I had this question posed to me by a customer today.  Essentially a safety administrator was wondering if a company is required to have employees acknowledge health and safety policies, as our software is designed to do.  The reference to policy communication is hard to find in most jurisdictions, but it is almost aways there.  In Alberta it is in the Occupational Health and Safety Act in section 32 "Written health and safety policies", subsection (c) "...as far as reasonably practicable, inform that person's workers of the policy."

The term "reasonably practicable" is certainly open to interpretation.  Your organization may believe printing policy binders and making them available on bookshelves in the office or shop will suffice.  Our feeling is that a formal acknowledgement, like the one offered in our software will certainly prove due diligence for your policy communication needs.

The topic of policy communication a bit of a concern for organizations that are RAVS certified by ISNetworld.  Essentially you've written health and safety policies and submitted them to ISN for approval, yet because they are long, detailed and dry, you may not have plans to communicate the policies to your employees.  I believe most auditors and courts would subscribe to the idea that those policies that pertain to each worker's health and safety need to be communicated.  Using a couple of examples, only employees working in and around confined space need to be made aware of the confined space policy, and only employees that may be required to work alone need to be made aware of the company's working alone policy.  Our software makes this differentiation by role easy; assign policies only to the positions that are exposed to the hazards in question.

SafetySync takes the policy communication element one step further.  The system allows workers to decline a policy if they do not accept it or understand it.  Our feeling is that it is "reasonably practicable" to allow a worker to take exception to a policy or suggest improvements.  Declines happen only very rarely, but the manager or administrator is immediately notified and can follow up on any concerns, rather than simply assuming everyone accepts a policy as it is written.  Employee input and regular reviews are important parts of safety program development.

We've been asked a few times by customers how they can use SAFETYSYNC to ensure compliance with Ontario's new law on Workplace Violence and Harassment, Bill 168.  There are two elements of the law that require attention: policy and training.

WORKPLACE VIOLENCE POLICY
All companies must have a Workplace Violence Policy "posted prominently" by June 15, 2010.  If you don't already have a Workplace Violence Policy, you might consider developing one or hiring an OH&S consultant to help you with this process.  Once the policy has been approved for distribution, load it into the SAFETYSYNC company administration portal as a new policy (under Documentation / Policies in the menu), by clicking "Add Policy".  

 

We have a template workplace violence policy, however most clients start with a blank policy. Policies can be typed, copied and pasted, or uploaded as pdf documents.  After you've saved your first version, assign the policy to EVERY position in your orgainization by clicking "Select All" in the "Required" column of the Positions tab.

Employees will be sent an email at the reminder interval you've specified, with a link to the outstanding policy.  They will be required to acknowledge the new Workplace Violence Policy to maintain their 100% compliance with your safety program.

WORKPLACE VIOLENCE TRAINING
All companies must now train their employees ANNUALLY on how to recognize signs of violence and harassment, as well as how to respond and deal with those situations.  We have two lessons on Workplace Violence in SAFETYSYNC (under the Violence and Security course):

 Workplace Violence Awareness (10 mins)
 Workplace Violence Prevention and Response (5 mins)

We recommend turning on both lessons, but as with all our courses, the lessons you choose are completely customizable.  The course can be assigned to employees by making it "Required" for all positions.

Alternatively, if a company has another training video which they've licensed or discovered elsewhere online, it can be uploaded or linked accordingly.

By default, a number of quiz questions will be assigned for the two lessons, along with a pass rate of 80%.  Feel free to add or remove questions, and adjust the pass rate.

Last but not least, go into the course settings, and set the expiry for the course to "1 year".  Employees will have to re-take the course annually to remain compliant with Bill 168.

At the request of one of our larger customers, we have added a couple of new fields to the "Policy Version Details" screen that pops up when you click "Save As New Version" when editing, reviewing or updating a policy:

1. Administrators can now change the Revision Date themselves.  This is particularly relevant when entering existing policies into the system.  In the past, the simple act of uploading the policy would reset the revision date; but for some companies they went through the formal review process on an earlier date.
2. Administrators must also enter a "Reason for Change / Modifications" when creating a new policy version.  This is required for audit trail purposes in OHSAS 18001 and CSA Z1000.  It also helps the administrator recall the reason for changes, and what modifications were made at a quick glance without having to open the prior version and review it.

The Oil & Gas Inquirer recently had an excellent arcticle (Service Firms Plead for a Coordinated Safety Registry System) that highlights the controversy surrounding contractor registries, with a particular focus on ISNetworld.

