How to Protect Your Organization from Cybercriminals

cybersecurity

No workplace is entirely immune to the threat of a security or data breach. The healthcare industry is particularly vulnerable and has become one of the largest targeted industries for cybercriminals. Medical records contain the most sensitive of personal information including Social Security Numbers, health records, and other contact information. As many as 90% of healthcare providers have experienced a breach in the last two years. Over half of these breaches are deemed to be criminal in nature, according to a study from the Penemon Institute, a privacy and security independent research firm (from Bloomberg, 05/07/2015).

Each member of a healthcare organization’s workforce has a responsibility to protect the privacy and security of all patient information. Implement the necessary safeguards by conducting a cybersecurity risk assessment within your organization.

Cybersecurity best practices:

Conduct an initial audit to determine potential exposures for your organization as well as to establish an action plan for identifying and implementing proper controls.

Establish written policies detailing your organization’s cybersecurity safeguards, including topics such as password protocols, guidelines for internet use, customer data control, and penalties for policy violations.

Keep hardware and software up-to-date to decrease risk from the latest malware or other security threats.

Secure your internet connection, including implementing a firewall and assuring that Wi-Fi signals are secure and encrypted.

Manage employee access to the internet or customer data by creating separate, password-protected user IDs for all employees and only granting employees access to systems needed to perform their job.

Keep systems used for payments separate from other potentially less secure systems.

Work with banks to make sure that the payment systems and services in place are trusted and secure.

Make regular backups of vital data, including internal documents and customer information.

Store data backups offsite, either at a remote location or in the cloud.

Implement physical security measures, such as keeping network equipment, servers, and other hardware in locked or restricted-access areas.

Secure mobile devices by requiring password protection and installing trusted security and anti-fraud systems.

Require employees to change their passwords at regular intervals, and consider implementing multi-factor authentication systems.

Succeed Management Solutions, LLC offers toolbox talk resources on related topics, with titles such as: Cybersecurity for Small Businesses, Cyber Security Planning Guide, and Ten Cybersecurity Tips for Small Businesses, provided by the Federal Communications Commissions. For healthcare organizations, Succeed has released a new HIPAA training series on the Privacy, Security, and Breach and Noncompliance components of the HIPAA law, including an awareness-level course for the workforce.

March is Workplace Eye Wellness Month! Reevaluate your Eye Safety Programs

eye protection

Nearly 1 million Americans have lost some of their sight from an eye related injury, according to Prevent Blindness America (PBA). Eye wellness is important and something we may take for granted until a preventable accident occurs.

In light of Workplace Eye Wellness Month, make it a priority to review safety procedures and raise awareness about the importance of eye safety.

The Importance of Eye Protection

The majority of work-related eye injuries are a result of flying or falling objects or sparks striking the eye.

Other common potential hazards include the following:

• Fumes
• Vapors
• Chemical splashes
• Extremely bright or hazardous light, such as from welding

Common Types of Eye Protection

A job hazard assessment should be performed prior to the start of a particular task to determine the type of eye protection required.

Safety glasses protect against low-to-moderate impacts and sparks from activities such as grinding and woodworking. Only use safety glasses with side shields.
Goggles form a protective seal around the eye area to better protect from hazardous chemical vapors, splashes, or dust or other small particles that may enter the eye. Make sure that your goggles include ventilation mechanisms to prevent fogging.
Face shields protect the entire face against flying particles, sparks, splashes, harmful mists, and other hazards.
Welding masks are specially designed to protect from radiant energy, sparks, and metal splatters from welding.

Proper Use

• Always wear proper eye protection where required, even if danger to your eyes seems remote.
• Before use, verify that your equipment is appropriate for the task.
• Inspect eye protection prior to each use.
• If you wear prescription eyewear, use eye protection that accommodates it. Prescription eyewear by itself is not a substitute for safety glasses or goggles.
• When welding or cutting, always wear safety glasses or goggles underneath face shields or welding helmets.
• When your work is complete, store eye protection properly and away from extreme temperatures or direct sunlight.

