The CWS is comprised of associations and employers who believe in improving workplace safety through cooperation, assistance, transparency, clarity, and accountability.
The Honorable Loren Sweatt
Acting Assistant Secretary
Occupational Safety and Health Administration
U.S. Department of Labor
200 Constitution Avenue, N.W.
Washington, D.C. 20210
VIA ELECTRONIC SUBMISSION: http://www.regulations.gov
Re: Proposed Revisions to Tracking of Workplace Injuries and Illnesses, 83 Fed. Reg. 36494, (July 30, 2018); OSHA Docket No. OSHA-2013-0023
Dear Ms. Sweatt:
The Coalition for Workplace Safety (“CWS”) is comprised of associations and employers who believe in improving workplace safety through cooperation, assistance, transparency, clarity, and accountability. The CWS believes that workplace safety is everyone’s concern. Improving safety can only happen when all parties—employers, employees, and OSHA—have a strong working relationship.
On behalf of its members, CWS submits the following comments on OSHA’s Proposed Rule, Tracking of Workplace Injuries and Illnesses (83 Fed. Reg. 36494, July 30, 2018). Despite significant employer opposition, including from CWS and its members, in May 2016 OSHA revised its recordkeeping regulations at part 1904 to require that employers electronically submit to OSHA, on an annual basis, the OSHA 300A Form, 300 Log and the 301 Forms, depending on the number of employees at the employer’s establishment. 81 Fed. Reg. 29624 (May 12, 2016). This final rule also required employers to establish a “reasonable” policy for employees to report injuries and safety violations, which OSHA interpreted to prohibit certain employer policies and procedures that the agency believed dissuaded employees from reporting work-related injuries or illnesses (the “anti-retaliation” provision). Id.; 29 C.F.R § 1904.35(b)(1)(i).
OSHA originally asserted that making such information publicly available would “encourage – or, in the behavioral economics term ‘nudge’ employers to take steps to prevent injuries so they are not seen as unsafe places to work.” 78 Fed. Reg. 67254, 67256 (November 8, 2013). OSHA now takes the position that the privacy concerns of employees outweigh the benefits of collecting certain injury and illness records, and that such information is exempt from disclosure pursuant to the Freedom of Information Act (“FOIA”). 5 U.S.C. § 552(b)(7)(C). Because of these privacy concerns, OSHA now proposes to eliminate the final rule’s requirement for establishments with 250 or more employees to electronically submit Forms 300 and 301. However, OSHA proposes to require all covered establishments—those with 250 or more employees and those with 20-249 employees that are classified as a hazardous industry listed in Appendix A—to continue to submit Form 300A. As such, employers involved in manufacturing, construction, and other fields are required to submit Form 300A even if they have less than 250 employees.
While eliminating the requirement to submit Forms 300 and 301 is a positive step, leaving the submission of 300As in place still puts employers at risk for improper disclosure and release of sensitive employer information. Furthermore, the proposal does not address the problems associated with the anti-retaliation provision which have been noted throughout the development of this regulation. Accordingly, CWS urges OSHA to revise this proposal to eliminate the filing of the 300A forms as well, and to rectify the statutory and legal problems presented by the anti-retaliation provision.
I. The 300 Log and 301 Forms contain sensitive and private employee information and provide no enforcement value to OSHA.
a. OSHA is correct that the 300 Log and 301 Form contain private employee information and other sensitive medical information.
CWS agrees with OSHA that Forms 300 and 301 contain sensitive and private employee information and collecting them “adds uncertain enforcement benefits, while significantly increasing the risk to worker privacy, considering that those forms if collected, could be found disclosable under FOIA.” 83 Fed. Reg. at 36496.
Specifically, the OSHA 300 Log contains employee names, job titles, descriptions of injuries and body parts affected as well as the extent of the injury suffered by the employee and whether the injury resulted in lost work days or restricted duty. The 301 Form contains similar content as well as personal identifiers such as an employee’s home address, date of birth, and physician information, for each recorded injury. Form 301 contains even more detailed information about the injury, such as whether it resulted in hospitalization, how the incident occurred and what body parts are affected. For many employees this is sensitive private and personal medical information, which the government should protect from disclosure to the public as it has historically done.
In 1996, OSHA proposed various revisions to part 1904 - Recordkeeping and Reporting occupational Injuries and Illnesses, including revising the right of access to recordkeeping information by employees, former employees and their representatives. At that time, OSHA rightly noted, “total accessibility [to all the information on an employer’s injury and illness records] may infringe on an individual employee’s privacy interest.” 61 Fed. Reg. 4030, 4048 (February 2, 1996).
