Our colleague Valerie Butera, a Member of the Firm at Epstein Becker Green, has a post on the OSHA Law Update blog that will be of interest to many of our readers in the financial services industry: “OSHA’s New Electronic Recordkeeping Rule Creates a Number of New Pitfalls for Employers.”
Following is an excerpt:
On May 12, 2016, OSHA published significant amendments to its recordkeeping rule, requiring many employers to submit work-related injury and illness information to the agency electronically. The amendments also include provisions designed to prevent employers from retaliating against employees for reporting injuries and illnesses at work. The information employers provide will be “scrubbed” of personally identifiable information and published on OSHA’s website in a searchable format. …
OSHA plans to rely upon computer software to remove personally identifiable information from these records. The software will supposedly remove all of the fields that contain identifiers such as the employee’s name, address, and work title, and to search the narrative field in the form to ensure that no personally identifiable information is contained in it. OSHA’s reliance on a computer system to detect every piece of identifiable information in a narrative is terribly risky and increases the potential for a data breach.