What was even more disturbing is that the blog went on to say that this result – 70% of office areas in violation of OSHA standards – was seen as an improvement because the number of violations found during previous inspections was even higher. 

Wow!

Having piqued my interest, I headed over to the website for the Office of Compliance to take a look at the report myself. 

What I found was the Biennial Report on Occupational Safety and Health Inspections dated June 2009. 

There are some interesting things in this report –

• Although details about the inspection criteria and protocols used for the Office of Compliance inspections was not provided, the inspections seemed to be heavily focused on the OSHA electrical and fire regulations.  As a result, the primary types of hazards identified appeared to be electrical and fire hazards.
• Clearly missing from the report was any discussion of ergonomic hazards associated with office work.  It is difficult to accept that simply because there is no OSHA ergonomics standard, no ergonomics hazards exist in these offices.  The irony being that the reason there is no OSHA ergonomics standard is that Congress blocked OSHA from developing one.
• The inspections conducted did NOT include assessment of written safety and health programs – even though this report acknowledges that “agencies can reduce considerably the incident and severity of on-the-job injuries by implementing effective safety programs.” 

This is a significant omission given that the most frequently issued OSHA citations are associated with the lack of safety programs such as hazard communication programs. 

The reason given for this omission? 

The employing offices (i.e. Congressional members) were concerned about the time required to develop safety programs, their lack of readiness for inspection as well as “legal issues.” (see page 19 of the report).

Given the results reported and, more importantly, the omissions from the inspections actually conducted, it makes one wonder about the wisdom of giving awards to members of Congress for “office safety”.  The results to date do not appear to demonstrate a commitment to safety that should be commended.

© ENLAR® Compliance Services, Inc. (2010)

Even though most workplaces are clearly not the same as an Olympic sports facility, there are “lessons to be learned” from this tragedy for occupational health and safety professionals.  

• Arguing whether the individual hurt was at fault is not productive.  As the Georgian President Mikheil Saakashvili stated – “…no sports mistake is supposed to lead to a death.”  When individuals die as a result of workplace incidents, the sentiment is the same.  Blaming the worker is just as counterproductive as blaming an athlete.
• Consideration of ”human factors” is both critical to preventing injury and more difficult and complex than it initially seems. 

What are those complexities?

First, consideration of human factors must consider each person as an individual.  Unlike machines, humans are not identical.  Each person is unique in size and statue, physical capabilities and emotional responses.  Protecting all workers means protecting each individual.

Second, there is a relationship between the consideration of human factors associated with a task and the development of the competency needed to perform that task.  Much of the disagreement expressed about the luge crash has focused on the skill and experience of Nodar.  The same issue is often a factor in industrial accidents – inexperienced workers have a higher accident rate.

Finally, our view of what is an acceptable risk evolves over time.  In a recent blog post on www.motorsport.com, Max Mosley, the former president of Formula One’s governing body, is quoted as saying “The International Luge Federation is where Formula One was 40 years ago – the whole mindset is wrong.” 

© ENLAR® Compliance Services, Inc. (2010)

Many organizations partially address this requirement by establishing an ergonomics program in order to address physical human factors.  Only a few organizations explicitly address mental human factors as a part of their hazard identification and risk assessment. 

Yet, mental human factors are very real and can be just as important as physical human factors.  In some cases, they are even more important.  For example, when one is driving a car, factors that reduce mental acuity – such as talking on a cell phone – are typically much more significant than physical capabilities.  The dangers of being distracted while driving is important enough that the first Distracted Driving Summit was held last fall and the U.S. Department of Transportation has set up a Distracted Driving website. 

The human brain has been described as having “a very large hard drive but limited random access memory (RAM).”  As demonstrated by our proficiency at trivia games and success in answering questions on quiz shows like Jeopardy, the human brain is capable of storing a great deal of information.  On the other hand, studies show that most people have difficulty remembering more than 7±2 items at a time in short term memory.  Our mental processes were developed for a very different environment than we find ourselves in today.  In the past, our modes of information delivery moved much, much slower with significantly fewer “inputs per minute.”  

