News & Information Blog

In a previous blog article, we indicated that there will be more to come with regards to OSHA electronic reporting requirements.  They have now taken the next step in that direction.

In 2016 OSHA amended its recordkeeping regulations to require establishments with 250 or more employees to electronically submit information from 300, 300A and 301 forms to OSHA.  Due to a variety of issues, the deadlines were extended, and then eventually dropped when OSHA issued their final ruling in January of 2019.

On March 30^th of this year, OSHA posed a newly proposed rule for Improving Tracking of Workplace Injuries and Illnesses to the Federal Register.  In summary:

• Establishments with 100 or more employees in designated industries will be required to electronically submit information from Forms 300, 301 and 300A to OSHA on an annual basis.
• The "designated industries" seem to encompass just about all companies involved in any type of material handling, and then some.
• Those companies with 20 or more employees in high-risk industries that are already required to submit their 300A annually, will continue to be required to do so.
• Information collected from this process will be made available in publicly searchable services.

In reading the proposed rule it is apparent that OSHA has done additional due diligence to address some of the concerns raised with their initial attempt at electronic reporting.  Specifically, they have addressed the privacy concerns raised regarding the data storage and availability.  To this end, their proposal reflects specific plans to ensure injury data is not reported and cannot be inferred, by taking the following steps:

• Not all information from each form will be submitted. Employee name and address, name of physician, and treatment facility name and address will not be required.
• OSHA will be employing multiple layers of sophisticated technology (neural networks, artificial intelligence, machine learning, etc.) that interrogates submitted data that looks like it could be used to identify or make and inference to the identity of an injured employee. Remediation steps will then be taken to scrub the data as necessary.

It appears OSHA has taken their role in data security seriously.  This is obviously positive.  What isn't so obvious is that it shifts the data security burden to the employers: 

• If you haven't moved to some form of electronic data collection, you will need to.
• There will be data formatting and submission requirements for getting your reporting data into the Injury Tracking Application. If the format of your electronic data doesn’t match what will be expected, you will need to convert it.
• There is some data that OSHA is protecting itself against, but is requiring it from employers. For example, OSHA will be requiring date of birth to be submitted, but they will only be storing the age of employee at time of injury, as calculated by the DOB you submit.  OSHA relieves themselves of the data security of storing that information, but you, as the employer, are still required handle it in order to make it available to OSHA.

Now is a good time to start planning to evaluate and prepare your systems and processes for this next level of reporting.  Specific actions needed will become more clear as OSHA finalizes the ruling and solidifies their requirements.  However, whether it be the burden of manual data entry, or the risk of having sensitive data sitting in multiple computer files, this change does warrant an active effort to ensure data quality and security.

Leveraging a Safety Management System such as Simple Safety Coach is a good way to address any potential increase in manual processes as well as the data security that will be required!