health and safety breach case study

  • International

The Netherlands

Health and safety breaches – when is it safe to dismiss.

Published on 3rd Sep 2015

Employers have a primary duty to ensure health and safety in the workplace and that duty is to take “all reasonable steps” to take care of safety. Given this fundamental duty of care, employers are clearly sensitive to breaches of health and safety measures which put employees or third parties at risk. But is an employee’s breach of their employer’s health and safety rules more likely to justify dismissal than other instances of gross misconduct? Are employers subject to the same requirement to show the dismissal was reasonable in all the circumstances of the case?

The recent Court of Appeal decision in the case of Newbound v Thames Water Utilities Limited gives some useful guidance on the considerations for employers contemplating dismissal for a safety breach. In this case, a site co-ordinator who inspected and maintained sewers had disregarded a new safety measure put in place by the employer. He had 34 years’ service but following a disciplinary process was dismissed by his employer for gross misconduct. Another employee who was also involved in the health and safety breach received a written warning as he was less experienced than Mr Newbound.

In considering the fairness of the dismissal and the disparity in the disciplinary sanctions the employer applied to the two employees the Court of Appeal gave some useful guidance:

  • As the health and safety policy was new, employees hadn’t been trained in its significance and Mr Newbound had previously exercised his discretion regarding the use of breathing apparatus. This impacted on the fairness of the decision to dismiss as it is imperative that employees are made aware of and provided with appropriate training on any changes to existing policies or new policies if the employer wishes to be able to take action against employees who breach their terms.
  • There is no special rule about assessing the reasonableness of a dismissal on conduct grounds where the alleged misconduct involves a breach of health and safety requirements. Employers must demonstrate that the decision is reasonable in all the circumstances.
  • Length of service should not necessarily be considered an aggravating factor when considering gross misconduct. An experienced employee may have a clean disciplinary record spanning back many years and length of service, disciplinary record and the overall performance/attitude of an employee should all be weighed in the balance when considering what factors mitigate against their dismissal.
  • The disparity of treatment of the two employees was problematic. Where there is a disparity in treatment, whether in respect of the same incident or when compared to action taken over similar, historic incidents, this disparity of treatment must be clearly justified. Employers must be careful to ensure that any disparity of treatment cannot be linked to an employee’s protected characteristic(s) as this could give rise to a discrimination claim.

Serious breaches of health and safety will often entitle an employer to fairly dismiss an employee. However, it is important that employers can demonstrate that the employee was aware that their actions were in breach of the employer’s rules, particularly where an employer wishes to take a zero tolerance approach to transgressions. Key steps for employers to take are:

  • Companies need a clear and well thought out health and safety policy, tailored to their business;
  • If a health and safety policy has changed this must be clearly explained to employees;
  • Regular health and safety training should be given to employees in roles where health and safety is a particular issue (and whenever a health and safety policy has materially changed);
  • Keep well documented evidence of training given to employees and competence achieved (just having a health and safety policy will often not be enough);
  • Health and safety breaches should be documented in a log-book along with evidence of how the Company dealt with the incident and whether disciplinary action was taken; and
  • The consequences of breaches of any new health and safety policy must also be clearly set out for employees.

Serious health and safety breaches can result in substantial liability for employers and reputational damage. It is therefore important that a competent health and safety representative is appointed. Employers must also remember that an employee who suffers detriment because of anything reasonable that he or she does in connection with health and safety matters can complain to an employment tribunal and claim unlimited compensation.

If you have any questions or concerns about the issues raised in this article or would like assistance in dealing with this type of issue please don’t hesitate to contact us.

  • Employment and pensions

* This article is current as of the date of its publication and does not necessarily reflect the present state of the law or relevant regulation.

Upcoming Events

Pensions Coffee Break Webinar 13 March

Maximising your workforce's potential and considering age without limits 20 March

Sign up for our newsletter

Osborne Clarke

Legal Notice

We use cookies to help provide a better website experience for you, as well as to understand how people use our website and to provide relevant advertising.

By clicking "I agree", you'll be letting us use cookies to improve your website experience. To find out more or to change your cookie preferences, click "Manage Cookies".

Like many other websites, our website uses cookies. Cookies are small files placed on your computer when you visit our site. They serve a number of purposes, including ensuring that certain parts of the website work properly, allowing us to understand which areas of our website are the most popular and allowing us to provide more relevant advertising messages. They don't allow us to identify you directly.

If you'd prefer that cookies weren't placed on your computer when you visit our site, you can use the controls below to allow or disallow different types of cookie. Some cookies are essential for the website to work, so they can't be disallowed.

These cookies give us anonymised information on how people use our website. We use these cookies to help us tailor our site to meet the needs of our visitors, for example by making sure our most popular pages are easy to find.

These cookies serve a number of purposes, such as allowing you to share our content with your friends and social networks. We also use these cookies to provide targeted advertising, so you may see relevant adverts based on the pages you look at on our website.

We're here 24/7, 365 days a year.

man in a coffee shop using a mobile phone and a laptop

  • News & Insights

Health And Safety Dismissals - A Tale Of Two Cases

By danielle parsons, partner and rebecca denvers, an associate and practice development lawyer in the employment team at irwin mitchell.

Danielle Parsons and Rebecca Denvers compare two recent decisions in which the claimants argued that their dismissals were automatically unfair under the ‘serious and imminent danger’ provisions in the ERA

Tribunals are starting to make decisions about COVID-19 related claims which were brought in the early stages of the pandemic. These include two recent claims in which employees raised concerns about health and safety issues in the workplace and were then dismissed by their employers.

Contrasting decisions were reached in Accattatis v Fortuna Group (London) Ltd [2021] and Gibson v Lothian Leisure [2021].

These rulings identify important lessons for employers and in-house advisers.

In both these cases, the employees involved did not have the two years’ continuous service required to bring an ordinary unfair dismissal claim. Instead, they claimed automatic unfair dismissal under s100(1)(e) of the Employment Rights Act 1996 (ERA). This requires an employee to show that the reason for their dismissal was that:

… in circumstances of danger which the employee reasonably believed to be serious and imminent, he took (or proposed to take) appropriate steps to protect himself or other persons from the danger.

Oudahar v Esporta Group [2011] confirmed that to be protected under s100(1)(e) ERA, the following criteria must be met:

  • there must be circumstances of danger which the employee reasonably believed to be serious and imminent;
  • the employee took or proposed to take appropriate steps to protect themselves or other people from danger; and
  • the employee took or proposed to take appropriate steps to communicate those circumstances to their employer by appropriate means.

When these criteria are met, it will next be a case of asking whether the sole or principal reason for the employee’s dismissal was that they had taken or proposed to take such steps.

If so, the dismissal will be automatically unfair.

It is irrelevant whether the employer agrees or disagrees with the employee that the circumstances of danger were serious, as the tribunal must consider the employee’s state of mind at the time.

Mr Accattatis was employed as a sales and project co-ordinator for a company which sold and distributed personal protective equipment (PPE). The company’s staff were considered to be 'key workers' and the business remained open throughout the first lockdown.

In early March 2020, the company started to take measures to protect its staff in line with what was known about the transmissibility of the virus and the government advice at that time. The company also wrote to all staff to confirm that it would respect any employee’s desire not to attend work at that time and that any absence should be taken as either unpaid leave or holiday.

Mr Accattatis developed COVID symptoms on 30 March 2020 and self-isolated. He told his employer that he expected to return to work on 6 April, but he continued to feel unwell and obtained two self-isolation notes to explain the reasons for his continued absence. Shortly before Mr Accattatis was due to return to work, he wrote to his manager asking to be furloughed. He tried to persuade his employer that furloughing him would be a ‘win win’ situation (because he would receive 80% of his normal pay instead of statutory sick pay and the company could recoup that money from the government).

The employer, unsurprisingly, took a different view. At that time, the demand for PPE was unprecedented due to severe shortages, with some NHS staff wearing bin bags. Fortuna urgently needed staff working to meet this demand and felt that Mr Accattatis should return to work as soon as he was well.

Undeterred, Mr Accattatis argued that the government had told people to work from home if they could, that he was still suffering from flu-like symptoms and that he did:

… not feel comfortable [about] the idea of using public transport and coming into the office during this lockdown.

He then suggested that the only ‘logical’ options were allowing him to work from home (although he gave no indication about how this would work given that part of his job involved being physically present in the warehouse) or placing him on furlough. He concluded that:

Both solutions work for me. Up to you which one you find more convenient. 

After his request was again rejected (and in a marked change of tone), he asked his employer to reconsider its stance on furlough as he needed to pay his bills while he remained unwell. A few days later, he emailed his line manager to say that he had spoken to someone on the Coronavirus Job Retention Scheme helpline who, he claimed, confirmed that businesses could use the furlough scheme to pay staff who were self-isolating. Twenty minutes later, his line manager emailed him to terminate his employment due to:

… a general ongoing failure on your part over a period of many months to support and comply fully with our company policies and guidelines.

Based on government announcements in February and March 2020, the tribunal found that there were circumstances of danger which an employee could reasonably have believed to be serious and imminent. It also accepted that, subjectively, Mr Accattatis reasonably believed the danger to be serious or imminent.

However, the tribunal held that he had not taken appropriate steps to protect himself, or other people, from the danger. The judge said that his demands for furlough (which he didn't qualify for because he was not shielding and there was no reduction in his workload) or working from home (which wasn't feasible) were not appropriate steps to protect him from the danger. The employer had presented Mr Accattatis with the option of taking unpaid leave or holiday and he was only seeking to be placed on furlough for financial reasons.

Mr Accattatis did not therefore meet the test to be protected under s100(e) ERA and his claim for automatic unfair dismissal failed.

Mr Gibson was employed as a restaurant chef; he was successful in his role and had been promoted. As was the case for many businesses, the restaurant was faced with lockdown in March 2020 because of the pandemic. During the second week of March 2020, Mr Gibson was placed on furlough.

In the run up to the end of lockdown, the restaurant contacted Mr Gibson and asked him to come back in and ‘help out for a bit’. Mr Gibson lived with his father, who was shielding due to several medical conditions, including a brain tumour, colitis and Addison’s disease. Mr Gibson raised concerns about his father catching COVID-19 from him as the company did not provide any PPE and had no intention of requiring staff to take precautions to create a COVID-secure workplace.

In response, Mr Gibson was told to ‘shut up and get on with it’. At this point, he started to believe that the company saw him as a nuisance, despite his previously good relationship with them. His employment was then terminated with immediate effect via text without any prior discussion or any process at all. The company’s explanation for the termination was that it was changing the format of the business and running it with a smaller team.

The tribunal was again satisfied there were circumstances of danger which were serious and imminent. It found that Mr Gibson held a subjective belief that this was so, given his concerns about his vulnerable father. It was also found that Mr Gibson took appropriate steps to protect his father by raising the issue of PPE with his employer.

The tribunal concluded that the real reason for Mr Gibson’s dismissal was the steps he took to protect his father and he therefore succeeded in his automatic unfair dismissal claim.

Lessons for employers and in-house advisers

Both cases show that it has not been difficult for employees to establish a reasonable belief (both objectively and subjectively) that there were circumstances of danger in the early days of the pandemic which were serious and imminent. This seems to be a low hurdle for claimants so far.

However, it is important to note that early 2020 was a time when virus levels were high, there were no vaccines, there were high numbers of hospitalisations and fatalities and much less was known about COVID.

Over a year later, in July 2021, it seems that the UK vaccination programme has been quite successful. There are currently lower levels of the virus circulating and declining fatalities, notwithstanding the COVID variants. Once employees who have been working from home return to work, it may become more difficult for them to establish circumstances of serious and imminent danger and succeed in health and safety dismissal claims.

The more challenging legal hurdle for claimants to overcome to obtain protection under s100(1)(e) ERA will be demonstrating that they took, or proposed to take, appropriate steps to protect themselves or others from danger and to communicate the circumstances of this to their employer.

Accattatis shows that staff expressing unspecific anxieties about their working environment or travel arrangements will not be sufficient. Employees will normally be expected to explain clearly to their employer why they believe their workplace (or possibly their commute) is dangerous. They should also give it an opportunity to explain what steps it has taken to protect them and time to consider whether it can do anything else to protect them and address those concerns. It is not enough for the employee to establish that there is a risk – they must be able to show that the risk is serious and imminent despite anything they and their employer can do to reduce it.

Conversely, in Gibson, the claimant was clear and specific about the risks to his father’s health due to the lack of COVID-secure measures. The decision shows employers exactly what not to do in response to such clear employee concerns. The company held no discussions with Mr Gibson, did not try to address his concerns and put no additional safety measures in place. In contrast, Mr Accattatis’s employer acknowledged his concerns on three occasions and made reasonable alternative suggestions to protect him from the perceived danger.

Both cases make it clear that whether or not the provisions of s100(1)(e) ERA are engaged will depend on the particular facts and merits of each case.

Although these first instance tribunal decisions are not binding on any other tribunals, they provide important and useful guidance for employers. Mr Accattatis’ case highlights that s100(1)(e) cannot be automatically satisfied just because employees are not comfortable attending their workplace due to COVID concerns. Mr Gibson’s case highlights the importance of taking employees’ concerns seriously and taking reasonable steps to alleviate those concerns.

Planning the return to work

These cases suggest that many people may be worried about returning to their workplace.

In planning any return, employers should:

  • study and comply with the updated government and public health guidance – carrying out regular risk assessments and having clear safety measures in place will make employees more confident about returning;
  • consider the physical, emotional and mental wellbeing of their workforce;
  • actively consult with and engage staff when planning the return to the workplace – holding team and one-to-one meetings is likely to help ensure that individual needs are considered;
  • encourage a speak-up culture around COVID-19 so employees feel that any concerns they have will be listened to and addressed;
  • plan their approach to testing and vaccination, which are likely to be key points of concern for many workers; and
  • consider whether to implement a phased or partial return to work to ease the transition or introduce a hybrid working strategy.

Case References

Accattatis v Fortuna Group (London) Ltd [2021] ET 3307587/2020

Gibson v Lothian Leisure [2021] ET 4105009/2020

Oudahar v Esporta Group [2011] UKEAT/0566/10/DA

This article first appeared in Employment Law Journal www.lawjournals.co.uk

Contact us today

To talk about your situation

Prefer not to call?

Use our form

This data will only be used by Irwin Mitchell for processing your query and for no other purpose.

Key Contact

Danielle Parsons

Press Contact

Karen Roberts

Request A Callback

Enter you details below and we'll call you back, at a time of your choice

1000 characters remaining

Call us on: (+44) 020 8012 8455

StaySafe

What happens when an employee doesn’t comply with health and safety regulations?

Just as employers have health and safety regulations to follow, employees must also take responsibility for their own and others’ safety whilst at work. So what are the responsibilities that employees must take when it comes to their wellbeing and what happens if an employee doesn’t comply with safety regulations?

What are the safety responsibilities placed on employees and what can happen if they breach health and safety legislation? 

If an employer is found to have taken all reasonable steps to meet health and safety legislation and keep their employees safe and an employee then fails to adhere to the safety procedures or use the safety equipment provided, the employee can be found at fault in the event of an accident. In fact, they can still be prosecuted for failing to adhere to the guidelines even if no accidents occur. 

 A case reported in IOSH Magazine of a scaffolder who was in breach of health and safety legislation is a perfect example of an employee acting irresponsibly when it comes to health and safety – and being prosecuted – even though it did not cause an accident. 

Terrance Murray, a scaffolder working in Manchester, was taken to court after a concerned member of the public reported him for unsafe behaviour. Mr  Murray was captured on camera as he erected scaffolding at height. Standing on a wooden plank, Murray failed to erect edge protection required by law and although he was wearing a harness, it was not connected to the scaffolding or building.

Murray would have likely sustained fatal injuries if he had fallen from the estimated 13 to 18-metre height above the concrete deck of a car park. Members of the public could have also been seriously injured or killed had Murray fallen.

As a result of his negligence, Murray was sentenced to 26 weeks in prison, a one-year suspension and 100 hours of community service after pleading guilty to breaching section 7(a) of the Health and Safety at Work Act 1974. He was also ordered to pay costs of £500 and a victim surcharge of £115 following the hearing.

The sentence given to Murray was purposefully impactful to reinforce the importance of following company guidelines and procedures.

Other examples of employees not complying with health and safety regulations

There are several examples of employees being prosecuted for their unsafe behaviour. In 2010 a Volker Highways employee was fined over £5000 after dropping part of a street light on a toddler. A Health and Safety Executive (HSE) investigation found Joseph Parker, 25 from Romford, had not erected temporary barriers around the faulty lamp on Gillett Square in Hackney, while he was working. Temporary barriers should have been used to segregate pedestrians from the work area before Mr Parker dismantled the reflector. He was fined £2,250 and ordered to pay costs of £2,888.

In another incident in 2019 , an employee at a potato storage warehouse lifted an apprentice electrician 4 metres above the ground to carry out electrical repairs. The apprentice was lifted in a potato box balanced on the forks of a forklift truck, which then led to the apprentice falling out of the box and breaking their ribs and puncturing their lung.

The HSE found during their investigation, that the employer had carried out a suitable and sufficient risk assessment and had supplied suitable equipment to work at height, however, the employee that was in charge of the site at the time, did not use the equipment or follow the action points within the risk assessment. He was fined £2,000.

Why did responsibility fall on the individual and not the company in these cases?

In the case of scaffolder Terrence Murray, an investigation by the HSE found that Murray’s employers had taken reasonable steps to protect employees working at height. Murray was well trained, experienced and had the correct equipment available to him. He was not under any pressure or time constraints by his employer at the time.

Murray acted alone against his better interest and training, despite procedures being made clear to him. Murray was also working alongside a trainee scaffolder at the time of the incident and so was setting an unsafe example.

Similarly, in the other two cases, the HSE investigation found the incident was entirely preventable if the employees had followed procedure and complied with health and safety regulations. Section 7(a) of the Health and Safety at Work etc. Act 1974 states;

It shall be the duty of every employee while at work – 

(a) to take reasonable care for the health and safety of himself and of other persons who may be affected by his acts or omissions at work

Procedures put in place by organisations are there to protect their employees. Failure to comply could cost an employee or those around them their safety, or even their life. 

Helping employees understand their responsibilities

Sometimes getting employees on board with all of your health and safety procedures can seem like a struggle. Yet there are some simple steps you can follow to encourage engagement;

  • Ensure your policies are concise and easy to understand
  • Focus on positive safety messaging
  • Lead by example
  • Ensure your employees understand the legal aspect of their responsibilities
  • Use real-life cases and examples like the one above to reinforce your message

Looking for more information on health and safety legislation? Our Guide to Lone Working covers your legal responsibilities and practical advice on how to keep staff safe.

health and safety breach case study

Newhouse Farm Business Centre, Langley Road, Edstone, B95 6DL

Contact us today and try the StaySafe app and hub for FREE

Staysafe is available from:.

Get it on Google play

Connect with us

2023 Safe Apps Ltd all rights reserved

U.S. flag

An official website of the United States government

Here’s how you know

Official websites use .gov A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS A lock ( Lock A locked padlock ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  • All Case Examples

Hospital Implements New Minimum Necessary Polices for Telephone Messages Covered Entity: General Hospital Issue: Minimum Necessary; Confidential Communications

A hospital employee did not observe minimum necessary requirements when she left a telephone message with the daughter of a patient that detailed both her medical condition and treatment plan.  An OCR investigation also indicated that the confidential communications requirements were not followed, as the employee left the message at the patient’s home telephone number, despite the patient’s instructions to contact her through her work number. To resolve the issues in this case, the hospital developed and implemented several new procedures.  One addressed the issue of minimum necessary information in telephone message content.  Employees were trained to provide only the minimum necessary information in messages, and were given specific direction as to what information could be left in a message. Employees also were trained to review registration information for patient contact directives regarding leaving messages.   The new procedures were incorporated into the standard staff privacy training, both as part of a refresher series and mandatory yearly compliance training.

HMO Revises Process to Obtain Valid Authorizations Covered Entity: Health Plans / HMOs Issue: Impermissible Uses and Disclosures; Authorizations

A complaint alleged that an HMO impermissibly disclosed a member’s PHI, when it sent her entire medical record to a disability insurance company without her authorization.  An OCR investigation indicated that the form the HMO relied on to make the disclosure was not a valid authorization under the Privacy Rule. Among other corrective actions to resolve the specific issues in the case, the HMO created a new HIPAA-compliant authorization form and implemented a new policy that directs staff to obtain patient signatures on these forms before responding to any disclosure requests, even if patients bring in their own “authorization” form. The new authorization specifies what records and/or portions of the files will be disclosed and the respective authorization will be kept in the patient’s record, together with the disclosed information.  

Back to Top

Mental Health Center Corrects Process for Providing Notice of Privacy Practices Covered Entity: Outpatient Facility Issue: Notice

A mental health center did not provide a notice of privacy practices (notice) to a father or his minor daughter, a patient at the center.  In response to OCR’s investigation, the mental health center acknowledged that it had not provided the complainant and his daughter with a notice prior to her mental health evaluation.  To resolve this matter, the mental health center revised its intake assessment policy and procedures to specify that the notice will be provided and the clinician will attempt to obtain a signed acknowledgement of receipt of the notice prior to the intake assessment.  The acknowledgement form is now included in the intake package of forms.  The center also provided OCR with written assurance that all policy changes were brought to the attention of the staff involved in the daughter’s care and then disseminated to all staff affected by the policy change.

Entity Rescinds Improper Charges for Medical Record Copies to Reflect Reasonable, Cost-Based Fees Covered Entity: Private Practice Issue: Access

A patient alleged that a covered entity failed to provide him access to his medical records.  After OCR notified the entity of the allegation, the entity released the complainant’s medical records but also billed him $100.00 for a “records review fee” as well as an administrative fee.  The Privacy Rule permits the imposition of a reasonable cost-based fee that includes only the cost of copying and postage and preparing an explanation or summary if agreed to by the individual.  To resolve this matter, the covered entity refunded the $100.00 “records review fee.”

Hospital Issues Guidelines Regarding Disclosures to Avert Threats to Health or Safety Covered Entity: General Hospital Issue: Safeguards; Impermissible Uses and Disclosures; Disclosures to Avert a Serious Threat to Health or Safety

After treating a patient injured in a rather unusual sporting accident, the hospital released to the local media, without the patient’s authorization, copies of the patient’s skull x-ray as well as a description of the complainant’s medical condition. The local newspaper then featured on its front page the individual’s x-ray and an article that included the date of the accident, the location of the accident, the patient’s gender, a description of patient’s medical condition, and numerous quotes from the hospital about such unusual sporting accidents.  The hospital asserted that the disclosures were made to avert a serious threat to health or safety; however, OCR’s investigation indicated that the disclosures did not meet the Privacy Rule’s standard for such actions.  The investigation also indicated that the disclosures did not meet the Rule’s de-identification standard and therefore were not permissible without the individual’s authorization. Among other corrective actions to resolve the specific issues in the case, OCR required the hospital to develop and implement a policy regarding disclosures related to serious threats to health and safety, and to train all members of the hospital staff on the new policy.

Private Practice Implements Safeguards for Waiting Rooms Covered Entity: Private Practice Issue: Safeguards; Impermissible Uses and Disclosures

A staff member of a medical practice discussed HIV testing procedures with a patient in the waiting room, thereby disclosing PHI to several other individuals.  Also, computer screens displaying patient information were easily visible to patients. Among other corrective actions to resolve the specific issues in the case, OCR required the provider to develop and implement policies and procedures regarding appropriate administrative and physical safeguards related to the communication of PHI.  The practice trained all staff on the newly developed policies and procedures.  In addition, OCR required the practice to reposition its computer monitors to prevent patients from viewing information on the screens, and the practice installed computer monitor privacy screens to prevent impermissible disclosures.  

Pharmacy Chain Enters into Business Associate Agreement with Law Firm Covered Entity: Pharmacy Chain Issue: Impermissible Uses and Disclosures; Business Associates

A complaint alleged that a law firm working on behalf of a pharmacy chain in an administrative proceeding impermissibly disclosed the PHI of a customer of the pharmacy chain.  OCR investigated the allegation and found no evidence that the law firm had impermissibly disclosed the customer’s PHI.  However, the investigation revealed that the pharmacy chain and the law firm had not entered into a Business Associate Agreement, as required by the Privacy Rule to ensure that PHI is appropriately safeguarded.  Without a properly executed agreement, a covered entity may not disclose PHI to its law firm.  To resolve the matter, OCR required the pharmacy chain and the law firm to enter into a business associate agreement.

Radiologist Revises Process for Workers Compensation Disclosures Covered Entity: Health Care Provider Issue: Impermissible Uses and Disclosures

A radiology practice that interpreted a hospital patient’s imaging tests submitted a worker’s compensation claim to the patient’s employer. The claim included the patient’s test results.  However, the patient was not covered by worker’s compensation and had not identified worker’s compensation as responsible for payment. OCR’s investigation revealed that the radiology practice had relied upon incorrect billing information from the treating hospital in submitting the claim.  Among other corrective actions to resolve the specific issues in the case, the practice apologized to the patient and sanctioned the employee responsible for the incident; trained all billing and coding staff on appropriate insurance claims submission; and revised its policies and procedures to require a specific request from worker’s compensation carriers before submitting test results to them.

Pharmacy Chain Institutes New Safeguards for PHI in Pseudoephedrine Log Books Covered Entity: Pharmacies Issue: Safeguards

A grocery store based pharmacy chain maintained pseudoephedrine log books containing protected health information in a manner so that individual protected health information was visible to the public at the pharmacy counter. Initially, the pharmacy chain refused to acknowledge that the log books contained protected health information. OCR issued a written analysis and a demand for compliance. Among other corrective actions to resolve the specific issues in the case, OCR required that the pharmacy chain implement national policies and procedures to safeguard the log books. Moreover, the entity was required to train of all staff on the revised policy. The chain acknowledged that log books contained protected health information and implemented the required changes.

Pharmacy Chain Revises Process for Disclosures to Law Enforcement Covered Entity: Pharmacies Issue: Impermissible Uses and Disclosures

A chain pharmacy disclosed protected health information to municipal law enforcement officials in a manner that did not conform to the provisions of the Privacy Rule. Among other corrective actions to resolve the specific issues in the case, OCR required this chain to revise its national policy regarding law enforcement's access to patient protected health information to comply with the Privacy Rule requirements, including that disclosures of protected health information to law enforcement only be made in response to written requests from law enforcement officials, unless state law requires otherwise. The revised policy was implemented in the chains' stores nationwide.

Large Medicaid Plan Corrects Vulnerability that Resulted in Dsiclosure to Non-BA Vendors Covered Entity: Health Plans Issue: Impermissible Uses and Disclosures; Safeguards

A municipal social service agency disclosed protected health information while processing Medicaid applications by sending consolidated data to computer vendors that were not business associates. Among other corrective actions to resolve the specific issues in the case, OCR required that the social service agency develop procedures for properly disclosing protected health information only to its valid business associates and to train its staff on the new processes. The new procedures were instituted in Medicaid offices and independent health care programs under the jurisdiction of the municipal social service agency.

Health Plan Corrects Computer Flaw that Caused Mailing of EOBs to Wrong Persons Covered Entity: Health Plans Issue: Safeguards

A national health maintenance organization sent explanation of benefits (EOB) by mail to a complainant's unauthorized family member. OCR's investigation determined that a flaw in the health plan's computer system put the protected health information of approximately 2,000 families at risk of disclosure in violation of the Rule. Among the corrective actions required to resolve this case, OCR required the insurer to correct the flaw in its computer system, review all transactions for a six month period and correct all corrupted patient information.

Health Sciences Center Revises Process to Prevent Unauthorized Disclosures to Employers Covered Entity: General Hospitals Issue: Impermissible Uses and Disclosures; Authorizations

A state health sciences center disclosed protected health information to a complainant's employer without authorization. Among other corrective actions to resolve the specific issues in the case, including mitigation of harm to the complainant, OCR required the Center to revise its procedures regarding patient authorization prior to release of protected health information to an employer. All staff was trained on the revised procedures.

National Pharmacy Chain Extends Protections for PHI on Insurance Cards Covered Entity: Pharmacies Issue: Impermissible Uses and Disclosures; Safeguards

A pharmacy employee placed a customer's insurance card in another customer's prescription bag. The pharmacy did not consider the customer's insurance card to be protected health information (PHI). OCR clarified that an individual's health insurance card meets the statutory definition of PHI and, as such, needs to be safeguarded. Among other corrective actions to resolve the specific issues in the case, the pharmacy revised its policies regarding PHI and retrained its staff. The revised policies are applicable to all individual stores in the pharmacy chain.

Health Plan Corrects Impermissible Disclosure of PHI through Training, Mitigation, and Sanctions Covered Entity: Health Plans Issue: Impermissible Uses and Disclosures

An employee of a major health insurer impermissibly disclosed the protected health information of one of its members without following the insurer's authorization and verification procedures. Among other corrective actions to resolve the specific issues in the case, OCR required the health insurer to train its staff on the applicable policies and procedures and to mitigate the harm to the individual. In addition, the employee who made the disclosure was counseled and given a written warning.

Private Practice Revises Process to Provide Access to Records Covered Entity: Private Practices Issue: Access

A private practice failed to honor an individual's request for a complete copy of her minor son's medical record. OCR's investigation determined that the private practice had relied on state regulations that permit a covered entity to provide a summary of the record. OCR provided technical assistance to the covered entity, explaining that the Privacy Rule permits a covered entity to provide a summary of patient records rather than the full record only if the requesting individual agrees in advance to such a summary or explanation. Among other corrective actions to resolve the specific issues in the case, OCR required the covered entity to revise its policy. In addition, the covered entity forwarded the complainant a complete copy of the medical record.