Yet we design work environments as if this mental limitation does not exist. 

We expect individuals to work at full capacity in environments with multiple stimuli.  We set up equipment lines so they are efficient for the machines but terrible environments for the people who have to work there.  We design work processes and work shifts as if mental limitations do not exist.

Unfortunately, when accidents do occur – which they inevitably will – we blame the individuals involved and tell them how “bad” they are. 

I’m not sure if this is silly, sad or tragic but it sure is NOT a sound management system approach.

© ENLAR® Compliance Services, Inc. (2010)

They loved it.

That should be great – right?

Well… The problem with an “approved strategy” is that now someone has to implement it.

This is a common issue that arises when an organization establishes an occupational safety and health management system.  The company tasks a team that sets up the framework for the OHSMS, someone writes up the procedures to match the conceptual framework and objectives are established for the various improvement initiatives that have been envisioned.

Then comes implementation – “doing what you say you are going to do.”  This is often the hard part.

For success – you need BOTH strategy and implementation.  

• If you have strategy without implementation, you may have great plans but the organization will get no benefits from the strategic planning (the “dusty manuals” syndrome).
• If you have implementation without strategy, you will have action but are likely to miss the mark and end up doing the wrong things well (the “ready, fire, aim” syndrome).

For a good discussion of the important of getting it right and doing it right – check out the following blog post – Strategy IS Execution.

© ENLAR® Compliance Services, Inc. (2010)

I have been working for several years with the Tampa Bay Regional Planning Council to help local businesses prepare for disasters.  In our area, the Florida west coast, the disaster we fear is a major hurricane.  As part of these efforts, we developed and presented a series of interactive workshops covering emergency planning, risk assessment and disaster preparedness. 

If you want to be prepared, the following points are key -

• Prioritization of Efforts – It is impossible to address every need at the same time.  Before a disaster strikes, you need to define your risks and establish what your recovery priorities are going to be and then, when disaster strikes, act accordingly.
• Clearly Defined Roles and Responsibilities – To repurpose an adage from cooking (i.e. “Too many cooks spoil the pudding.”) – too many bosses creates chaos.  Someone must be in charge and that has to be clear to everyone.
• Communication is Key – Without clear communication, you are likely to have incomplete response actions, wasted duplication of efforts and run the risk of festering anger, outrage and violence in those who are impacted by the disaster event.
• Protecting Your Responders - Heroics look good for TV but should be discouraged. Having responders taking unnecessary risks adds to the ultimate “body count” of those impacted by the disaster.

If you haven’t reviewed your emergency preparedness plans yet this year, pull them out and review them now.  While you are at it, update those emergency contact lists, chances are they are out of date.

© ENLAR® Compliance Services, Inc. (2009)

Many organizations use the start of the year as a time to review their OH&S management system objectives and set new ones.  If their OH&S programs are lagging in their implementation, new approaches or new assignments are considered. 

This is also a good time to address all that PAPER – either physical paper or electronic paper.  This includes all those completed hazard evaluation forms, inspection checklists, excel spreadsheets, meeting notices and minutes, e-mails with various interested parties, incident investigations, corrective action reports,….

When I help develop record control processes and procedures for an organization, one of the concepts I try to incorporate is the inclusion of record schedules with record breaks and scheduled clean-out days. 

A record schedule is a document that defines how a record is to be kept, how long it needs to be maintained in an active storage location and when it should be destroyed.  U.S. EPA has an informative discussion of the purpose and use of record schedules on its web site. 

The first key to using a record schedule is organizing your records in a way that makes complying with your record retention requirements as easy as possible.  This usually means using record breaks – usually defined points in time when you start a new file. For example, rather than filing all of your records pertaining to a particular topic randomly in one file folder (physical or electronic), you file them by year so you can move an entire year’s worth of records to a different location (off-site storage or electronic archive) at one time. 

