Risk and Security LLC

Risk Assessments, Training and More

This content shows Simple View

OSHA CPL 02-01-052

How long does it take for OSHA to develop standards – like for Workplace Violence?

Why OSHA standards take so long to develop

The Government Accountability office reports to Congress on items of interest to Congress and their constituents.  One area that was recently examined was how long it takes OSHA to update standards, or develop new standards.  Here’s a look at the results:

By:         David LaHoda  April 30th, 2012

A report by the U.S. Government Accountability Office (GAO) on why OSHA standards take, on average, more than seven years to complete found that “increased procedural requirements, shifting priorities, and a rigorous standard of judicial review” contributed to the lengthy time frame.

In responding the GAO report, Randy Rabinowitz, OMB Watch’s director of regulatory policy said: “In the years since its creation, OSHA’s charge to protect workers from harm has been undermined by Kafkaesque demands for additional reviews of existing rules mandated by new statutes and executive orders,” according to The Hill. While OSHA’s internal inability to remain focused on priorities and regulatory follow-through was the counter argument presented by the U.S. Chamber of Commerce.

“While some of the changes, such as improving coordination with other agencies to leverage expertise, are within OSHA’s authority, others call for significant procedural changes that would require amending existing laws,” according tot he GAO report.

The GAO report recommended that that OSHA and NIOSH improve collaboration on researching occupational hazards. In that way OSHA could better “leverage NIOSH expertise in determining the needs for new standards and developing them.”

To access the entire 55-page report, go to: http://www.gao.gov/products/GAO-12-330



April is Workplace Violence Awareness Month

The American Association of Workplace Violence Prevention (www.aawvp.org) has designated April 2012 as official Workplace Violence Awareness Month!

You can celebrate in your office by suggesting ways to reduce workplace violence in your own environment.  At AAWVP, they stress that workplace violence also happens to you, not just at work, but at the late-night grocery store or convenience store, in the hospital where you’re visiting your father, and even in your own home.

As part of the awareness raising event, the Association has invited me to participate in a special webinars about workplace violence at 2:00 pm Eastern Time, on April 18th.

You can join us by registering at http://tinyurl.com/85e33h8



Preview of the Webinar on Workplace Violence Prevention

Companies often don’t think about preventing workplace violence until there is an incident that affects them, or a company similar to them, or geographically close.  As soon as something happens close to home, they want to get serious and do something about it right away.

Workplace violence prevention is actually a process that, like in quantum physics, when we talked about the observed particle, just putting management’s attention on the potential problem will start the prevention process.

A good place to start is with adjusting and updating your policies.  Perhaps your policy is outdated, or hasn’t been publicized in your organization.   Time to dust it off and make sure it includes these critical elements:

1.  It says:  We have a total no-weapons policy in this company.

2.  Employees are REQUIRED to report any potential, or even suspected workplace violence situations or incidents.

3.  There is an approved company form which every employee has electronically, to use
if necessary.

4.   Every employee has to attend a violence prevention training course, or active shooter drill, or both, annually.

The policy is the first step.  Next, the policy has to be approved by the management or by the Board, and then sent to every employee, along with an affirmation agreement that they sign saying they read the policy and understand it.

More tomorrow… or attend our special workplace violence webinar.  You can sign up at:

http://t.co/rKBuoDgt



Outlook on Risk & Security Compliance in 2012 – What to Expect.

This New Year’s Eve, I thought at times my neighbors were using a rocket launcher and several assault rifles to shoot up the New Year.  Lucky for me,  I spent the awake time to contemplate the outlook for risk, threat and security issues for 2012 and here’s what I see for 2012.

1.  Government-Mandated Compliance Is Here to Stay for the Healthcare Industry.

I remember when the IT departments are many hospitals thought George W. was going to revoke the HIPAA Security Rule.  It never happened, and this year, for the first time, there is a regulatory body in place that is intent on REAL ENFORCEMENT.

The Dept. of Health & Human Services, Office of Civil Rights,  has expanded HIPAA Security and Privacy Rules to include “Business Associates” including lawyers working in healthcare, and the infamous “3rd Party Providers” who do everything from warehouse data to taking over the IT function of a hospital, and this trend will continue as pressure builds from consumers who’s medical and financial data continues to be compromised.

2.  Workplace Violence Prevention will become an OSHA mandate, if not in 2012, at least by 2015.  Based on the slug-like pace of OSHA, who only recently provided directives for high risk industries, and the pressure from the more than 30 states who have passed their own regulations,  the pressure to stop the number of incidents and to lower their intensities will increase and management will be forced to address it as a major corporate issue.

3.  Pressure on the financial industry to protect consumer information will increase.
  Like many other areas, pressure is increasing to prevent the enormous data breaches we saw in 2011, like Tricare, the recent Stratfor hack by Anonymous, Wikileaks and HealthNet breaches.  Consumers are the squeaky wheel and they want the convenience of plastic and internet use, and they will not tolerate breaches, and they are all registered voters!

The FFIEC has already tightened up on both risk assessment standards, as well as
authentication guidelines for all financial institutions.

 

There will be a increase in requirements for risk assessment as an accountability feature to force managers to maintain better security in all areas of their organizations. 

Accountability means that individual managers will be held responsible for the decisions they make regarding other people’s:

1.  Financial Data

2.  Medical Records

3.  Safety from both Violence & Bullying in their workplaces.

Budgets can be cut, and staff can be reduced but consumers are demanding protection of their information, and themselves, and the regulators will make sure they get it in 2012!



OSHA Starts New Enforcement Initiative for Workplace Violence Issues

On September 8, OSHA issued a new directive about enforcement activity on workplace violence issues.  This directive (CPL 02-01-052) takes effective on Sept. 8, 2011 and is called Enforcement Procedures for Investigating or Inspecting Workplace Violence Incidents.  It details new procedures for the OSHA inspectors, but it is also a valuable document to show employers what they can expect.

The directive follows the shocking news that in 2010, 18% of workplace fatalities were caused by assaults and violent acts, while only 14% were caused by falls, according to the Bureau of Labor Statistics.

Workplace violence incidents are even higher in the hospital and healthcare industries.

The new inspection directive shows how OSHA inspectors are going to look at employers to see whether they have performed a workplace violence analysis.  These assessments follow the security risk assessment model and should take into account the threat level at the organization, the history of incidents and examination of trends, and whether ‘accepted’ controls have been implemented at the place of employment.

Some of the ‘accepted controls’ they will be examining include:

  • Having a recent workplace violence analysis
  • Having a formal workplace violence training program in place
  • Showing the employer had incident reports to identity possible threat levels
  • Methods the employer used to inform employees of the risk of workplace violence
  • Evidence the employer has a workplace violence prevention plan in place
  • Evidence the employer has a current security plan
  • There are also a set of recommended physical controls that include proper lighting, cameras, curved mirrors, etc.

For more information, or a copy of the document, email info@riskwatch.com.




top