Private Practice Revises Process to Provide Access to Records Regardless of Payment Source Covered Entity: Private Practices Issue: Access

At the direction of an insurance company that had requested an independent medical exam of an individual, a private medical practice denied the individual a copy of the medical records. OCR determined that the private practice denied the individual access to records to which she was entitled by the Privacy Rule. Among other corrective actions to resolve the specific issues in the case, OCR required that the private practice revise its policies and procedures regarding access requests to reflect the individual's right of access regardless of payment source.

Public Hospital Corrects Impermissible Disclosure of PHI in Response to a Subpoena Covered Entity: General Hospital Issue: Impermissible Uses and Disclosures

A public hospital, in response to a subpoena (not accompanied by a court order), impermissibly disclosed the protected health information (PHI) of one of its patients. Contrary to the Privacy Rule protections for information sought for administrative or judicial proceedings, the hospital failed to determine that reasonable efforts had been made to insure that the individual whose PHI was being sought received notice of the request and/or failed to receive satisfactory assurance that the party seeking the information made reasonable efforts to secure a qualified protective order. Among other corrective actions to remedy this situation, OCR required that the hospital revise its subpoena processing procedures. Under the revised process, if a subpoena is received that does not meet the requirements of the Privacy Rule, the information is not disclosed; instead, the hospital contacts the party seeking the subpoena and the requirements of the Privacy Rule are explained. The hospital also trained relevant staff members on the new procedures.

Outpatient Surgical Facility Corrects Privacy Procedure in Research Recruitment Covered Entity: Outpatient Facility Issue: Impermissible Uses and Disclosures

An outpatient surgical facility disclosed a patient's protected health information (PHI) to a research entity for recruitment purposes without the patient's authorization or an Institutional Review Board (IRB) or privacy-board-approved waiver of authorization. The outpatient facility reportedly believed that such disclosures were permitted by the Privacy Rule. OCR provided technical assistance to the covered entity regarding the requirement that covered entities seeking to disclose PHI for research recruitment purposes must obtain either a valid patient authorization or an Institutional Review Board (IRB) or privacy-board-approved alteration to or waiver of authorization. Among other corrective actions to resolve the specific issues in the case, OCR required the outpatient facility to: revise its written policies and procedures regarding disclosures of PHI for research recruitment purposes to require valid written authorizations; retrain its entire staff on the new policies and procedures; log the disclosure of the patient's PHI for accounting purposes; and send the patient a letter apologizing for the impermissible disclosure.

Clinic Sanctions Supervisor for Accessing Employee Medical Record Covered Entity: Outpatient Facility Issue: Impermissible Use and Disclosure

A hospital employee's supervisor accessed, examined, and disclosed an employee's medical record. OCR's investigation confirmed that the use and disclosure of protected health information by the supervisor was not authorized by the employee and was not otherwise permitted by the Privacy Rule. An employee's medical record is protected by the Privacy Rule, even though employment records held by a covered entity in its role as employer are not. Among other corrective actions to resolve the specific issues in the case, a letter of reprimand was placed in the supervisor's personnel file and the supervisor received additional training about the Privacy Rule. Further, the covered entity counseled the supervisor about appropriate use of the medical information of a subordinate.

Private Practice Provides Access to All Records, Regardless of Source Covered Entity: Private Practice Issue: Access

A private practice denied an individual access to his records on the basis that a portion of the individual's record was created by a physician not associated with the practice. While the amendment provisions of the Privacy Rule permit a covered entity to deny an individual's request for an amendment when the covered entity did not create that the portion of the record subject to the request for amendment, no similar provision limits individuals' rights to access their protected health information. Among other steps to resolve the specific issue in this case, OCR required the private practice to revise its access policy and procedures to affirm that, consistent with the Privacy Rule standards, patients have access to their record regardless of whether another entity created information contained within it.

State Hospital Sanctions Employees for Disclosing Patient's PHI Covered Entity: Health Care Provider / General Hospital Issue: Impermissible Disclosure

A nurse and an orderly at a state hospital discussed the HIV/AIDS status of a patient and the patient's spouse within earshot of other patients without making reasonable efforts to prevent the disclosure. Upon learning of the incident, the hospital placed both employees on leave; the orderly resigned his employment shortly thereafter. Among other actions taken to satisfactorily resolve this matter, the hospital took further disciplinary action with the nurse, which included: documenting the employee record with a memo of the incident; one year probation; referral for peer review; and further training on HIPAA Privacy. In addition to corrective action taken under the Privacy Rule, the state attorney general's office entered into a monetary settlement agreement with the patient.

Dentist Revises Process to Safeguard Medical Alert PHI Covered Entity: Health Care Provider Issue: Safeguards, Minimum Necessary

An OCR investigation confirmed allegations that a dental practice flagged some of its medical records with a red sticker with the word "AIDS" on the outside cover, and that records were handled so that other patients and staff without need to know could read the sticker. When notified of the complaint filed with OCR, the dental practice immediately removed the red AIDS sticker from the complainant's file. To resolve this matter, OCR also required the practice to revise its policies and operating procedures and to move medical alert stickers to the inside cover of the records. Further, the covered entity's Privacy Officer and other representatives met with the patient and apologized, and followed the meeting with a written apology.

Physician Revises Faxing Procedures to Safeguard PHI Covered Entity: Health Care Provider Issue: Safeguards

A doctor's office disclosed a patient's HIV status when the office mistakenly faxed medical records to the patient's place of employment instead of to the patient's new health care provider. The employee responsible for the disclosure received a written disciplinary warning, and both the employee and the physician apologized to the patient. To resolve this matter, OCR also required the practice to revise the office's fax cover page to underscore a confidential communication for the intended recipient. The office informed all its employees of the incident and counseled staff on proper faxing procedures.

Large Provider Revises Patient Contact Process to Reflect Requests for Confidential Communications Covered Entity: General Hospital Issue: Impermissible Disclosure; Confidential Communications

A patient alleged that a general hospital disclosed protected health information when a hospital staff person left a message on the patient’s home phone answering machine, thereby failing to accommodate the patient’s request that communications of PHI be made only through her mobile or work phones.  In response, the hospital instituted a number of actions to achieve compliance with the Privacy Rule.  To resolve this matter to the satisfaction of OCR, the hospital: retrained an entire Department with regard to the requirements of the Privacy Rule; provided additional specific training to staff members whose job duties included leaving messages for patients; and, revised the Department’s patient privacy policy to clarify patient rights to accommodation of reasonable requests to receive communications of PHI by alternative means or at alternative locations.

Large Health System Restricts Provider's Use of Patient Records Covered Entity: Multi-Hospital Healthcare Provider Issue: Impermissible Use

A nurse practitioner who has privileges at a multi-hospital health care system and who is part of the system’s organized health care arrangement impermissibly accessed the medical records of her ex-husband.  In order to resolve this matter to OCR’s satisfaction and to prevent a recurrence, the covered entity: terminated the nurse practitioner’s access to its electronic records system; reported the nurse practitioner’s conduct to the appropriate licensing authority; and, provided the nurse practitioner with remedial Privacy Rule training.

Private Practice Revises Access Procedure to Provide Access Despite an Outstanding Balance Covered Entity: Private Practice Issue: Access

A complainant alleged that a private practice physician denied her access to her medical records, because the complainant had an outstanding balance for services the physician had provided. During OCR’s investigation, the physician confirmed that the complainant was not given access to her medical record because of the outstanding balance. OCR provided technical assistance to the physician, explaining that, in general, the Privacy Rule requires that a covered entity provide an individual access to their medical record within 30 days of a request, regardless of whether or not the individual has a balance due. Once the physician learned that he could not withhold access until payment was made, the physician provided the complainant a copy of her medical record.

Hospital Revises Email Distribution as a Result of a Disclosure to Persons Without a "Need to Know" Covered Entity: General Hospital Issue: Impermissible Use and Disclosure

A complainant, who was both a patient and an employee of the hospital, alleged that her protected health information (PHI) was impermissibly disclosed to her supervisor. OCR’s investigation revealed that: the hospital distributed an Operating Room (OR) schedule to employees via email; the hospital’s OR schedule contained information about the complainant’s upcoming surgery. While the Privacy Rule may permit the disclosure of an OR schedule containing PHI, in this case, a hospital employee shared the OR scheduled with the complainant’s supervisor, who was not part of the employee's treatment team, and did not need the information for payment, health care operations, or other permissible purposes. The hospital disciplined and retrained the employee who made the impermissible disclosure. Additionally, in order to prevent similar incidents, the hospital undertook a complete review of the distribution of the OR schedule. As a result of this review, the hospital revised the distribution of the OR schedule, limiting it to those who have “a need to know.”

Private Practice Ceases Conditioning of Compliance with the Privacy Rule Covered Entity: Private Practice Issue: Conditioning Compliance with the Privacy Rule

A physician practice requested that patients sign an agreement entitled “Consent and Mutual Agreement to Maintain Privacy.” The agreement prohibited the patient from directly or indirectly publishing or airing commentary about the physician, his expertise, and/or treatment in exchange for the physician’s compliance with the Privacy Rule. A patient’s rights under the Privacy Rule are not contingent on the patient’s agreement with a covered entity. A covered entity’s obligation to comply with all requirements of the Privacy Rule cannot be conditioned on the patient’s silence. OCR required the covered entity to cease using the patient agreement that conditioned the entity’s compliance with the Privacy Rule. Additionally, OCR required the covered entity to revise its Notice of Privacy Practices.

Mental Health Center Provides Access after Denial Covered Entity: Mental Health Center Issue: Access, Authorization

The complainant alleged that a mental health center (the "Center") improperly provided her records to her auto insurance company and refused to provide her with a copy of her medical records.  The Center provided OCR with a valid authorization, signed by the complainant, permitting the release of information to the auto insurance company.  OCR also determined that the Center denied the complainant's request for access because her therapists believed providing the records to her would likely cause her substantial harm. The Center did not, however, provide the complainant with the opportunity to have the denial reviewed, as required by the Privacy Rule.  Among other corrective action taken to resolve this issue, the Center provided the complainant with a copy of her records.

Mental Health Center Provides Access and Revises Policies and Procedures Covered Entity: Mental Health Center Issue: Access, Restrictions

The complainant alleged that a mental health center (the "Center") refused to provide her with a copy of her medical record, including psychotherapy notes. OCR’s investigation revealed that the Center provided the complainant with an opportunity to review her medical record, including the psychotherapy notes, with her therapist, but the Center did not provide her with a copy of her records.  The Privacy Rule requires covered entities to provide individuals with access to their medical records; however, the Privacy Rule exempts psychotherapy notes from this requirement.  Although the Center gave the complainant the opportunity to review her medical record, this did not negate the Center’s obligation to provide the complainant with a copy of her records.  Among other corrective action taken, the Center provided the complainant with a copy of her medical record and revised its policies and procedures to ensure that it provides timely access to all individuals.

Private Practice Revises Policies and Procedures Addressing Activities Preparatory to Research Covered Entity: Private Practice Issue: Impermissible Disclosure-Research

A private practice physician who was the principal investigator of a clinical research study disclosed a list of patients and diagnostic codes to a contract research organization to telephone patients for recruitment purposes.  The disclosure was not consistent with documents approved by the Institutional Review Board (IRB). The private practice maintained that the disclosure to the contract research organization was permissible as a review preparatory to research.  Activities considered “preparatory to research” include: preparing a research protocol; developing a research hypothesis; and identifying prospective research participants.  Contacting individuals to participate in a research study is a use or disclosure of protected health information (PHI) for recruitment, as it is part of the research and is not an activity preparatory to research.  To remedy this situation, the private practice revised its policies and procedures regarding the disclosure of PHI and trained all physicians and staff members on the new policies and procedures.  Under the revised policies and procedures, the practice may use and disclose PHI for research purposes, including recruitment, only if a valid authorization is obtained from each individual or if the covered entity obtains documentation that an alteration to or a waiver of the authorization requirement has been approved by an IRB or a Privacy Board.

Case Examples

  • Case Examples by Covered Entity
  • Case Examples by Issue
  • 0 Shopping Cart

Livius Training

Consequences of a Health & Safety Breach (Updated)

Ever wondered what the consequences are of a health and safety breach?

In 2016/17 , 554 companies were convicted of health and safety failings with a whopping £69.9 million was paid in fines.

In this blog, you’ll learn about two case studies where health and safety was ignored which will illustrate the consequences of a safety breach in the workplace.

Alongside this, you’ll find summaries of key legislation and a list of the best health and safety guidance.

Therefore, at the end of this post, you’ll have a deeper understanding of health and safety and the knowledge to help your business become safer.

Let’s begin with the Health and Safety at Work Act.

Health and Safety at Work Act Summary

The Health and Safety at Work Act provides a basic framework for all places of work to follow to ensure safety as far as reasonably practicable.

Below is a summary of the major points.

Employers need to:

Health and safety gear

  • Providing safe systems of work to minimise risk.
  • Planning the control of risks when using, handling, storing and transporting articles and substances.
  • Providing information, instruction, training(link) and supervision where necessary
  • Maintaining conditions in the workplace.
  • Prepare and update (as appropriate) a written statement of their general health and safety policy.
  • Implement the written policy and inform employees of its terms.
  • Consult all employee representatives.
  • Ensure that no persons, not in their employment, experience health and safety risks (as far as reasonably practicable).

Employees need to:

  • Take reasonable care of themselves and anyone affected by their actions or omissions
  • Cooperate with employers on all health and safety matters.

Additional Criteria

  • No person should interfere with anything provided for health and safety matters.

In addition, the Health and Safety at Work Act is responsible for the creation of the Health and Safety Executive  whose job is to enforce health and safety legislation in the workplace. However, that isn’t their only role…

Health and Safety Executive and their role

The HSE has become a well-known figure in the UK as the regulator of health and safety in the workplace. And, many are familiar with its powers to inspect and prosecute businesses for health and safety failings.

After all, the main goal of the Health and Safety Executive is to prevent work-related death, injury and illness.

This video provides an overview of the HSE.

However, they play a few other roles as we can see from the list below.

The HSE shall:

  • Assist and encourage persons to work safely.
  • Carry out and encourage research and the provision of training and information.
  • Inform government departments, local authorities, employers, employees, organisations representing employees and others on health and safety matters.

The HSE may:

  • Investigate and report any matter relating to health and safety, and/or,
  • Authorise another person to investigate and report on such a matter

But, the people investigation health and safety matters deserve a mention.

HSE inspectors and their role

Due to the sheer quantity of businesses in the UK, the executive cannot inspect every one. Therefore, the HSE targets the highest risk industries (such as construction, agriculture, etc) and those with the greatest numbers of death, injury and ill health.

Health and safety inspectors

Let’s take a look at what the powers inspectors have in the event of serious injury or witnessing breaches in health and safety.

Health and safety inspectors can:

  • Hand out improvement notices.
  • Hand out prohibition notices.
  • At any reasonable time, enter any premises which they have reason to believe it is necessary to do so.
  • Take a police officer to any premises they are entering.
  • Take samples of any articles or substances found on the premises.
  • Enter and detain any substance or article which needs to be examined, inspected for any tampering and/or used as evidence.
  • Question any persons relevant to the inspection.
  • Deal with any article or substance which is a danger to health.

If they do find health and safety failures then they will use their powers to ensure that the breaches are righted.

Methods of enforcement include;

  • Providing information and advice either face-to-face or in writing
  • Serving an improvement notice. Theses allocate a time frame within which the problem needs to be corrected.
  • Serving a prohibition notice. Work ceases immediately until the breach is righted.
  • Withdrawing approvals
  • Issuing cautions
  • Prosecution

Initially, an inspector will provide advice and guidance on how to correct any failings. However, when warnings are continually ignored the HSE will look to further its case against you and may start legal proceedings.

Similarly, in the event of a serious accident, you may face prosecution if it is deemed that your business did not implement safe working measures.

Now we will look at two case studies, each involving a different safety breach.

Pirelli Fined Over Half a Million Pounds

Pirelli Tyres

International tyre manufacturer, Pirelli, was fined over half a million pounds for a safety breach at their Carlisle factory.

On two separate instances, workers broke their arms after being dragged into the unguarded machine.

An investigation by the HSE found that the injuries were a result of inadequate guarding around the machine.

Therefore, the company was in breach of the Provision and Use of Work Equipment Regulations (PUWER) 1998 which states,

( 1) Every employer shall ensure that measures are taken in accordance with paragraph (2) which are effective—

(a) to prevent access to any dangerous part of machinery or to any rotating stock-bar; or

(b) to stop the movement of any dangerous part of machinery or rotating stock-bar before any part of a person enters a danger zone.

Why did this case lead to prosecution?

Even after the initial incident, Pirelli failed to install proper guarding around the machine. Proper management of the health and safety risks associated with unguarded machinery would have identified the problem and build in preventative measures.

Pirelli pleaded guilty to breaching regulations and received a £512,000 fine and ordered to pay costs of £5,820.

A health and safety inspector commented,

“This machine should have been appropriately guarded from first use but, failing that, the first incident should have prompted a thorough review of the machine to identify what additional guarding was needed and appropriate action taken.”

Below, I have summarised the crucial points of PUWER.

Provision and Use of Work Equipment Regulations (PUWER) 1998 Summary

  • Employers should ensure that work equipment is constructed and adapted so that it is suitable for the purpose.
  • Work equipment should only be used for suitable operations.
  • Equipment needs to be maintained in good working order and repair with up to date maintenance logs for all machinery.
  • Work equipment exposed to conditions likely to cause deterioration will need to be inspected at suitable intervals.
  • Employers need to keep a record of equipment inspections.
  • Adequate  training  needs to be provided for work equipment that poses a specific risk.
  • Employers need to provide adequate health and safety information and instructions for work equipment.
  • Sufficient health and safety training is required for all those who use work equipment.
  • Access to dangerous parts of machinery needs to be prevented, or, the movement of machinery needs to stop before any part of a person enters a danger zone.
  • Employers should ensure that work equipment is provided with one or more accessible emergency stop controls (where appropriate).

Here is the second case study featuring a working at height breach.

Sole Trader Sentenced to 6 Months Jail Time

A sole trader received a 6-month prison sentence  (suspended for 18) after an employee fell from a height.

A staff member was working on site when he fell through a hole in the ground floor and subsequently suffered serious head injuries. The court ruled that the owner failed to protect his worker because of a lack of protection around the hole in the floor.

Why was this a working at height breach?

The Work at Height Regulations 2005 outlines the procedures necessary for any work in places where a person could fall a distance liable to cause personal injury – in this case, a hole through to the ground floor.

Handcuffs

The business owner pleaded guilty to breaching Regulation 6 (3) of the Working at Height Regulations 2005 which states,

“Where work is carried out at height, every employer shall take suitable and sufficient measures to prevent, so far as is reasonably practicable, any person falling a distance liable to cause personal injury.”

On top of his 6-month prison sentence, the sole trader paid costs of £8,442.

An HSE inspector was on hand to say,

“Falls from height remain one of the biggest causes of workplace fatalities and major injuries. Had the employer…implemented adequate control measures to protect the health and safety of his workers, this incident could have been prevented”

Could this have been prevented?

The following precautionary measures should have been taken:

  • All work should have been properly planned.
  • The risks (in this case the hole in the floor) should have been assessed and properly managed (the hole protected, and adequate signage put up around the hole to raise awareness).

Below, I have summarised the crucial points of The Working at Height Regulations 2005.

Working at Height Regulations Summary

Ladder - working at height

  • Properly planned (including emergencies and rescue)
  • Appropriately supervised
  • Carried out in a manner which is safe
  • Work at height should only be carried out in suitable weather conditions.
  • No employee shall engage in any work at height activity (including planning, organising and supervising) unless they are competent to do so. When being trained, they must be supervised by a  competent person .
  • Businesses need to complete adequate working at height risk assessments.
  • Take suitable and sufficient measures to prevent people falling from a distance which can cause personal injury.
  • Where reasonably practicable, provide adequate work equipment to minimise the distance of a fall and the consequences
  • Provide sufficient  training  and instruction to prevent a fall.
  • An employer should select appropriate work equipment.
  • No person should pass across or near a fragile surface. When this is impossible, suitable and sufficient platforms, coverings and guard rails are needed.
  • Warning notices for fragile surfaces need to be displayed (as far as reasonably practicable). Where not practicable, a person needs to be warned by other means.
  • Unauthorised people should be prevented from entering an area where there is a risk of falling from height or falling material.
  • Working conditions and risk
  • Distance and consequences of a fall
  • Duration and frequency of use
  • Evacuation and rescue
  • The risk of installation and removal
  • Any working platform used for construction, or work above 2 metres, should be inspected before use.
  • Inspections should be recorded and kept until the next inspection can take place
  • Employees need to report any activity or defect which endangers safety.
  • Work equipment needs to be used in accordance with any training and instruction given.

I will finish this blog off with a list of excellent resources relating to health and safety in the workplace.

Health and Safety Resources

There are plenty of great resources out there and so I thought I would compile a list for your use:

  • Health and Safety the Basics  – A HSE guide to the fundamentals of health and safety within the workplace.
  • Risk assessments  – Another HSE guide which talks about risk assessments and what to include.
  • Risk assessment template
  • Health and safety written policy  – guidance on how to write your own health and safety policy.
  • Fire risk assessments  – An introduction to the necessity of fire risk assessments as well as a template.
  • Health and Safety Training  – A look into health and safety training and what you need.
  • Creating a training plan   – guidance for creating your own training plan to stay on top of your training.
  • Fire Hazard Identification and Prevention  – Guidance on fire hazards and how you can prevent fires in your workplace

Make sure that you don’t leave yourself open to prosecution and even jail time by carrying out the right procedures and risk assessments.

And, when it comes to health and safety make sure that your business has the appropriate training and systems in place to ensure that all employees go home happy and healthy.

The companies mentioned in the case studies didn’t do that and they paid the price in the end!

Subscribe to our mailing list

  • Health & Safety
  • Fire Safety
  • Food Safety
  • IOSH Courses
  • National Water Hygiene
  • Computer Workshops
  • Business Training
  • Forklift Training
  • Abrasive Wheels e-Course
  • Abrasive Wheels Onsite Training
  • Computer IT Training
  • Course List
  • Emergency First Aid at Work Onsite Training
  • Fire Safety Training
  • First Aid Advice
  • First Aid Training Courses
  • Food Safety Advice
  • Food Safety Training
  • Forklift Training Courses
  • Health & Safety Advice
  • Health & Safety e-Course
  • Health & Safety Training
  • HR Guidance
  • Information Hub
  • Level 2 Food Safety e-Course
  • Level 2 Food Safety Onsite Training
  • Manual Handling e-Course
  • Manual Handling Onsite Training
  • Meeting Room
  • News & Events
  • Onsite Training
  • Open Courses
  • Our Training Partner Courses
  • Privacy & Cookie Policy
  • Terms & Conditions
  • Training Courses – North Yorkshire
  • Training in Schools
  • Training Management Advice
  • Utilities Advice
  • Virtual Courses
  • Water Training
  • Working at Heights Onsite Training

Livius Training Centre Rabbit Hill Business Park Boroughbridge HG5 0FF T: 01423 396780 E: [email protected] Terms & Conditions | Privacy & Cookie Policy

first aid training faqs

This site uses cookies. By continuing to browse the site, you are agreeing to our use of cookies.

We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

These cookies are strictly necessary to provide you with services available through our website and to use some of its features.

Because these cookies are strictly necessary to deliver the website, refuseing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.

We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.

We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.

These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.

If you do not want that we track your visist to our site you can disable tracking in your browser here: Click to enable/disable Google Analytics tracking.

We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

Google Webfont Settings: Click to enable/disable Google Webfonts.

Google Map Settings: Click to enable/disable Google Maps. Google reCaptcha Settings: Click to enable/disable Google reCaptcha.

Vimeo and Youtube video embeds: Click to enable/disable video embeds.

Cookies on GOV.UK

We use some essential cookies to make this website work.

We’d like to set additional cookies to understand how you use GOV.UK, remember your settings and improve government services.

We also use cookies set by other sites to help us deliver content from their services.

You have accepted additional cookies. You can change your cookie settings at any time.

You have rejected additional cookies. You can change your cookie settings at any time.

health and safety breach case study

  • Health and safety reform

Unscrupulous employers facing tougher health and safety penalties

Tougher penalties are being handed out to employers who breach serious health and safety laws following a change in approach to prosecutions.

health and safety breach case study

Tougher penalties are being handed out to employers who breach serious health and safety laws following a change in approach to prosecutions, according to a new report released today.

Changes introduced under the Health and Safety Offences Act, have led to more cases being tried in the lower courts, higher fines handed out to convicted offenders and more jail terms for unscrupulous employers who pay scant regard to the welfare of their staff or the public.

Minister of State for Health and Safety Mike Penning said:

By handing greater sentencing powers to Magistrates and Sheriffs it has sent a clear message to unscrupulous employers that if they do not take their responsibilities seriously they will face stiff penalties, which include heavy fines and – in the very worst cases – prison. At the same time it has removed the burden of prosecuting all but the most serious of cases through the Crown Courts, which is generally less efficient, more time-consuming and more expensive than hearings held at the lower courts.

Key findings of the report include:

  • a greater proportion of cases (86%) were heard in the lower courts after the Act came into force – that compares to 70% in the period leading up to its introduction
  • the average fine imposed by the courts involving breaches of health and safety regulations alone increased by 60%, from £4,577 to £7,310
  • for cases involving breaches of both health and safety regulations and the Health and Safety at Work Act ( HSWA ) the average increase was 25%, from £13,334 to £16,730
  • 346 cases attracted fines of more than £5,000 – prior to the Act the maximum fine that could be imposed was capped at £5,000

The purpose of the Act was to increase the maximum penalties for workplace health and safety offences that could be heard in both the lower and higher courts. It was believed that if the penalties were increased it would provide a greater deterrent to would-be offenders.

The maximum fine that could be imposed by the lower courts increased four-fold from £5,000 to £20,000.

Magistrates and Sheriffs were also given greater powers to send an offender to prison. In the past custodial sentences were reserved for specific cases, but now someone can be sent to prison for the majority of offences.

And certain offences that in the past could only be tried in the lower courts, such as the failure to comply with an improvement order, were made triable in either court, meaning the offender could face a much tougher sentence if their case was referred to the Crown Court.

Read the full report here: Health and Safety Act 2008: Post-legislative scrutiny memorandum 16 January 2014

Bakkavor Foods, of West Marsh Road, Spalding, Lincolnshire, was fined the maximum £20,000 and ordered to pay £12,484 in costs after admitting a breach of the Provision and Use of Work Equipment Regulations 1998.

The international food manufacturer ended up in court last October after an employee had the top of her middle finger sliced off.

The victim, Sushila Patel, was asked to pick up dough balls at a pizza factory in Harrow, which kept falling out of a faulty machine, when the horrifying accident struck.

A guard on the machine, which was normally locked, was wide open and at one stage she had to reach inside to pick up the fallen dough balls.

As she did this, her right middle finger became caught between a moving chain and a sprocket, badly slicing the tip.

The prosecution against Bakkavor was brought by the Health and Safety Executive ( HSE ). The HSE found that a lockable guard on the machine had been left open, giving no protection to employees using the machine from coming into contact with dangerous moving parts.

After the hearing, HSE Inspector Charles Linfoot said:

Bakkavor Foods had a duty to ensure its employees were protected from the dangerous moving parts of the prover machine. The lack of control resulted in an employee suffering a painful and debilitating injury.

More information

The report reviews the first 5 years of the Act, which was passed in 2008 and took effect on January 16, 2009.

It was conducted by the HSE on behalf of the DWP .

The purpose of the Act was to raise the maximum penalties available to the courts for certain health and safety offences by altering the penalty framework set out in the Health and Safety at Work Act.

Lower courts refers to Magistrates in England and Wales and the Sheriff in Scotland.

The report analysed data taken between April 1, 2006 and January 15, 2009, and data between January 16, 2009 and March 31, 2013. Although the time periods were not comparable, the number of cases looked at was. It was these numbers that needed to be analysed.

Of the 1,748 cases before the Act, 1,227 were tried in the lower courts (70%) and 521 in the higher (30%). Of the 1,709 cases after the Act, 1,477 were tried in the lower courts (86%) and 232 in the higher (14%)

Average fines before the Act

  • Health and Safety at Work Act ( HSWA ) only, £10,908
  • Regulation only, £4,577
  • HSWA and regulation cases combined, £13,334

Average fines since the Act

  • HSWA only, £11,920
  • Regulation only, £7,310
  • HSWA and regulation cases combined, £16,730

Since the Act came into effect, 261 cases have attracted fines between £5,000 and £20,000, with 78 of these between £10,000 and £20,000.

In the period between April 1, 2006 and January 15, 2009, 4% of cases that went before the higher courts, and 1% that went before the lower led to a custodial sentence or equivalent, ie suspended sentence or community service.

Between January 16, 2009 and March 31, 2013 – after the Act had taken effect – 18% of cases that went before the higher courts (77), and 5% of those that went before the lower courts (144) led to a custodial sentence or equivalent.

Contact Press Office

Media enquiries for this press release – 0203 267 5134

Press Office

Caxton House Tothill Street London SW1H 9NA

London Press Office (national media and London area enquiries only – not questions about personal claims) 020 3267 5144

Out-of-hours (journalists only) 07623 928 975

England and Wales (local media enquiries) 029 20 586 then 097 or 098 or 099

Scotland (local media enquiries) 0131 310 1122

Follow DWP on:

  • Twitter – www.twitter.com/dwppressoffice
  • Facebook – www.facebook.com/dwp
  • LinkedIn – www.linkedin.com/company/dwp
  • YouTube – www.youtube.com/dwp

Share this page

The following links open in a new tab

  • Share on Facebook (opens in new tab)
  • Share on Twitter (opens in new tab)

Is this page useful?