In the 1996 proposed revisions to part 1904, OSHA understood the legitimate privacy interests involved in the data collected on recordkeeping forms. “[T]he privacy interest of the individual employee versus the interest in access to health and safety information concerning one’s own workplace – are potentially at odds with one another.” Id. Due to concerns for protecting the privacy interests of employees, OSHA noted during that rulemaking that “OSHA does not intend to provide access to the general public. OSHA asks for input on possible methodologies for providing easy access to workers while restricting access to the general public.” Id.
OSHA has historically acknowledged the privacy concerns regarding sensitive and personal employee medical information. OSHA again recognized this in the 2001 revisions to the recordkeeping requirements.
OSHA agrees that confidentiality of injury and illness records should be maintained except for those persons with a legitimate need to know the information. This is a logical extension of the agency’s position that a balancing test is appropriate in determining the scope of access to be granted employees and their representatives. Under this test, “the fact that protected information must be disclosed to a party who has a need for it * * *does not strip the information of its protections against disclosure to those who have no similar need.” Fraternal Order of Police, 812 F2d. at 118. 66 Fed. Reg. 5916, 6057 (January 19, 2001).
OSHA’s current position is more in line with the agency’s historical perspective on recordkeeping data and privacy concerns. Many courts have similarly recognized that such information invokes privacy concerns. “In our society, individuals generally have a large measure of control over the disclosure of their own identities and whereabouts.” Nat'l Ass'n of Retired Fed. Employees v. Horner, 879 F.2d 873, 875 (D.C.Cir.1989). See, Yelder v. DOD, 577 F. Supp. 2d 342, 346 (D.D.C. 2008) (names, addresses, and other personally identifying information creates a real threat to privacy.), Nat’l Sec. News Serv. V. U.S. Dep’t of Navy, 584 F. Supp. 2d 94, 96 (D.D.C. 2008) (“Records…indicating that individuals sought medical treatment at a hospital are particularly sensitive.”)
OSHA has acknowledged in the proposed rule here that if the agency were to collect the 300 Log and 301 Forms there is no guarantee that such information would be protected from public disclosure and exempt from release under FOIA. 83 Fed. Reg. at 36498. Even if OSHA were able to rely on a FOIA exemption to protect these records, whether the full records would be protected is not clear. And if subject to release under FOIA, there would be no guarantee that a third party would not make access to such records publicly available on a website with no regard to concerns for employee privacy.
More importantly, whether an exemption is invoked to protect such records is at the whim of the political leadership in charge at the time the request is made for the documents. As demonstrated in this rulemaking process, the decision to invoke any FOIA exemption may change from one administration to another. If OSHA were to collect the 300 Log and 301 Forms a future administration could simply determine the documents were not subject to exemption under FOIA and release them upon request.
Whether these forms would be requested is no mere hypothetical. Public Citizen and other advocacy groups are currently seeking to compel OSHA to collect the 300 Logs and 301 Forms with the expectation that the organization can access the data to analyze and research them, and in their view “advocate for improved safety standards.” Motion for Preliminary Injunction at 15 (Public Citizen, et. al. v. U.S. Dep’t of Labor, No. 18-cv-1729-TJK (D.D.C. Sept. 7, 2018)). If Public Citizen is successful in its request, there will be no restrictions on how the data in these forms can be used, or who else would have access to it.
b. The OSHA 300 Log and 301 Forms provide no valuable enforcement data to OSHA.
CWS agrees with OSHA that there are no enforcement related benefits to collecting 300 Logs and 301 Forms. Under the current rule, the electronic submission of the 300 Logs and 301 Forms occurs well after the recording of the work-related injury or illness, making the data stale by the time OSHA receives them. For example, injuries that occurred in January 2018 would not be electronically submitted until March 2, 2019, making the data over a year old. More importantly, the information contained on the 300 Log or 301 Forms is not necessarily indicative of potential hazards in a workplace, or of potential violations of OSHA standards and regulations that may exist. U.S. v. Mar-Jac Poultry, Inc., Civil Action No. 2:16-CB-192-WCO-JC (N.D. Ga. November 2, 2016) (holding “The fact that an injury or illness is recordable does not show that it was the result of a violation of an OSHA standard. Not all hazards are the result of a violation.”) During the 2001 revision to the recordkeeping requirements, OSHA noted:
It is not necessary that the injury or illness result from conditions, activities, or hazards that are uniquely occupational in nature. Accordingly, the presumption encompasses cases in which injury or illness results from an event at work that are outside the employer’s control, such as a lightning strike, or involves activities that occur at work but that are not directly productive, such as horseplay. 66 Fed. Reg. at 5929.