The second key to using a record schedule is actually setting aside a time for moving old records out of active storage locations and getting rid of unnecessary records in accordance with your organization’s record retention policies. 

Although this often appears to be an unimportant mundane task to “put off to another day” it is important to the smooth functioning of your OHSMS. 

So, schedule your record clean-out day today.  By the way, wear comfortable clothes and order a pizza.  It will make the job easier.

© ENLAR® Compliance Services, Inc. (2009)

This is not easy.  Often, the root cause investigation ends with a determination along the lines of “Joe screwed up.”  We play the blame game.

Why?

There have been a number of reasons advanced for this and most of them are probably true – at least in part.

Last week, a colleague lent me his copy of Dan Gano’s book – Apollo Root Cause Analysis.  This book sets out a different way of approaching root cause analysis by focusing on defining a problem in terms of both the action and the conditions that caused the particular effect you are analyzing.  For example, you don’t get a fire (an effect) unless you have an ignition source (an action) as well as two conditions (fuel and oxygen at the right concentrations).  Remove either condition (fuel/oxygen) or the action (ignition) and the effect (fire) does not occur.

What I liked most about the book, however, was not the root cause methodology advanced in the book but the explanation of why we so often fall into the blame game.

In a word – storytelling.

As humans, we have a long tradition of storytelling.  It comes naturally to us.  It is how we have transmitted information for generations.  Everyone likes a good story.

Integral to storytelling is identifying your actors – answering the question “who” is central to telling a good story.  As Gano points out in his book, most incident reports provide a prime example of storytelling.  The initial focus is typically on who did what.  Unfortunately, for purposes of root cause analysis, storytelling sets us up for failure because it keeps us focused on the story – who, what, where and when – rather than focusing our attention on identifying the causes of an incident. 

So when you are investigating an incident or nonconformity, tell your story.  It is, after all, human nature and likely irresistible.  But when you start your root cause analysis, put the story aside and take the “who” completely out of the analysis.  Remove the names and strike the identifiers.  Instead, focus your attention on the actions and conditions that lead to the situation (effect) that you are investigating.

© ENLAR® Compliance Services, Inc. (2009)

I am dealing with an organization that claims it is certified to OHSAS 18001… Does anyone know if there is an accreditation board or other governing body which administrates OHSAS 18001 who would be responsible for auditing conformance with these practices? Or does this system rely solely on internal audits only? (click here to read the entire comment)

There is no one OHSAS 18001 governing body or accreditation board.

As a voluntary international standard, OHSAS 18001 is utilized by organizations in several different ways.

Some companies use OSHAS 18001 as a guidance document to develop their OH&S management system.  In that case, conformance is discretionary and there is no “certification” or “accreditation”.  In this case, verification of conformance relies solely upon the adequacy and effectiveness of the internal audit program.

OHSAS 18001 is also used for purposes of third-party certification. 

Many of the registrars who provide ISO 9001 and ISO 14001 certification also offer OHSAS 18001 certification to their customers.  Because of how OHSAS 18001 was developed (independent of ISO), there are two types of certification being offered by registrars – accredited and unaccredited.   The majority of OHSAS 18001 certifications are unaccredited.

In order to determine the type of certification an organization has, you will need to carefully review the actual certificate.  This can be easier said than done.  Since there is no public access to registration certificates, or any master database of OHSAS 18001 certified companies, you have to get a copy of the certificate from the company that is claiming to be OHSAS 18001 certified.  It is often posted on the wall somewhere.

You would also want to confirm the validity of this certification with the registrar identified on the certificate.  There have been problems with “sham” or fake certificates.  The certificate should also indicate whether or not it is an “accredited” certification and the scope of the certification (what it covers).  In some cases, the actual scope of the certification is narrower than the public relations representations made by the company (certain operations, locations or workers are excluded).