Those working in office settings are encouraged to follow the 20-20-20 rule to reduce the risk of digital eye strain: Take a 20-second break by looking at something 20 feet away every 20 minutes.

Succeed Management Solutions, LLC offers an Eye and Face Protection online training course that outlines a manager’s responsibility to educate employees on safe equipment use and controls. Other related toolbox talk safety documents include: PPE – Tinted Safety Glasses, PPE – Machines and Clothing, Digital Eye Strain and more. Safety videos are also available in English and Spanish on the topics of Eye Safety and Eye Safety in Construction Environments.

Succeed Management Solutions, LLC Doubles Training Library in 2015

GIF of trainings

In 2015, Succeed Management Solutions, LLC released 37 new online training courses. These courses cover a diverse range of industry topics in both English and Spanish, including Trenching and Shoring, Active Shooter Preparedness, Patient and Resident Handling and many more. Also, 38 existing online training courses on general industry topics have received significant improvements to their content, appearance, and functionality, including Slip, Trip and Fall Prevention, Workplace Violence, and Bloodborne Pathogens.

The Succeed Risk Management Center® resource library has also grown to include over four hundred comprehensive safety training materials that have been updated and created to complement each online training course.

In the New Year, Succeed is continuing to expand their risk management library while focusing on the development of new online training courses that address several different industry topics and current anticipated OSHA rules including: Food processing, DOT/CDL, and Crystalline Silica Exposure.

Check out Succeed’s current list of Online Training Titles

Reminder: Post OSHA 300A Summary Form by February 1st

Employers with 11 or more employees (including temporary employees) are required to post the OSHA 300A Summary form in a public area of the workplace from February 1 through April 30, 2016, for the previous year. This form is a representation of the total number of injuries and illnesses recorded for the year, as documented in the OSHA 300 Log. The OSHA 300 Log is an ongoing list of all recordable injuries, illnesses, and fatalities at an organization.

There are exempt industries that are not required to post the OSHA 300A Summary, however since January 1, 2016, OSHA has decreed that additional industries are now required to post this form. These industries include automobile dealers, bakeries, beer, wine, and liquor stores, performing arts companies, special food services, building material and supplies dealers, and more. Even if your organization is exempt, you still have to complete the forms if there has been a fatality, in-person hospitalization, amputation, or if an employee lost an eye due to a work-related incident.

The OSHA 300 forms are requested in any OSHA visit. Citations and fines may result if your organization does not comply. Regardless of OSHA, it is a best practice to keep a record of all injuries, and perform investigations to assess the root causes, at risk behaviors, and other factors that can help organizations prevent injuries.

Please use these links below for more information on the OSHA 300 log process, or to sign up for a free webinar.

View a short introductory video on the OSHA 300 logs
Sign up for a free educational webinar on the OSHA 300 log process
View the pre-recorded educational webinar

The Right Body Protection Can Save Lives

Body Protection

Hazards are present in every workplace. The Bureau of Labor Statistics reveals the majority of workplace injuries occur while workers are performing their normal job duties at their regular work sites.

In many industries, avoiding injuries and incidents depends on correctly identifying and acquiring the proper personal protective equipment, or “PPE” for the task.

Body protection generally protects the torso, but can also include full-body coverage that can protect from chemical splashes, sharp objects, or welding sparks. The proper type and condition of equipment will need to be determined by a job hazard assessment conducted before the work begins.

Note: Body Protection and other PPE will not completely eliminate hazards.

The most common types of body protection include the following:

Common Types
• Aprons
• Laboratory coats
• Front or rear gowns
• Vests
• Jackets
• Coveralls
• Chaps
• Full body suits

Common Materials
• Paper or fiber
• Rubber
• Treated wool or cotton
• Leather

Before use:
• Assure employees have been fully trained on its proper use
• Inspect body protection for holes, cuts, or other noticeable signs of wear
• Replace any worn or damaged articles
• Assure body protection fits properly. Ill-fitting clothing may result in additional hazards such as trips and caught-in hazards.