The 300 Log and 301 Forms may be valuable to the employer of the establishment who can process the data to determine trends but who can also distinguish entries that result from true occupational exposure ersus those that are outside the employer’s control. In contrast, OSHA is unable to make such distinctions using the raw data. As CWS has repeatedly stated during this rulemaking, there are many injuries recorded on an employer’s 300 Log based solely on a geographic presumption (i.e., they occurred at the workplace), that in no way indicate whether an employer’s workplace is unsafe or out of compliance with OSHA standards. Therefore, to use these data to establish enforcement measures would be misguided and contrary to the original intent of the no-fault recordkeeping system. In keeping with the agency’s original intent of the recordkeeping provisions, an employer’s 300 Log and 301 Forms should not be used to trigger enforcement.
II. The 300A also contains sensitive business information, which deserves the same protection as information from the 300 Log and 301 Form.
While OSHA has appropriately established the risk of disclosure from collecting employee sensitive information, OSHA’s proposal to retain collection of the 300A annual summary presents similar, if not identical, risks of sensitive employer information being disclosed.
In CWS’ comments submitted on November 8, 2013 in response to the original proposed rule, CWS pointed out that OSHA has historically taken the position that information contained on the 300A is confidential commercial information. CWS noted that “in response to a FOIA request from the New
York Times Company (the ‘Times’) for Lost Work Day Illness and Injury (‘LWDII’) rates for roughly 13,000 worksites that submitted OSHA Data Initiative surveys, OSHA alleged that such information was exempt from FOIA under Exemption 4” as containing confidential commercial information. In response to that FOIA request OSHA claimed that such information was exempt because it was “tantamount to release of confidential commercial information, specifically the number of employee hours worked, because this number can be easily ascertained from LWDII rate…the LWDII can be ‘reversed-engineered’ to reveal EH, or employee hours.” New York Times Co. v. U.S. Dep’t of Labor, 340 F. Supp. 2d 394, 401 (S.D. N.Y. 2004). In the Times case OSHA argued that “disclosure of employee hours ‘can cause substantial competitive injury’” Id. at 402.
“[I]nformation is commercial under this exemption if, in and of itself, it serves a commercial function or is of a commercial nature.” Nat’l Ass’n of Home Builders, 309 F.3d 26, 38 (D.C. Cir. 2002) (internal citation and quotations omitted). A core component of labor costs is the total employee hours worked, which makes the information commercial in nature. The OSHA 300A annual summaries are undoubtedly “records that reveal basic commercial operations, such as sales statistics, profits, losses, and inventories, or relate to the income-producing aspects of a business.” Pub. Citizen Health Research Group v. F.D.A., 704 F.2d 1280, 1290 (D.C. Cir. 1983).
While OSHA asserts that such information is for enforcement purposes and therefore exempt from FOIA, this position is currently subject to a legal challenge and may result in OSHA being required to release the 300As pursuant to FOIA. Public Citizen Foundation v. U.S. Dep’t of Labor, No. 18-cv-117 (D.D.C. January 19, 2018). CWS urges OSHA to reconsider the requirement that employers submit their 300A annual summaries due to confidential commercial information contained in them and the very high risk of that information being disclosed at some point.
III. Employers Consider their Employer Identification Number to be Business Confidential.
The Employer Identification Number (“EIN”) is a unique number assigned by the Internal Revenue Service (“IRS”) to business entities that operate in the United States. The EIN is similar to an individual’s social security number and is used for the purposes of identifying tax accounts of business entities. The EIN is used for opening a bank account in a company name, for applying for business licenses, and for filing a company’s tax returns.
Generally, EINs are not considered protected information, since some company EINs are on public company records filed with the Securities and Exchange Commission (“SEC”). Third parties’ ability to access such information from SEC records does not diminish the concerns employers have about the wide availability of EINs. There appears to be little value to OSHA gained in collecting the EIN. Simply put, employers still maintain legitimate privacy concerns where such information is not readily available to the public. “In sum, the fact that ‘an event is not wholly 'private' does not mean that an individual has no interest in limiting disclosure or dissemination of the information.’” Dep’t of Justice v. Reporters Comm. For Freedom of the Press, 489, U.S. 749, 770 (1989) (internal citation omitted).
