By the OSHA Practice at Conn Maciel Carey LLP
After years of advocacy for change to (or to rescind) OSHA’s controversial Obama-era rule to “Improve Tracking of Workplace Injuries and Illnesses” (aka the E-Recordkeeping Rule), and a transition to the de-regulatory platform of the Trump Administration, OSHA has taken a step (hopefully just the first step) to pare down the E-Recordkeeping Rule. Specifically, OSHA announced a Notice of Proposed Rulemaking to amend the E-Recordkeeping Rule. While the proposed change will undoubtedly be welcomed by Industry, the scope of the proposed change, however, does not address most of the fundamental concerns employers have repeatedly raised about the controversial rule.
The Proposed Rule includes only one significant change to the current regulation. The proposal seeks to eliminate the requirement for the largest employers, those with establishments with 250 or more employees, to annually submit to OSHA the data from their 300 logs and 301 detailed incident reports of recorded injuries and illnesses via OSHA’s new online web portal. However, the proposal leaves intact the concerning requirements for these large employers and many smaller employers to annually submit 300A annual summary data via OSHA’s electronic portal.
Perhaps even more concerning to employers than leaving in place a portion of the electronic data submission requirements, the proposed rule does not disturb in any manner the highly controversial “anti-retaliation” provisions, or the interpretations of those provisions included in the 2016 final rule preamble. In addition to establishing requirements for electronic submission of injury and illness recordkeeping data, the 2016 E-Recordkeeping Rule endeavored to restrict employers’ rights to adopt employee injury reporting policies and expanded OSHA’s enforcement authority by introducing a vague new set of “anti-retaliation” provisions.
Particularly controversial was the impact of OSHA’s new anti-retaliation provisions on employers’ policies for post-injury drug testing, safety incentive programs, executive compensation and bonuses, and post-incident discipline. Although none of those terms even appears in the 2016 regulatory text, OSHA included a panoply of new restrictions impacting very common workplace policies and programs in the Preamble to the Final Rule. For more information about the controversial anti-retaliation elements of the E-Recordkeeping Rule, check out our previous blog post.
Because OSHA’s new Notice of Proposed Rulemaking does not address most of the fundamental concerns employers have with the Rule, we expect it to receive faint praise from the employer community, and most certainly to draw comment for the agency to go further to undo this highly contentious Obama-era rule.
Here is a little background and an analysis of the situation:
Tortured History and Difficulties Implementing OSHA’s E-Recordkeeping Rule
On May 11, 2016, OSHA published its Final Rule for injury and illness recordkeeping electronic data submissions. The rule fundamentally changed OSHA’s long-standing injury and illness recordkeeping program by requiring injury and illness data to be proactively shared with OSHA, which intended originally (and still, but after some delay) to publicize the data for all the world to see. Historically, unless OSHA opened an enforcement inspection at an employer’s workplace or the Bureau of Labor Statistics requested an employer to participate in its annual injury data survey, employers’ injury and illness data was maintained internally and remained strictly confidential.
In a major policy shift, President Obama’s OSHA enacted the E-Recordkeeping Rule to require hundreds of thousands of employers to submit injury and illness data, later to be published by OSHA in an online database available for public viewing. Specifically, the 2016 E-Recordkeeping Rule required:
- All establishments with 250 or more employees in industries covered by the recordkeeping regulation to submit to OSHA annually their injury and illness data and information from their OSHA 300 Logs, 301 Incident Reports, and 300A Annual Summaries.
- Establishments with 20-249 employees in select “high hazard industries” to annually submit information from their 300A Annual Summaries only.
- All submissions to be done electronically, via a purportedly secure OSHA website portal.
Given the breadth and sensitive nature of the data required to be submitted under the Rule, employers were highly alarmed about the rule, including concerns about how this data would be mined, potentially distorted, likely misunderstood, and certainly used against individual companies by labor union organizers, competitors, the media, plaintiffs’ attorneys, etc. It was also clear that its use would most certainly undermine the “no-fault” nature of the 29 C.F.R. 1904 injury and illness recordkeeping regulations.
Since promulgation in May 2016, implementation of the Rule has been mired in difficulty, and frankly, OSHA has seemed tortured over whether and how to actually move forward with implementation. The July 1, 2017 original data submission deadline became a moving target and source of uncertainty as to the future of the Rule. Shortly before that first deadline, OSHA announced an indefinite suspension of the submission deadline, and later published a Notice of Proposed Rulemaking to extend the submission deadline to December 1, 2017. The proposed new December 1st deadline was cleared by the Office of Management and Budget later than expected, so OSHA sought another delay of the deadline to December 15, 2017. Then, in a press release on December 18, 2018, OSHA announced that it was giving employers additional time, until December 31, 2017, to submit their data.
Additionally, as it was continually pushing the data submission deadline, OSHA made several announcements about expected changes (and possible rescission), including a Spring 2018 announcement that it would not require submission of 300 and 301 data from any employer, just the 300A Annual Summary data.
On top of all this, the agency had serious difficulty launching and operating its electronic portal, the Injury Tracking Application (ITA). OSHA’s initial roll-out of the ITA was delayed, and then, almost immediately after it was rolled out, website security concerns caused yet another setback, further legitimizing employers’ privacy concerns about use of the electronic portal. Less than two weeks after OSHA launched the ITA, the Department of Homeland Security notified OSHA there was a potential compromise of user information on the ITA during a pilot test run period. OSHA immediately disabled the ITA until it purportedly worked out the data security issues.