  • Yes this page is useful
  • No this page is not useful

Help us improve GOV.UK

Don’t include personal or financial information like your National Insurance number or credit card details.

To help us improve GOV.UK, we’d like to know more about your visit today. We’ll send you a link to a feedback form. It will take only 2 minutes to fill in. Don’t worry we won’t send you spam or share your email address with anyone.

Case studies

Case studies showing how NZ businesses are finding innovative ways to involve workers in workplace health and safety, manage work-related health risks and keep healthy and safe at work.

health and safety breach case study

2021 Safeguard Awards finalists

WorkSafe is one of the major sponsors of the Safeguard New Zealand Health and Safety Awards. Hear from two of the finalists in our category for best initiative to address work-related health risk

health and safety breach case study

2020 Safeguard Awards finalists

WorkSafe is one of the major sponsors of the Safeguard New Zealand Health and Safety Awards. Hear from two of the finalists in our category for best initiative to address work-related health risk.

Work-related health case studies

These case studies provide great examples of what New Zealand businesses are doing to manage the impact work can have on people's health.

health and safety breach case study

Business leaders case studies

You can find more great case studies on the Business Leaders' Health and Safety Forum website.

Worker engagement and participation case studies

Find out how these New Zealand businesses are improving workplace health and safety by finding innovative ways to involve workers in workplace health and safety.

Keeping healthy and safe at work

These case studies provide great examples of keeping healthy and safe at work.

Supporting HSE improvement

News, insights and thought leadership, keep up to date with all hse news and thought leadership interviews, health and safety cases.

As part of our news coverage, HSE Network keeps you up to date with some of the latest information on health and safety court cases out of the HSE Executive. We cover various cases ranging from gas safety register breaches to a breach of the Health and Safety at Work Act 1974 legislation. The health and safety cases are covered by the HSE Network to spread awareness around the consequences that can materialise when proper health and safety protocol is not followed.

Home / Health and Safety Cases

HSE Network image

The Annual Workplace Fatality Figures for 2020/21 Released By The Health and Safety Executive (HSE)

In the courts image

News: Introduction to Building Safety Bill

Manufacturing company fined for exposing workers to asbestos, company fined after a worker was injured by a forklift truck, high school fined after a student was critically injured, private security firm sentenced after employee attacked at a youth offender training centre, british airways fined after employee sustained serious crush injuries in a vehicle collision.

health and safety job

How do I get a health and safety job?

Two care provider companies fined and a manager cautioned after employee stabbed.

hse-generic-blog-image1

NHS Trust fined after lack of control measures over environmental risks

News categories, popular videos, connecting safety, health and wellbeing | jane le count and dr maggie samuel, do health and safety management systems make a difference | kate field: bsi group, andrew barratclough | the true cost of overlooking driver safety | edriving, how to transform your company’s health and safety performance | matt taylor, british steel, the importance of good safety and medical testing in the oil and gas industry | dr eva reichardt, brands who we work with.

U.S. flag

An official website of the United States government

The .gov means it’s official. Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure. The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

  • Publications
  • Account settings
  • Advanced Search
  • Journal List
  • Health Serv Res
  • v.54(5); 2019 Oct

Data breach remediation efforts and their implications for hospital quality

Sung j. choi.

1 Department of Health Management and Informatics, University of Central Florida, Orlando, Florida

M. Eric Johnson

2 Owen Graduate School of Management, Vanderbilt University, Nashville, Tennessee

Christoph U. Lehmann

3 Department of Biomedical Informatics, Vanderbilt University, Nashville, Tennessee

Associated Data

To estimate the relationship between breach remediation efforts and hospital care quality.

Data Sources

Department of Health and Human Services’ (HHS) public database on hospital data breaches and Medicare Compare's public data on hospital quality measures for 2012‐2016.

Materials and Methods

Data breach data were merged with the Medicare Compare data for years 2012‐2016, yielding a panel of 3025 hospitals with 14 297 unique hospital‐year observations.

Study Design

The relationship between breach remediation and hospital quality was estimated using a difference‐in‐differences regression. Hospital quality was measured by 30‐day acute myocardial infarction mortality rate and time from door to electrocardiogram.

Principal Findings

Hospital time‐to‐electrocardiogram increased as much as 2.7 minutes and 30‐day acute myocardial infarction mortality increased as much as 0.36 percentage points during the 3‐year window following a breach.

Breach remediation efforts were associated with deterioration in timeliness of care and patient outcomes. Thus, breached hospitals and HHS oversight should carefully evaluate remedial security initiatives to achieve better data security without negatively affecting patient outcomes.

1. BACKGROUND

Reports of the latest data breaches are highlighted regularly in news headlines. 1 As part of the Health Information Technology for Economic and Clinical Health (HITECH) Act, health care providers, health plans, and other entities covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) are required to notify affected individuals, the U.S. Department of Health and Human Services (HHS), and the media following a significant breach of protected health information. 2 Such reported breaches are investigated by the Office for Civil Rights (OCR), which enforces privacy and security rules and (with HHS) oversees corrective action.

The events following a breach are summarized in Figure  1 A. Breaches are typically discovered some time after their occurrence. Discovery may be nearly immediate, while some breaches may take days or weeks to discover. Breaches affecting more than 500 individuals must be disclosed to the OCR within 60 days of discovery. Investigations of such reported breaches may take several months to a year. After the investigation is settled, the affected entity is monitored by HHS, typically for 3 years, during which time the breached entity proposes corrective actions. HHS approved corrective actions are implemented by the affected entity, 3 , 4 which may include penalties, new information technology systems, staff training, and revision of policies and procedures. 3 , 5

An external file that holds a picture, illustration, etc.
Object name is HESR-54-971-g001.jpg

Timeline (A) and Conceptual Model (B)

Corrective actions are intended to remedy the deficiencies in privacy and security of protected health information. However, enhanced security measures may introduce usability—which we define as the ease of use—problems. New security procedures typically alter how clinicians access and use clinical information in health information systems and may disrupt the provision of care as providers require additional time to learn and use the new or modified systems. 6 , 7 , 8 , 9 , 10 , 11

1.1. Conceptual model

Breach remediation refers to the corrective actions and changes introduced by the breached hospital, both voluntarily and mandated by HHS. Figure  1 B shows a conceptual model that hypothesizes the relationship between breach remediation and hospital quality. Remediation activity may introduce changes that delay, complicate, or disrupt HIT and patient care processes. 12 , 13 , 14 , 15 Furthermore, changes in HIT systems are associated with learning, training, and support costs that may raise usability challenges and unexpected errors. 16 Remediation efforts to repair the damage from a data breach and improve security incur financial costs. 17 , 18 Our analysis focuses on the relationship between breach remediation and hospital quality (Figure  1 B). Hospital quality measures for acute conditions and timeliness may be negatively affected by these remedial changes because of delays and disruptions in care. This relationship is potentially confounded by unobserved hospital characteristics. Our regression model estimated the relationship between breach remediation and hospital quality, adjusting for potential confounders. Specific remedial changes implemented at breached hospitals were not directly observed. Rather, we estimated breach remediation using dummy variables, which identify when breached hospitals implement remedial changes. After breach discovery, it may take 2‐4 years for the hospital to implement remedial actions. Therefore, changes in hospital quality due to remediation may be observed long after the time of breach.

In the conceptual model, hospital quality does not directly affect security efforts such as breach remediation. We are not aware of formal regulations or cases where enforcement agencies intervened to remediate hospitals HIT because they have poor care quality, even though poorly implemented electronics health records (EHR) have been associated with safety concerns. 19

Hospital characteristics may be associated with breaches and remediation effort along with hospital quality. Previous studies suggested that larger teaching hospitals were associated with breaches. 20 , 21 Large hospitals store more patient data, making them more attractive targets for external attackers. Large hospitals have more clinicians and staff, who access patient data, creating more internal vulnerabilities that can expose patient data. Teaching hospitals have more frequent clinician turnovers from residency and fellowship programs therefore may have greater vulnerabilities in training employees effectively, managing data access credentials, and implementing security procedures. Hospital financial performance may be associated with the financial burden of remediation costs and hospital quality. These challenges to estimating the direct effect of breach remediation on hospital quality are addressed in the empirical model.

Hospital data breaches provide a unique opportunity to study how solutions and fixes to information security problems are related to patient outcomes. Subsequent to a breach, organizations must take action to mitigate the failure and improve security. Such actions can be diverse, from adopting new policies and procedures to installing new security technologies. Taking advantage of financial incentives provided by HITECH, many hospitals made investments in more secure HIT, replacing or enhancing their EHRs. New systems often support advanced security features such as stronger authentication procedures and time‐outs for inactivity. Following a breach, data handling and access privilege policies typically change. Health systems are encouraged to implement auditing systems that can capture digital forensic evidence. 22 Management best practice includes planning, training, incentives, and penalties to prevent breaches. 23 Security best practice includes locking up physical devices, data encryption, and stronger passwords. 24 Single sign‐on authentication may be used to improve password management. 25 These interventions require hospital staff to acclimate to new systems, learn new procedures, and adjust to new, and sometimes more cumbersome and time‐consuming ways, of obtaining and manipulating patient data. Unsurprisingly, there is little literature documenting the specific experiences of a breached health system. Data breach and remediation are traumatic and embarrassing to an organization, and the incident is often reported in the media. Hospitals may be reluctant to draw further attention by publishing the details in a case study or a peer‐reviewed journal article. A brief informal survey of chief medical informatics officers showed that publishing on breach remediation would be considered negatively by their institutions and was perceived as counterproductive as the new measures should not be advertised.

The aim of this paper was to estimate the long‐term relationship between breach remediation and care quality. Using a difference‐in‐differences approach, we analyze a panel of nonfederal acute‐care inpatient hospitals from 2012 to 2016 to evaluate patient outcomes and timeliness of care in the years sequent to a breach.

Health and Human Services maintains a public database of breaches reported from October 2009 to the present affecting 500 or more individuals. 1 Our analysis included breaches reported to the HHS and the Privacy Rights Clearinghouse (PRC) database between January 1, 2012, and December 31, 2016. The PRC aggregates reported breaches from public sources including the media, blogs, and government. 26

The Centers for Medicare and Medicaid Services (CMS) provides public use data on Medicare‐certified hospitals. Healthcare Cost Report Information System (HCRIS) provides data on hospital characteristics and financial variables. 27 Medicare Hospital Compare provides data on hospital quality measures. 28 Data on hospital breaches from HHS and PRC databases were merged with HCRIS and Hospital Compare data for the years 2012‐2016.

As a proxy for care quality, we focused on the time from “door to electrocardiogram” (ECG) and the “30‐day mortality rate for acute myocardial infarction” (AMI). For patients with symptoms suggestive of ST‐segment elevation myocardial infarction (STEMI), guidelines recommend ECG acquisition and interpretation within 10 minutes of arrival in emergency department 29 as delays in the diagnosis and treatment on the order of minutes are associated with increased mortality and worse cardiac functional outcomes. 30 The 30‐day mortality rate (Percent) was obtained from Hospital Compare. 31 The rate is calculated using data collected over past 36 months—the denominator includes Medicare beneficiaries aged 65 or older—and the measure is adjusted for patient characteristics to permit comparisons between hospitals. We also employed the time from door to ECG in Hospital Compare, 28 which is the median number of minutes for patients with symptoms suggestive of ST‐segment elevation myocardial infarction from arrival at the hospital to receiving an ECG. Time to ECG is calculated using data collected over past 12 months, and the denominator includes adults aged 18 or older admitted to an emergency department with appropriate symptoms.

The 36‐month collection period improves the estimation of comparable mortality rates for hospitals that admit a small number of patients by increasing the number of observed cases and mortalities. It also improves the precision of the risk adjustment method. The long collection period allows more hospitals to be included in the analysis; however, it produces a smoothing effect. For our analysis, the smoothing effective is not a problem because we focused on long‐term associations with remediation efforts rather than the immediate changes associated with a breach.

The 30‐day mortality rate is a widely adopted quality measure and permits national comparison of hospitals. 32 , 33 , 34 AMI is an acute event, in which a hospitalized patient's outcome depends on the quality of emergency department, cardiac catheterization laboratory, and inpatient care. 35 Also, acute medical events like AMI are less prone to selection bias due to patient's hospital choice, because treatment typically occurs at the nearest hospital, which reduces the possibility of patients avoiding a hospital with known poor quality or known data breaches, making AMI a good focus for the DID analysis.

Our hypothesis was that remediation efforts to enhance security would likely increase the time to access the EHR, order, review, and execute the ECG and thus result in an increase in time to treatment. By focusing on a condition that requires timely treatment (in minutes) and has both a readily available process measure (time to ECG) as well as a patient outcome measure (mortality), we anticipated to see an impact of breach mediation efforts. Treatments for other conditions for which measures exist, like pneumonia or heart failure, are less sensitive to diagnostic and therapeutic delays or disruptions and thus we would not expect to see a significant impact.

The raw data panel consisted of 5248 hospitals with repeated measurements over time yielding 33 175 observations uniquely identified at a hospital‐year. Data were restricted to nonfederal acute‐care inpatient hospitals. Hospitals in the U.S. territories and Maryland (which has a prospective payment system waiver) were excluded. To maintain consistency in the financial data, the data were restricted to hospitals that filed HCRIS within 360 and 370 reporting days. When a hospital submitted multiple reports in a given year, the most recent report was used. These restrictions yielded 3353 acute‐care hospitals with 15 948 observations. Finally, observations with missing values in the dependent or independent variables were removed from analysis. Of 4197 observations were missing the 30‐day AMI mortality rate, accounting for most of the missing values. The final study panel consisted of 3025 hospitals with 14 297 hospital‐year observations.

2.2. Generalized difference‐in‐differences model

Breaches arise from many different sources. Demand for health data on the black market makes hospitals a lucrative target for external attackers. 36 , 37 Internal vulnerabilities in hospital information systems may be exploited by external attackers or by insiders, who may inappropriately disclose data. But regardless of the source, the resulting discovery and remediation of a breach can be viewed as a random shock to a hospital's care delivery system. While agents affiliated with a hospital may benefit from intentionally leaking information (eg, hospital staff selling patient data to a third party for personal gains), agents (and the hospital itself) face criminal indictment, fines, and business losses from intentional or negligent breaches, 38 which disincentivize intentional breaches. Thus, a hospital data breach can be framed as a natural experiment to estimate the relationship between breach remediation and patient outcomes. Past research focused the short‐term (days to months) impact of breaches. In this study, we examine the associations with longer‐term remedial changes (years) as hospitals work to improve security.

The association between breaches and hospital outcomes was estimated using a generalized difference‐in‐differences (DID) framework with multiple pre‐ and postperiods. 39 Data breaches represent random shocks reported in a specific year, though susceptible to measurement error from the actual year of breach. Panel data provide pre‐ and postbreach measures of quality. The DID strategy controls for time trends in outcomes among the breached hospitals, assuming that the breached hospitals would have followed the same trend if they had not been breached, to isolate the change in outcomes associated with the breach.

The dependent variables were 30‐day mortality rate for acute myocardial infarction (AMI) and time from door to electrocardiogram (ECG). The independent variables of interest were the relative‐time‐to‐breach dummies that were set to 1 when the hospital was in the breached group, and the year of the observation was n years relative to the hospitals’ specific time of breach. The relative time (n) was set to 0 on the year of the breach, we observed 4 years before and after the breach. One year before breach was set as the omitted category. The coefficients on the relative‐time‐to‐breach dummies estimated the change in quality associated with breach remediation.

The DID model controlled for the hospital‐specific fixed effects and year fixed effects. An organization's safety culture captures the knowledge, beliefs, and attitudes regarding safety in the organization. 40 Safety and security are rooted in cultures that emphasize the importance of well‐designed processes and heightened awareness of goals. We suggest that patient safety and data security cultures are closely related. The overall hospital safety climate, influenced by organizational policy regarding safety, has been associated with readmissions for AMI and heart failure. 35 , 41 Hospital fixed effects are conceptually equivalent to assigning a dummy variable to each hospital, which effectively controls for unobserved confounders such as hospital‐specific characteristics, like safety culture, that are constant in the short run.

The DID model included covariates for time‐varying hospital characteristics that may be correlated with both breach remediation and hospital quality as described in the conceptual model. Covariates included operating revenue, number of beds, length of stay, bed occupancy rate, meaningful use status (meaningful user of certified electronic health records as defined in HITECH), patient satisfaction, and patient safety indicators. The DID model was estimated using a fixed‐effects regression. Our analysis was performed using Stata version 14 and R version 3.2. 42 , 43 Standard errors are heteroskedasticity robust and allow for within hospital correlation.

3.1. Descriptive statistics

Table  1 shows the summary of hospital data breaches affecting 311 hospital‐years. The three most common breach types were unauthorized access (112), loss (60), and theft (66). A subset of breaches affecting 305 hospital‐years reported the number of individual records breached. While prone to error and underreporting, this measure is a proxy for the severity of a breach. Affected individual records totaled approximately 14 million. From 2012 to 2016, a small group of breaches (43) affected the majority (11 million) of individuals.

Summary of breaches by year and type of breach

Note : From the total of 311 breaches, six did not report the number of individuals affected.

Characteristics of the hospital‐year observations by breach status are summarized in Table  2 . As expected, the timing of breaches varied across the sample years. Given the cumulative effect among the breached hospitals, most of the prebreach hospital‐year observations came from years 2012‐2014 while most postbreach observations came from years 2014‐2016. Because of variability in breach event timing, it was impossible to assign the never‐breached hospitals into a pre‐ or postevent category based on time. Therefore, the never‐breached hospital‐year observations were pooled into a single control group (Table  2 ).

Mean and (SD) shown for continuous variables. Count and (percent) shown for categorical variables

The percentage of not‐for‐profit hospitals was similar between the control group and the breached group. However, the breached group had a higher proportion of public hospitals, while the control group had a higher proportion of for‐profit hospitals. Hospitals in the breached group were more likely to be major teaching hospitals. Patient satisfaction measures were similar between the control group and the breached group, and satisfaction within the breached group did not vary between the pre‐ and postbreach group.

The overall trends for 30‐day AMI mortality and time from door to ECG from 2012 to 2016 for all hospitals show improvement in 30‐day mortality rate and time to ECG (Appendix S1 : Figure S1a,b ). The trends in 30‐day AMI mortality rate were stratified to never‐breached hospitals and hospitals that were breached in 2015 (Appendix S1 : Figure S2a ). The two groups had parallel trends from 2012 to 2014, but then the breached hospitals crossed the parallel trend in 2016 with a more positive slope relative to the never‐breached hospitals resulting in higher mean mortality rates than the never‐breached hospitals. However, the point estimate was not statistically significant. The trends in time to ECG were also stratified between the two groups (Appendix S1 : Figure S2b ). The two groups showed parallel trends from 2013 to 2015, with point estimates that were not significantly different. However, in 2016 the breached hospitals had significantly longer time to ECG (11 minutes) than the never‐breached hospitals (8 minutes).

The control group and the prebreach group had similar distributions for the 30‐day AMI mortality rate. The mean 30‐day AMI mortality rate for the prebreach group was 14.98 percent; for the control group, it was 14.74 percent (not statistically different). Mean time to ECG was longer for the prebreach group than the control group (9.4 minutes vs 8.6 minutes), but again not statistically significant. The mean number of beds for the prebreach group was nearly two times larger than the control group (410 vs 220). Among the breached group, the number of beds was higher in the postbreach group.

3.2. DID estimates

Difference‐in‐differences estimates for 30‐day AMI mortality rate are summarized in Figure  2 (regression coefficients shown in Appendix S1 : Table S1 ). The y‐intercept is the expected 30‐day AMI mortality rate at 1 year before the breach. It represents the baseline 30‐day AMI mortality if a breach had not occurred, and for ease of interpretation, we centered it at zero instead of the grand mean. The plotted points are the expected 30‐day AMI mortality rate at the relative breach time, adjusting for the baseline rate, yearly time trends, time‐invariant hospital effects, and time‐varying hospital characteristics. At 1, 2, 3 years after the breach, the 30‐day AMI mortality rate point estimates were significantly higher than the baseline. Model estimates indicate that a data breach was associated with a 0.23 percentage point increase in the 30‐day AMI mortality rate 1 year after the breach, 0.36 percentage point increase 2 years after the breach, and 0.35 percentage point increase 3 years after the breach (Appendix S1 : Table S1 ). The 30‐day AMI mortality rate of breached hospitals did not differ significantly from the never‐breached hospitals in the prebreach periods.

An external file that holds a picture, illustration, etc.
Object name is HESR-54-971-g002.jpg

Plot of the difference‐in‐difference model for AMI mortality rate [Color figure can be viewed at wileyonlinelibrary.com ]

Difference‐in‐differences estimates for time from door to ECG are summarized in Figure  3 (regression coefficients shown in Appendix S1 : Table S2 ). The y‐intercept is the expected time to ECG at 1 year before the breach reflecting the baseline time to ECG if a breach had not occurred. At 0, 1, 3, 4 years after the breach, the time to ECG point estimates is significantly longer than the baseline. The time to ECG of breached hospitals did not differ significantly from the never‐breached hospitals in the prebreach periods. We found that a data breach was associated with a 1.4‐minute increase in time to ECG 1 year after the breach. The elevated time to ECG persisted with a 2.7‐minute and a 2‐minute increase in time to ECG at 3 and 4 years after the breach, respectively.

An external file that holds a picture, illustration, etc.
Object name is HESR-54-971-g003.jpg

Plot of the difference‐in‐difference model for time to ECG [Color figure can be viewed at wileyonlinelibrary.com ]

4. DISCUSSION

Hospital data breaches were associated with higher 30‐day AMI mortality rates in the years following the breach. Over the past few years, overall improvements in AMI treatment have resulted in the 30‐day AMI mortality rate decreasing about 0.4 percentage points annually from 2012 to 2014 (Appendix S1 : Figure S1 ). A 0.23‐0.36 percentage point increase in 30‐day AMI mortality rate after a breach effectively erases a year's worth of improvement in the mortality rate. The national estimate for the number of hospital discharges for AMI fluctuated around 556 000 discharges annually between 2005 and 2014. 44 On average, a data breach at a nonfederal acute‐care inpatient hospital was associated with an additional 23‐36 deaths per 10 000 AMI discharges per year.

Time from door to ECG significantly increased after a breach and the elevated time to ECG persisted at 4 years after the breach. Security typically adds inconvenience by design—making it more inconvenient for the adversary. For example, stricter authentication methods, such as passwords with two‐factor authentication, are additional steps that slow down workflow in exchange for added security. Lost passwords and account lockouts are nuisances that may disrupt workflow. The persistence in the longer time to ECG suggests a permanent increase in time requirement due to stronger security measures.

Timely evaluation and treatment of ST‐segment elevation myocardial infarction (STEMI) have been associated with better patient outcomes. 29 , 45 , 46 , 47 , 48 The American Heart Association/American College of Cardiology (AHA/ACC) guideline recommends a time to ECG of < 10 minutes for STEMI patients, because exceeding this threshold results in worse outcomes. 49 The prolonged time to ECG after the breach is a potential mediator for the increased AMI mortality rate after the breach.

Remediation efforts after a data breach vary depending on the type of breach and perceived weaknesses to a repeat attack. However, common approaches include additional verification layers during sign‐on, shortened inactivity periods to automatic sign‐out, and additional acknowledgment steps that delay the access to patient data and may lead to inefficiencies or delays in care. Especially in the case of a patient with chest pain arriving in the emergency department, any delay in registering the patient and accessing the patient's record will lead to delay in ordering and executing the ECG. With every minute delay affecting mortality, delays in access to the electronic health record may prove detrimental. Han et al 14 described the impact that a new electronic record had on mortality of children. The inability to preregister patients transported into the pediatric intensive care unit resulted in delayed ordering of medications and increased mortality. Security solutions designed to reduce the likelihood of breaches may need “break the glass” functionalities to reduce the likelihood of delayed or compromised care.

Changes in HIT and patient care processes in response to a data breach introduce usability challenges and unintended side effects that frustrate clinicians and disrupt patient care. 12 Frustrated clinicians bypassing new systems and processes with ad hoc workarounds avoid system safeguards and create new opportunities for errors. 13 , 14 Enhanced security measures in response to a data breach are likely to worsen the usability of the HIT system, which not only diminishes the effectiveness of its intended function but also spawns new errors that worsen the quality of care provided to patients. Installation of new health IT requires clinicians and staff to learn new processes, procedures, and ways to coordinate their workflow. 15 Clinicians adjusting to new processes and systems do so in the presence of patients, which detracts from time spent communicating with the patient and diminishes the patient experience and satisfaction. 50

While short‐term disruptions are not addressed in this paper, the recent emergence of hospital ransomware attacks has created short‐term disruptions to hospital services and there are growing fears of attacks on the care delivery system itself. 51 Ransomware attacks involve an attacker holding data hostage in exchange for payment. Ransomware attacks are considered more disruptive to hospital operations than the breaches considered in this study. In extreme cases, hospital data breaches can also negatively affect the accuracy and timeliness of patient information available to providers. A hacking incident may temporarily disrupt hospital's servers, making patient data unavailable to providers while the servers are being patched or repaired. Severe hacking attacks may force hospitals to revert to paper charts. 52 , 53 Instances of unauthorized access suggest that existing systems may have weaknesses verifying provider or patient identity, which may increase the risk of a provider inadvertently accessing or editing information on the wrong patient. 54 Inaccuracies or delays in patient information resulting from changes or enhancements in security are likely to disrupt the care process and adversely affect patient outcomes. Downtimes in electronic health records because of maintenance or malfunction has been associated with disruptions in laboratory and medication orders as a result of patient identification and communication problems. 55 The data breaches studied in our analysis came from 2012 to 2016 and ransomware or infrastructure attacks were rare before 2016. Our findings suggest that ransomware attacks might have an even stronger short‐term negative relationship with patient outcomes than the long‐term remediation efforts studied here.

Future work on hospital data security needs to address the implications of ransomware attacks for patient outcomes. Ransomware attacks that affect hospitals and entire health systems are executed in a matter of days. 51 The shock of ransomware attacks on hospitals and patients can be framed as a natural experiment. Ransomware attacks are likely to be initiated by opportunistic external adversaries motivated by financial reward; therefore, the model for ransomware attacks has a smaller threat of confounding variables related to patient outcomes. Using inpatient discharge data, rather than hospital level aggregate data used in this study, will reveal implications for patients. Studying ransomware attacks will also provide insights into long‐run changes on hospitals associated with remediation activities, which may persist years after the attack.

4.1. Limitations

Our analysis cannot rule out the possibility of unobserved environmental events correlated with both breach remediation and hospital quality. Also, we do not directly observe remediation activities implemented by hospitals. By parsimony, we associate the deterioration in quality after a breach to remediation rather than environmental events.

An unobserved time‐varying variable related to both breach remediation and quality is a potential confounder. The breach impact estimates were similar between the models with and without the patient safety indicators. The findings suggest that patient safety indicators were not confounding factors, but raise new concerns whether these indicators were effective controls for care quality problems.

A key assumption in our DID model is that hospitals’ safety culture and management style are fixed in the short run. We did not observe data on hospital mergers and acquisition, changes in system affiliation, or changes in ownership during the study period. Such organizational changes may be correlated with the probability of breach, implementation of breach remediation, and hospital quality.

We did not observe time‐variant characteristics of the hospitals’ health IT system. Meaningful user status was used as a proxy for the maturity of the health IT system. But the health IT vendor and product may be correlated with breach remediation and quality. The DID model assumed that health IT characteristics were fixed in the short run, which may be reasonable given that health IT systems are large capital expenditures. However, changes in hospitals’ health IT during the study period may confound the model estimates.

The never‐breached hospital‐year observations were pooled into a single control group limiting the comparability of the time‐varying characteristics between the never‐breached group and the prebreach group.

5. CONCLUSION

The health services literature has shown mixed findings on the effect of health IT adoption on hospital quality. Health IT promises quality improvements and cost savings but its benefits are elusive because of learning, implementation, and usability issues that hinder clinicians. Hospitals adopting health IT anticipate learning costs and prepare clinicians with training and support months in advance of implementation. Despite the preparations, significant usability challenges and unexpected errors are inevitable. 16 Analogous to adoption of health IT, the remediation activities to improve security in health IT systems following a breach introduce new changes into complex work environments, which may disrupt care processes and explain our findings of reduced quality. 56 , 57 , 58

Health data breaches have significant consequences for patients, providers, and payers and contribute to quality of care problems. Protecting health information is an important responsibility of all parties in the health care industry. Our results indicate that breaches and the subsequent HHS‐mandated corrective actions and hospital remediation may have adverse implications for quality of care. Breached hospitals should carefully consider remedial security initiatives to limit inadvertent delays and disruptions associated with new processes, procedures, and technologies.

Supporting information

Acknowledgments.

Joint Acknowledgment/Disclosure Statement : This work was partially supported by a collaborative award from National Science Foundation award CNS‐1329686. Dr. Christoph U. Lehmann works for the American Academy of Pediatrics as the Director of the Child Health Informatics Center. He receives royalties for the book “Pediatric Informatics”. He serves as the president of the International Medical Informatics Association. He is past chair of the Clinical Informatics subboard at the American Board of Preventive Medicine. He is the editor in chief of Applied Clinical Informatics.