There are many employers, including CWS members that consider their EIN to be business confidential due to the high potential for fraud. A 2013 audit by the U.S. Department of the Treasury identified 767,071 tax returns with potentially fraudulent refunds totaling almost $2.3 billion due to stolen and falsely obtained EINs. Stolen and Falsely Obtained Employer Identification Numbers Are Used to Report False Income and Withholding, Reference Number: 2013-40-120, September 23, 2013, available at: https://www.treasury.gov/tigta/auditreports/2013reports/201340120fr.pdf.
Absent a compelling reason for OSHA to collect EINs, which is not indicated in this proposal, CWS urges OSHA not to revise the current rule to require employers to file based on their EIN.
IV. The rulemaking is silent on revisions to the anti-retaliation provision.
OSHA indicates in the preamble that it is only seeking public comments on the revisions to the electronic submission of the 300 Logs and 301 Forms. 83 Fed. Reg. at 36500. Unfortunately, the proposed rule is utterly silent on issues surrounding § 1904.35(b) which contains requirements for “reasonable procedures” for reporting injuries and illnesses and prohibits employers from discharging or discriminating against employees for reporting work-related injuries or illnesses (“anti-retaliation” provisions). Rather than respond to the employer community’s legitimate concerns regarding OSHA’s lack of legal authority for this
provision, the absence of any data or evidence to support this provision, the unworkable vagueness of the requirement for a “reasonable policy,” and the irregular regulatory procedure used to develop it, OSHA is proceeding as if this provision had no problems. One outgrowth of regulatory text that specifies only “reasonable procedures” is that OSHA has used guidance to define unreasonable policies by identifying, and effectively prohibiting, widely used and beneficial safety incentive and drug testing programs without going through the rulemaking process.
The comments submitted by the CWS during the supplemental rulemaking that led to this provision described all of these problems, and others, in detail. Those comments, signed by 70 members of the CWS, are attached for reference.
OSHA’s proposed rulemaking to revise the Tracking of Workplace Injuries and Illnesses regulation does not recognize employer concerns regarding the strong likelihood of sensitive business information contained in the 300A annual summary forms, including EINs, becoming public. This proposal also lacks any corrective action for the many problems associated with the anti-retaliation provision. For these reasons, CWS urges OSHA to revise this proposed rulemaking to address the problems remaining with the agency collecting the 300A annual summaries and the anti-retaliation provision.
For the Coalition for Workplace Safety,
American Bakers Association
American Coke and Coal Chemicals Institute
American Composites Manufacturers Association
American Feed Industry Association
American Forest & Paper Association
American Foundry Society
American Iron and Steel Institute
American Road & Transportation Builders Association
American Supply Association
American Trucking Associations
Associated Builders and Contractors
Associated General Contractors of America
Building Service Contractors Association International
California Cotton Ginners and Growers
Copper & Brass Fabricators Council
Flexible Packaging Association
Global Cold Chain Alliance
Healthcare Distribution Alliance
Heating Air-conditioning & Refrigeration Distributors International
Independent Electrical Contractors
Industrial Fasteners Institute
Institute of Makers of Explosives
International Dairy Foods Association
International Foodservice Distributors Association
International Warehouse Logistics Association
ISSA, The Worldwide Cleaning Industry Association
Mason Contractors Association of America
Mechanical Contractors Association of America
Motor & Equipment Manufacturers Association
National Association for Surface Finishing
National Association of Chemical Distributors
National Association of Home Builders
National Association of Landscape Professionals
National Association of Manufacturers
National Chicken Council
National Cotton Ginners’ Association
National Grain and Feed Association
National Lumber & Building Material Dealers Association
National Oilseed Processors Association
National Retail Federation
National Roofing Contractors Association
National Tooling and Machining Association
National Turkey Federation
National Utility Contractors Association
Non-Ferrous Founders’ Society
North American Die Casting Association
North American Meat Institute
Plastics Industry Association (PLASTICS)
Precision Machined Products Association
Precision Metalforming Association
Printing Industries of America
Retail Industry Leaders Association
Sheet Metal and Air Conditioning Contractors’ National Association
Steel Manufacturers Association
Texas Cotton Ginners’ Association
Tile Roofing Institute
Tree Care Industry Association
TRSA – The Linen, Uniform and Facility Services Association
U.S. Chamber of Commerce
U.S. Poultry & Egg Association
Western Agricultural Processors Association
Tressi Cordaro, Esq.
JACKSON LEWIS P.C.