Some of the more unflattering comments were:

    "...we're not really sure if there is a positive impact on the industry's safety performance."
    "It's an ongoing irritant to the contracting community."
          -  Wally Baer, President and CEO of Enform

    "You just don't need it here."
    "There is no value-added.  I don't think it assists the operator a whit in determining what is a safe rig."
          -  Don Herring, President of CAODC

    "ISNetworld is driving a proprietary standard that does not seem to support openness or data sharing..."
          -  Cal Fairbanks, President and CEO of Canadian HSE Registry

Personally, I feel that ISNetworld is being judged on its ability to deliver improved safety performance, which isn't entirely justified.  Contractor registries really only do one thing well: manage risk for prime contractors.  I mean really... how can a registry improve safety when the workers play absolutely no part in getting a company green-lighted in ISNetworld?  All the work is being done by each company's safety department (or increasingly by consultants) to write new policies that satisfy RAVS protocols.

By forcing contracting companies to write and submit more comprehensive safety policies, the prime contractors have satisfied their due diligence requirement.  What service companies may not realize is that the process exposes their companies to increased risk.  The sub-contracting firms must now adhere to the standard levels they've set for themselves in the policies.  This means service companies must properly communicate policies to employees, provide comprehensive awareness training, and so on.  If (and only if) the service companies do their part, and implement better safety management systems, will safety performance actually improve.

This is where Enform and their Certificate of Recognition can come in.  They actually send auditors to the service companies to review records and interview employees.  The COR process could either point out that the policy binders are simply collecting dust, or they could collect reports from a Safety Management System that demonstrates compliance.  This transformation is likely coming soon, so its probably best to invest in a Safety Management System like SAFETYSYNC and be prepared.

Printed material has been the most efficient means of storing and sharing documents since Johannes Gutenberg invented the printing press in 1440.  Paper documents became even more pervasive when as computer companies like Hewlett Packard made printers affordable enough to be available in every office.

I saw an article recently about Kindle, Amazon.com's electronic book.  Newsweek calls it "the iPod of reading".  It can download any book from a catalog of 240,000 titles in just 60 seconds.  And it can store 1,500 books!  Amazon has already sold over 500,000 of the electronic books, and they can't keep up with demand.  This trend has enough momentum that I think kids growing up 30 years from now will have to go to a museum to see a printed book.

Paper is still ingrained in our business culture though, and safety departments are one of the heaviest users.  I've seen companies that have an administrator in the safety department dedicated to printing, binding and distributing paper full time.  Just think how much paper is generated for policy manuals, procedure binders, Material Safety Data Sheets and the dozens of types of safety forms.

It's hard to imagine now, but I see paper use steadily falling over the next few decades, as more and more companies realize that storing documents online is more reliable, secure and cost effective than paper.  This transition will happen sooner in organizations with dispersed workforces; nearly all workers now have (or will soon have) access in the field to a computer (or similar device) and the Internet.  With the right software (ie. an online Safety Management System like SAFETYSYNC), a company will have all it needs to make the move to electronic documents.  Solutions that offer the ability to print and sign a document will be the ones that are adopted first, since this practice is still important for due diligence purposes.

Our Form and Recordkeeping components are going to be released soon in Beta for testing.  If you're interested in moving some or all of your forms online, give us a call!

I have had a number of conversations recently with Jeff Morrow, the Publisher of Worksite News, which is a leading health and safety magazine in Canada.  I thought there could be more emphasis on Safety Management Systems in the publication, since many organizations are now struggling to meet CSA Z1000, OHSAS 18001, and the new Certificate of Recognition standards due out soon.  He agreed and suggested that I might regularly contribute some editorial content.  My first submission has been added to the March/April 2009 issue (page 17) - "Managing health and safety policies online: More than merely posting".

The print version is due out in the third week of March, but the online version is available now:

http://www.worksite-news.com/Articles/13-18.pdf (scroll down to page 17)

Please have a read through the article and feel free to comment here on my blog!

Unfortunately, revising safety policies to meet new standards can be an onerous task. For many companies it means a complete overhaul of their safety manual. There are logistical and corporate issues that need to be addressed when creating new policies. Here are a few points to consider when updating your safety manual:

First, ensure new policies work for your company’s structure, work conditions and corporate culture. Having a 10 page policy may meet every standard and regulation in the world, but if the policy does not apply to your company, the policy is not going to work. 