Choi SJ, Johnson ME, Lehmann CU. Data breach remediation efforts and their implications for hospital quality . Health Serv Res . 2019; 54 :971–980. 10.1111/1475-6773.13203 [ PMC free article ] [ PubMed ] [ CrossRef ] [ Google Scholar ]

HSA Logo PNG

Healthy, safe and productive lives and enterprises

  • Accident and Dangerous Occurrence Reporting
  • Accreditation
  • Introduction
  • Justification
  • Irish Legislation, EU Directives & Standards
  • Delivery Guide
  • Design-Construction-Handover
  • Functional Safety
  • EPD Guidance
  • International/European Committees
  • National Projects
  • Useful Links
  • Useful Tools
  • ATEX Regulations - Frequently Asked Questions
  • What are Biological Agents?
  • Classification of Biological Agents
  • Biological Agents Frequently Asked Questions
  • Good Occupational Hygiene
  • Disinfectants
  • Vaccination - Frequently Asked Questions
  • Transporting Biological Agents
  • Biological Agents and Reproductive Health
  • Relevant Legislation
  • Code of Practice
  • Notification
  • Accident/Incident Reporting
  • Avian Influenza
  • Blood Borne Viruses
  • SARS-CoV-2 and COVID-19
  • Legionellosis
  • Leptospirosis
  • Lyme Disease
  • Tuberculosis
  • Microbiological Safety Cabinets
  • Health Surveillance
  • Occupational Exposure Lists
  • Personal Protective Equipment
  • Useful Resources
  • Brexit and Access of Products to the EU Market
  • Chemicals Export / Import Regulation
  • Market Surveillance – Industrial Products
  • Selling Goods on the EU Single Market after Brexit
  • Transportable Pressure Equipment
  • Further information
  • Employer Policy
  • Are You Being Bullied
  • Codes of Practice
  • Bullying Employer Perspective
  • Bullying Employee Perspective
  • ADR and TPED
  • Biological Agents
  • Construction
  • Other Licensing Agencies
  • All Notification Forms
  • Classification and Labelling
  • Confined Spaces
  • Consultation
  • Display Screen Equipment
  • Managing Safety in Schools
  • Teacher Support and Resources
  • Teacher Training
  • Initiatives in Education
  • Electrical Fatality Statistics
  • Electricity in the Workplace
  • Overhead Power Lines
  • Underground Cables
  • Video - Dangers from Power Lines on Farms
  • Role of the Commission for Regulation of Utilities
  • HSA & Other Organisations
  • IS 10101 National Rules for Electrical Installation
  • Works Needing Certification
  • Employees Duties
  • Fire Detection and Warning
  • Emergency Escape and Fire Fighting
  • Fire Prevention
  • First Aid Frequently Asked Questions
  • Electricity
  • Pedestrian safety
  • Manual Handling Hazards
  • Slips, Trips and Falls
  • Working at Height
  • Lone Workers
  • Myth 1: Inspections and Fines
  • Myth 2: Health and Safety is Expensive
  • Myth 3: Red Tape Hindering Business
  • Myth 4: Manual Handling Training
  • Myth 5: Everything Banned
  • Horticulture
  • Human Factors
  • Illness Reports
  • HSA Inspections
  • Recording Inspections
  • What to Expect When the Inspector Calls
  • Actions of Inspectors
  • Powers of Inspectors
  • Workplace Fatalities
  • The Appeals Process

Prosecutions 2018

  • Prosecutions 2017
  • Prosecutions 2016
  • Prosecutions 2015
  • Prosecutions 2014
  • Prosecutions 2013
  • Prosecutions 2012
  • Prosecutions 2011
  • Prosecutions 2010
  • Prosecutions 2009
  • Prosecutions 2008
  • Prosecutions 2007
  • On Indictment
  • Liquid Petroleum Gas (LPG)
  • Safety, Health and Welfare at Work Act 2005
  • Safety and Health Management Systems
  • Safety Representatives and Consultation
  • Safety Statement and Risk Assessment
  • Manual Handling Guidance Documents
  • Manual Handling Case Study Video Series 1
  • Manual Handling Case Study Video Series 2
  • Manual Handling FAQ's
  • Manual Handling Research reports
  • Selling Goods on the EU Single Market
  • Joint Market Surveillance Action on HARmonised Products 2021 Omnibus (JAHARP2021 Omnibus)
  • Motor Factors
  • Respiratory Protective Equipment
  • Noise at Work
  • Noise - Frequently Asked Questions
  • Safe Maintenance - Reducing Noise
  • Health Surveillance – Noise
  • Vibration at Work
  • HAV Risk Assessment
  • Optical Radiation at Work
  • Electromagnetic Fields
  • Agency Roles
  • Posted Workers
  • Prosecutions
  • Public Consultation
  • Remote Working
  • Safety Alerts
  • Frequently Asked Questions
  • Safety Signs
  • General Simple Safety
  • Simple Safety in Retailing
  • Simple Safety in Food and Drink
  • Simple Safety in other Languages
  • STF Online Courses
  • Further Information
  • Mapping Hazards
  • Stairs and Steps
  • Slippery Surfaces
  • Identify Risks
  • Measuring Slip Resistance
  • Selecting Surfaces
  • Information with Flooring
  • Metal and Profiled Surfaces
  • Communicate
  • Housekeeping
  • Shoes, Footwear
  • Communication
  • Sample Risk Assessment
  • Over-used Signs
  • Fatal Injury
  • Non-Fatal Injury and Illness
  • Agriculture, Forestry and Fishing
  • Mining and Quarrying
  • Manufacturing
  • Electricity; Gas, Steam and Air Conditioning Supply
  • Water Supply, Sewerage, Waste Management and Remediation Activities
  • Wholesale and Retail Trade; Repair of Motor Vehicles and Personal Goods
  • Transportation and Storage
  • Accommodation and Food Service Activities
  • Information and Communication
  • Financial and Insurance Activities
  • Real Estate Activities
  • Professional, Scientific and Technical Activities
  • Administrative and Support Service Activities
  • Public Administration and Defence; Compulsory Social Security
  • Human Health and Social Work Activities
  • Arts, Entertainment and Recreation
  • Other Service Activities
  • Annual Review of Workplace Injury, Illness and Fatality Statistics
  • Other Statistical Reports
  • European Statistics on Accidents at Work
  • CSO Labour Force Survey Data
  • Sun Protection
  • Ventilation
  • Social Partners Guidelines - violence - harassment
  • Vulnerable Workers
  • Welfare Payments
  • Winter Readiness
  • Work at Height
  • Work Positive Project 2008/2009
  • Work Positive Project 2005-2007
  • Stress in the Workplace
  • Legal Requirements
  • Work Related Vehicle Statistics
  • Vehicle Risks
  • Forklift Trucks
  • Transport of Dangerous Goods by Road (ADR)
  • Managing Health and Safety
  • Liabilities of Directors
  • Protecting your Workplace's Reputation and Assets
  • Benefits of Creating a Positive Safety Culture
  • Organising Safety and Health in your Workplace
  • Safety and Health Monitoring
  • Roles and Responsibilities for Directors
  • Precautions & Risk Assessment
  • Legislation & Enforcement
  • Agriculture Code of Practice
  • Online Risk Assessment FAQs
  • Updated Agriculture Safety Videos
  • Farm Safety Partnership Advisory Committee
  • ATVs / Quad Bikes
  • Guidance on the Safe Handling of Cattle on Farms
  • Safe Handling of Cattle on Farms Information Sheet
  • Cattle Handling in Marts and Lairages
  • Children's Book 'Stay Safe on the Farm with Jessy'
  • Farm Safety During Lambing
  • Sábháilteacht Feirme le linn Breith Uain
  • Farm Safety During Calving
  • Sábháilteacht Feirme le linn Breith Lao
  • Using Petrol Driven Chainsaws
  • Chainsaw Felling of Large trees
  • Selecting & Monitoring of Contractors
  • Mechanical Harvesting
  • Extraction by Forwarders
  • Electricity at Work
  • Chainsaw Snedding
  • Cross Cutting & Manual Stacking
  • Chainsaw Clearance of Windblow
  • Felling & Manual Takedown
  • Chainsaw Safety Training Advice
  • Forest Owners & Managers who intend to fell trees - Info Sheet
  • Code of Practice for Managing Safety & Health in Forestry Operations
  • Child Tractor Safety
  • Farmers over 65 Years
  • Falls & Collapses
  • Farmer Health
  • Fire Electricity & Chemicals
  • Manual Handling Slips & Trips
  • Timber Work
  • Video Index
  • Online Farm Safety Course
  • FarmFamilyCPD.ie
  • Hospitality General
  • Leisure Areas
  • Larger Machinery
  • Simple Safety
  • Role Finder Tool
  • Chemicals A-Z
  • BeSmart Risk Assessment Tool
  • Chemicals Act Guidance
  • ECHA Guidance & FAQs
  • ECHA Website
  • ECHA Webinars
  • E-Bulletin Archive
  • Helpdesk Information
  • Pesticides Control
  • Poison Centre
  • ADR - Carriage of Dangerous Goods by Road
  • What is Asbestos
  • Asbestos Surveys
  • Latest News
  • Safety Alert
  • Asbestos FAQs
  • Asbestos risks in safes and fire resistant cabinets
  • E-Learning Course
  • Asbestos Legislation
  • Restrictions and Exemptions
  • Guidance Document
  • Asbestos Removal
  • Analysts and Laboratories
  • Asbestos Notifications
  • Asbestos Waivers
  • Other Agencies with Responsibility for Asbestos
  • The Chemicals Act
  • What are Chemicals Agents?
  • Risk Assessment
  • What are Carcinogens and Mutagens?
  • Carcinogens and Cancer
  • Roadmap on Carcinogens
  • REACH Restriction
  • Information for Suppliers and Retailers
  • Training Requirements
  • Posters (Available in Several Languages)
  • Health Surveillance and Monitoring
  • Introduction to Welding
  • Welding Risk Assessment
  • Case Studies
  • Chemical Agents Legislation
  • Carcinogens Legislation
  • Chemical Weapons
  • Classification
  • Introductory Guidance on the CLP Regulation
  • CLP Regulation (EC) No 1272/2008
  • Understanding CLP
  • Publications and Guidelines
  • External Resources
  • Health Hazards
  • Environmental Hazards
  • Notification to NPIC
  • Notification to the C&L Inventory
  • Roles and Duties
  • Introduction to COMAH
  • Legislation
  • Inspections
  • Useful Links on Major Accidents
  • Notifications
  • MAPP and Safety Management
  • Safety Report
  • Timelines for Submission of COMAH Documentation
  • Significant Modifications
  • Reporting COMAH Accidents
  • Information to the Public Overview
  • List of all Establishments by Tier
  • Lower Tier Establishments by County
  • Upper Tier Establishments by County
  • Objectives of Emergency Plans
  • Testing and Review of Emergency Plans
  • Local Competent Authority Annual Report
  • Internal Emergency Planning
  • External Emergency Planning
  • Role of the HSA in Land-use Planning
  • Consultation Distance
  • Societal Risk
  • Request for Technical Advice
  • HSA Approach to Land Use Planning
  • COMAH Regulations 2015
  • Guidance on Technical Land-use Planning Advice
  • MAPP Guidance for Lower Tier Operators
  • Intermediate Temporary Storage
  • LCA Annual Report on Activities
  • Electronic Notification
  • Request for TLUP Advice
  • Schedule 7 Notifiable Incident
  • LCA Annual Report of Activities
  • MAPP Assessment form for Lower Tier Establishments
  • News Updates
  • What are Detergents
  • Detergent Regulations
  • Detergent Labelling & Packaging requirements
  • Using and Storing Detergents
  • Ingredient Data Sheets
  • Liquid Laundry Detergent Capsules
  • Biocidal detergent products
  • EU Derogation for Surfactants
  • EU Chemicals Strategy for Sustainability Conference 2023
  • DNAs in Ireland
  • Obligations of EU Exporters
  • Obligations of EU Importers
  • Chemicals Subject to Export/Import Notification
  • The Role of the Authority
  • Nanomaterials
  • Roles and duties under REACH
  • SVHCs and Authorisation
  • How does a chemical get onto Annex XVII of REACH
  • Annex XVII Updates of REACH
  • Information in the Supply Chain
  • Notification of Substances in Articles
  • The registration process
  • Only representative
  • Duty to inquire
  • Downstream users
  • Questions and Answers
  • ECHA provides advice on new hazard classes for substances and mixtures
  • PFAS restriction proposal
  • New obligations for sale of Diisocyanate products from 24th August 2023
  • EU-wide project found excessive levels of hazardous chemical in products sold to consumers
  • ECHA have published the Draft CoRAP for 2024-2026- for 2024 proposed substances’, registrants are encouraged to update their dossiers before March 2024
  • HSA information sheet on regulatory obligations of EU candle and reed diffuser producers
  • ECHA’s Shaping Tomorrow Conference is coming up on 28th February 2024
  • ECHA adds five hazardous chemicals to the Candidate List
  • ECHA consults on recommending five substances for REACH authorisation
  • Selling chemical products online
  • Poison Centre Notification
  • Obligations for producers of candles/diffusers
  • Safety Data Sheets
  • Keep your registration up to date
  • Chemical Risk Assessment
  • Read the back
  • REACH Authorisation List
  • REACH Candidate List
  • Paint containing MEKO
  • Candles and reed diffusers containing LILIAL
  • ECHA & EU Consultations
  • HSA Consultations
  • Project Supervisor Design Process (PSDP)
  • Project Supervisor Construction Stage (PSCS)
  • Contractors
  • Create a Site Specific Safety Statement
  • Create a Construction Stage Safety and Health Plan
  • Risk Assessment Method Statement (RAMS) Template and Guidance
  • Create a Construction Site Traffic Management Plan
  • Information for Employees
  • Other Useful Resources
  • hsalearning.ie for Construction
  • Construction Skills Certification Scheme (CSCS)
  • Duties as a Designer
  • Good Design Practice
  • Construction Site Traffic Management Plan
  • Safe use of Dumpers
  • The Lighthouse Club
  • Construction Workers Health Trust
  • CAIRDE On Site. In Mind.
  • Construction Safety Partnership Advisory Committee
  • Construction Regulations Amendment 2019
  • Auxiliary Devices
  • Safety File
  • Excavations
  • Diving at Work
  • Hiring Diving Contractors
  • Diving Methods
  • Dive Team Size
  • Diving Training
  • Compression Chambers
  • Emergency Equipment
  • Diving Medicals
  • Fitness to Dive
  • Mutual Recognition
  • Diving and Pregnancy
  • Reporting Accidents and Dangerous Occurrences
  • Underwater Heritage Orders
  • Health and Safety Management
  • Emergency Plans
  • Docks Code of Practice
  • Common Hazards
  • Container Terminals
  • Dry Bulk Terminals
  • Roll On Roll Off (Ro-Ro) Terminals
  • Useful Websites & Publications
  • Legislation and Enforcement
  • Who's Who in Fishing Safety
  • Maritime Legislation
  • The Sea Fishing Sector
  • Top 10 Tips
  • Management of Health and Safety
  • Emergency Contacts
  • The Safety Statement
  • Safe Systems of Work
  • Instruction, Training and Supervision
  • Injuries and Ill Health
  • Slips and Trips
  • Manual Handling
  • Dangerous Chemicals
  • Instability
  • Publications and Useful Websites
  • Lifejackets
  • Regulations
  • Information and Guidance
  • The Health and Social Care Sector
  • Health and Social Care Regulators
  • Health and Social Care Illness and Injury Statistics
  • Sharps Directive and Regulations
  • Healthcare Waste
  • Specific Biological Agents
  • Chemical Agents
  • Electricity and Healthcare
  • Musculoskeletal Disorders
  • Slips Trips and Falls in Healthcare
  • Work Related Stress
  • Violence and Aggression
  • Work Equipment
  • Emergency Department
  • Ambulance Services
  • Outpatients
  • Stores / Warehouse
  • Technical Services
  • Maintenance Workshop
  • Lounge / Activity Room
  • Sluice Room
  • Garden / Grounds
  • Nurse's Station
  • Hallway / Corridor
  • Mining Legislation and Notifications
  • Promotional Activities
  • Disused Mines and Shafts
  • Mines Rescue
  • Mining in Ireland
  • Mining Techniques Used in Ireland
  • Managing for Health and Safety
  • Health and Safety in Education Sector
  • Heath and Safety in Healthcare Sector
  • Health and Safety in Central Government
  • Health and Safety in Local Government
  • HSALearning
  • Healthy Ireland
  • State Claims Agency
  • Chemical Exposure
  • Dust Including Silica Dust
  • Whole Body Vibration
  • Muscoskeletal injury
  • Quarry Accident and Inspection Statistics
  • What to Expect from an Inspection
  • HSA Quarry Sector Resources
  • Safe Quarry Guidance
  • Statutory Notifications
  • Quarries Legislation and Guidance
  • Quarry Workers Guide
  • Other Quarry Industry Groups
  • Publications and Videos
  • Quarry Safety Week
  • All Island Seminar 2018 Exhibitors Info
  • All Island Seminar 2018 Delegates
  • Vehicle Access
  • Driver Selection and Training
  • Construction of Haul Roads
  • Reversing and One-way Systems
  • Selection of Equipment
  • Inspection of the Working Face
  • Significant Hazards
  • Overburden Stripping
  • Trespass, Boundary Fencing and Prevention of Drowning
  • Drilling of Shotholes
  • Danger Zones
  • Disposal of Surplus Explosives
  • Blast Specification
  • Duties of Shotfirer
  • Face Profiling and Drill Hole Logging
  • Edge Protection during drilling and loading
  • Management of Lagoons and settling ponds
  • Management of Tips and Stockpiles
  • Inspection, Appraisal and Geotechnical assessment
  • Asphalt Plant Safety
  • Machinery and Conveyor Initiative 2020
  • Work Permits and Isolation of Equipment
  • Tyre Changing and Repair
  • Workshop Safety
  • Maintenance Work at Height
  • Guarding Return Idler Rollers
  • Mobile Crushing and Sizing
  • Conveyor Guarding and stops - pull wires
  • Clearing Blocked Crushers
  • Batching Concrete, Block and Asphalt Plants
  • Renewable Energy
  • Taking Care of Business
  • Getting Started
  • Safety Statement
  • Recommended Publications
  • Micro Business
  • Vehicle Incident Trends
  • Work Related Vehicle Safety
  • Workplace Transport Safety
  • Working on or near a road
  • Driving for work
  • Vehicle Maintenance
  • Chemical Agents and Carcinogens
  • Information to the Public
  • Export / Import
  • Nanotechnology
  • Chemicals Acts 2008 and 2010
  • Chemical Weapons Act 1997
  • Organisation of Working Time Act 1997
  • Safety Health and Welfare (Offshore Installations) Act 1987
  • Safety in Industry Act 1980
  • Dangerous Substances Act 1972
  • European Communities Act 1972
  • Factories Act 1955
  • Code of Practice for the Chemical Agents Regulations
  • Code of Practice for Preventing Injury and Ill health in Agriculture
  • Farm Safety Code of Practice - Risk Assessment document
  • Code of Practice for the Design and Installation of Anchors
  • Code of Practice for Working in Confined Spaces
  • Working on Roads Code of Practice - for contractors with three or less employees
  • Code of Practice for Avoiding Danger from Underground Services
  • Code of Practice for Safety in Roofwork
  • Code Of Practice for Biological Agents
  • More Codes of Practice
  • Online Complaint Form
  • Agriculture
  • Chemical and Hazardous Substances
  • Docks and Ports
  • General Application Regulations
  • Health and Social Care Sector
  • Information Sheets
  • Latest Publications
  • Machinery and Work Equipment
  • Manual Handling and Musculoskeletal Disorders
  • Mines and Quarries
  • Occupational Health
  • Physical Agents
  • Research Publications
  • Safe System of Work Plan (SSWP)
  • Safety and Health Management
  • Slips Trips and Falls
  • Work Related Vehicles
  • EU Weekly RAPEX Alerts
  • The Benefits
  • Risk Assessments Made Easy
  • Safety Statements Made Simple
  • hsalearning.ie
  • Work Positive
  • Publications, Top Tips and Videos
  • Workplace Health Toolkit for Businesses
  • Simple Safety Series
  • Safety Representatives
  • New Publications and Resources
  • Resources in Different Languages
  • Post-Primary Guidelines
  • Post-Primary Guidelines - Safety Statement Checklist Word Documents
  • Post-Primary Guidelines - Safety Statement Checklist PDFs
  • Post-Primary Guidelines - Part B - FAQs
  • Post-Primary Guidelines - Part C - Risk Assessment Templates
  • Primary Schools Guidelines - Short Guide
  • Primary Schools Guidelines
  • Video on Primary School Guidelines
  • Interactive Risk Assessments – Primary
  • Treoirlínte ar Bhainistiú Sábháilteachta, Sláinte agus Leasa i mBunscoileanna
  • Treoirlínte maidir le Bainistiú Sábháilteachta, Sláinte agus Leasa in Iar-Bhunscoileanna
  • 'What's Under the Sink?' Household Chemicals SPHE Presentation – Primary students
  • 'What's Under the Sink?' – Primary teacher guidelines
  • Farm Safety Presentation - Primary teachers
  • On the Farm Videos - Primary students
  • Choose Safety / Get Safe Work Safe - Transition Year teachers / students
  • Choose Safety – Post Primary / Further Education
  • Keep Safe on the Farm – Post Primary students
  • Graduate.ie – Post Primary students
  • Roghnaigh an tSábháilteacht
  • Post Primary
  • Choose Safety
  • Courses for Apprentices on hsalearning
  • Workplace Health and Safety Induction hsalearning course
  • Get Safe Work Safe hsalearning course
  • Mainstreaming
  • Only a Giant can Lift a Bull
  • Too Cold for Sharks
  • Health and Safety Training Providers
  • Online Course for Schools
  • Online Courses for Students
  • Your Safety, Health and Welfare in Healthcare - Online Course
  • Online Course Information Leaflets
  • Safety, Health and Welfare Induction
  • New Resources
  • Translated Resources
  • Work Related Vehicles Safety Program Plan and Priorities for 2016-2018
  • Public Consultation on new Code of Practice - Safe Industrial Truck Operation
  • Vehicle Related Accident Trends
  • Falls from Vehicles
  • Vehicle Overturns
  • How to Manage Work Related Road Risks
  • Online Vehicle Risk Management Resource (EU Commission)
  • Winter Driving Tips
  • Grey Fleet Driver Declaration Form
  • Managing Grey Fleet Information Sheet
  • HSA and UCD joint webinar on Work Related Road Fatalities
  • Driving for Work TV Ad
  • Employer Responsibilities
  • Driving for Work YouTube Channel
  • Online Course
  • Driver Health
  • Driver Handbook
  • Road Safety Law
  • Managing Your Employees
  • How to Manage Driving for Work
  • Evaluating Road Safety Risks Movie
  • Benefits for the Community
  • Vehicle Safety Pre-Checks
  • Vehicle Risk Management Business Case Studies
  • New Guidance – Safe and Efficient Goods Reception for Road Freight
  • Managing Workplace Priority Risks
  • Workplace Transport E-Learning Courses
  • Managing Pedestrians at Work
  • Warehousing Safety
  • Guidance and Publications
  • Load Securing Videos
  • Working on Roads Guidelines
  • Safety in Road Work Zones - PRAISE Report 2011
  • Guidance and Information
  • Transport & Storage Sector Incident Trends
  • Behaviour Based Safety Guide Part 1
  • Behaviour Based Safety Guide Part 2
  • Top Ten Tips for Behavioual Safety - Factsheet
  • Are you being Bullied ?
  • Bullying - Employer Perspective
  • Bullying - Employee Perspective
  • Ergonomic Risk Assessment Tools
  • Manual Handling Videos Series 1
  • Manual Handling Videos Series 2
  • BeSMART Videos
  • Miscellaneous Videos
  • Infographics
  • Display Screen Equipment FAQs
  • Manual Handling FAQs
  • Manual Handling Training System FAQs
  • Other Links
  • Further Reading and Information
  • Occupational Dermatitis Frequently Asked Questions
  • Occupational Asthma Frequently Asked Questions
  • Pregnant at Work Frequently Asked Questions
  • Workplace Stress (AKA Work-Related Stress)
  • The Role of the HSA
  • What is WorkPositiveCI
  • What Workplace Stressors does WorkPositiveCI Measure
  • How to Implement WorkPositiveCI in your Workplace
  • Guidance - Work-related Stress a Guide for Employers
  • Guidance - Work-related Stress Information Sheet for Employees
  • Managing Psychosocial Hazards in the Workplace Information Sheet
  • Healthcare - Work-related Stress Webpage
  • Homeworking - Managing Stress whilst Working from Home
  • Podcast - Questions and Answers on Stress and Bullying at Work
  • HSE (UK) Management Standards on Work-related Stress
  • Job Stress and Working Conditions Report (2019) ERSI
  • Healthcare - Work Related Stress Mental Health Promotion in the Healthcare Sector (EU OHSA)
  • Practical Advice for Workers on Tackling Work-Related Stress and its Causes (EU OSHA)
  • Critical Incident Stress Management Network Ireland
  • Inspector Grade II – Chemical Market Surveillance
  • Inspector Grade II – Environmental Risk Assessment (Chemicals)
  • Executive Officer
  • Board Vacancies
  • General Information for Applicants
  • Working with the HSA
  • Recruitment Policy
  • About the HSA
  • Social Media
  • Webinar Recordings
  • Previous Events
  • Workers' Memorial Day
  • Press Releases 2024
  • Contacting the HSA during the COVID-19 crisis
  • Media Queries
  • Newsletters & Bulletins
  • Focal Point Network
  • European Healthy Workplaces Campaign 2023-2025
  • European Healthy Workplaces Campaign 2020-2022
  • European Healthy Workplaces Campaign 2018-2019
  • European Healthy Workplaces Campaign 2016-2017
  • European Union Senior Labour Inspectors Committee (SLIC)
  • HSA on Facebook
  • HSA on YouTube
  • HSA on LinkedIn
  • HSA on Twitter
  • Press Releases 2023
  • Press Releases 2022
  • Press Releases 2021
  • Press Releases 2020
  • Press Releases 2019
  • Press Releases 2018
  • Press Releases 2017
  • Press Releases 2016
  • Press Releases 2015
  • Press Releases 2014
  • Press Releases 2013
  • Media Campaigns
  • Board Member Profiles
  • Organisational Structure
  • Vision, Mission and Mandate
  • Strategic Priorities
  • Prompt Payment Details
  • Purchase Orders in Excess of €20,000
  • Financial Statements and Reports
  • Why Contact the HSA Contact Centre
  • HSA Contact Centre Service Levels
  • Make a Complaint
  • Protected Disclosures Annual Report
  • HSA Contact Centre
  • Protected Disclosures

Please Note

Our website uses cookies to enhance your browsing experience and to collect information about how you use this site to improve our service to you. By not accepting cookies some elements of the site, such as video, will not work. Please visit our Cookie Policy page for more information on how we use cookies.

  • News, Events & Media
  • Customer Service
  • RSS News Feed
  • Follow HSA on Twitter
  • Subscribe to our newsletter
  • Bullying at Work
  • Business Licensing and Notification Requirements
  • Health and Safety Myths
  • Market Surveillance
  • Personal Protective Equipment - PPE
  • Slips Trips Falls
  • Violence at Work
  • Workplace Stress
  • Work Safely
  • Agriculture & Forestry
  • Catering and Hospitality
  • Flammable liquids and Fuels Retail Stores - NEW
  • Public Sector
  • Small Business
  • Publications
  • Employer and Employee Supports
  • New Publications and Translated Resources
  • Managing Safety and Health in Schools
  • Teacher Support And Classroom / Student Resources
  • Safety and Health Initiatives in Education
  • Health and Safety Courses Online
  • Driving for Work
  • Load Securing
  • Working On or Near a Road
  • Transport and Storage
  • Accidents and Behaviour
  • Manual Handling & Display Screen Equipment
  • Occupational Asthma and Dermatitis
  • Sensitive Risk Groups

Submission completed, thank you!

Subscribe to hsa publications, subscribe to hsa chemicals publications.

U.S. flag

An official website of the United States government.

Here’s how you know

The .gov means it’s official. Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure. The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Recommended Practices for Safety and Health Programs

Case studies.

To help start or improve your organization's safety and health program, see the case studies listed below for lessons learned and best practices.

  • The Electric Power Industry relies on Safety and Health Programs to keep workers safe on the job ( PDF )
  • Hazards that OSHA's voluntary On-Site Consultation Program helped companies identify.
  • Methods companies implemented to correct the hazards.
  • Business practices that changed to prevent injuries and illnesses.
  • Challenges, successes, and overall impact on businesses.
  • More than 60 success stories from 2008 through 2016 are presented from a wide range of industries throughout the country.
  • You can read stories highlighting successes and best practices from companies participating in VPP – 21 recent stories arranged by industry - as well as 26 archived stories from 1994 to 2010 .
  • Read about "CEOs Who Get It":
  • 2016 | 2015 | 2014 | 2013 | 2012 | 2011 | 2010 | 2009
  • Noble Corporation
  • Johnson and Johnson
  • DM Petroleum Operations
  • Fluor Hanford
  • Schneider Electric
  • Dow Chemical

Recommendations for Safety and Health Programs cover

  Download

Recommended Practices for Safety and Health Programs (en Español)   Download

Recommended Practices for Safety and Health Programs in Construction   Download

Email Gowling WLG

Canada: Occupational Health And Safety : Five Cases You Need To Be Aware Of

As 2012 draws to a near, it is appropriate and indeed advisable to take a close look at what the courts and tribunals have been doing in the occupational health and safety and legal arena. I have picked five cases that rise above the hundreds that have been decided across Canada this year. These five cases are the subject of my presentation at the Gowlings Annual Workplace Risk Management Year in Review conference and may impact your organization in the future. At least five cases, in the author's view, should be well understood and also the subject of review of your occupational health and safety management system to ensure that you do not fall into some of the traps demonstrated in some of these cases.

1. R. v. Larry Argue et al:

Larry Argue was the structural engineer retained by Alan Grinham to work on behalf of a consultant for an Ontario municipality regarding the construction of a washroom facility and change room in a public sports field. Several years after the design and construction of the facilities, a 14-year-old school girl hopped up on a change table, causing an unsecured privacy wall to collapse with fatal results.

