Health and safety record keeping is a key component in effective safety management but is often a job that is neglected. Do electronic record-keeping systems reduce the burden and save vital time? Beverly Coleman investigates.
From the minutes of safety committee meetings and accident reports statutory to compliance documentation, record keeping is an intrinsic part of the management of health and safety. Although record keeping can often be burdensome and complex, the benefits of a good system of record keeping outweigh the disadvantages of not having one.
As we increasingly move towards digitised ways of working, more and more businesses are adopting new ways of keeping and maintaining records; notably using electronic record keeping systems. Electronic records are documents created by means of electronic equipment, such as using software packages like Word and Excel, hard copy documents such as Landlord Gas Safety Records for business premises being scanned and saved in electronic folders or databases, emails, and even electronic calendar systems. Just as with hard copies they must be composed and maintained so that they are easy to understand and are retrievable when required.
Why records need to be kept
There are a number of reasons why record keeping is an essential part of good health and safety management.
To maintain legal compliance, a variety of documents are required to be kept, eg accident and incident reports. Many companies have adopted online systems where accidents/incidents can be reported by all those who have access to a PC or smart device at any time, swapping the traditional accident book, for an electronic solution.
In the event of more serious accidents and injuries that require employers to report to the enforcing authority using their online system under the Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013, an electronic report is generated and must be kept. Accident records can also be called upon as evidence against prosecutions or claims for compensation.
Additionally, requirements extend to the need to keep risk assessments on file under most modern health and safety legislation. The general duty to carry out risk assessments is documented in regulation 3 of the Management of Health and Safety at Work Regulations 1999 and specific legislations also cite the need for risk assessment, eg the Control of Substances Hazardous to Health Regulations 2012, the Provision and Use of Work Equipment Regulations 1998 and the Regulatory Reform (Fire Safety) Order 2005.
Statutory requirements also dictate the length of time records should be kept, for example health surveillance records: under the Control of Asbestos Regulations 2012, health surveillance records must be kept for 40 years.
Keeping health and safety records electronically
The range of documents to be stored electronically may vary from one organisation to another and is also dependent on level of risk — legal duty is more extensive for high risk industries. What are the pros and cons of keeping information stored electronically?
Improved compliance: systems can alert users when documents are due for renewal.
Improved staff efficiency: cuts out the time wasted in searching for information.
Better audits: documents can be found and accessed with ease. Record entries can be traced by time, date, named creator or editor, etc.
Ease of organisation: records can be stored alphabetically, chronologically or by compliance area.
Ease of retrieval: documents can be located from a number of sites and devices, at any time.
Trend analysis: some systems give the opportunity to run reports and look at trends.
Reduction of hardcopy records: more space saved in buildings and savings in off-site archiving costs.
Security: information can be compromised and privacy can be breached, eg if your network is hacked.
Training: staff must be trained in how to use the system and must also receive refresher training when systems are updated: there are obvious costs attached to this.
Obsolescence: technological advances can mean that a system may become obsolete quickly.
Superusers: problems ensue when only one or a small group of individuals know how to retrieve data and this knowledge is lost when they leave an organisation.
Downtime: systems may be interrupted by downtime of servers or the corruption of IT systems.
Price: implementation and maintenance of a records system can be costly.
Implementing an electronic recording system
Implementing the right electronic document and records management system (EDRMS) requires research, testing and due diligence before it can be launched and integrated into an organisation.
Before implementing the EDRMS, it is important to first understand what you want out of the system, how it will benefit your organisation and improve upon your current system of record keeping. Most organisations will also be interested in whether the system will provide value for money and what continued technical support will be provided.
To identify the most practical approach for managing your organisation's records you need to fully understand your in-house activities and processes. One size does not fit all and it will prove counterproductive to implement a system that has not been designed for your organisation’s specific needs. A good starting point would be to identify how staff currently collate, share and store information. Researching and implementing a new system must be a project that involves the entire workforce, from senior management who ultimately make the decision on what system to go with, to ground-level staff, who will be inputting data into the system and maintaining it.
Once data has been input and uploaded onto a new system it then needs to be maintained in a manner that makes it easily retrievable, legible and accessible — for as long as is required. Where records need to be kept for a number of years to satisfy legal compliance, they must be stored in a secure environment. Adopting a format that allows for conversion or migration to updated systems will prevent the risk of data becoming inaccessible and outdated in the future.
It is advisable to compose a digital/electronic record management policy to document how records should be stored and maintained and for this policy and its accompanying procedures to be reviewed periodically, to mitigate the risk of loss of accurate and useful data.
Record management systems need to meet the requirements set out under the Public Records Act 1958, the Data Protection Act 1998, the soon to be introduced General Data Protection Regulations 2018 and the Freedom of Information Act 2000. Legislation requires an organisation to store and process records in a particular way and there are key obligations placed on an organisation regarding confidentiality, security and data sharing.
With the rise of mobile working and the need for information on the go, more and more people are using smart devices to access electronic data and in-house records. Such devices present added concerns when it comes data security — they can be lost, misplaced, stolen and hacked into. Data can be protected in a variety of ways to ensure that all formats: desktop or virtual cloud-based systems, an online or data management system or information accessible on hand-held devices can be password protected and files can be encrypted to prevent making them easily accessible, should systems be compromised.
Evidential weight and legal admissibility
If an organisation operates within a statutory or regulatory framework, it may be required to demonstrate that an electronic record has evidential weight and can be accepted as evidence in court. The British Standard Code of Practice BIP 0008-1:2008 Evidential Weight and Legal Admissibility of Information Stored Electronically provides guidance on this matter. Ultimately, where electronic documents and scanned images are reproduced they should accurately reflect the contents of the original. This once more reiterates the importance of implementing a quality, fit for purpose system.