After use:
• Perform on-site cleaning and maintenance of equipment. Do not clean body protection items at home or in public laundromats.
• If working with chemicals, biohazards, or other hazardous materials, remove and properly dispose of any contaminated clothing immediately.

Succeed Management Solutions, LLC offers a newly updated Personal Protective Equipment training course for management that includes information on hearing, respiratory and full-body protection, PPE selection, inspection, and maintenance. A series of toolbox safety documents are also available about specific types of PPE such as eye, foot and hand protection, and types of machinery and clothing.

New Confined Space Entry Regulations – Starting October 2nd

OSHA has added a new sub-part to their existing Confined Space Entry standard. This change addresses construction-specific hazards that will be enforced beginning October 2nd, 2015. The construction industry encounters unique hazards and is subject to a higher risk of death and serious injury. This prompts the request for specific modifications to be made to the current confined space entry standard.

Confined Space Communication

The additional regulations encourage employers to heighten communication throughout every step of the confined space entry process, including the clear communication of roles and responsibilities, proper pre-entry procedures, atmospheric testing, and acquisition of the appropriate permits. OSHA believes once properly implemented by employers, this final rule will reduce the amount of fatalities and injuries in confined spaces by 96 percent (from OSHA’s Final Rule, 5/04/2015).

The nature of a confined space can be unpredictable. It is essential to train employees and all personnel involved about the changes to the confined space entry in construction standard. Learn about the roles and responsibilities to assure understanding of each person involved in the process:

confined space entry deadline

Succeed Management Solutions, LLC offers a newly updated Confined Space Entry online training course that includes the newest confined space in construction regulations. There are also toolbox talks that cover the same regulations.

September is National Preparedness Month!

fire extinguisher safety

September is National Preparedness Month, sponsored by the Federal Emergency Management Agency (FEMA). It’s a great time for employers to reevaluate their Emergency Preparedness and Action Plans. Emergency situations can occur at home or at the job, and can be devastating for communities. Establishing an effective Emergency Action Plan is crucial.

In the workplace, emergency procedures should be tested and practiced by all staff. It is important to perform drills regularly and ensure staff know the correct actions to take, should an emergency occur. Re-evaluating and making necessary changes to the emergency plan is crucial to maintain a safety culture at a workplace.

An emergency can present itself in many forms. Emergencies can result in property damages, injured employees, customers, or other individuals, business interruption and more. Such emergencies can include…

– Fire/Flood
– Earthquake/Tornado/Hurricane
– Explosion
– Hazardous Material Accidents
– Loss of an important customer or provider
– Communications Failure

Below are some initial steps to formulate your own Emergency Action Plan within your organization:

– Formulate a team to develop the Emergency Action Plan.
– Analyze all potential hazards and estimate the probability of the hazard occurring
– Outline response procedures for all potential emergencies
– Conduct training/drills to assure all personnel are aware of their role during each emergency
– Assess and amend the plan as necessary.

Last month was National Immunization Awareness Month, which emphasizes safe practices in healthcare facilities and the prevention of the spread of bloodborne pathogens. Immunization and bloodborne pathogens awareness goes hand-in-hand with emergency preparedness.

Succeed Management Solutions, LLC offers a newly updated Bloodborne Pathogens training course that applies the most recent safe practices, along with three updated safety toolbox talk resources focusing on the topics of Staph and MRSA Infections, Sharps Safety, and West Nile Virus. They also offer an Emergency Action Plan course and associated toolbox talks.

Do You Know Where Fall Hazards Are Present in Your Workplace?

Fall protection is a safety standard that applies to nearly every industry. According to OSHA, fall prevention safety standards were included in the top 10 most frequently cited OSHA standards, during fiscal year 2014 (From OSHA.gov).

OSHA created the annual campaign called the National Safety Stand-Down with its intent to raise awareness of preventing fall hazards in construction. Falls continue to be the leading cause of death for construction workers. It is critical that all employers and employees in all industries communicate directly about safety and learn to identify the conditions and behaviors that cause falls.

