PHIS Update: Data Security; Next Step for Establishments, Brokers
In addition to protecting public health, security of personal and business information is a priority for FSIS. The Public Health
Information System (PHIS) is no exception. FSIS is developing this improved data infrastructure system which will give establishments
and import/export brokers an important role in that security. Connecting to PHIS does not increase or decrease security of users'
computer equipment. FSIS will not require any software to be installed on their computers, and all access to PHIS will be through a
secure mechanism, much like access to online banking sites.
FSIS is ensuring each user's access is appropriately defined by that person's role in doing business through PHIS, primarily by the
individual's association with an establishment. For example, an FSIS consumer safety inspector working at a specific plant will have
access only to inspection-related data for that specific plant. For establishments and import/export brokers, FSIS will use PHIS
to define their access to include data only for that specific establishment or broker.
FSIS is using USDA's eAuthentication (eAuth) system and an invitational key (See Constituent Update,
Jan. 7) as the method for security to be managed for each individual who uses PHIS. The invitational key will be specific to a
person, such as the establishment's general manager or vice president of record currently in the Performance Based Inspection System (PBIS).
Next Steps for Owners and Operators
- Authorize a PHIS system administrator. FSIS strongly encourages owners and operators to
carefully consider designating at least two people as PHIS system administrators. They would have the authority to manage access
for other individuals designated to use PHIS on the company's behalf.
- Request eAuth accounts. For those individuals to be designated to use PHIS on the establishment's
behalf, submit requests for USDA Level 2 Customer eAuthentication accounts sooner rather than later, or even now. Each employee must
complete the submission him or herself. To create a Level 2 Customer eAuthentication account, the first step is for customers to
sign up via
Within a few minutes, you will receive a confirmation e-mail message with instructions on how to proceed.
- Get your identity verified. You are required to have a Local Registration Authority (LRA)
verify your identity in person. You must do this before you can receive a password for your eAuth account. Once customers have completed
the first step and responded to the confirmation email, the second step is to make an appointment with a LRA at a USDA Service Center.
Use the USDA Service Center Locator:
http://offices.sc.egov.usda.gov/locator/app?type=lra to find an agent in your area using the map provided.
- Keep eAuth accounts secure. Each owner or operator, and any other person with an eAuth account,
is responsible for keeping his or her own log-in information secure. It is important that you maintain your eAuth password in a
secure location and that you not share it with others; it is unique to you.
Owner or operators will receive a letter a few weeks before the establishment switches over to PHIS for domestic inspection. This letter
will have specific instructions for the PHIS system administrator for your establishment to use when logging onto the system for the
first time. Note: The export certificate function will be implemented to cover the approximately 120 countries the U.S. exports to
at the same time, after implementation of the domestic and import components.
The letter explaining how to obtain an eAuth account and more PHIS information are available at www.fsis.usda.gov/phis.
Export Requirement Updates
The Library of Export Requirements has been updated to reflect changes in export requirements for the following countries:
Complete information can be found at www.fsis.usda.gov/
USDA Seeks Comments on Positions for Codex Public Meeting on Fish and Fishery Products
The Office of Food Safety and the Food and Drug Administration will co-sponsor a public meeting to receive public comments and draft
U.S. positions on issues to be discussed at the 31st Session of the Codex Committee on Fishery and Fishery Products (CCFFP) to be
held in Tromso, Norway.
The public meeting is scheduled for March 16 from 1 to 4 p.m. at the auditorium of the Harvey W. Wiley Building, 5100 Paint Branch Pkwy.,
College Park, Md. Individuals may participate via teleconference by dialing (866) 692-3158 and enter the pass code 5986642.
Documents and agenda items related to the 31st Session of the CCFFP are available at
www.codexalimentarius.net/current.asp. For more information about the
public meeting, contact Kenneth Lowery at (202) 690-7760 or
Get Answers at askFSIS
AskFSIS is a web-based technology and policy question-and-answer forum on topics such as exporting, labeling, inspection,
programs and procedures.
In addition, askFSIS offers Really Simple Syndication (RSS) feeds that link back to the Q&As. Visit
Recently posted topics include:
New Salmonella Standards: A Weekly Industry Progress Update
||Percent Complete and Passed as of Feb 22, 2011
||Percent That Could Complete and Pass by Mar 31, 2011
FSIS is tracking industry performance to see if 90 percent of poultry slaughter establishments would have met updated and tightened
Salmonella standards for 2010 if they had been in effect. (See the Dec. 17, 2010, issue of the Constituent Update at
The table above shows progress as of this week projecting a final best-case possible total with changes from last week indicated in the parentheses.
February 28, 2011