The Ministry of Labour prosecuted the municipality, the architect and the engineer. In a pre-trial motion, all three defendants argued that the charges had been laid in excess of 12 months beyond the design and construction of the facility. The defendants all argued that the offences were limited to a point in time, that the time limit for laying charges had expired before the fatal accident occurred and that they were all beyond the reach of the Ministry of Labour for prosecution under the Occupational Health and Safety Act ( OHSA ). Justice Epstein held that the engineer and the architect indeed could rely upon a statute of limitations defence. He accepted that the role of the architect and the engineer under the OHSA was a discrete, point in time involvement of either providing advice or appropriate certification. However, he held that the municipality was under a continuing duty to provide a safe workplace, to both workers and members of the public, such as the fatally injured school girl, and the charges were not dismissed against the municipality. This case is a dire warning for all employers who have duties not only to workers but to members of the public as well.

2. R v. Town of Meaford Fire Department

The Fire Service of Ontario, and across Canada for that matter, have had to walk a tightrope trying to meet public expectations that they perform heroic emergency services while maintaining high standards of occupational health and safety. This tension was clear in the decision of Justice Stinson, when he acquitted the Town of Meaford Fire Department from charges under the OHSA .

The charges arose from an incident where the volunteer fire department responded to a fire in an apartment above a local restaurant very early one morning. The fire department responded, using appropriate tactics including an interior search and seizure. In the course of that rescue attempt, the self-contained breathing apparatus of one firefighter malfunctioned and although extricated from the burning building, both firefighters suffered smoke inhalation. The Ministry of Labour prosecuted the Town of Meaford Fire Department. The court acknowledged that a standard of perfection regarding worker safety is unfair and contrary to the public interest. On the other hand, some of the obiter dictum suggests that if a fire department does not follow its own internal standard operating guidelines and provincial guidelines, it may find itself at the wrong end of a prosecution and be convicted.

3. Investia Financial Services

The Bill 168 amendments to the OHSA required certain violence and harassment policies, procedures and training to take place effective June 15, 2010. An employee dismissed for insubordination brought a reprisal complaint to the Ontario Labour Relations Board (OLRB), on the basis that he had been dismissed for exercising his right to complain about harassment in the workplace. In a very important decision, the OLRB held that the two primary purposes of the Bill 168 amendments were to first create a workplace harassment policy and program, and second to provide workers with information and instruction as appropriate for their particular workplace.

The OLRB was not persuaded in this case that there was a general duty on the part of employers to prevent harassment of employees by other employees under Bill 168. The OLRB also went on to hold that this case, even if the board did exercise jurisdiction to hear and decide it, failed on its merits. This decision of the OLRB has set the standard for minimal rights on the part of workers to attack employers' decisions to discipline up to and including discharge, if there is a credible answer by the employer relating to insubordination. Bill 168 cannot be used as a "cure all" for disgruntled employees to seek reinstatement under s. 50 of the OHSA .

4. Garda and Teamsters Decision

The Garda decision involving a work refusal grievance is an important reminder of work refusal procedures to be followed by employers. In this arbitration decision, a security guard working for Garda complained that his bulletproof vest zipper was torn and it could not be used safely. The worker's supervisor provided the grievor with a vest from a "used part-time pool"; however the grievor refused to use this replacement equipment citing hygienic and fit reasons. The grievor, however, did offer to accept work that did not require the use of a bulletproof vest. That solution was not acceptable to management and the grievor was sent home and lost pay for an eight-hour shift. Upon being grieved, the arbitrator held that the employer did not follow the fairly clear and well established process of a work refusal. Section 43 of the OHSA in Ontario requires that if there is a continuing work refusal, a Ministry of Labour inspector must be called in to determine if the circumstances under which the worker has been directed to work constitute "likelihood of endangerment of the worker."

Since the second stage investigation involving the Ministry of Labour was not complied with, the employer failed to respect the process set out in the OHSA . As a result, the grievor was awarded eight hours of back pay. This case is a stark reminder to employers that they, and their first line management, must be very familiar with the work refusal process and the right of a worker to refuse to do unsafe work, even if the employer disagrees with the basis upon which the worker refuses to do the work.

5. R. v. Metron Construction and Joel Swartz

This case almost needs no introduction since it flows from the events that occurred on Christmas Eve 2009. Four workers died when two swing-stage scaffolds broke apart, and only two of the six workers on the scaffold had safety lines and did not fall to their death. Both the president of the company, Mr. Swartz, and his single director corporation, Metron Construction, were charged with both OHSA and criminal negligence causing death and bodily injury charges.

Ultimately, partway through a criminal preliminary inquiry, there was a resolution such that the president pleaded guilty to four counts of violating the OHSA , and his corporation pleaded guilty to criminal charges under the Bill C-45 amendments to the Criminal Code. Although there has been much criticism of the fi ne against the company only amounting to $200,000.00, His Honour Judge Bigelow, a very experienced and capable trial judge, held that to impose a higher fine would essentially result in the bankruptcy of the company and also ignore a number of the mitigating factors in the corporate defendant's favour.

The real lesson of Metron Construction, apart from the criminal prosecutions and charges against the director and president of the company, is that life is precious, safety systems must be implemented, and focus on workplace safety is always a good business decision. Otherwise, lives may be lost or ruined and business reputations irreparably damaged.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

View Gowling WLG Lexpert Profile

  © Mondaq® Ltd 1994 - 2024. All Rights Reserved .

Login to Mondaq.com

Password Passwords are Case Sensitive

Forgot your password?

Why Register with Mondaq

Free, unlimited access to more than half a million articles (one-article limit removed) from the diverse perspectives of 5,000 leading law, accountancy and advisory firms

Articles tailored to your interests and optional alerts about important changes

Receive priority invitations to relevant webinars and events

You’ll only need to do it once, and readership information is just for authors and is never sold to third parties.

Your Organisation

We need this to enable us to match you with other users from the same organisation. It is also part of the information that we share to our content providers ("Contributors") who contribute Content for free for your use.

health and safety breach case study

Health and Safety Executive

This website uses non-intrusive cookies to improve your user experience. You can visit our cookie privacy page for more information.

  • Free updates

Breach list

Download all results as an excel file .

Is this page useful?

14th November, 2023

191 CDM 2015 Prosecutions (Breaches, Fines And Prison Time)

There have been 191 prosecutions under CDM since the latest version came into force in 2015. There have now been over £16m in fines, and 2022 saw the largest fine to date under CDM 2015 (£900,000). Let's look at - and learn from - the HSE data.

191 CDM 2015 Prosecutions (Breaches, Fines And Prison Time) header image

This post was first published in 2019 and has been updated with the latest convictions data from the HSE.

There have been 191 prosecutions under CDM since the latest version of the regulations came into force in 2015. In this post, we will look at all of the convictions under CDM 2015 since this latest version of CDM was introduced nearly 10 years ago.

The Construction (Design and Management) Regulations, often referred to as the CDM regulations , have been around for some time. However, it looks as though the HSE are becoming much more active in taking action against businesses found to be in breach of the regulations.

There were 305 prosecutions under the previous CDM 2007 version , with the largest fine being £1.5m in a 2016 prosection.

While that's more prosecutions overall compared to CDM 2015, prosecutions under the 2015 version only really started hitting the courts in 2016 as cases take time to prepare.

We could only find 8 prosecutions under CDM 1994 , which as far as trends go, certainly shows that there has been a big increase in action taken by the HSE in more recent years. The fines were also smaller, the biggest being £16,000. It should also be noted that CDM covers more now than it did then .

The number of convictions under CDM 2015 has more than doubled (from 95 to 191) since we last looked at the data in 2019. More surprising is that the fines have nearly tripled (from £6.7 to £16.3) - meaning that the average fine is larger per conviction.

What can we learn about CDM from the recent prosecutions? What punishments have been given, what breaches are most common, and how can you avoid the same mistakes?

CDM 2015 prosecutions

Prison Time

In 2018, a Manchester-based property developer was sentenced to 8 months in prison for breaches under CDM. The primary breach was under part 4 of the regulations for the stability of structures. This was a serious case, involving the uncontrolled partial collapse of a structure (although no one was hurt due to the closure of the unsafe site by the HSE).

19.—(1) All practicable steps must be taken, where necessary to prevent danger to any person, to ensure that any new or existing structure does not collapse if, due to the carrying out of construction work, it— may become unstable; or is in a temporary state of weakness or instability. The Construction (Design and Management) Regulations 2015 Stability of structures

2018 also saw the handing out of a suspended sentence and 2 cases resulting in community services for breaches under CDM 2015.

In 2022, a suspended prison sentence (plus a £100,000 fine for the company) was issued to a company directory for CDM breaches that resulted in the death of a subcontractor.

Similarly to the previous CDM breach involving a prison sentence, the 2022 conviction involved demolition work and structural collapse.

The vast majority of CDM 2015 prosecutions result in fines. They can range from a few thousand to hundreds of thousands of pounds. Breaches under CDM average at over £80,000 and go up to £900,000 - so significant penalties can be expected for major breaches.

Biggest Fine = £900,000

The largest fine under CDM 2015 is £900,000, issued in April 2022. The case involved a worker striking a live underground cable with an excavator.

The company involved breached CDM regulation 13. This relates to the principal contractor's duty to plan, manage and monitor the construction phase, and carry out work without risk to health and safety.

⬆️ This is an increase of over £100,000 from the previous largest fine of £800,000 in January 2018. The company involved in the 2018 case also breached regulation 13 (principal contractor duties).

2021 also saw two massive fines under CDM of £750,000 and £700,000 - showing that larger fines are not that rare.

The total fine in the 2022 case was over £1m, as the subcontractor involved was also fined £180,000 (the extra fine was under the Health and Safety at Work Act so we didn't include that in our stats).

The total fine in the 2018 case was actually £1.1m, as the subcontractor involved was also fined (the extra fine was under the Work at Height Regulations so we didn't include that in our stats).

Average Fine = £85,471

The average fine resulting from prosecutions under CDM 2015 is a whopping £85,471.79

⬆️ This is an increase of over 20% from £71,150 in our 2019 report.

person holding cash money

Total Fines = £16.3m

Since the first prosecution under CDM 2015 in August 2015, there have been 174 fines issued totalling £16,325,110.98.

So what can we learn, other than failing to comply with CDM can result in mega-fines and prison time?

When prosecuting under CDM, the HSE specify the particular part of the regulation that has been breached. This gives us an idea of what part of the regulations people (and businesses) are failing to comply with.

The following breakdown shows where the majority of CDM 2015 breaches occurred.

  • Regulation 4 (12 Breaches) Client Duties
  • Regulation 6 (2 Breaches) Notification
  • Regulation 8 (1 Breach) General Duties
  • Regulation 11 (1 Breach) Principal Designer Duties
  • Regulation 12 (1 Breach) Construction Phase Plan and Health & Safety File
  • Regulation 13 (72 Breaches) Principal Contractor Duties
  • Regulation 15 (48 Breaches) Contractor Duties
  • Regulation 16 (5 Breaches) Part 4
  • Regulation 17 (2 Breaches) Safe Places of Work
  • Regulation 18 (3 Breaches) Good Order and Site Security
  • Regulation 19 (17 Breaches) Stability of Structures
  • Regulation 20 (4 Breaches) Demolition
  • Regulation 22 (8 Breaches) Excavations
  • Regulation 25 (3 Breaches) Energy Distribution
  • Regulation 27 (6 Breaches) Traffic Routes
  • Regulation 28 (1 Breach) Vehicles
  • Regulation 29 (5 Breaches) Fire, Flooding or Asphyxiation

Most of the breaches (over 50%) have been by principal contractors and contractors failing to comply with their CDM duties . The majority of the defendants in these cases were contractors and sub-contractors.

cdm principal contractor

There have also been a high number of convictions under CDM involving the stability of structures (>8%).

There are also a significant amount (>5%) of prosecutions under Regulation 4 (Client Duties). This shows the importance of clients understanding what they need to do under CDM, and making sure they do it.

If you need help with your CDM duties, you can use our free CDM duty holder guides .

The 191 prosecutions used for the data in this blog post are listed on the HSE convictions register and the HSE convictions history register (see data below for a summary).

Some defendants were prosecuted for multiple breaches, each breach is listed as its own case in the HSE data.

This article was written by Emma at HASpod . Emma has over 10 years experience in health and safety and BSc (Hons) Construction Management. She is NEBOSH qualified and Tech IOSH.

Need CDM Help?

Get CDM support on your construction projects with our free guides and support packs for all duty holders.

Recent posts like this...

CDM 2015 Roles And Responsibilities image

CDM 2015 Roles And Responsibilities

The roles of client, principal designer, principal contractor, designers and contractors all have responsibilities under CDM. And so do workers. In this blog post, we will look at what these roles are, when they apply, and what you need to do.

What Is Pre-Construction Information? image

What Is Pre-Construction Information?

Pre-construction information is one of the first health and safety documents you will need on a construction project. This is a legally required document, required by the CDM regulations for every construction project.

25 CDM Regulation Questions Answered (FAQs) image

25 CDM Regulation Questions Answered (FAQs)

In this CDM FAQ, we've answered 25 of the most commonly asked questions about CDM. Along the way, you’ll find examples, resources, and tools to help you comply with CDM on your construction projects.

Spend less time on paperwork. Start with the free plan today.

  • Talk to Expert

7 Data Breach Examples Involving Human Error: Did Encryption Play a Role?

Posted on October 20, 2023 · 9 minute read ·  by   David Bisson

7 Data Breach Examples Involving Human Error: Did Encryption Play a Role? - cover graphic

Despite an overall increase in security investment over the past decade, organizations are still plagued by data breaches. What’s more, we’re learning that many of the attacks that result in breaches misuse encryption in some way. (By comparison, just four percent of data breaches tracked by Gemalto’s Breach Level Index were “secure breaches” in that the use of encryption rendered stolen data useless). Sadly, it’s often human error that allows attackers access to encrypted channels and sensitive information. Sure, an attacker can leverage “gifts” such as zero-day vulnerabilities to break into a system, but in most cases, their success involves provoking or capitalizing on human error.

Human error has a well-documented history of causing data breaches. The 2022  Global Risks Report  released by the World Economic Forum, found that 95% of cybersecurity threats were in some way caused by human error. Meanwhile, the  2022 Data Breach Investigations Report  (DBIR) found that 82% of breaches involved the human element, including social attacks, errors and misuse. 

I think it’s interesting to look at case studies on how human error has contributed to a variety of data breaches, some more notorious than others. I’ll share the publicly known causes and impacts of these breaches. But I’d also like to highlight how the misuse of encryption often compounds the effects of human error in each type of breach.

SolarWinds: Anatomy of a Supersonic Supply Chain Attack

SolarWinds: Anatomy of a Supersonic Supply Chain Attack

Data breach examples.

Here is a brief review of seven well-known data breaches caused by human error.

1. Equifax data breach—Expired certificates delayed breach detection

In the spring of 2017, the U.S. Department of Homeland Security's Computer Emergency Readiness Team (CERT) sent consumer credit reporting agency Equifax a notice about a vulnerability affecting certain versions of Apache Struts. According to former CEO Richard Smith, Equifax sent out a mass internal email about the flaw. The company’s IT security team should have used this email to fix the vulnerability, according to Smith’s testimony before the House Energy and Commerce Committee. But that didn’t happen. An automatic scan several days later also failed to identify the vulnerable version of Apache Struts. Plus, the device inspecting encrypted traffic was misconfigured because of a digital certificate that had expired ten months previously. Together, these oversights enabled a digital attacker to crack into Equifax’s system in mid-May and maintain their access until the end of July.

How encryption may become a factor in scenarios like this:  Once attackers have access to a network, they can install rogue or stolen certificates that allow them to hide exfiltration in encrypted traffic. Unless HTTPS inspection solutions are available and have full access to all keys and certificates, rogue certificates will remain undetected.

Impact:  The bad actor is thought to have exposed the personal information of 145 million people in the United States and more than 10 million UK citizens. In September 2018, the Information Commissioner’s Office  issued Equifax a fine of £500,000, the maximum penalty amount allowed under the Data Protection Act 1998, for failing to protect the personal information of up to 15 million UK citizens during the data breach.

2. Ericsson data breach—Mobile services go dark when the certificate expires

At the beginning of December 2018, a digital certificate used by Swedish multinational networking and telecommunications company Ericsson for its SGSN–MME (Serving GPRS Support Node—Mobility Management Entity) software expired. This incident caused outages for customers of various UK mobile carriers including O2, GiffGaff, and Lyca Mobile. As a result, a total of 32 million people in the United Kingdom alone lost access to 4G and SMS on 6 December. Beyond the United Kingdom, the outage reached 11 countries including Japan.

How encryption may become a factor in scenarios like this: Expired certificates do not only cause high-impact downtime; they can also leave critical systems without protection. If a security system experiences a certificate outage , cybercriminals can take advantage of the temporary lack of availability to bypass the safeguards.

Impact:  Ericsson restored the most affected customer services over the course of 6 December. The company also noted in a  blog post  that “The faulty software [for two versions of SGSN–MME] that has caused these issues is being decommissioned.”

3. LinkedIn data breach—Millions miss connections when the certificate expires

On 30 November, a certificate used by business social networking giant LinkedIn for its country subdomains expired. As reported by The Register , the incident did not affect www.linkedin.com, as LinkedIn uses a separate certificate for that particular domain. But the event, which involved a certificate issued by DigiCert SHA2 Secure Server CA, did invalidate us.linkedin.com along with the social media giant’s other subdomains. As a result, millions of users were unable to log into LinkedIn for several hours.

How encryption may become a factor in scenarios like this:  Whenever certificates expire, it may indicate that overall protection for machine identities is not up to par. Uncontrolled certificates are a prime target for cybercriminals who can use them to impersonate the company or gain illicit access.

Impact:  Later in the afternoon on 30 November, LinkedIn deployed a new certificate that helped bring its subdomains back online, thereby restoring all users’ access to the site.

4. Strathmore College data breach—Student records not adequately protected

In August 2018, it appears that an employee at Strathmore secondary college accidentally published more than 300 students’ records on the school’s intranet. These records included students' medical and mental health conditions such as Asperger’s, autism and ADHD. According to The Guardian , they also listed the exposed students’ medications along with any learning and behavioral difficulties. Overall, the records remained on Strathmore’s intranet for about a day. During that time, students and parents could have viewed and/or downloaded the information.

How encryption may become a factor in scenarios like this:  Encrypting access to student records makes it difficult for anyone who doesn’t have the proper credentials to access them. Any information left unprotected by encryption can be accessed by any cybercriminals who penetrate your perimeter.

Impact:  Strathmore’s principal said he had arranged professional development training for his staff to ensure they’re following best security practices. Meanwhile, Australia’s Department of Education announced that it would investigate what had caused the breach.

5. Veeam data breach—Customer records compromised by unprotected database

Near the end of August 2018, the Shodan search engine indexed an Amazon-hosted IP. Bob Diachenko, director of cyber risk research at Hacken.io, came across the IP on 5 September and quickly determined that the IP resolved to a database left unprotected by the lack of a password. The exposed database contained 200 gigabytes worth of data belonging to Veeam, a backup and data recovery company. Among that data were customer records including names, email addresses and some IP addresses.

How encryption may become a factor in scenarios like this:  Usernames and passwords are a relatively weak way of securing private access. Plus, if an organization does not maintain complete control of the private keys that govern access for internal systems, attackers have a better chance of gaining access.

Impact:  Within three hours of learning about the exposure, Veeam took the server offline. The company also reassured  TechCrunch  that it would “conduct a deeper investigation and… take appropriate actions based on our findings.”

6. Marine Corps data breach—Unencrypted email misfires

At the beginning of 2018, the Defense Travel System (DTS) of the United States Department of Defense (DOD) sent out an unencrypted email with an attachment to the wrong distribution list. The email, which the DTS sent within the usmc.mil official unclassified Marine domain but also to some civilian accounts, exposed the personal information of approximately 21,500 Marines, sailors and civilians. Per Marine Corp Times , the data included victims’ bank account numbers, truncated Social Security Numbers and emergency contact information.

How encryption may become a factor in scenarios like this:  If organizations are not using proper encryption, cybercriminals can insert themselves between two email servers to intercept and read the email. Sending private personal identity information over unencrypted channels essentially becomes an open invitation to cybercriminals.

Impact:  Upon learning of the breach, the Marines implemented email recall procedures to limit the number of email accounts that would receive the email. They also expressed their intention to implement additional security measures going forward.

7. Pennsylvania Department of Education data breach—Misassigned permissions

In February 2018, an employee in Pennsylvania’s Office of Administration committed an error that subsequently affected the state’s Teacher Information Management System (TIMS). As reported by PennLive , the incident temporarily enabled individuals who logged into TIMS to access personal information belonging to other users including teachers, school districts and Department of Education staff. In all, the security event is believed to have affected as many as 360,000 current and retired teachers.

How encryption may become a factor in scenarios like this: I f you do not know who’s accessing your organization’s information, then you’ll never know if it’s being accessed by cybercriminals. Encrypting access to vital information and carefully managing the identities of the machines that house it will help you control access.

Impact:  Pennsylvania’s Department of Education subsequently sent out notice letters informing victims that the incident might have exposed their personal information including their Social Security Numbers. It also offered a free one-year subscription for credit monitoring and identity protection services to affected individuals.

How machine identities are misused in a data breach

Human error can impact the success of even the strongest security strategies. As the above attacks illustrate, this can compromise the security of machine identities in numerous ways. Here are just a few:

  • SSH keys grant privileged access to many internal systems. Often, these keys do not have expiration dates. And they are difficult to monitor. So, if SSH keys are revealed or compromised, attackers can use them to pivot freely within the network.
  • Many phishing attacks leverage wildcard or rogue certificates to create fake sites that appear to be authentic. Such increased sophistication is often required to target higher-level executives.
  • Using public-key encryption and authentication in the two-step verification makes it harder to gain malicious access. Easy access to SSH keys stored on computers or servers makes it easier for attackers to pivot laterally within the organization.
  • An organization’s encryption is only as good as that of its entire vendor community. If organizations don’t control the keys and certificates that authenticate partner interactions, then they lose control of the encrypted tunnels that carry confidential information between companies.
  • If organizations are not monitoring the use of all the keys and certificates that are used in encryption, then attackers can use rogue or stolen keys to create illegitimate encrypted tunnels. Organizations will not be able to detect these malicious tunnels because they appear to be the same as other legitimate tunnels into and out of the organization.

How to avoid data breaches

The best way to avoid a data breach to make sure your organization is using the most effective, up-to-date security tools and technologies. But even the best cybersecurity strategy is not complete unless it is accompanied by security awareness training for all who access and interact with sensitive corporate data. 

Because data breaches take many different forms and can happen in a multitude of ways, you need to be ever vigilant and employ a variety of strategies to protect your organization. These should include regular patching and updating of software, encrypting sensitive data, upgrading obsolete machines and enforcing strong credentials and multi-factor authentication.

In particular, a zero-trust architecture will give control and visibility over your users and machines using strategies such as least privileged access, policy enforcement, and strong encryption. Protecting your machine identities as part of your zero trust architecture will take you a long way toward breach prevention. Here are some machine identity management best practices that you should consider: 

  • Locate all your machine identities.  Having a complete list of your machine identities and knowing where they’re all installed, who owns them, and how they’re used will give you the visibility you need to ensure that they are not being misused in an attack.
  • Set up and enforce security policies.  To keep your machine identities safe, you need security policies that help you control every aspect of machine identities — issuance, use, ownership, management, security, and decommissioning. 
  • Continuously gather machine identity intelligence.  Because the number of machines on your network is constantly changing, you need to maintain intelligence their identities, including the conditions of their use and their environment. 
  • Automate the machine identity life cycle.  Automating he management of certificate requests, issuance, installation, renewals, and replacements helps you avoid error-prone manual actions that may leave your machine identities vulnerable to outage or breach. 
  • Monitor for anomalous use.  After you’ve established a baseline of normal machine identity usage, you can start monitoring and flagging anomalous behavior, which can indicate a machine identity compromise.
  • Set up notifications and alerts.  Finding and evaluating potential machine identity issues before they exposures is critical. This will help you take immediate action before attackers can take advantage of weak or unprotected machine identities.
  • Remediate machine identities that don’t conform to policy.  When you discover machine identities that are noncompliant, you must quickly respond to any security incident that requires bulk remediation.

Training your users about the importance of machine identities will help reduce user errors. And advances in AI and RPA will also play a factor in the future. But for now, your best bet in preventing encryption from being misused in an attack on your organization is an automated machine identity management solution that allows you to maintain full visibility and control of your machine identities. Automation will help you reduce the inherent risks of human error as well as maintain greater control over how you enforce security policies for all encrypted communications. 

( This post has been updated. It was originally published Posted on October 15, 2020. ) 

Related posts

  • Marriott Data Breach: 500 Million Reasons Why It’s Critical to Protect Machine Identities
  • Breaches Are Like Spilled Milk: It Doesn’t Help to Cry
  • The Major Data Breaches of 2017: Did Machine Identities Play a Factor?

David Bisson - profile photo

  • Data Breach

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals and get top blogs delivered to your inbox every week.

Health care data breaches hit 1 in 3 Americans last year: Is your data vulnerable?

health and safety breach case study

Patients were inundated with spam texts and other annoyances after the massive HCA Healthcare data hack disclosed last July compromised the records of more than 11 million people.

A Florida resident learned through a credit monitoring service that his personal information had turned up on dark web forums. He had to swap out credit and debit cards after fraudulent charges surfaced, according to a federal lawsuit.

A Richmond, Virginia, mom, who'd given birth to triplets in September 2022, received data breach notices addressed to herself and one of her three infants. Since then, she’s received “suspicious medical bills” the hospital has been unable to explain, according to the same class action suit.

The HCA theft was the largest hospital breach in 2023, a year in which about 1 in 3 Americans were affected by health-related data breaches. The number of attacks has surged in recent years . They've typically been carried out by organized hackers, often operating overseas, who target the computer systems of health providers and the vendors and companies that serve them. Most of the largest hacks targeted vendors who bill, mail or provide other services for hospitals, doctors and other health providers.

Last year, a record 133 million health records were exposed in data breaches mainly carried out by hackers who've attacked health providers and their vendors, infiltrated computer systems and demanded ransom or other payments. An average of two health data hacks or thefts of at least 500 records were carried out daily last year in the United States, according to an analysis by The HIPAA Journal .

The health care industry has sought to bolster its defenses against these sophisticated hacks with some success.

These now-routine attacks can hassle consumers and their families must monitor their credit histories with credit-reporting agencies. In the worst cases, bad actors use or sell personal identifying information to credit and debit card fraudsters who open accounts in the victims' names, leaving a digital trail that can take years for victims to clear.

The HCA theft targeted an external storage system for the Nashville, Tennessee-based company, a hospital chain with locations in 20 states. This system contained patient names, addresses, emails, phone numbers, dates of birth and genders of patients along with dates and locations they'd received service. No health data, such as diagnoses or conditions, was stolen, HCA officials said.

Attorneys for 15 victims said in court documents filed Feb. 2 at the U.S. District Court in Nashville that they "seek to hold HCA responsible" for the data hack "due to its impermissibly inadequate data security measures."

HCA has not yet responded to the filing, which seeks class-action status, but a representative said the health provider would respond in court. The official defended the hospital chain's efforts to improve its cyber defenses.

"HCA Healthcare has several robust security strategies, systems and protocols in place to help protect data," said Harlow Sumerford, HCA's spokesperson. "Not publicly discussing the details of our security measures is part of our overall protection strategy."

Sabita Soneji, one of the lawyers representing HCA patients whose identifying information was accessed, said the victims have "good reason to be worried" because the breach puts them at risk for identity theft, fraud and scams.

"If you're going to be in the business of collecting (personal) data, you better take care of it," Soneji said.

Health care hacks set new record in 2023

Government regulators who enforce data privacy laws have tracked a record number of major data hacks.

Health care providers, health plans and other entities covered by the Health Insurance Portability and Accountability Act, or HIPAA, must notify the Department of Health and Human Services and individuals if their health information has been breached.

The HHS Office of Civil Rights, which oversees how companies protect health data, requires that health providers report breaches of protected health information. The agency investigates whether the breaches involve violations of health information privacy and security laws and publicly reports attacks that affect 500 or more on its website .

Last year, HHS reported the highest number ever of major health data hacks: 725, and people impacted by those hacks: 133 million. Those numbers eclipsed the previous record in 2015 when hackers targeted the health insurance giant Anthem. The Anthem attack remains the largest-ever health data breach . In that electronic heist, hackers accessed names, Social Security and medical identification numbers, addresses, dates of birth, emails and employment information of more than 78 million people.

Experts say last year's figures show the changing nature of such attacks, as hackers increasingly target businesses that handle health information but don't provide direct care to patients.

Of the top 20 hacks in which 1 million or more records were accessed last year, the vast majority targeted businesses that provide services to hospitals and health providers, said John Riggi, the American Hospital Association’s national adviser for cybersecurity and risk.

Perry Johnson & Associates (PJ&A), a Henderson, Nevada, company that transcribes medical notes on behalf of hospitals, doctors and other health providers, reported a data breach last year that affected nearly 9 million, according to a November filing with HHS.

However, other notices suggest the PJ&A data breach might be larger. That hack breached information from health providers such as Northwell Health of New York, Concentra Health Services of Texas and Cook County Health .

In an updated notice filed this month with the Maine attorney general, PJ&A said the data hack spanned from March 27 through May 2 and affected the records of 13.3 million people, which would make it the largest hack of 2023.