The following identify some specific conditions and behaviors that cause falls:

Stairways:
– Carrying objects that block the view of the steps
– Running
– Failure to use the handrail
– Working in areas cluttered by objects
– Inattention

Ladders:
– Use of ladders that do not suit the job
– Use of ladders that are in poor condition
– Improper ladder placement
– Improper ladder use
– Reaching/leaning too far
– Using a step ladder that is too short

Scaffolds:
– Using scaffolds without guard rails or toe boards
– Using poorly constructed scaffolds
– Using scaffolds without bracing to prevent sway
– Rushing your work

Floor Openings:
– Working around uncovered floor openings
– Working near floor openings that have been insufficiently covered
– Working around floor openings that have been insufficiently marked

Wall Openings:
– Failing to ensure that wall openings are barricaded
– Working near wall openings that may break easily
– Failing to tie-off when working near exposed wall openings

Succeed Management Solutions, LLC offers a fall prevention training course describing the basic components of a fall protection program including identifying fall hazards, how to use fall arrest systems and equipment, ways to develop controls for safe work practice and maintaining fall protection equipment.

Use the Safety Pyramid to Encourage Accountability

fire extinguisher safety

Ignoring the root causes of incidents that occur within your workplace can lead to serious injuries or even fatalities, sooner if not later. Addressing the underlying issues within your organization is essential to preventing OSHA-recordable incidents and saving lives!

Although less severe incidents occur more often, they are the ones that typically go completely undocumented. According to the Safety Pyramid, for every ten thousand unsafe behaviors and hazards that are observed, there will likely be one serious injury or fatality.

The Safety Pyramid compares the frequency of different types of incidents, ranging in severity from generally unsafe behaviors and hazards, to incidents that end in serious injuries or fatalities. While you may not want to spend the time and effort to officially document minor incidents, it is these recurring near misses and unsafe behaviors that reveal the internal problems within the organization. If they go uncorrected, they will eventually lead to more serious incidents. Don’t neglect minor incidents or deem them as insignificant.

Make it a habit to observe, investigate, and document each incident thoroughly – no matter how minor. The Safety Pyramid is a reference tool that can help to encourage an effective safety culture within your organization and promote accountability throughout the workplace.

Watch a video on the safety pyramid:


Electrical Installations – Safety & Execution

fire extinguisher safety

For temporary and/or permanent electrical equipment used on the job site:

Lock out/tag out procedures must be followed:

  • If systems need to be energized for work, only properly trained, licensed and qualified persons may work on these systems and only with proper controls in place.
  • Qualified persons must don the appropriate Personal Protective Equipment (PPE) as specified in the specific procedure for that equipment.
  • Extension cords are not to be used in lieu of permanent wiring. Extension cords used with portable electrical tools and appliances shall be of three-wire types.
  • Grounds are never to be removed from equipment or extension cords.

Tool and equipment condition:

  • All wiring and electrical equipment, tools and machinery shall be in excellent repair and part of a sound Preventive Maintenance Program with frequent inspections and full documentation.

Temporary lights:

  • Temporary lights and lighting where exposed to breakage, shall be equipped with guards to prevent accidental contact with the bulb.
  • Temporary lights shall not be suspended by their electric cords unless cords and lights are designed for this means of suspension.
  • Splices are not permitted.

Electrical lines, extension cords, and cables:

  • Do not to lay them on floors or in walkways, etc.
  • Secure and place in doorways and work areas so they won’t be damaged.
  • Do not use flexible cords as a substitute for fixed wiring, run flexible cords through walls, ceilings, floors, doorways, windows, attach to building surfaces, or conceal behind building walls, ceilings, or floors.

Panel boards, access, and ground fault systems:

  • These must have dead fronts on them at all times, except when being serviced.
  • All electrical equipment should have at least a three foot clearance in front of the equipment.
  • The area needs to be controlled for unauthorized access.
  • A “ground fault system” is used to prevent shock hazards. This may include the use of “ground fault circuit interrupters” (GFCIs) or an “assured equipment grounding program”.