OSHA Data Breach, What Now? (Perspectives)

On August 16th, the Labor Department temporarily shut down the Occupational Safety and Health Administration’s “Injury Tracking Application” portal due to “potential compromise” of a company’s confidential data stored in the program. The portal, born from a new recordkeeping regulation that obligates certain organizations to report employee illnesses and injuries online, went live just a couple weeks before the potential breach.

Although the regulation is scheduled to take effect on December 1st, critics remain outspokenly opposed to it and skeptical of its implementation—and this series of events may have confirmed their fears. Bloomberg BNA reports:

“The possible breach comes as the Trump administration earlier this year suspended, and is now considering reversing, a 2016 regulation that would have required for the first time hundreds of thousands of businesses to electronically report employee injuries. Trade groups and employers that oppose the rule have cited concerns that data could be publicized and accessed by unions to critique safety performance and reveal other employee information.”

Some businesses appear to have taken the portal’s downtime as an indication of ill-preparedness on OSHA’s part, and a sign that it would be better to wait until the last possible moment to submit employee data in accordance with the new rule. Our friends at Fisher Phillips write that “this advice is sound” and “[w]hile you should not wait until November 30 to try to submit data, you may want to wait until a date such as November 1.”

Whatever happens next regarding the OSHA ITA, this story is another reminder that compliance is an ongoing, and sometimes messy, process. Also: cybersecurity should be a number one priority for all of us.

Read “DOL Temporarily Shuts Down OSHA Injury Reporting Portal Because of Possible Data Breach” at fisherphillips.com.