New York Attorney General Letitia James urged 4 million New York City and Syracuse-area residents affected by the PJ&A breach to take steps such as credit monitoring and placing a fraud alert on credit reports. She also encouraged affected individuals to obtain copies of their medical records, contest unrecognized medical bills and inform their health insurers about the hack.

PJ&A representatives did not respond on Friday to questions from USA TODAY about the hack.

Riggi, of the American Hospital Association, said third-party data breaches are particularly challenging for hospitals and other health providers to police. HIPAA requires that hospitals and health providers ensure that the companies handling their health records do so in a secure manner.

"It's virtually impossible in this day and age of highly complex networks and software to ensure our third parties meet all the security standards," Riggi said. "Hospitals don't have control or visibility into their networks. We have to take their word that they patched their liability."

Even Medicare was targeted by hackers

The federal, state and local government has not been immune to such data intrusions. Last July, the Centers for Medicare & Medicaid Services announced a breach that compromised the records of 2.3 million beneficiaries. The hack targeted MOVEit Transfer, a software program by the computer network of the Medicare contractor Maximus Federal Services Inc.

The MOVEit Transfer software hack was first disclosed by the software manufacturer Progress Software Corp. The hack ultimately affected tens of millions of people across more than 2,000 companies, government agencies and universities, according to an analysis by the data security company Emsisoft.

Federal investigators determined that a Russian ransomware group called Clop was able to exploit a vulnerability in the MOVEit software program in a wide-ranging attack.

"Through that one vulnerability across government and all types of private sector industries, including health care, they were able to access millions and millions of health care records," Riggi said.

Ransomware organizations wreaking havoc

These organized hacks are often carried out by criminal organizations seeking to profit from these attacks.

In recent years, hackers have disrupted hospital and health care systems in ransomware attacks. As the name implies, hackers take control of a hospital's data systems and demand a ransom payment for the return of control. Ransomware attacks more than doubled from 2016 through 2021, according to a study published in JAMA Health Forum .

Criminal organizations are also branching out and trying new strategies to make money, said Charles Henderson, global head of IBM Security X-Force, which provides threat intelligence and data security services.

Among their tactics: They demand ransom, threatening to release or sell personal identifying information of a health system's patients.

"They're figuring out that certain monetization strategies are more lucrative than others," Henderson said.

Other cybersecurity experts said the health care industry has been a popular target because it has transformed from a pen-and-paper orders and records to one that increasingly relies on software systems for electronic health records and remote communication with advent of telehealth services.

The hackers likely have view hospitals and doctors – and especially vendors who serve these health providers – as "soft targets," said Anurag Lal, president & CEO of Infinite Convergence Solutions, which provides secure messaging services.

While the health care industry has been slow to make the type of investment in computer security necessary to repel hackers, Lal said, there are signs the industry is catching up: "The hospitals and health care entities that recognize (modern hacking threats), understand it and get up and do something about it are the ones who will be in the best position to get past this current situation."

Ken Alltucker is on X, formerly Twitter, at @kalltucker, or can be emailed at [email protected] .

Analysis of Uncertainty and Sensitivity in Tailings Dam Breach-Runout Numerical Modelling

标题: 尾矿坝溃坝流动数值模拟的不确定性与敏感性分析

Analyse von Unsicherheit und Sensitivität bei der numerischen Modellierung des Ablaufs nach Tailings-Dammbrüchen

Análisis de la incertidumbre y la sensibilidad en la modelización numérica de rotura-desbordamiento de presas de relaves

  • Technical Article
  • Open access
  • Published: 21 February 2024

Cite this article

You have full access to this open access article

  • Negar Ghahramani   ORCID: orcid.org/0000-0001-8941-1233 1 , 2 ,
  • Daniel A. M. Adria 1 , 3 ,
  • Nahyan M. Rana 4 ,
  • Marcelo Llano-Serna 5 ,
  • Scott McDougall 1 ,
  • Stephen G. Evans 6 &
  • W. Andy Take 7  

Tailings dam breaches (TDBs) and subsequent flows can pose significant risk to public safety, the environment, and the economy. Numerical runout models are used to simulate potential tailings flows and understand their downstream impacts. Due to the complex nature of the breach-runout processes, the mobility and downstream impacts of these types of failures are highly uncertain. We applied the first-order second-moment (FOSM) methodology to a database of 11 back-analyzed historical tailings flows to evaluate uncertainties in TDB runout modelling and conducted a sensitivity analysis to identify key factors contributing to the variability of the HEC-RAS model output, including at different locations along the runout path. The results indicate that prioritizing resources toward advancements in estimating the values of primary contributors to the sensitivity of the selected model outputs is necessary for more reliable model results. We found that the total released volume is among the top contributors to the sensitivity of modelled inundation area and maximum flow depth, while surface roughness is among the top contributors to the sensitivity of modelled maximum flow velocity and flow front arrival time. However, the primary contributors to the sensitivity of the model outputs varied depending on the case study; therefore, the selection of appropriate rheological models and consideration of site-specific conditions are crucial for accurate predictions. The study proposes and demonstrates the FOSM methodology as an approximate probabilistic approach to model-based tailings flow runout prediction, which can help improve the accuracy of risk assessments and emergency response plans.

尾矿坝溃坝 (TDBs)及后续流量对公共安全、环境和经济造成重大威胁。用数值流动模型模拟潜在尾矿流并了解其下游的影响。由于溃坝流动过程的复杂性, 这类故障的流动性和下游影响是极不确定的。我们将一次二阶矩(FOSM)方法应用到包含11个经过回溯分析的历史尾矿流数据库, 以此来评估TDB流动模型的不确定性, 并进行敏感性分析, 以确定HEC-RAS模型输出 (包括流动路径的不同位置) 变化的关键因素。结果表明, 为了获得更可靠的模型结果, 有必要优先将资源用于估算对所选模型输出的敏感性的贡献值。我们发现总释放量对模拟淹没面积和最大水流深度的敏感性的贡献值最大, 而表面粗糙度对影响模拟水流最大流速和峰值到达时间的敏感性的贡献值最大。然而对模型输出的敏感性的主要贡献因案例研究而异; 因此选择合适的流动模型并考虑具体地点的条件是准确预测的关键。该研究提出并论证了FOSM方法作为基于模型的尾矿流流动预测的近似概率方法, 有助于提高风险评估和应急计划的准确性。

Zusammenfassung

Tailings-Dammbrüche (TDBs) und nachfolgende Abflüsse können ein erhebliches Risiko für die öffentliche Sicherheit, die Umwelt und die Wirtschaft darstellen. Numerische Abflussmodelle werden verwendet, um potenzielle Verlagerungen der Tailings zu simulieren und ihre Auswirkungen auf stromabwärts gelegene Bereiche zu verstehen. Aufgrund der Komplexität der Abflussprozesse sind die Mobilität und die stromabwärts gerichteten Auswirkungen solcher Dammbrüche mit großer Unsicherheit verbunden. In der vorliegenden Studie wurde die FOSM-Methode (First-order-second-moment) auf eine Datenbank mit 11 historischen Tailings-Abflüssen angewendet, um die Unsicherheiten bei der Modellierung des TDB-Auslaufs zu bewerten, und eine Sensitivitätsanalyse durchgeführt, um Schlüsselfaktoren für die Variabilität der HEC-RAS-Modellausgabe zu identifizieren – auch an verschiedenen Stellen entlang des Fließpfades. Die Ergebnisse deuten darauf hin, dass eine Priorisierung der Ressourcen auf die Verbesserung der Schätzung der Werte der wichtigsten Faktoren, die zur Empfindlichkeit der ausgewählten Modellergebnisse beitragen, für zuverlässigere Modellergebnisse notwendig ist. Dabei zeigte sich, dass das freigesetzte Gesamtvolumen mit am stärksten zur Sensitivität der modellierten Überschwemmungsfläche und der maximalen Fließtiefe beiträgt, während die Oberflächenrauhigkeit mit am stärksten zur Sensitivität der modellierten maximalen Fließgeschwindigkeit und der Ankunftszeit der Fließfront beiträgt. Die wichtigsten Faktoren für die Sensitivität der Modellergebnisse können jedoch je nach Fallstudie variieren; folglich sind die Auswahl geeigneter rheologischer Modelle und die Berücksichtigung standortspezifischer Bedingungen entscheidend für genaue Vorhersagen. Die Anwendung der FOSM-Methode als approximativer probabilistischer Ansatz für die modellgestützte Vorhersage des Auslaufens von Tailings zeigt, dass diese dazu beitragen kann, die Genauigkeit von Risikobewertungen und Notfallplänen zu verbessern.

Las roturas de presas de relaves (TDBs) y los flujos subsiguientes pueden suponer un riesgo significativo para la seguridad pública, el medio ambiente y la economía. Los modelos numéricos de desbordamiento se utilizan para simular posibles flujos de relaves y comprender su impacto aguas abajo. Debido a la naturaleza compleja de los procesos de rotura-desbordamiento, la movilidad y los impactos aguas abajo de este tipo de fallos tienen mucha incertidumbre. Se aplicó la metodología del segundo-momento de primer-orden (FOSM) a una base de datos de 11 flujos históricos de relaves analizados retrospectivamente para evaluar las incertidumbres en la modelización del desbordamiento de TDB y se realizó un análisis de sensibilidad para identificar los factores clave que contribuyen a la variabilidad de los resultados del modelo HEC-RAS, incluso en diferentes ubicaciones a lo largo de la trayectoria de fuga. Los resultados indican que es necesario priorizar los recursos hacia avances en la estimación de los valores de los principales contribuyentes a la sensibilidad de los resultados del modelo seleccionado para obtener resultados más fiables del modelo. El volumen total liberado se encuentra entre los principales contribuyentes a la sensibilidad del área de inundación modelizada y la profundidad máxima del flujo, mientras que la rugosidad de la superficie se encuentra entre los principales contribuyentes a la sensibilidad de la velocidad máxima del flujo modelizado y el tiempo de llegada del frente de flujo. Sin embargo, los principales factores que contribuyen a la sensibilidad de los resultados del modelo varían dependiendo del caso de estudio; por lo tanto, la selección de modelos reológicos apropiados y la consideración de las condiciones específicas del emplazamiento son cruciales para obtener predicciones precisas. El estudio propone y muestra la metodología FOSM como un enfoque probabilístico aproximado para la predicción de la extensión de flujos de relaves basada en modelos, que puede ayudar a mejorar la precisión de las evaluaciones de riesgos y los planes de respuesta a emergencias.

Avoid common mistakes on your manuscript.

Introduction

Tailings dam breaches (TDBs) and subsequent downstream tailings flows can pose significant risk to public safety, the environment, and the economy (Blight 2009 ; Ghahramani et al. 2020 ; Rana et al. 2021a ; Santamarina et al. 2019 ). Runout models have been used to simulate the behaviour and characteristics of potential tailings flows, including inundation area, runout distance, flow velocity, flow depth, and arrival time (Ghahramani et al. 2022 ; Martin et al. 2019 ; Pirulli et al. 2017 ). Researchers use TDB runout modelling to understand the complex physical mechanisms and the downstream impacts of tailings flows in diverse terrains, whereas mine owners and industry consultants rely on the results of TDB analyses (TDBAs) to assign consequence classifications and develop emergency response plans (Canadian Dam Association (CDA) 2021 ).

A recent benchmarking study by Ghahramani et al. ( 2022 ), involving four numerical models commonly used in TDBAs, indicated a high level of uncertainty in model inputs. Some of these uncertainties were attributed to incomplete site-specific observational data and laboratory and in-situ measurements, the resulting challenges associated with selecting proper input parameters (e.g. the estimation of released volume/hydrograph and the selection of rheological models and their associated parameters), and the subjectivity in the model calibration process. The study highlighted the need for additional back-analysis of historical tailings flows to better understand and quantify the sensitivities of output variables in modelling results, and the importance of developing a systematic probabilistic approach for runout analysis in TDBA practice (Ghahramani et al. 2022 ). The CDA ( 2021 ) TDBA guidelines also list additional sources of uncertainties in topographic data quality, failure modes, and triggering factors.

High levels of uncertainty in input variables (e.g. total released volume, rheological parameters, surface roughness, breach parameters) can in turn lead to high uncertainty in output variables (e.g. runout distance, inundation area, flow velocity). The uncertainty in model outputs is quantified by studying the distribution of possible outcomes with respect to the uncertainty in input parameters. This type of uncertainty analysis is useful when evaluating the reliability and accuracy of model results and has been a practice for decades in various engineering activities, such as structural, geotechnical, hydraulic, aerospace, and manufacturing processes (e.g. Baecher and Christian 2005 ; Burges and Lettenmaier 1975 ).

Identifying the dominant controls of the uncertainty in modelling results can help determine which inputs require further consideration and/or higher investments in time/budget. One method to achieve this is a sensitivity analysis, the aim of which is to investigate how changes in input variables affect the output results (Borgonovo and Plischke 2016 ; Razavi et al. 2021 ). Uncertainty and sensitivity analyses are related, but have different meanings and purposes. Figure  1 illustrates the concept of uncertainty and sensitivity measures and the distinction between them. Together, uncertainty and sensitivity analyses can help the modeller understand, enhance, and communicate the quality and reliability of the model outcomes to support well-informed decision-making.

figure 1

Framework illustration of numerical model uncertainty and sensitivity analyses and distinctions between them. Box ( a ) displays a numerical model with its input and output variables. Box ( b ) illustrates the results of uncertainty analysis, which provides the distribution of possible outcomes with respect to the uncertainty in input parameters while box c) illustrates the results of sensitivity analysis, which identifies the dominant controls of the uncertainty in modelling results

To quantify uncertainty, probabilistic methods such as first-order second-moment (FOSM) (Baecher and Christian 2005 ; Lee and Mosalam 2005 ; Llano-Serna et al. 2018 ; Kim et al. 2020 ; Nadim 2007 ) and Monte Carlo simulations (MCS) (Kleijnen 1995 ; Razavi et al. 2021 ; Tonkin and Doherty 2009 ) have become popular. The FOSM method has been shown to be a computationally efficient tool in different engineering applications where more computationally expensive methods, such as MCS, are not possible (e.g. Kunstmann and Kinzelbach 2000 ; Kunstmann et al. 2002 ; Nadim 2007 ; Wang and Hsu 2009 ). This method approximates the mean and variance of a model output variable of interest as a function of the mean and variance of the input factors and their correlations (Baecher and Christian 2005 ). An advantage of the FOSM method is that it can provide the uncertainties of an output variable from each input variable separately and/or by considering all input variables together (Kim et al. 2020 ). This method has been used for uncertainty quantification in water quality modelling and groundwater modelling (Dettinger and Wilson 1981 ; Kunstmann and Kinzelbach 2000 ; Kunstmann et al. 2002 ; Wang and Hsu 2009 ), for the analysis of the probability of geotechnical failure and potential consequences (Baecher and Christian 2005 ; Kim et al. 2020 ; Nadim 2007 ), and to investigate the sensitivity of the seismic demand of a structure to potential future earthquakes (Lee and Mosalam 2005 ). This track record of success in related problems made the FOSM method a promising candidate to capture the uncertainty in TDB runout modelling in this study.

Scope and Objectives

Various hydraulic modelling and landslide runout modelling tools are available for TDBAs (Canadian Dam Association (CDA) 2021 ; Ghahramani et al. 2022 ; McDougall 2017 ). The entire breach-runout process in a tailings dam is complex and strongly dependent on site-specific conditions, and the physical mechanisms of tailings flows remain poorly understood. As such, simplifications are made at almost every stage of the model development, from the mathematical differential equations to the initial and boundary conditions. In addition, there is uncertainty associated with the estimation of the model inputs. As a result, there are different sources of uncertainty associated with numerical models (Ghahramani et al. 2022 ; Martin et al. 2022 ; Pirulli et al. 2017 ). To the best of our knowledge, only one recent study (Melo and Eleutério 2023 ) has investigated the sensitivity of tailings dam breach inundation mapping to rheological parameters through a probabilistic approach and those authors highlighted the lack of research on probabilistic approaches, particularly for TDBAs.

To address this gap, we used a database of 11 back-analyzed tailings flow cases to assess the uncertainties in TDB runout modelling using the FOSM method. The Hydrologic Engineering Centre’s River Analysis System (HEC-RAS) numerical model, developed as a publicly accessible tool by the U.S. Army Corps of Engineers, was used for the back-analysis (Adria 2022 ; Brunner 2020 ). The main objectives of this study were to: (1) identify the primary contributors to the sensitivity of key model outputs (inundation area, maximum flow velocity, maximum flow depth, and front flow arrival time) among the selected input variables (total released volume, yield stress, viscosity, surface roughness, breach width, and breach formation time), (2) study the variation of sensitivity estimates along the flow runout path, and (3) investigate the applicability of the FOSM method for probabilistic runout modelling in prediction applications.

Methodology

The fosm method.

The FOSM approach is a numerical probabilistic method in which the mean and variance of the model output variables can be estimated by the first-order approximation of a Taylor series expansion, using the mean and variance of the input variables (Baecher and Christian 2005 ; Nadim 2007 ). If the number of uncertain input variables is n , this method requires either evaluating \(n\) partial derivatives of the performance function or performing a numerical approximation using evaluations at \(2n+1\) points. We used the latter approach in this study. For an output function \(Z={f}_{\left({X}_{1},{X}_{2}, \dots {X}_{n}\right)}\) , in which \({X}_{1},{X}_{2}, \dots {X}_{n}\) are random variables, using the first-order approximation, the mean, μ z , and variance, σ z 2 , of the function Z, become:

where: \({\mu }_{{X}_{i}}\) and \({\sigma }_{{X}_{i}}\) 2 are the means and the variances of model inputs for \(i=1, 2,\dots ,n\) , \(n\) is the number of inputs, and \(COV({X}_{i},{X}_{j})\) is the covariance between input variables \({X}_{i} {\text{and}} {X}_{j}\) . If it is assumed that the variables are uncorrelated, the second term on the right side of Eq.  2 vanishes (Baecher and Christian 2005 ; Nadim 2007 ).

Although FOSM is a linearization technique, it can be applied to models with non-linear output functions. The FOSM method linearizes the non-linear output function by approximating it as a Taylor series expansion around the mean values of the input variables. Therefore, it assumes that the output can be locally approximated as a linear function near the mean values of the input variables (Lee and Mosalam 2005 ).

Output Variables

The output variables of TDB runout modelling represent the simulated characteristics of the tailings flow downstream of the breach. For a FOSM analysis, four main outputs are studied: inundation area, maximum flow velocity, maximum flow depth, and flow front arrival time. The output values of the last three variables are measured at 50% of the observed Zone 1 runout distance, which is defined as “the extent of the main solid tailings deposit, which is characterized by remotely visible or field-confirmed sedimentation, above typical bankfull elevations if extending into downstream river channels” (Ghahramani et al. 2020 ).

Input Variable Statistics

In this study, the following six input variables were selected: total released volume, yield stress, viscosity, surface roughness, breach width (considering a trapezoidal breach shape), and breach formation time. Detailed definitions of breach geometry and breach formation time are provided in Wahl ( 1998 ) and Froehlich ( 2008 ). The conventions are adopted from water-retaining dam breach practice, as they were found to be generally suitable for tailings dam breaches by Adria et al. ( 2023a ). Breach formation time is only used for erosional breach case studies that typically involve overtopping or piping/seepage with a relatively large volume of supernatant pond and a long breach duration. In reality, some of these inputs might be correlated (e.g. a wider breach can release more tailings and higher yield stress values are typically associated with higher viscosity values). However, in the HEC-RAS numerical model, the six selected inputs are formulated independently and are manually assigned, and therefore are not correlated. In other words, adjusting the breach width value in HEC-RAS does not affect the value for the outflow volume, or adjusting the yield stress value does not affect the viscosity value. Input variables that can be correlated to other inputs in the HEC-RAS model, such as solid concentration, were not considered in this study. For example, as part of the quadratic rheology within the numerical model, yield stress and viscosity are both a function of solid concentration. The best-fit (calibrated) input values that are estimated in the case study back analyses (described in the “Tailings flow back-analyses” section) are set to be the mean of the model inputs ( \({\mu }_{{X}_{i}})\) and their output results are represented by the mean values ( \({\mu }_{Z})\) of the model outputs. Other programs or modelling tools used in TDBAs may treat input values differently than HEC-RAS.

There are two ways to estimate the variance, \({\sigma }_{Z}^{2}\) , of the output function Z : i) if the function \({f}_{\left({X}_{1},{X}_{2}, \dots {X}_{n}\right)}\) is tractable, the function can be differentiated to give a closed-form expression for the variance of \({f}_{\left({X}_{1},{X}_{2}, \dots {X}_{n}\right)}\) or ii) more commonly, it is not possible to differentiate the function directly; therefore, the partial derivatives must be obtained through numerical approximation approaches (Baecher and Christian 2005 ). In this application, since the form of function Z is unknown, the second approach is used to approximate the partial derivatives with the central differences method. To find the partial derivative for each best-fit input variable, the best-fit input value is increased and decreased by a small increment (± 10% was used in this study), while the rest of the variables are kept constant. The differences between the resulting output values are then calculated and divided by the differences between the increased and decreased input values. This can be represented mathematically as follows:

where \({\varepsilon }_{i}\) is ± 10% of the best-fit value for the particular input.

To compute Eq.  2 , an estimate of the variance of the model inputs is also needed. To achieve this, the standard deviation and the mean values of selected variables were estimated statistically using data from available databases. For the total released volume and breach width, data from 41 TDB cases and 36 TDB cases, respectively, were collected from Rana et al. ( 2021b ). Since the total released volume is a portion of the total impoundment volume, the ratio of the total released volume to the total impoundment volume was used to estimate of the mean and standard deviation. For the breach width statistics, the top breach width data from Rana et al. ( 2021b ) were used, and for the FOSM analysis, the side slopes were kept constant. For the surface roughness, 74 data points from Chow ( 1959 ) were used. For the breach formation time statistics, 27 water retaining dam failures were compiled from Wahl ( 1998 ) and Wahl ( 2014 ). Ghahramani et al. ( 2022 ) and Adria ( 2022 ) showed that the numerical rheological parameter values do not necessarily correspond with the measured rheological parameter values. However, in the absence of sufficient calibrated yield stress and viscosity data from the numerical back-analysis of historical cases, a tailings rheology database from Martin et al. ( 2022 ) was used as a first order approximation for estimating the mean and standard deviation of rheological parameters. Using the rheology database, the yield stress and viscosity data were classified with respect to the volumetric solid concentration ranges and their means and standard deviations were estimated for each range. Then, the coefficients of variation (CoV) of input variables were calculated as the ratio of their standard deviation to their mean values. Tables 1 , 2 , 3 present the input variables with their estimated CoV values. A greater CoV indicates greater dispersion around the mean value. Finally, the standard deviation of a model input can be estimated for each case study individually, by multiplying the best-fit value (mean) of the model input and estimated CoVs.

Sensitivity and Uncertainty Estimates of Model Outputs

A type of sensitivity analysis can be carried out using differentiation-based methods (Borgonovo and Plischke 2016 ). The FOSM methodology enables estimation of the gradient of the output variables with respect to the input variables, due to small local changes in model inputs. Therefore, the partial derivatives in Eq.  2 become natural sensitivity estimates. Since the partial derivative of each input has different units from one another, we use the equation provided by Borgonovo and Plischke ( 2016 ), in which the sensitivity measures ( D i ) are normalized and can be ranked (Eq.  4 ). The result of this sensitivity analysis can be used to identify the primary contributors to the uncertainty in model outputs. The uncertainty measure (CoV Z ) of each output is estimated as the ratio of the standard deviation to the mean value, which is called the coefficient of variation of the output variable (Eq.  5 ).

where \({X}_{i}\) is the input variable and n is the number of inputs. This fraction quantifies how the resulting output value changes with a particular input variable relative to the total change in the output variable.

where \({\sigma }_{Z}\) and \({\mu }_{Z}\) are the standard deviation and mean of model output, respectively. The estimated standard deviation and mean of each output are obtained from the FOSM results.

In this study, the sensitivity analysis was divided into two parts. For the first part, the 50% runout distance of Zone 1 was selected for all local model sensitivity estimates as a consistent relative location to compare all events for maximum flow velocity, maximum flow depth, and flow front arrival time. For the second part, the variation of sensitivity estimates was investigated at 10%, 25%, 50%, 75%, and 90% of the Zone 1 runout distance.

Tailings Flow Back-Analysis

HEC-RAS is an open-access software package that was originally developed by the U.S. Army Corps of Engineers (USACE) for water resource engineering and open-channel hydraulic analysis (Adria 2022 ; Brunner 2020 ; Gibson et al. 2021 , 2022 ). HEC-RAS 2D is a depth-integrated two-dimensional model that uses the finite volume numerical method. It is capable of dam breach-runout modelling, erosion and sediment transport simulations, and water quality analyses (Brunner 2020 ). Version 6.1 of HEC-RAS 2D (the most current version at the time of this work) was used in this work due to its popular application in dam breach-runout modelling and flood risk management studies, and its demonstrated capability of modelling both Newtonian and non-Newtonian flow types (Adria 2022 ; Brunner 2020 ; Gibson et al. 2021 ). There are four selectable options of rheological models for non-Newtonian flow simulations: Bingham, Quadratic, Herschel-Bulkley, and Voellmy.

Back-Analyzed Case Studies

The back-analyses of the 11 historical cases that we used as baseline models in the FOSM analysis are detailed in Adria ( 2022 ). The original database is provided in an open-access data repository hosted at Borealis (Adria et al. 2023b ). These cases are selected based on the availability of information on the pre-and post-failure site and tailings characteristics. Classifying the case studies based on the type of breach process (CDA 2021 ), there are three erosional breach and eight non-erosional breach case studies (Table  4 ). Overtopping and piping/seepage type of failure mechanisms commonly involve an erosional breach process with a relatively large volume of supernatant pond and a long breach duration, from several minutes to hours. The non-erosional breach processes involve near-instantaneous collapses and have characteristics other than the erosional breaches mentioned above (CDA 2021 ). In Table  4 , the Tapo Canyon Event 1 refers to the viscous section of the Tapo Canyon tailings flow and the Cadia Event 2 refers to the secondary liquefaction event, which occurred on March 11, 2018; more details are provided in Adria ( 2022 ).

The topographic data used in the models consisted of a mix of publicly available and commercial sources, with additional manual modifications as needed. The breach characteristics and outflow volumes for each event were previously compiled in Adria ( 2022 ), Ghahramani et al. ( 2020 ), and Rana et al. ( 2021a ). The yield stress and viscosity in the quadratic rheological model were calibrated in two steps. First, the modelled inundation area was compared to the observed inundation area as mapped by Ghahramani et al. ( 2020 ) and Rana et al. ( 2021a ) using a quantitative method developed by Heiser et al. ( 2017 ). The modelled results were then compared to available observations of arrival time and runout depth within the inundation area to further refine the calibrated yield stress and viscosity. The quadratic rheological model as implemented in HEC-RAS also uses a third term that relates shear stress to strain-rate squared, to simulate dispersive effects. The coefficient for the dispersive term is calculated with a combination of theoretical, empirical, and measurable sediment characteristics (e.g. particle diameter). Only the particle diameter was varied in Adria ( 2022 ) based on available data for each event. The calculated dispersive coefficients between all events ranged from 1.1 × 10 –5 to 6.1 × 10 –2 , which aligns with the findings of Julien and Lan ( 1991 ). The surface roughness was defined with spatially varied Manning’s n values based on the land cover observed on satellite/aerial imagery, as well as guidance in Arcement and Schneider ( 1989 ) and Janssen ( 2016 ), but it was not adjusted as part of the calibration process. The best-fit model inputs and outputs are presented in Table  5 .

In the FOSM analysis, as described earlier, the number of evaluation points is 2 n  + 1 (where n is the number of model inputs) when the numerical approximation method is used. Considering the five and six inputs for non-erosional and erosional breach case studies, respectively, each non-erosional breach case study was run 11 times, and each erosional beach case study was run 13 times. Therefore, in total, there were 127 evaluation points for all 11 case studies. Refer to Supplementary Appendix A for all of the performed runs.

To investigate the variation of sensitivity estimates along the flow runout distance, three case studies were selected (1985 Stava, 1998 Aznalcóllar, and 2019 Feijão). These cases were selected because they have different released volumes, breach processes, and topographic conditions, and therefore the magnitude and runout path of these three cases represent diverse morphological environments (see Tables  4 and 5 ).

Probability Distribution Approximation for Prediction

The FOSM method provides estimates of the mean and standard deviation of the model outputs, which can be used to make probabilistic forward predictions. However, since the probability distributions of the inundation area, maximum flow velocity, maximum flow depth and frontal arrival time are unknown and are not obtained directly through the FOSM method, assumptions must be made. Normal and log-normal approximations are typically used in geotechnical problems (Kim et al. 2020 ; Nadim 2007 ). The log-normal approximation is also considered reasonable in this application, as a first approximation. It is used instead of the normal distribution because the model input parameters cannot be negative.

The Merriespruit case was used in this study to demonstrate the application of the FOSM method for predicting the probability of model outputs. Following Aaron et al. ( 2022 ), we excluded any site-specific information about the breach geometry, rheological parameters and observational data for the numerical modelling. The Merriespruit case was also excluded from the TDB calibration dataset for the purposes of this demonstration. However, the total released volume was not changed so that the observed and simulated results could be roughly compared.