The Legal Challenges
Then there were the legal challenges. Shortly after the rule was promulgated, industry groups brought a legal challenge to the anti-retaliation elements of the rule and sought a preliminary injunction to prohibit enforcement of those portions of the rule. (TEXO ABC/AGC v. Perez, No. 3:16-cv-01998-D (N.D. Tex. July 8, 2016)). On November 28, 2016, a Texas federal district court denied the preliminary injunction to halt enforcement of the Rule. But on June 29, 2017, the Trump Administration filed a motion to stay the proceedings in that legal challenge on the basis that OSHA was considering revisions to the rule, and the judge administratively closed the case pending further rulemaking by OSHA. Most people tracking the Rule and these proceedings assumed this move by OSHA signaled the agency’s intent to rescind at least the anti-retaliation provisions.
Industry opponents of the Rule brought a second legal challenge to the electronic data submission requirements of the rule (Nat’l Assn. of Home Builders et al. v. Perez et al., No. 5:17-cv-00009 (W.D. Okla. Jan. 4, 2017)). However, on July 10, 2017, the Trump Administration joined a request by the industry plaintiffs to stay that legal challenge because the new Administration indicated its intent to reopen the rulemaking to either rescind or amend the rule. The District Court Judge granted the stay.
Thus, the litigations challenging both aspects of the rule have remained dormant since last year, based on the Trump Administration’s representation that it would review and likely revise the Rule. With the issuance of this week’s proposed rule, the view that the Administration’s revisions to the rule would negate the need for further litigation no longer appears to be the case. The proposed changes do essentially nothing to address the subject matter of either of those legal challenges.
The July 30, 2018 Proposed Rule
In sum, after a couple of years of informal changes, extended deadlines, and industry challenges, OSHA finally rolled out a NPRM to amend the E-Recordkeeping Rule. However, rather than settling the status of this Rule, this proposal will mire the rule in further controversy. Here specifically is what the proposal entails:
- Amend 29 C.F.R. § 1904.41 by removing the requirement for establishments with 250 or more employees to electronically submit information from OSHA Forms 300 and 301; and
- Require employers to submit their Employer Identification Number (EIN) along with the data.
83 Fed. Reg. 36494 (July 30, 2018).
OSHA’s rationale for the proposal is based on protecting worker privacy by eliminating the electronic collection of case-specific data containing identifying employee information and sensitive health information about specific individuals. The agency has apparently now recognized that collection of such information, which is all over OSHA Forms 300 and 301, adds uncertain enforcement value, yet poses a potential privacy risk because, even if the agency successfully scrubbed the portal data to protect this information, it might still be made public pursuant to a Freedom of Information Act (FOIA) request. Because no such employee privacy concern exists associated with the 300A Annual Summary data (because that data is not included on 300A forms), OSHA’s proposal maintains a requirement to submit this data, thereby essentially giving no merit to the myriad other concerns about the rule raised by Industry.
OSHA’s decision to propose to narrow the scope of the rule is not surprising. It had already telegraphed that intent in two Regulatory Agendas, in numerous speeches, in postings on its website, and in court filings in the legal challenges to the Rule, and already implemented some changes as interim measures without rulemaking earlier this year. However, because of the tiny scope of this proposed change, employers’ other concerns with the rule were seemingly ignored, and this proposed revision falls far short of what Industry was expecting. Given President Trump’s commitment to deregulation and clearing unnecessary burdens from employers, the proposed change – which took more than a year to publish – is a major disappointment.
What Should Employers Do Now?
Employers have the opportunity to submit comments on the proposed rule though September 28, 2018. OSHA is specifically seeking comment only on the proposal to cut out the 300 and 301 data submission requirement and the impact of that requirement on worker privacy. And employers should do that, including presenting the risks posed by exposing workers’ sensitive information to possible FOIA disclosure (a topic OSHA is currently addressing in a legal challenge filed by Public Citizen).
However, we would not stop there. With the rulemaking record being re-opened, even if just cracked open, we strongly recommend that Industry seize this opportunity to advocate for further revisions. The employer community should engage with the agency in a fulsome manner.
And that is why Conn Maciel Carey’s national OSHA Practice is assembling a group of cross-sector organizations to support the preparation of comprehensive comments to address OSHA’s proposed changes, and to raise to OSHA deep concerns with the remaining data submission requirements (likely for public dissemination), as well as the anti-retaliation elements that restrict safety incentive programs, post-injury drug testing, and post-incident discipline.
Comments are due by September 28th, so we need to begin our effort soon. Contact any of the attorneys in Conn Maciel Carey’s OSHA Practice for more information how to participate in this Rulemaking.
3 thoughts on “OSHA Announces Proposed Changes to its Controversial E-Recordkeeping Rule — Industry Comments Are Needed”
[…] https://oshadefensereport.com/2018/08/06/osha-proposes-changes-to-its-controversial-e-recordkeeping-… […]
I say, “Keep personal data personal and do not allow it to see any light.” I believe this is wrong on so many levels. I understand tracking types of injuries but we can do that without exposing individual’s personal health or sickness to the world.
[…] California has taken a different approach from those State Plans that formally adopted the Rule as-is and those that still have not. On September 19, 2018, California Governor Jerry Brown signed California Assembly Bill 2334 (“AB 2334”) to make various workplace safety and health changes to California law, which is largely in response to fed OSHA’s recent proposal to eliminate the requirement for large employers to submit 300 Log and 301 Incident Report …. […]