The U.S. Occupational Safety and Health Administration’s new injury tracking application (ITA) is back online after a possible data breach was dismissed last Friday, Business Insurance reports.
Launched on Aug. 1, the ITA was created to support OSHA’s Improve Tracking of Workplace Injuries and Illnesses rule. Developers designed the web portal so that employers may easily submit OSHA 300 Logs, 301 Forms and 300A Forms — all of which are used to report worksite injury and illness information — online. After the launch, companies with at least 250 employees were required to electronically submit their 2016 records immediately, while all remaining businesses were to do so by Dec. 1.
However, two weeks after the ITA launch, OSHA representatives explained via a note on the administration’s website that “technical difficulties” were making some of the application’s pages unavailable. On Aug. 14 an OSHA spokesperson said that the agency was notified by the United States Computer Emergency Readiness Team in the Department of Homeland Security that there was a potential compromise of user information. OSHA identified and contacted the one company that appeared to have been affected.
“A complete scan was conducted by the National Information Technology Center and it has been confirmed that there was no breach of the data in OSHA’s Injury Tracking Application and no information in ITA was compromised,” a spokesperson for the agency said in a statement last Friday. The representative also explained that the agency’s biggest concern was the potential compromise of personally identifiable information, such as usernames and passwords.
But, because the agency is in the first stage of the new rule’s staggered rollout, the information already reported in the app included non-threatening information such as on-the-job deaths and injuries. Former OSHA administrator David Michaels told Bloomberg BNA that even if there was a breach, no sensitive material would have been revealed.
Additionally, former OSHA Chief of Staff Deborah Berkowitz said that the agency has “decades” of experience collecting other forms of employer data online.
“This agency has a lot of experience with doing this—and doing it right,” said Berkowitz, a senior fellow at the National Employment Law Project. “This is a brand new application, and because of the new administration, it was never tested. OSHA should use this time to get it right and protect the data base”.
The entire OSHA website was scanned and improvements were implemented, according to the agency. However, no specific upgrades were mentioned. Access to the ITA has been restored, and OSHA said it will continue its established security monitoring.
Learn more about how Worksite Medical can keep you and your employees in compliance with medical surveillance.
Give us a call at 1-844-622-8633, or complete the form below, to schedule an on-site visit today.