A detailed description of the Merriespruit TDB event was provided by Fourie and Papageorgiou ( 2001 ) and Wagener ( 1997 ). The estimated total released volume was 0.615 M m 3 . For the purpose of demonstrating the probabilistic method, we adopted a strategy of making reasonable model and parameter selections that an experienced TDB practitioner might make. A trapezoidal breach shape with side slopes of 1 V:1H was used. Assuming the breach height was equal to the dam height (31 m), and using an average breach width to breach height ratio of 7 based on non-erosional breach data in Adria ( 2022 ), the average breach width was estimated to be 217 m. The topographic data source is the Airbus WorldDEM™ DTM with a 12 m resolution. A constant surface roughness (n) of 0.08 was used throughout the runout path to account for both the suburban and wetland areas that are observed in satellite imagery and aerial photographs. The Quadratic rheological model was selected for this analysis. Since there is a lack of back-analyzed historical case studies similar to Merriespruit, which could otherwise inform rheological parameter selection, the yield stress and viscosity in the present study were estimated by fitting exponential curves to the yield stress and viscosity data provided in Martin et al. ( 2022 ). Considering the volumetric solid content of 50% for Merriespruit, the yield stress and viscosity were estimated as 63 Pa and 0.8 Pa s, respectively.

Sensitivity and Uncertainty Estimates

Figures  2 , 3 , 4 and 5 illustrate the sensitivity of the modelled inundation area, maximum flow velocity at 50% runout, maximum flow depth at 50% runout, and flow front arrival time at 50% runout, respectively, for each case study. Figure  2 indicates that the inundation area was most sensitive to total released volume in 9 out of 11 cases, with the exceptions of Stava and Mt. Polley. Stava exhibited the greatest sensitivity to surface roughness, while Mt. Polley exhibited the greatest sensitivity to breach width. Yield stress was one of the top two contributors to the sensitivity of inundation area for more than half of the cases (6 out of 11) (Fig.  2 ).

figure 2

Sensitivity of modelled inundation area with respect to the selected inputs

figure 3

Sensitivity of modelled maximum flow velocity at 50% runout with respect to the selected inputs

figure 4

Sensitivity of modelled maximum flow depth at 50% runout with respect to the selected inputs

figure 5

Sensitivity of modelled flow front arrival time at 50% runout with respect to the selected inputs

Figures  3 and 4 indicate that the maximum flow velocity and maximum flow depth at 50% runout were most sensitive to surface roughness and total released volume, respectively, in 8 out of 11 cases. For flow velocity, the exceptions are Cadia, Mt. Polley, and Ajka; Cadia and Ajka exhibit the highest sensitivity to total released volume, while Mt. Polley exhibits the highest sensitivity to breach width (Fig.  3 ). For flow depth, the exceptions were Stava, Mt. Polley, and Cadia; Mt. Polley and Cadia exhibit the highest sensitivity to breach width, while Stava exhibits the highest sensitivity to surface roughness (Fig.  4 ).

Figure  5 indicates that the sensitivity results for flow front arrival time display greater variability than the other model outputs. Flow front arrival time is most sensitive to surface roughness in 7 out of 11 cases, with the exceptions of Tapo Canyon, Ajka, Tonglvshan, and Cadia. Tapo Canyon exhibits the highest sensitivity to both total released volume and breach width equally, while Ajka exhibits the highest sensitivity to total released volume, and Tonglvshan and Cadia exhibits the highest sensitivity to breach width.

Figures  6 and 7 display the uncertainty estimates, CoV (coefficient of variation), values for four numerical outputs: inundation area, maximum flow velocity, maximum flow depth, and flow front arrival time at 50% of the observed runout distance. These values are shown for both non-erosional breach (Fig.  6 ) and erosional breach (Fig.  7 ) case studies, considering the selected inputs individually as well as all inputs together (all). The erosional breach case studies include an additional input, breach formation time (BFT), which is not applicable for the non-erosional breach case studies (Fig.  7 ). The findings suggest that for all case studies, the uncertainties in the inundation area and maximum flow depth with respect to the total released volume exceed 10%, which is typically regarded as a high level of uncertainty in practice. The uncertainties in the maximum flow velocity and flow front arrival time with respect to surface roughness exceed 10% for most of the case studies, specifically 10 out of 11 and 9 out of 11, respectively. Tables containing sensitivity and uncertainty values are presented in Supplementary Appendix B.

figure 6

Non-erosional breach case study coefficient of variation (CoV) values for four numerical outputs: a inundation area, b maximum flow velocity, c maximum flow depth, and d flow front arrival time at 50% of the observed runout distance. These CoV values are presented with respect to the five selected inputs, namely total released volume (TRV), yield stress (YS), viscosity (V), surface roughness (R), and breach width (BW), both individually and all inputs (All) together. Note the different y-axis range for plot b)

figure 7

Erosional breach case study coefficient of variation (CoV) values for four numerical outputs: a inundation area, b maximum flow velocity, c maximum flow depth, and d flow front arrival time at 50% of the observed runout distance. These CoV values are presented with respect to the six selected inputs, namely total released volume (TRV), yield stress (YS), viscosity (V), surface roughness (R), breach width (BW), and breach formation time (BFT), both individually and all inputs (All) together. Note the different y-axis range for plot b)

Sensitivity Variation Along Runout Path

Figure  8 shows the sensitivity of the modelled maximum flow velocity (a, b, c), maximum flow depth (d, e, f) and flow front arrival time (g, h, i) at 10%, 25%, 50%, 75% and 90% of the Zone 1 runout distance for the Stava, Aznalcóllar and Feijão cases. Sensitivity variation is observed along the flow path. In most of the scenarios, the sensitivity to breach width tends to decrease with distance from the breach. The sensitivity to total released volume has an increasing trend in most cases, which appears to plateau in some cases. The sensitivity to surface roughness is largely case-dependent without any discernible common trend. The sensitivity to yield stress tends to increase with distance from the breach in the case of Feijão. Sensitivity values along the runout path are provided in Supplementary Appendix C.

figure 8

Variation of sensitivity with distance from the breach for modelled maximum flow velocity ( a , b , c ), maximum flow depth ( d , e , f ), and frontal arrival time ( g , h , i ) in three selected case studies

Demonstration of Probabilistic Prediction Approach

The Merriespruit demonstration case involves modelling the probability distributions of two key parameters: the inundation area and maximum flow velocity at 50% runout distance. These parameters are modelled with respect to each input variable individually as well as considering the total uncertainty of all input variables together (Fig.  9 ). The mean value of the modelled inundation area is 1.54 km 2 , while the mean value of the modelled maximum flow velocity at 50% runout distance is 2.6 m/s.

figure 9

The probability density of the modelled inundation area and maximum flow velocity at 50% of the Zone 1 runout distance are plotted with respect to each input variable ( a and c ), as well as considering the total uncertainty of all input variables together ( b and d )

Since the model outputs cannot be negative, we used the assumption of log-normal distribution. The observed Zone 1 inundation area for Merriespruit was estimated to be 0.89 km 2 (Ghahramani et al. 2022 ), which is slightly outside of one standard deviation from the mean of the probability density curves for the inundation area, as shown in Fig.  9 b. Similarly, the best-fit modelled maximum flow velocity at 50% of the runout distance was ≈ 2.1 m/s (Adria 2022 ), which is within one standard deviation from the mean of the probability density curves for maximum flow velocity, as shown in Fig.  9 d.

Sensitivity Analysis

The results of the sensitivity analysis suggest that modelled inundation area and maximum flow depth are most sensitive to total released volume, whereas modelled maximum flow velocity and flow front arrival time are generally most sensitive to surface roughness. These findings are conceptually consistent with physical observations (Adria 2022 ; Ghahramani et al. 2020 ) and agree with past findings that outflow volume is strongly correlated with inundation area and runout distance (e.g. Concha-Larrauri and Lall 2018 ; Ghahramani et al. 2020 ; Piciullo et al. 2022 ; Rico et al. 2008 ).

With regard to identifying primary contributors to the sensitivity of model outputs, our results indicated similar trends for most of the cases, with a few exceptions for each model output. For Stava, the sensitivity of all four outputs followed a similar pattern, with surface roughness as the primary contributor and total released volume and breach width among the top three contributors to the sensitivity of those model outputs. This may be attributed to the steep travel path at Stava, which is higher than all the other cases in this study.

Mt. Polley is another exception in which the model is highly sensitive to the breach width for the modelled inundation area, maximum flow velocity, and maximum flow depth (Figs. 2 , 3 , 4 ). This is likely due to the unique site conditions related to the Mt. Polley failure. The Zone 1 extent of Mt. Polley was truncated by Quesnel Lake 9 km downstream of the tailings facility. Without the presence of an intercepting water body, a hypothetical failure of similar size and composition to Mt. Polley would be expected to travel farther than 9 km. As a result, the 50% runout distance point considered in this study for the Mt. Polley model may actually be more representative of the 5–15% range if the event was not truncated by the lake. From this perspective, the Mt. Polley sensitivity results for all parameters are less exceptional to the other events, as the Stava, Aznalcóllar, and Feijão results are also consistently sensitive to breach width at about 5–15% of their runout distances. Furthermore, for confined events like Mt. Polley, the sensitivity of inundation area to outflow volume is primarily driven by the runout distance, with minor changes in the flow width along the runout path. With the truncated runout distance at Mt. Polley enforcing the same runout distance for all sensitivity scenarios, along with a predominantly channelized flow path, there was physically little room for the inundation area to differ between input variations.

Another consideration for Mount Polley is that the released volume had a relatively low concentration of tailings solids, and therefore could be reasonably approximated as Newtonian rather than non-Newtonian. The effect of low solids concentrations is implicitly included in HEC-RAS by using low values for the yield stress and viscosity. As a result, one could expect the inundation area to have low sensitivity to the low calibrated yield stress and viscosity values for Mt. Polley, which in turn increases the relative sensitivity of the other inputs. This rationale may apply to the Aznalcóllar and Ajka cases as well, which also had relatively low concentrations of tailings solids.

In the case of Cadia, the modelled maximum flow velocity was most sensitive to total released volume, while the modelled maximum flow depth and flow front arrival time were most sensitive to breach width. In general, surface roughness acts as an external resisting force along the flow runout path, and typically, changing the surface roughness affects the modelled flow velocity and arrival time the most. However, this was not the case for Cadia. However, the breach width was one of the primary contributors to the sensitivity of the modelled flow velocity, depth, and flow front arrival time. One possible reason might be the proximity of our measurement to the breach. The Cadia runout distance was ≈ 480 m, which is relatively short, and the sensitivity analysis was done at 50% of the runout distance. Tonglvshan is the only other case that has a similar runout distance to Cadia (≈ 500 m), and breach width was also one of the main contributors to the sensitivity of modelled maximum flow velocity and flow front arrival time in that case. Also, the Manning’s n value used for Cadia was relatively low, as expected for barren land (Janssen 2016 ). The released tailings had a solid concentration of ≈ 63% (Jefferies et al. 2019 ), and the calibrated yield stress and viscosity for the tailings were among the highest used in Adria ( 2022 ), as expected for a material that predominantly consisted of solids. The influence of surface roughness (external flow resistance) should therefore be expected to be less consequential than rheology (internal flow resistance), which is observed for Cadia in Fig.  5 . Another possible reason might be related to the selected rheological model. The Quadratic rheology was used for the back-analysis of the Cadia case but considering the high solid concentration of the Cadia tailings, rheological models developed for solid-dominated materials (e.g. Voellmy rheology) might have been more appropriate.

The FOSM results presented in this study pertain specifically to the HEC-RAS numerical model. In Ghahramani et al. ( 2022 ), the FOSM analysis revealed that each of the four models (DAN3D, MADflow, FLO-2D, and FLOW-3D) investigated in their study was sensitive to different input parameters. However, the total released volume was identified as one of the top three contributors to the sensitivity of modelled maximum flow velocity and depth at a specific location for all four models. The results of the FOSM analysis conducted in this study are consistent with those findings.

Sensitivity Variation

The results in the “Sensitivity Variation Along Runout Path" section indicate that the sensitivity of model outputs to model inputs varies at different locations along the runout path. This is consistent with a parallel complementary study on the analogous problem of landslide runout that recognized sensitivity variation over the extent of a landslide runout model (Mitchell et al. 2022 ). Overall, the sensitivity variations of the Stava, Aznalcóllar, and Feijão cases follow a similar trend, except for the yield stress and surface roughness curves, despite the different characteristics of these three failures (Back-analyzed Case Studies section).

The sensitivity to breach width displays decreasing trends in all of the plots. The breach width has a large influence on the model outputs near the breach, but the influence gradually decreases with increasing runout distance (Fig.  8 ).

The total released volume has a major influence on all the model outputs at different locations along the runout path (> 10% sensitivity values), with an increasing trend that tends to plateau for some of the scenarios (e.g. Fig.  8 c, f, g). In the case of Aznolcollar, there is a fluctuation in the sensitivity of modelled maximum flow velocity to the total released volume (Fig.  8 b). This may be attributed to the local constriction of the runout path near a highway bridge that crossed the inundation area near the 50% runout location, where the physical constriction controls the velocity more than any other model outputs.

For the Feijão case, the sensitivity to the yield stress displays an increasing trend, with the highest value at 90% of the runout distance (the last measurement location). Model outputs were not sensitive to yield stress for the Stava and Aznalcóllar cases, which may be due to the steep travel path slope along the Stava creek and the low solid concentration of the Aznalcóllar tailings flow, respectively, nor to viscosity for all three cases.

Comparing the three cases, the variation in sensitivity to surface roughness for each model output have different trends. For the Stava case, the sensitivity of the modelled maximum flow depth to surface roughness displays an increasing trend in the first 25% and a decreasing trend for the rest. In contrast, there was a decreasing trend for the Aznalcóllar case and an almost flat trend for the Feijão case (Fig.  8 d–f). These differences might be due to distinct topographic conditions, such as steep terrain, sudden elevation changes, or degree of confinement along the path.

In the case of Stava, the results indicate that the modelled maximum flow depth and front flow arrival time were most sensitive to breach width, while exhibiting very low to zero sensitivity to other inputs at the 10% of runout distance. This sensitivity pattern is similar to what was explained in Sensitivity Analysis Section for the Cadia case, suggesting that it may be due to the proximity of the measurement (10% of runout) to the breach location where the dynamic effects such as rapid changes in material behaviour can be significant. When comparing the three cases, the first 10% of the runout distance for the Stava is less than 500 m from the breach while this distance is about 3 km for Aznalcóllar and 1 km for Feijão. This sensitivity pattern changes at further locations along the runout path (Fig.  8 d–g).

In this study, the 50% runout distance of Zone 1 was selected as a reference point to compare general model sensitivity estimates. However, analysis of sensitivity variation along the path suggests that the 50% runout distance may not necessarily be a key location of interest in every case. Instead, the location for sensitivity analysis should be chosen based on the specific purpose of the project, particularly considering the locations of elements at risk.

The Merriespruit demonstration case involved modelling the probability distributions of two key parameters: the inundation area and maximum flow velocity at 50% runout distance. These parameters were modelled with respect to each input variable individually and collectively (Fig.  9 ). In order to roughly compare the predicted results with the observed ones, one of the main sources of uncertainty, the total released volume, was kept as the reported value, as mentioned in the Methodology section. Figure  9 b, d show that the output results were over-predicted. The sensitivity analysis results in Fig.  2 showed that yield stress was the top contributor to the sensitivity of inundation area for more than half of the cases. The over-prediction of the results could be due to the lower yield stress selected (63 Pa) compared with the calibrated value (200 Pa) provided in the “Back-analyzed Case Studies” section. Another reason could be the over-estimation of the average breach width value for the simulation, compared to the reported value.

Selection of input parameters, such as total released volume, rheological parameters, and breach geometry, has been a challenge for tailings dam breach-runout forward analysis. Probability density curves can be used by practitioners and modellers to constrain the ranges of estimated model outputs. For example, modellers may use the curves to identify a range of values that are consistent with a certain level of confidence, or to identify the most likely range of values for the output. By doing so, the uncertainties associated with each input variable can be accounted for, and more accurate model predictions can be made.

However, the approximation methodology used to generate the probability density curves has some limitations and assumptions that need to be considered when interpreting the results. One limitation is the use of statistical distributions to model the uncertainty of the input variables. While this can be a useful approximation, it is important to recognize that the choice of distribution may not always accurately reflect the true uncertainty of the input variable. For instance, the assumption of log-normal distribution may not always hold, particularly for extreme events or rare occurrences, which can lead to underestimation or overestimation of the probability of such events. Thus, the probability density curves should be used with caution and in conjunction with other information and expert judgement. Modellers should also be aware of the limitations and assumptions of the approximation methodology, and carefully consider the potential effect of correlated or extreme events that may not be accurately captured by the probability density curves.

Limitations of the FOSM Method

Although FOSM is a linearization technique, it can be applied to models with non-linear output functions. The FOSM method linearizes the non-linear output function by approximating it as a Taylor series expansion around the mean values of the input variables. Therefore, it assumes that the output can be locally approximated as a linear function near the mean values of the input variables (Lee and Mosalam 2005 ). However, the FOSM method comes with limitations that should be considered when interpreting the results. It is an approximate method that only considers the first-order and second-moment (i.e. mean and variance), rather than the distribution function, of the input variables. Therefore, it may not work well for highly non-linear systems (Kunstmann et al. 2002 ). Better precision could be achieved by using higher-order terms from the Taylor series expansion. However, higher orders involve complex mathematics and require additional statistical information, such as skewness and kurtosis, which are not easy to estimate due to insufficient data. Another limitation is that the interaction between input variables is not considered in the FOSM method (Baecher and Christian 2005 ; Nadim 2007 ).

In this study, the FOSM approach was applied to three erosional and eight non-erosional case studies. Although the FOSM method is versatile and can be applied to other models, the FOSM results presented in this study are specific to the HEC-RAS numerical model. Our interpretations provide valuable information about HEC-RAS performance for each case study. Although some similar trends were observed, a larger sample size would be needed to draw broader and more robust conclusions, particularly for the erosional breach cases.

Conclusions

Our study highlights the importance of understanding the uncertainty and sensitivity of model outputs to different input variables for TDB runout modelling, which can help improve the accuracy of risk assessments and mitigation strategies in industry practice. In this study, the FOSM methodology was applied to a database of 11 back-analyzed historical tailings flows to evaluate the uncertainties in TDB runout modelling. Moreover, a sensitivity analysis was conducted to determine the key factors contributing to the sensitivity of the HEC-RAS model outputs, and sensitivity variations were analyzed at different locations along the runout path. We also investigated the potential application of the FOSM method to probabilistic runout modelling in prediction scenarios.

Overall, the uncertainty results and sensitivity estimates showed similar trends in most of the cases. To be able to generate more reliable model results using HEC-RAS: (1) researchers should develop better methods to predict potential release volumes; and (2) practitioners should use expert judgment when estimating potential release volumes and surface roughness values. However, there were some exceptions for each model output and the primary contributors to the sensitivity of the model outputs varied depending on the case study. The Mt. Polley case, for instance, was highly sensitive to breach width for modelled inundation area, maximum flow velocity, and maximum flow depth, potentially due to the site conditions and the use of the Quadratic rheology model, due to the relatively low solid concentration of the Mt. Polley tailings flow. The Cadia Event 2 was also sensitive to breach width for modelled flow velocity, depth, and flow front arrival time. The influence of surface roughness was observed to be less consequential than rheology, potentially due to the high solid concentration of the Cadia tailings and the use of the Quadratic rheology model, instead of other rheological models that were mainly developed for solid materials. These results reinforce that considering site-specific conditions and the selection of appropriate rheological models are crucial for accurate predictions in TDB runout modelling.

We also found that the sensitivity variations along the path for the Stava, Aznalcóllar, and Feijão cases followed similar trends, with decreasing sensitivity to breach width and increasing sensitivity to total released volume for all three cases and increasing sensitivity to yield stress for Feijão. The sensitivity of the model outputs to surface roughness displayed a different trend for each case, which may be due to different topographic conditions along the runout path.

Lastly, the FOSM methodology was proposed as a probabilistic approach to model-based tailings flow runout prediction. A demonstration of the approach was presented to illustrate the potential usefulness of probability density curves in constraining ranges of estimated model outputs in TDBAs.

Data Availability

All the model outputs, sensitivity analyses, and uncertainty estimates have been included as supplementary material.

Aaron J, McDougall S, Kowalski J, Mitchel A, Nolde N (2022) Probabilistic prediction of rock avalanche runout using a numerical model. Landslides 19:2853–2869. https://doi.org/10.1007/s10346-022-01939-y

Article   PubMed   PubMed Central   Google Scholar  

Adria DAM (2022) Compilation and critical assessment of observations from a selection of historical tailings dam breach events for numerical breach and runout modelling. MASc thesis, Univ British Columbia. https://doi.org/10.14288/1.0421782

Adria DAM, Ghahramani N, Rana NM, Martin V, McDougall S, Evans SG, Take WA (2023a) Insights from the compilation and critical assessment of breach and runout characteristics from historical tailings dam failures: implications for numerical modelling. Mine Water Environ 24:1–20. https://doi.org/10.1007/s10230-023-00964-0

Article   Google Scholar  

Adria DAM, Ghahramani N, Rana NM, Martin V, McDougall S, Evans SG, Take WA (2023b) A database of tailings dam breach and runout observations. Borealis Can Dataverse Reposit. https://doi.org/10.5683/SP2/NXMXTI

Arcement GJ, Schneider VR (1989) Guide for selecting Manning’s roughness coefficients for natural channels and flood plains. U.S. Geological Survey Water Supply Paper 2339. https://doi.org/10.3133/wsp2339

Baecher G, Christian J (2005) Reliability and statistics in geotechnical engineering. Wiley, West Sussex

Google Scholar  

Blight GE (2009) Geotechnical engineering for mine waste storage facilities. CRC Press/Balkema, Leiden

Book   Google Scholar  

Borgonovo E, Plischke E (2016) Sensitivity analysis: a review of recent advances. Eur J Oper Res 248:869–887. https://doi.org/10.1016/j.ejor.2015.06.032

Article   MathSciNet   Google Scholar  

Brunner G (2020) HEC-RAS User’s Manual, version 6.3. Hydrologic Engineering Center, Davis

Burges SJ, Lettenmaier DP (1975) Probabilistic methods in stream quality management. J Am Water Resour Assoc 11:115–130. https://doi.org/10.1111/j.1752-1688.1975.tb00664.x

Article   CAS   Google Scholar  

Canadian Dam Association (CDA) (2021) Technical bulletin: tailings dam breach analysis

Chow VT (1959) Open channel hydraulics. McGraw-Hill Book Co., New York City

Concha Larrauri P, Lall U (2018) Tailings dams failures: updated statistical model for discharge volume and runout. Environments 5:1–10. https://doi.org/10.3390/environments5020028

Dettinger MD, Wilson JL (1981) First order analysis of uncertainty in numerical models of groundwater flow part: 1. Mathematical development. Water Resour Res 17:149–161. https://doi.org/10.1029/WR017i001p00149

Article   ADS   Google Scholar  

Fourie AB, Papageorgiou G (2001) Defining an appropriate steady state line for Merriespruit gold tailings. Can Geotech J 38:695–706. https://doi.org/10.1139/T00-111

Froehlich DC (2008) Embankment dam breach parameters and their uncertainties. J Hydraul Eng 134:1708–1721. https://doi.org/10.1061/(ASCE)0733-9429(2008)134:12(1708)

Ghahramani N, Mitchell A, Rana NM, McDougall S, Evans SG, Take WA (2020) Tailings-flow runout analysis: examining the applicability of a semi-physical area–volume relationship using a novel database. Nat Hazards Earth Syst Sci 20:3425–3438. https://doi.org/10.5194/nhess-20-3425-2020

Ghahramani N, Chen HJ, Clohan D, Liu S, Llano-Serna M, Rana NM, McDougall S, Evans SG, Take WA (2022) A benchmarking study of four numerical runout models for the simulation of tailings flows. Sci Total Environ 827:154245. https://doi.org/10.1016/j.scitotenv.2022.154245

Article   ADS   CAS   PubMed   Google Scholar  

Gibson S, Floyd I, Sánchez A, Heath R (2021) Comparing single-phase, non-Newtonian approaches with experimental results: validating flume-scale mud and debris flow in HEC-RAS. Earth Surf Process Landf 46:540–553. https://doi.org/10.1002/esp.5044

Gibson S, Moura LZ, Ackerman C, Ortman N, Amorim R, Floyd I, Eom M, Creech C, Sánchez A (2022) Prototype scale evaluation of non-newtonian algorithms in HEC-RAS: mud and debris flow case studies of Santa Barbara and Brumadinho. Geosciences 12:134. https://doi.org/10.3390/geosciences12030134

Heiser M, Scheidl C, Kaitna R (2017) Evaluation concepts to compare observed and simulated deposition areas of mass movements. Comput Geosci 21:335–343. https://doi.org/10.1007/s10596-016-9609-9

Janssen C (2016) Manning’s n values for various land covers to use for dam breach analyses by NRCS in Kansas. https://rashms.com/wp-content/uploads/2021/01/Mannings-n-values-NLCD-NRCS.pdf . Accessed 26 June 2023

Jefferies M, Morgenstern NR, Van Zyl DV, Wates J (2019) Report on NTSF embankment failure, Cadia Valley operations, for Ashurst Australia

Julien PY, Lan Y (1991) Rheology of hyperconcentrations. J Hydraul Eng 117:346–353

Kim JS, Kim SY, Han TS (2020) Sensitivity and uncertainty estimation of cement paste properties to microstructural characteristics using FOSM method. Constr Build Mater 242:118159. https://doi.org/10.1016/J.CONBUILDMAT.2020.118159

Kleijnen JPC (1995) Sensitivity analysis and optimization of system dynamics models: regression analysis and statistical design of experiments. Syst Dyn Rev 11:275–288. https://doi.org/10.1002/SDR.4260110403

Kunstmann H, Kinzelbach W (2000) Computation of stochastic wellhead protection zones by combining the first-order second-moment method and Kolmogorov backward equation analysis. J Hydrol 237:127–146. https://doi.org/10.1016/S0022-1694(00)00281-X

Kunstmann H, Kinzelbach W, Siegfried T (2002) Conditional first-order second-moment method and its application to the quantification of uncertainty in groundwater modeling. Water Resour Res 38:6-1–6-14. https://doi.org/10.1029/2000WR000022

Lee T-H, Mosalam KM (2005) Seismic demand sensitivity of reinforced concrete shear-wall building using FOSM method. Earthq Eng Struct Dyn 34:1719–1736. https://doi.org/10.1002/EQE.506

Llano-Serna MA, Farias MM, Pedroso DM, Williams DJ, Sheng D (2018) An assessment of statistically based relationships between critical state parameters. Géotechnique 68:556–560. https://doi.org/10.1680/jgeot.16.T.012

Martin V, Al-Mamun M, Small A (2019) CDA technical bulletin on tailings dam breach analyses. Sustainable and safe dams around the world. CRC Press, Ottawa, pp 3484–3498

Chapter   Google Scholar  

Martin V, Adria D, Wong H (2022) Inundation modelling of non-newtonian tailings dam breach outflows. In: Proc. 27th world congress of the international commission on large dams, question 105, response 28

McDougall S (2017) 2014 Canadian geotechnical colloquium: landslide runout analysis—current practice and challenges. Can Geotech J 54:605–620. https://doi.org/10.1139/cgj-2016-0104

Melo M, Eleutério J (2023) Probabilistic analysis of floods from tailings dam failures: a method to analyze the impact of rheological parameters on the HEC-RAS Bingham and Herschel–Bulkley models. Water 15:2866. https://doi.org/10.3390/w15162866

Mitchell A, Zubrycky S, McDougall S, Aaron J, Jacquemart M, Hübl J, Kaitna R, Graf C (2022) Variable hydrograph inputs for a numerical debris-flow runout model. Nat Hazards Earth Syst Sci 22:1627–1654. https://doi.org/10.5194/nhess-22-1627-2022

Nadim F (2007) Tools and strategies for dealing with uncertainty in geotechnics. In: Griffiths DV, Fenton GA (eds) Probabilistic methods in geotechnical engineering, CISM Courses and Lectures. Springer, Vienna, pp 71–95

Piciullo L, Storrøsten EB, Liu Z, Nadim F, Lacasse S (2022) A new look at the statistics of tailings dam failures. J Eng Geol 303:106657. https://doi.org/10.1016/j.enggeo.2022.106657

Pirulli M, Barbero M, Marchelli M, Scavia C (2017) The failure of the Stava Valley tailings dams (northern Italy): numerical analysis of the flow dynamics and rheological properties. Geoenviron Disasters 4:3. https://doi.org/10.1186/s40677-016-0066-5

Rana NM, Ghahramani N, Evans SG, McDougall S, Small A, Take WA (2021a) Catastrophic mass flows resulting from tailings impoundmentfailures. J Eng Geol 292:106262. https://doi.org/10.1016/j.enggeo.2021.106262

Rana NM, Ghahramani N, Evans SG, McDougall S, Small A, Take WA (2021b) A comprehensive global database of tailings flows. Borealis Can Dataverse Reposit. https://doi.org/10.5683/SP2/NXMXTI

Razavi S, Jakeman A, Saltelli A, Prier C, Iooss B, Borgonovo E, Plischke E, Piano SL et al (2021) The future of sensitivity analysis: an essential discipline for systems modeling and policy support. Environ Model Softw 137:104954. https://doi.org/10.1016/J.ENVSOFT.2020.104954

Rico M, Benito G, Díez-Herrero A (2008) Floods from tailings dam failures. J Hazard Mater 154:79–87. https://doi.org/10.1016/j.jhazmat.2007.09.110

Article   CAS   PubMed   Google Scholar  

Santamarina JC, Torres-Cruz LA, Bachus RC (2019) Why coal ash and tailings dam disasters occur. Science 364:526–528

Tonkin M, Doherty J (2009) Calibration-constrained Monte Carlo analysis of highly parameterized models using subspace techniques. Water Resour Res. https://doi.org/10.1029/2007WR006678

Wagener F (1997) The Merriespruit slimes dam failure: overview and lessons learnt. J S Afr Inst Civ Eng 39:11–15

Wahl TL (1998) Prediction of embankment dam breach parameters: literature review and needs assessment. U.S. Bureau of Reclamation. https://www.usbr.gov/ssle/damsafety/TechDev/DSOTechDev/DSO-98-04.pdf . Accessed 14 June 2023

Wahl TL (2014) Evaluation of erodibility-based embankment dam breach equations. Hydraulic Laboratory Report. https://www.usbr.gov/tsc/techreferences/hydraulics_lab/pubs/HL/HL-2014-02.pdf . Accessed 14 June 2023

Wang S-J, Hsu K-C (2009) The application of the first-order second-moment method to analyze poroelastic problems in heterogeneous porous media. J Hydrol 369:209–221. https://doi.org/10.1016/j.jhydrol.2009.02.049

Download references

Acknowledgements

This work was funded by a fellowship (NG) from the University of British Columbia Department of Earth, Ocean and Atmospheric Sciences, as well as scholarships and grants from the Natural Sciences and Engineering Research Council of Canada (NSERC). This work was part of the CanBreach Project, which is supported by funding through an NSERC Collaborative Research Development Grant and funding from the following industrial partners: Imperial Oil Resources Inc., Suncor Energy Inc., BGC Engineering Inc., Golder Associates Ltd., and Klohn Crippen Berger. The authors acknowledge the constructive comments provided by Dr. Violeta Martin and Dr. Dirk Van Zyl during the preparation of this study.

