terms of mold and contamination risk, and simple steps you can take to mitigate these factors.

Outdoor

The benefits of an outdoor grow are significant – using natural sunlight to grow plants is both inexpensive and environmentally sound. However, it allows the least amount of control and makes plants susceptible to weather conditions and outdoor contaminants including dust, wind, rain and insects. Depending on humidity and precipitation levels, mold can be a big issue as well.

Outdoor growing has obvious benefits, such as natural sunlight, but may also require extra steps to prevent contamination

When selecting an outdoor area for a cannabis farm, there are two important factors to consider: location and neighboring farmland. Geographical environments and sub-climates vary and once you have purchased land, you are committed, so be sure to consider these factors prior to purchase.

While arid desert climates have abundant sunlight and long growing seasons, flat, dry lands are subject to dust-storms, flash floods and exceedingly high winds that can damage crops. Conversely, more protected areas often have high humidity and rainfall late in the season, which can create huge issues with bud rot and mold. Neighboring farms also have an impact on your grow, so be sure to find out what they cultivate, what they spray, their harvest schedule and how they run their operation. Large farming equipment kicks up a lot of contaminant-laden dust and can damage crops by displacing insects to your farm if they harvest before you. Pesticide drift is also a major issue as even tiny amounts from a neighbor’s farm can cause your crops to fail testing, depending on what state you are in.

With outdoor grow environments always at the mercy of Mother Nature, any cultivator is wise to control contamination potential on the ground. Cover soil and protect your crop by planting cover crops and laying plastic mulch on as much ground as reasonable. In many cases it makes sense to irrigate uncultivated parts of your farm just to keep dust down.

Greenhouse

Greenhouses are the future of cannabis cultivation. They allow growers to capture the full spectrum and power of the sun while lessening environmental impact and operating expenses, while still being able to precisely control the environment to grow great cannabis. With recent advancements in greenhouse technology such as automated control systems, positive pressure, geothermal heating or cooling and LED supplemental lighting, greenhouses are the future. However, older or economy greenhouses that take in unfiltered air from outside still have a medium amount of mold and contamination risk.

A greenhouse grow facility

Before building your greenhouse, study the area while taking into account climate, weather conditions and sun exposure. Excessively windy areas can blow in contaminants, and extremely hot climates make cooling the greenhouse interior a challenging and costly endeavor.

There are several simple operational tactics to reduce contaminants in a greenhouse. Add a thrip screen to keep insects out, thoroughly clean pad walls with an oxidizing agent after each cycle, and keep plants at least 10 feet from pad walls. Plan to flip the entire greenhouse at once so that you can clean the greenhouse top to bottom before your next crop. A continuous harvest in your greenhouse allows contaminants to jump from one plant to the next and reduces the ability to control your environment and eliminate problems at the end of a cycle. Lastly, open shade curtains slowly in the morning. This prevents temperature inversion and condensation, which can cause water drops to fall from the ceiling and transfer contaminants onto plants below.

Indoor

An indoor environment offers ultimate control to any grow operation. Cultivators can grow high-quality cannabis with the smallest potential for yeast and mold growth. Unfortunately, indoor environments are extremely expensive, inefficient and environmentally costly.

Talltrees
An indoor cannabis operation set up (Image: Tall Trees LED Company)

With indoor grow environments, keeping mold and contaminants at bay comes down to following a regimented plan that keeps all grow aspects clean and in order. To keep your grow environment clean, change HVAC filters multiple times a month. It’s also important to install HEPA filters and UV lights in HVAC systems to further reduce contamination threats. Clearly mark air returns if they are near the ground and keep those areas free of clutter. They are the lungs of your grow. Also, stop using brooms in the grow space. They stir up a lot of contaminants that have settled to the floor. Instead, use HEPA filter backpack vacuums or install a central vacuum system. Set up a “dirty room” for anything messy on a separate HVAC system, and be sure to thoroughly clean pots after every harvest cycle.

Learn more about reducing mold and contaminants in an indoor or greenhouse grow in another article from our series: 10 Ways to Reduce Mold in Your Grow.