Second, as Brian mentioned in July’s blog, you need to ensure that these new policies are being communicated to your employees. In the past, sub contractors believed that their job was done once the policies were written. Unfortunately, this is only half the battle; the second phase is to ensure that these polices are communicated to and acknowledged by your employees.

Prime contactors are getting wise to the fact that some of their service companies are simply sending in polices that meet their standards. A least one major producer has started to implement an audit process where they visit their sub contractors to ensure employees are aware of the new policies. The audit results have not been entirely positive.

Communicating new policies to employees was a problem that Action Health and Safety Services faced after renewing their safety manual. Sandra Minifie, CEO at Action, was spending thousands of dollars printing safety manuals and then trying to distribute the binders to employees in the field who are often in remote locations. She described it as a “logistical nightmare”.

Sandra now uses SAFETYSYNC’s policy acknowledgement system to communicate policies to Action employees. The system tracks who has acknowledged the policies, when each policy was acknowledged and what policy version was acknowledged.

Finally, you need to have a policy management system that can adapt to changes in the industry. No longer can you print, bind and distribute a safety manual and expect it to be relevant a year later. Regulations, industry best practices and client directives will inevitably evolve and your manual will no longer be up to date.

The old-school policy change system was to send out a piece of paper, an insert, or a safety alert with the modifications. This process was impossible to manage; inserts got lost or misfiled and safety alerts were not always read. Your safety team must have a system to ensure a replacement policy makes it to the worker in the field.

Fortunately, online policy management systems allow your company to respond quickly and cost effectively to changes in the industry, which will certainly happen as regulations continue to increase and prime contractors have more choice in who they hire in the current economy.

...probably not.

Organizations spend countless hours preparing, editing, distributing and reviewing policies, yet they rarely get read.  Most employees will admit after some prompting that they really didn't read through the policy manual they were handed on their first day with a new company.  This is because:
    1.  There can be an awful lot of policies to read through.
    2.  The policies are long and often very dry.
    3.  Many of the policies do not seem to apply to the employee.
    4.  Employees have more pressing things to do.
    5.  Nobody seems to care whether they read the policy anyway.

Let's face it, many companies create policies simply to satisfy regulatory requirements or to obtain a safety Certificate of Recognition.  So what ends up happening is countless policy binders get printed, only to collect dust on bookshelves.  This creates a culture of indifference toward policies that will ultimately hurt the company when a policy violation leads to a compromising situation for the company.

For example, imagine that a company implements a speeding policy.  The stated objective is to reduce the risk of an accident, but more likely than not, it is at the request of a customer or industry group.  According to the new policy, management is required to monitor speeding in company vehicles and discipline employees accordingly.  Yet employees, indifferent to the policy, speed regularly while driving company vehicles.  Managers, vaguely aware of the policy, are more interested in getting workers to the job site on time than in preventing speeding.  Then the unthinkable happens; an employee is involved in a serious accident, and speed is determined to be a contributing factor.  Will the fact the company had a speeding policy help their defense in court?  Or will it expose them to additional risk, for not exercising the care and attention the policy required?  My guess is the latter.

Policy binders are about to get much larger too.  Many large energy and construction companies in the US (and now Canada) require their contractors to join ISNetworld and comply with the safety policy Review and Verification Service, or RAVS for short.  The policy requirements are based on Occupational Health and Safety regulations in each jurisdiction.  Here in Alberta, there can be as many as 39 different protocols, depending on the type of work a company performs.  And it's not enough to have a policy, it must match the criteria set out in the regulations.  The policies are so complex in fact, that consulting companies (like Workforce Compliance Safety here in Calgary) do a fine business simply helping their clients through the process of becoming RAVS compliant.

Policies are an integral part of a company Health and Safety Program, but we're "improving" them to the point that they're becoming almost ineffective.  I am writing this post to open a dialog on how to increase the size and complexity of policies, while still keeping them relevant and interesting for employees to read.

My personal opinion is that the largest challenge lies in effectively disseminating the policies to employees.  We've created a policy management tool that allows safety administrators to load their policies into our portal, then assign the policies to various positions within the company.  As employees log onto the SafetySync safety management system, they are prompted to individually review and accept (or decline) the various outstanding policies.  The tool has been designed to track and manage minor and major modifications.  Major changes are saved as a new version, which employees are required to accept a second time in order to remain "compliant".  The policy component is in Beta testing at the moment, so clients are encouraged to try it out and provide feedback.

If you don't have an account, feel free to sign up for our software and try it out (as well as the other safety management components we offer).