Author information

Authors and affiliations.

Department of Earth, Ocean and Atmospheric Sciences, The University of British Columbia, Vancouver, Canada

Negar Ghahramani, Daniel A. M. Adria & Scott McDougall

WSP, Lakewood, CO, USA

Negar Ghahramani

Knight Piésold, Vancouver, BC, Canada

Daniel A. M. Adria

Klohn Crippen Berger, Toronto, ON, Canada

Nahyan M. Rana

Red Earth Engineering, Brisbane, Australia

Marcelo Llano-Serna

Department of Earth and Environmental Sciences, University of Waterloo, Waterloo, ON, Canada

Stephen G. Evans

Department of Civil Engineering, Queen’s University, Kingston, ON, Canada

W. Andy Take

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Negar Ghahramani .

Supplementary Information

Below is the link to the electronic supplementary material.

Supplementary file1 (DOCX 118 KB)

Rights and permissions.

Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ .

Reprints and permissions

About this article

Ghahramani, N., Adria, D.A.M., Rana, N.M. et al. Analysis of Uncertainty and Sensitivity in Tailings Dam Breach-Runout Numerical Modelling. Mine Water Environ (2024). https://doi.org/10.1007/s10230-024-00970-w

Download citation

Received : 25 July 2023

Accepted : 19 January 2024

Published : 21 February 2024

DOI : https://doi.org/10.1007/s10230-024-00970-w

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

  • Tailings dam breach analysis (TDBA)
  • Numerical modelling
  • Runout analysis
  • Uncertainty analysis
  • Sensitivity analysis
  • Find a journal
  • Publish with us
  • Track your research

Some virtual care companies putting patient data at risk, new study finds

Canadian researchers have patient privacy concerns as industry grows post-covid.

health and safety breach case study

Social Sharing

This story is part of CBC Health's Second Opinion, a weekly analysis of health and medical science news emailed to subscribers on Saturday mornings. If you haven't subscribed yet, you can do that by  clicking here .

If you visit a doctor virtually through a commercial app, the information you submit in the app could be used to promote a particular drug or service, says the leader of a new Canadian study involving industry insiders.

The industry insiders "were concerned that care might not be designed to be the best care for patients, but rather might be designed to increase uptake of the drug or vaccine to meet the pharmaceutical company objectives," said Dr. Sheryl Spithoff, a physician and scientist at Women's College Hospital in Toronto.

Virtual care took off as a convenient way to access health care during the COVID-19 pandemic, allowing patients to consult with a doctor by videoconference, phone call or text.

It's estimated that more than one in five adults in Canada —  or 6.5 million people — don't have a family physician or nurse practitioner they can see regularly, and virtual care is helping to fill the void.

But the study's researchers and others who work in the medical field have raised concerns that some virtual care companies aren't adequately protecting patients' private health information from being used by drug companies and shared with third parties that want to market products and services.

A female doctor with long, brown hair standing in a medical office.

Spithoff co-authored the study in this week's BMJ Open , based on interviews with 18 individuals employed or affiliated with the Canadian virtual care industry between October 2021 and January 2022. The researchers also analyzed 31 privacy documents from the websites of more than a dozen companies.

The for-profit virtual care industry valued patient data and "appears to view data as a revenue stream," the researchers found.

One employee with a virtual care platform told the researchers that the platform, "at the behest of the pharmaceutical company, would conduct 'A/B testing' by putting out a new version of software to a percentage of patients to see if the new version improved uptake of the drug."

health and safety breach case study

Many virtual care apps pushing products, selling personal data, research finds

Concerns about how data might be shared.

Matthew Herder, director of the Health Law Institute at Dalhousie University in Halifax, said he hopes the study draws the public's attention to what's behind some of these platforms.

"All of this is happening because of a business model that sees value in collecting that data and using it in a variety of ways that have little to do with patient care and more to do in building up the assets of that company," Herder said.

Bearded man standing in front of a chalkboard.

Other industry insiders were concerned about how data, such as browsing information, might be shared with third parties such as Google and Meta, the owner of Facebook, for marketing purposes, Spithoff said.

The study's authors said companies placed data in three categories:

  • Registration data, such as name, email address and date of birth.
  • User data, such as how, when and where you use the website, on what device and your internet protocol or IP address.
  • De-identified personal health information, such as removing the name and date of birth and modifying the postal code.

Some companies considered the first two categories as assets that could be monetized, employees told the researchers.

  • Many Canadians welcomed virtual health care. Where does it fit in the system now?
  • Virtual urgent care didn't divert Ontario patients from ER visits during pandemic, study suggests

Not all of the companies treated the third category the same way. Some used personal health information only for the primary purpose of a patient's virtual exchange with a physician, while others used it for commercial reasons, sharing analytics or de-identified information with third parties.

The study's authors said while each individual data point may not provide much information, advertisers and data analytic companies amalgamate data from browsing history and social media accounts to provide insights into an individual's mental health status, for example.

One study participant described how a partnership for targeted ads might work: "If an individual is coming through our service looking for mental health resources, how can we lean them into some of our partnerships with corporate counselling services?"

health and safety breach case study

Nurses’ union says virtual care is a move toward privatization of health care

Conflict-of-interest questions.

Lorian Hardcastle, an associate professor of law and medicine at the University of Calgary, studied  uptake of virtual care in 2020. She highlighted issues of continuity of care, privacy legislation and consent policies.

Since then, she said, uptake in virtual care accelerated during the COVID-19 pandemic.

"I think that the commercialization of the health-care system raises concerns around conflicts of interest between what is best for patients on the one hand and then on the other hand, what has the best return for shareholders," said Hardcastle, who was not involved in the BMJ Open study.

A woman with long brown hair wearing a blouse and jacket.

Hardcastle said it is helpful to have industry insiders acknowledge problems that health professionals and academics have expressed about commercialization.

The Office of the Privacy Commissioner of Canada, which funded the study, said in an email that privately funded health professionals are generally considered to be conducting commercial activities.

Hospitals, long-term care facilities and home care services that are publicly funded are not considered to be engaged in commercial activities and are covered by provincial privacy legislation, the office said. Health information falls into many categories and may be subject to different privacy laws across various jurisdictions.

Hardcastle also suggested that self-regulatory bodies, such as provincial colleges of physicians and surgeons, may need to revisit policies around relationships between health providers and industry.

Virtual care industry responds

CBC News heard from some Canadian virtual care companies that said they take the privacy of individuals seriously.

"Patient data is only used with patients' explicit consent and only when it's required for health-care interactions between a patient and a doctor," a spokesperson for virtual care platform Maple said. "We do not exploit patient data for marketing or commercial gain."

  • Is virtual care a cure for Canada's battered health-care system?

In a statement, Rocket Doctor said it is important to note that the company "does not do any of the things listed by the researchers as common in the telehealth industry."

Telus said that all of the data collected from its virtual care service is treated as personal health information.

"Telus Health doesn't receive any funds from pharmaceutical companies for our virtual care service and we do not sell any patient data collected," said Pamela Snively, the company's chief data and trust officer.

Source of information hard to pin down

Hardcastle said it may be difficult for some people to distinguish between receiving reliable and accurate information from a health-care provider on an app and getting services marketed to them that the health provider may or may not find useful.

"Your family doctor isn't trying to collect superfluous information in order to market services to you," she said.

Some provinces and territories pay for the virtual services. In other cases, patients pay themselves or are covered by employer or private insurance.

  • Patients tapping into alternative care options, but N.S. emergency departments still face challenges

Nova Scotia's government, for example, has a contract with Maple to provide residents without a primary care provider with unlimited virtual visits. Those who do have a regular provider can have two visits per year paid for by the province.

Tara Sampalli, senior scientific director at Nova Scotia Health Innovation Hub, said the province's contract with Maple means residents' data can't be used in other ways, such as by third-party providers.

The province doesn't have that level of control over other providers of virtual care, said Sampalli, who holds a PhD in health informatics.

Calls for an opt-out choice

Herder, of Dalhousie University, said users should be able to easily opt out of having their data used for commercial purposes. He also said that if the data doesn't represent the full diversity of Canada, algorithms shaping clinical decision-making could be racially biased.

Spithoff said while patient awareness is important, patients aren't in a position to fix this problem.

  • 140,000 Nova Scotians are waiting for a family doctor. Can virtual care help?

"We need better legislation, regulation, and we need better funding for primary care," she said. "Or people can get virtual care integrated into their offline care."

Spithoff and her co-authors said self-regulation by the industry is unlikely to lead to change. 

The researchers acknowledged they were limited to publicly available documents and that they did not interview those affiliated with the third-party advertisers.

health and safety breach case study

Canadian Medical Association calls for health-care system overhaul

Corrections.

  • An earlier version of this story suggested that all health professionals conduct commercial activities under federal legislation. In fact, some publicly funded health services are not commercial and are covered by various other legislation. Feb 12, 2024 6:11 PM ET

ABOUT THE AUTHOR

health and safety breach case study

Amina Zafar covers medical sciences and health topics, including infectious diseases, for CBC News. She holds an undergraduate degree in environmental science and a master's in journalism.

With files from CBC's Christine Birak

Related Stories

Add some “good” to your morning and evening.

A vital dose of the week's news in health and medicine, from CBC Health. Delivered to your inbox every Saturday morning.

  • MyAucklandUni
  • Student Services Online
  • Class search
  • Student email
  • Change my password
  • MyCDES+ (job board)
  • Course outlines
  • Learning essentials
  • Libraries and Learning Services
  • Forms, policies and guidelines
  • New students
  • Enrol in courses
  • Campus card
  • Postgraduate students
  • Summer school
  • AskAuckland
  • Student Hubs
  • Student IT Hub
  • Student Health and Counselling
  • Harassment, bullying, sexual assault and other violence
  • Complaints and incidents
  • Career Development and Employability Services (CDES)
  • Ratonga Hauātanga Tauira | Student Disability Services (SDS)
  • Rainbow support
  • Covid-19 information for our community
  • Emergency information
  • Report concerns, incidents and hazards
  • Health and safety topics
  • Staff email
  • Staff intranet
  • ResearchHub
  • PeopleSoft HR
  • Forms register
  • Careers at the University
  • Education Office
  • Early childhood centres
  • University Calendar
  • Opportunities
  • Update your details
  • Make a donation
  • Publications
  • Photo galleries
  • Video and audio
  • Career services
  • Virtual Book Club
  • Library services
  • Alumni benefits
  • Office contact details
  • Alumni and friends on social media
  • No events scheduled for today You have no more events scheduled for today
  • Next event:
  • Show {0} earlier events Show {0} earlier event
  • Event_Time Event_Name Event_Description
  • My Library Account
  • Change Password
  • Edit Profile
  • My GPA Grade Point Average About your GPA GPA not available Why can't I see my GPA?
  • My Progress
  • Points Required Completed points My Progress Progress not available All done!
  • Student hubs
  • Health and counselling
  • All support
  • Health, safety and well-being

Breadcrumbs List.

  • News and opinion

99 million people included in largest global vaccine safety study

19 February 2024

Health and medicine , Faculty of Medical and Health Sciences

The Global Vaccine Data Network, hosted at the University of Auckland, utilises vast data sets to detect potential vaccine safety signals

Global Vaccine Data Network co-director Dr Helen Petousis-Harris: Latest study uses vast data sets to ensure vaccine safety.

The Global Vaccine Data Network (GVDN) assessed 13 neurological, blood, and heart related medical conditions to see if there was a greater risk of them occurring after receiving a Covid-19 vaccine in the latest of eight studies in the Global COVID Vaccine Safety (GCoVS) Project.

Recently published in the journal Vaccine , this observed versus expected rates study included 99 million people (over 23 million person-years of follow-up) from 10 collaborator sites across eight countries. The study identified the pre-established safety signals for myocarditis (inflammation of the heart muscle) and pericarditis (inflammation of the thin sac covering the heart) after mRNA vaccines, and Guillain-Barré syndrome (muscle weakness and changed sensation (feeling)), and cerebral venous sinus thrombosis (type of blood clot in the brain) after viral vector vaccines.

Possible safety signals for transverse myelitis (inflammation of part of the spinal cord) after viral vector vaccines and acute disseminated encephalomyelitis (inflammation and swelling in the brain and spinal cord) after viral vector and mRNA vaccines were identified.

So far, these findings were further investigated by the GVDN site in Victoria, Australia. Their study and results are described in the accompanying paper. Results are available for public review on GVDN’s interactive data dashboards.

Observed versus expected analyses are used to detect potential vaccine safety signals. These studies look at all people who received a vaccine and examine if there is a greater risk for developing a medical condition in various time periods after getting a vaccine compared with a period before the vaccine became available.

Lead author Kristýna Faksová of the Department of Epidemiology Research, Statens Serum Institut, Copenhagen, Denmark, remarked that use of a common protocol and aggregation of the data through the GVDN makes studies like this possible. “The size of the population in this study increased the possibility of identifying rare potential vaccine safety signals,” she explains. “Single sites or regions are unlikely to have a large enough population to detect very rare signals.”

By making the data dashboards publicly available, we are able to support greater transparency, and stronger communications to the health sector and public.

Associate Professor Helen Petousis-Harris Co-Director, Global Vaccine Data Network hosted at University of Auckland

GVDN Co-Director Dr Steven Black said, “GVDN supports a coordinated global effort to assess vaccine safety and effectiveness so that vaccine questions can be addressed in a more rapid, efficient, and cost-effective manner. We have a number of studies underway to build upon our understanding of vaccines and how we understand vaccine safety using big data.”

GVDN Co-Director Dr. Helen Petousis-Harris said, “By making the data dashboards publicly available, we are able to support greater transparency, and stronger communications to the health sector and public.”

The GCoVS Project was made possible with support by the Centers for Disease Control and Prevention (CDC) of the U.S. Department of Health and Human Services (HHS) to allow the comparison of the safety of vaccines across diverse global populations.

About the Global Data Vaccine Network

Established in 2019 and with data sourced from millions of individuals across six continents, the GVDN collaborates with renowned research institutions, policy makers, and vaccine related organisations to establish a harmonised and evidence-based approach to vaccine safety and effectiveness.

The GVDN is supported by the Global Coordinating Centre based at Auckland UniServices Ltd, a not-for-profit, stand-alone company that provides support to researchers and is wholly owned by the University of Auckland. Aiming to gain a comprehensive understanding of vaccine safety and effectiveness profiles, the GVDN strives to create a safer immunisation landscape that empowers decision making for the global community. For further information, visit globalvaccinedatanetwork.org.

Disclaimer: This news release summarises the key findings of the GVDN observed versus expected study. To view the full publication in Vaccine, visit doi.org/10.1016/j.vaccine.2024.01.100.

This project is supported by the Centers for Disease Control and Prevention (CDC) of the U.S. Department of Health and Human Services (HHS) as part of a financial assistance award totalling US$10,108,491 with 100 percent funded by CDC/HHS. The contents are those of the author and do not necessarily represent the official views of, nor an endorsement by, CDC/HHS, or the U.S. Government. For more information, please visit cdc.gov

Media enquiries: gvdn@auckland.ac.nz and communications@uniservices.co.nz

Bloomberg

  • Largest Covid Vaccine Study Yet Finds Links to Health Conditions

(Bloomberg) -- Vaccines that protect against severe illness, death and lingering long Covid symptoms from a coronavirus infection were linked to small increases in neurological, blood, and heart-related conditions in the largest global vaccine safety study to date.

The rare events — identified early in the pandemic — included a higher risk of heart-related inflammation from mRNA shots made by Pfizer Inc., BioNTech SE, and Moderna Inc., and an increased risk of a type of blood clot in the brain after immunization with viral-vector vaccines such as the one developed by the University of Oxford and made by AstraZeneca Plc. 

The viral-vector jabs were also tied to an increased risk of Guillain-Barre syndrome , a neurological disorder in which the immune system mistakenly attacks the peripheral nervous system.

More than 13.5 billion doses of Covid vaccines have been administered globally over the past three years, saving over 1 million lives in Europe alone. Still, a small proportion of people immunized were injured by the shots, stoking debate about their benefits versus harms.

The new research, by the Global Vaccine Data Network, was published in the journal Vaccine last week, with the data made available via interactive dashboards to show methodology and specific findings. 

Read More: Covid Test Failures Highlight Evolving Relationship With Virus

The research looked for 13 medical conditions that the group considered “adverse events of special interest” among 99 million vaccinated individuals in eight countries, aiming to identify higher-than-expected cases after a Covid shot. The use of aggregated data increased the possibility of identifying rare safety signals that might have been missed when looking only at smaller populations.

Myocarditis , or inflammation of the heart muscle, was consistently identified following a first, second and third dose of mRNA vaccines, the study found. The highest increase in the observed-to-expected ratio was seen after a second jab with the Moderna shot. A first and fourth dose of the same vaccine was also tied to an increase in pericarditis, or inflammation of the thin sac covering the heart. 

Safety Signals

Researchers found a statistically significant increase in cases of Guillain-Barre syndrome within 42 days of an initial Oxford-developed ChAdOx1 or “Vaxzevria” shot that wasn’t observed with mRNA vaccines. Based on the background incidence of the condition, 66 cases were expected — but 190 events were observed. 

ChAdOx1 was linked to a threefold increase in cerebral venous sinus thrombosis, a type of blood clot in the brain, identified in 69 events, compared with an expected 21. The small risk led to the vaccine’s withdrawal or restriction in Denmark and multiple other countries. Myocarditis was also linked to a third dose of ChAdOx1 in some, but not all, populations studied.

Possible safety signals for transverse myelitis — spinal cord inflammation — after viral-vector vaccines were identified in the study. So was acute disseminated encephalomyelitis — inflammation and swelling in the brain and spinal cord — after both viral-vector and mRNA vaccines. 

Listen to the  Big Take  podcast on  iHeart ,  Apple Podcasts ,  Spotify  and the Bloomberg Terminal.  Read the transcript .

Seven cases of acute disseminated encephalomyelitis after vaccination with the Pfizer-BioNTech vaccine were observed, versus an expectation of two.  

The adverse events of special interest were selected based on pre-established associations with immunization, what was already known about immune-related conditions and pre-clinical research. The study didn’t monitor for postural orthostatic tachycardia syndrome , or POTS, that some research has linked with Covid vaccines.

Exercise intolerance, excessive fatigue, numbness and “brain fog” were among common symptoms identified in more than 240 adults experiencing chronic post-vaccination syndrome in a separate study conducted by the Yale School of Medicine. The cause of the syndrome isn’t yet known, and it has no diagnostic tests or proven remedies.

Read More: Strenuous Exercise May Harm Long Covid Sufferers, Study Shows

The Yale research aims to understand the condition to relieve the suffering of those affected and improve the safety of vaccines, said Harlan Krumholz, a principal investigator of the study, and director of the Yale New Haven Hospital Center for Outcomes Research and Evaluation. 

Read this next :  Why Driving a Few Miles Can Save Patients a Fortune on Health Care

“Both things can be true,” Krumholz said in an interview. “They can save millions of lives, and there can be a small number of people who’ve been adversely affected.” 

Most Read from Bloomberg

  • Capital One to Buy Discover Financial in $35 Billion Stock Deal
  • Amazon Deserves to Be Called Out for Swindling Users
  • Wall Street’s Moelis Bet Big on the Middle East. Now He’s Cashing In
  • Stocks Pause Near Record as Traders Await Catalyst: Markets Wrap

©2024 Bloomberg L.P.

A healthcare worker administers a dose of the Novavax Covid-19 vaccine at a pharmacy in Schwenksville, Pennsylvania, US, on Monday, Aug. 1, 2022. Novavax's protein-based Covid-19 vaccine received long-sought US emergency-use authorization in July, but use is likely to be limited.

IMAGES

  1. Consequences of a Safety Breach in the Workplace

    health and safety breach case study

  2. The Data Breach Case Study & Protection Guide

    health and safety breach case study

  3. A Data Breach Case Study & Protection Guide

    health and safety breach case study

  4. Heftier fines and penalties for health and safety breaches

    health and safety breach case study

  5. Organisation Guilty Of Health & Safety Breach

    health and safety breach case study

  6. Breach of health and safety regulations and constructive dismissal

    health and safety breach case study

COMMENTS

  1. Health & Safety breaches

    Published on 3rd Sep 2015 Employers have a primary duty to ensure health and safety in the workplace and that duty is to take "all reasonable steps" to take care of safety. Given this fundamental duty of care, employers are clearly sensitive to breaches of health and safety measures which put employees or third parties at risk.

  2. Healthcare Data Breaches: Insights and Implications

    The study found that hacking/IT incidents are the most prevalent forms of attack behind healthcare data breaches, followed by unauthorized internal disclosures. The frequency of healthcare data breaches, magnitude of exposed records, and financial losses due to breached records are increasing rapidly.

  3. Health And Safety Dismissals

    These include two recent claims in which employees raised concerns about health and safety issues in the workplace and were then dismissed by their employers. Contrasting decisions were reached in Accattatis v Fortuna Group (London) Ltd [2021] and Gibson v Lothian Leisure [2021]. These rulings identify important lessons for employers and in ...

  4. What happens when an employee doesn't comply with health and safety

    Section 7 (a) of the Health and Safety at Work etc. Act 1974 states; It shall be the duty of every employee while at work -. (a) to take reasonable care for the health and safety of himself and of other persons who may be affected by his acts or omissions at work. Procedures put in place by organisations are there to protect their employees.

  5. All Case Examples

    A patient alleged that a covered entity failed to provide him access to his medical records. After OCR notified the entity of the allegation, the entity released the complainant's medical records but also billed him $100.00 for a "records review fee" as well as an administrative fee.

  6. Company fined after employees suffer from dermatitis

    They were fined £30,000 for breaching The Health and Safety at Work Act 1974, and £10,000 for 6 separate breaches of the Control of Substances Hazardous to Health (COSHH) Regulations for not...

  7. Health and safety prosecutions: recent cases provide some important

    In Evergreen Construction the Health and Safety Executive (HSE) called evidence at trial of previous accidents involving the defendant company, and reported contraventions of safety laws where the company had admitted to having breached its duty.

  8. Consequences of a Health & Safety Breach (Updated)

    In this blog, you'll learn about two case studies where health and safety was ignored which will illustrate the consequences of a safety breach in the workplace. Alongside this, you'll find summaries of key legislation and a list of the best health and safety guidance.

  9. The challenges of cybersecurity in health care: the UK National Health

    As modern technology becomes indispensable in health care, the vulnerabilities to cyber-threats continue to increase, compromising the health information and safety of millions of people. This threat can happen in several ways: data can be stolen; data might be deleted or corrupted in a way that is not obvious until years later; and medical devices can be hacked, causing direct harm to patients.

  10. Unscrupulous employers facing tougher health and safety penalties

    16 January 2014 This was published under the 2010 to 2015 Conservative and Liberal Democrat coalition government Tougher penalties are being handed out to employers who breach serious health...

  11. Health and Safety Case Studies Index

    HSE Guidance Case studies Case studies Here is a selection of the most popular case studies from the HSE. Air transport case studies Road safety case studies Slips and trips case...

  12. Construction firm ordered to pay almost £130,000 after health and

    The case came to the Southwark Crown Court on 22 May 2014, with Habitat Construction LLP charged with a single breach of s.2(1) of the Health and Safety at Work etc Act 1974. The business pleaded guilty to this charge and was fined £110,000, as well as being ordered to pay the prosecution's costs of £16,620.

  13. Case studies

    Case studies showing how NZ businesses are finding innovative ways to involve workers in workplace health and safety, manage work-related health risks and keep health and safe at work.

  14. Latest Health and Safety Court Cases

    The health and safety cases are covered by the HSE Network to spread awareness around the consequences that can materialise when proper health and safety protocol is not followed. Home / Health and Safety Cases The Annual Workplace Fatality Figures for 2020/21 Released By The Health and Safety Executive (HSE) 11th Jul, 2021 Read time 1 minute

  15. Data breach remediation efforts and their implications for hospital

    The national estimate for the number of hospital discharges for AMI fluctuated around 556 000 discharges annually between 2005 and 2014. 44 On average, a data breach at a nonfederal acute‐care inpatient hospital was associated with an additional 23‐36 deaths per 10 000 AMI discharges per year.

  16. Prosecutions 2018

    On the 27th November 2018, this case was heard in Trim Circuit Court. Navan Hire Hardware & Safety Training Limited pleaded guilty to two charges. On the 16th January 2016, an employee of Navan Hire Hardware & Safety Training Limited suffered personal injury and died when a Neilsen Hydraulic Press fell from the forks of a forklift which was ...

  17. Case Studies

    Case Studies To help start or improve your organization's safety and health program, see the case studies listed below for lessons learned and best practices. The Electric Power Industry relies on Safety and Health Programs to keep workers safe on the job ( PDF)

  18. A Systematic Review of Occupational Health and Safety Business Cases

    Abstract. Business cases are arguments developed to secure management commitment and approval for investment in an intervention. This systematic review evaluated 12 experimental and quasi-experimental studies on occupational health and safety interventions (OHSI) in various settings. The search engines used in this systematic review include ...

  19. Occupational Health And Safety : Five Cases You Need To Be ...

    The OLRB was not persuaded in this case that there was a general duty on the part of employers to prevent harassment of employees by other employees under Bill 168. The OLRB also went on to hold that this case, even if the board did exercise jurisdiction to hear and decide it, failed on its merits.

  20. Case studies: Leading health and safety at work

    Case study - Sainsbury's An external health and safety audit identified a need to develop a unified approach, and also recommended more direction from the board, to develop an effective...

  21. Breach list

    Case/Breach Defendant's Name Hearing Date Result Fine £ Act or Regulation; 46277020/01: Priory Healthcare Limited: 13/11/2023: Guilty-Fine: 140,000.00: Health and Safety At Work Act 1974 / 3: 47554070/01: Total Brickwork UK Ltd: 23/10/2023: Guilty-Fine: 16,000.00: Construction (Design and Management) Regulations 2015: 46249640/02: Circle ...

  22. 191 CDM 2015 Prosecutions (Breaches, Fines And Prison Time)

    The largest fine under CDM 2015 is £900,000, issued in April 2022. The case involved a worker striking a live underground cable with an excavator. The company involved breached CDM regulation 13. This relates to the principal contractor's duty to plan, manage and monitor the construction phase, and carry out work without risk to health and safety.

  23. 7 Data Breach Case Studies Involving Human Error

    4. Strathmore College data breach—Student records not adequately protected. In August 2018, it appears that an employee at Strathmore secondary college accidentally published more than 300 students' records on the school's intranet. These records included students' medical and mental health conditions such as Asperger's, autism and ADHD.

  24. Health data breaches hit new record in 2023

    The HCA theft was the largest hospital breach in 2023, a year in which about 1 in 3 Americans were affected by health-related data breaches. The number of attacks has surged in recent years. They ...

  25. Analysis of Uncertainty and Sensitivity in Tailings Dam Breach-Runout

    Tailings dam breaches (TDBs) and subsequent flows can pose significant risk to public safety, the environment, and the economy. Numerical runout models are used to simulate potential tailings flows and understand their downstream impacts. Due to the complex nature of the breach-runout processes, the mobility and downstream impacts of these types of failures are highly uncertain. We applied the ...

  26. Some virtual care companies putting patient data at risk, new study

    Dr. Sheryl Spithoff, a physician and scientist at Women's College Hospital in Toronto, co-authored a new study that found the for-profit virtual care industry valued patient data and 'appears to ...

  27. 99 million people included in largest global vaccine safety study

    Recently published in the journal Vaccine, this observed versus expected rates study included 99 million people (over 23 million person-years of follow-up) from 10 collaborator sites across eight countries. The study identified the pre-established safety signals for myocarditis (inflammation of the heart muscle) and pericarditis (inflammation ...

  28. 2023 UK Data Protection and Privacy Case Law Update

    February. Riley v. Student Housing Co (Ops) Ltd [2023] 2 WLUK 278. In this case, a former employee of the defendant, Mr Courtney Timoney Riley, launched proceedings alleging breach of Article 5 of the UK GDPR (GDPR) arising from the mishandling of his personal data as part of the defence of an employment tribunal claim raised by another former employee, and seeking £75,000 in damages.

  29. Largest Covid Vaccine Study Yet Finds Links to Health Conditions

    Sponsored Content. Vaccines that protect against severe illness, death and lingering long Covid symptoms from a coronavirus infection were linked to small increases in neurological, blood, and ...