For either accredited or unaccredited certification, the registrar who issued the certificate to the company does periodic audits to determine whether or not the organization has a management system in place that conforms to OSHAS 18001.  Typically, these audits are done either once or twice a year. 

If it is an accredited certification, the registrar’s overall certification program is also periodically reviewed by an independent accreditation body.  This review would not include an in-depth review of each of the certificates issued by the registrar.  The focus of accreditation is primarily on the processes used – not the results achieved.

© ENLAR® Compliance Services, Inc. (2009)

So – What is Timely?

Neither OHSAS 18002 nor the dictionary (my primary sources for interpreting the OHSAS 18001 requirements) provides much help. 

OHSAS 18002 does not explicitly discuss this particular requirement of the OHSAS 18001 standard.

The dictionary isn’t particularly helpful either. It defines timely as – “well-timed, in time, occurring at a suitable time, opportunely“. The legal dictionary definition is “falling within a prescribed or reasonable time.”

As a practical matter, there are several components to a “timely” incident investigation –

•  “The CSI Factor” – As in the TV show CSI, you will want to do your immediate investigation of an incident (who, what, when and where) while the facts are fresh – before memories fade and “the evidence” disappears.
• Dealing with Imminent Risks – Hazards that are imminent risks (e.g. defective ladders, broken guards on operating equipment) need to be addressed immediately.
• Preventing Future Injuries – Since the primary purpose of incident investigation is prevention of injuries, the root causes of an incident (why and how) need to be determined and addressed before another similar incident occurs.

An investigation does not need to be completed all at once in order to be timely.

An incident investigation is often done in two stages:

1. Initial information collection – preserving the evidence
2. Root cause analysis – determining what the evidence means

The initial of collection of information about the incident usually needs to be done quickly. The root cause analysis typically takes more time.

So what do you think? Let me know by completing the survey below or posting a comment.

© ENLAR® Compliance Services, Inc. (2009)

 One of the conclusions set out in this paper is that the “accountability mechanisms” common to management system standards can have a negative impact on OH&S performance.

The authors suggest that many of the fundamental requirements of management system standards – establishing accountability, performance tracking and internal auditing – are “antithetical to measures that our findings suggested had a positive impact on OHS.”  They go on to discuss social science research that finds that accountability mechanisms can decrease trust and, as a result, negatively impact performance. 

What does this mean for OHSMS internal audit programs?

 First, it is important to recognize that internal audit programs have a purpose.  That purpose is best summed up by the phrase – “Trust – but Verify.” That is why OHSAS 18001 includes an internal audit program requirement.

 As Steve Covey states in his book - Nothing is as Fast as the Speed of Trust there is a difference between Judgment – what he calls “Smart Trust” and Gullibility.  Extending trust can bring great dividends; however, it can also create significant risks.  The goal is to find the appropriate balance of trust and scrutiny to manage risk appropriately while avoiding both gullibility and excessive suspicion.

 With that in mind, let’s examine the goal of an internal management system audit. 

 In an effective OH&S management system, the goal of your audits should be to find evidence of conformance – to verify that processes are being done right.  This means that the focus should be on documenting conformance NOT on finding nonconformities. 

It is human to resent being audited – very few people like having their work questioned.  Simply shifting the focus of the audit process away from a negative intent (finding problems) to positive (celebrate what you are doing right) will go a long way to improving the process and increasing trust.  So will treating the identification of any nonconformities as opportunities for improvement rather than occasions to assign blame.

Recognize the negative impact audits can have on “trust” and take steps to mitigate them.

Avoid using internal audits as “buck passing” or “institutional feel good” exercises. Make sure that top management is as invested in providing the resources needed to fix problems as they are in identifying them in the first place.  Here’s a thought – perhaps you can put a positive spin on your audit program by having a set amount of “safety bonus” dollars that are immediately available to fund one or more “opportunities for improvement” identified during the audit.  Every safety program has potential improvements that aren’t being pursued becaue of lack of funding.

© ENLAR® Compliance Services, Inc. (2009)