Let’s Work Together to Save the Pipes from the Wipes

Is there any truth in advertising at all these days? When the sticker on a box of wet wipes claims they are “flushable”, does it mean they won’t harm plumbing or the sewage system? Or does that just mean they can physical fit down the toilet but will be whisked merrily away to cause a big stinking mess somewhere else?

Sadly, the evidence shows that flushable wipes are not good news for any septic system. Wipes don’t disintegrate in water like toilet paper is deigned to do. Instead, the wipe material stays mostly intact, creating a risk for obstructions down the line. These wipes may seem small on an individual basis, but they can build up over time since they catch easily on roots and other obstructions in the pipes that handle sewage. This can cause backups in pipes, in pump stations, and (even worse) inside homes and businesses.

How Big Is the Wipes Problem?

It’s hard to estimate how much buildup is taking place until it reaches a pretty severe level. But the giant masses of wet wipes in some sewage systems almost rival the Pacific garbage patch. London recently found a mass of wipes and cooking fats creating a 16 ton clog in their sewer system, and New York City has reportedly spent 18 million dollars to clear multiple “super knots” of flushed wipes. Pumps and grit screens in wastewater facilities can also be damaged by wipes, leading to even more infrastructure maintenance expenses.

Should We Do Away with Wipes?

This is obviously a personal choice—and wipes are a preferred cleaning option for anyone with irritated or sensitive skin. But using wipes without breaking pipes will require cultural change. In the U.S. (as opposed to countries with sewage infrastructure that can’t even handle toilet paper), people are accustomed to flushing everything to keep the restroom fresh and tidy. That’s why there are signs posted in public restrooms to remind visitors not to dispose of sanitary products or other items in the commode. Most people know they really shouldn’t be flushing dirty diapers or tampons, but it’s hard to argue that the public is at fault for flushing wipes when the label implies it’s safe to do so.

That’s why public agencies like the Leucadia Wastewater District are creating awareness campaigns to educate users about the damage of flushing wipes. See the #NoWipesDownthePipes video here. Of course if flushing is out, an acceptable alternate disposal method must be used. A lidded waste container with a disposable liner and foot pedal to open and close is an easy solution. It just requires everyone to cooperate in keeping the sewer systems clear, one wipe at a time.

Risk Taking and Workplace Safety

Workplace safety programs tend to place a strong emphasis on identifying and reducing hazards. It’s pretty straightforward to determine whether a blade needs to have a guard or if a tripping obstacle needs to be moved out of a pathway. But human behavior is much more challenging to evaluate and control. And it’s often flaws in personal decision-making that create dangerous situations at work. In fact, unsafe behavior is an even more frequent cause of accidents than unsafe conditions.

When an employee chooses to take a risk, they may or may not be aware of what is driving that decision. Helping workers understand how their behavior makes a difference—and helping them make better choices—can have a big impact on workplace safety.

What Behaviors Are You Rewarding?

To be fair, employees often learn to take risks at work because this is the behavior that is modeled or incentivized by their leaders or the organization as a whole. For example, if completing every job as fast as possible is consistently rewarded regardless of how the work is carried out, that’s a recipe for cutting corners. Subconsciously, workers may fear being reprimanded for falling behind more than they fear getting hurt—even if this doesn’t make sense at a logical level. Most choices throughout the day are actually made at a subconscious level. And those decisions that have most often been linked to positive emotional outcomes in the past tend to become habits.

How can you use this fact to make the workplace safer? Consider how often supervisors acknowledge or praise workers for following safety protocols. Remember that the behavior that is reinforced is the one that persists. Perhaps starting a tailgate safety meeting with a review of the last job done and positive comments about the specific behaviors that kept it incident free would be a good start. Having rules and processes in place to promote safety is good. But taking the time to notice when workers are getting it right makes a big difference too.

Creating a Culture of Workplace Safety

Besides positively reinforcing desired behavior, your organization should also:

  • Set clear expectations for safety rules and communicate these verbally and in written form.
  • Ensure managers and supervisors model the safety behavior and smart decision-making you want to see at all levels within the organization.
  • Enforce intelligent, equitable consequences for any risk-taking behavior that violates rules or that leads to incidents or near misses.
  • Invest in training, PPE, and controls that make it clear your organization cares about the safety of workers.
  • Take any questions or concerns about workplace safety seriously and communicate with workers about how you are addressing these issues.

It’s not too difficult to train in good safety habits for planned tasks and predictable environments, But the value of behavior based safety becomes most evident in situations where an employee is not being actively observed or a new circumstance comes up that requires snap decision making to prevent an accident. That’s when you know if workers have truly internalized safe behavior. To learn more about behavior-based safety and how it can reduce risk in your workplace, contact DKF for a consultation.

Data Privacy: Breaches and Responses

With the proliferation of online data and the complexity of keeping digital information secure, it’s not surprising that data breaches are becoming increasingly common. According to the Breach Level Index, there were almost 1000 publicly disclosed data breaches in the first six months of 2016, accounting for over 550 million data records. That’s up 31% from the previous six month period. At this point, more than 3 million records are being compromised each day.

Public Sector Gets Hit With Bigger Breaches

Government agencies and other public sector entities were the target of just 14% of H1 breaches in 2016. But they accounted for 57% of all compromised records. Most of the 318 million records lost or stolen were associated with three major voter database breaches. But individual agencies at the local level aren’t exempt from being targeted. Identity theft still accounts for the majority of data breaches, and utility agencies typically store the type of customer data that is a target for this type of criminal interest. Identity theft breaches have increased 38% compared to the same time period in 2015. While internal sources are still a common cause of data loss and theft, hackers are responsible for almost 70% of these incidents.

What Type of Damage Can Occur?

When data is compromised, there are many types of potential fallout including:

  • Risk of identity theft for customers
  • Unauthorized use of customers’ financial data
  • Loss of customer trust
  • Disruption of operations
  • Damage to organization’s reputation

What Can Be Done After an Incident?

Swift and accurate communication is the foundation of an effective response. Those impacted by the theft or loss of data need to know four things:

  • What happened
  • How it happened
  • That the organization cares about the impact
  • What the organization is doing to correct the problem and reduce the risk of recurrence

In many cases, there is a legal obligation for an organization that experiences a data breach to notify all affected parties. It may also be necessary to inform law enforcement and make a public statement. If there are material losses to those impacted, the organization may need to make consumers whole. When there is a risk of identity theft, it may also make sense to cover the cost of identity and credit monitoring for a time after the incident to help consumers safeguard their personal information.

Preventing and Limiting Damage

Data breaches can’t necessarily be avoided, although a security audit and upgrade can help reduce the risk of incursion. Any organization may be a target and there is, at this time, no fool-proof way to keep malicious outsiders from compromising data. Every agency should be prepared with a response if and when a breach occurs. This includes putting together a team (that may include IT, HR, Legal, and Financial internal experts) to address any incidents. To reduce the damage that can be done by a data breach, agencies should have monitoring tools and reporting in place to immediately notify the response team of any problem. Digital damage happens fast, and a quick response is essential.

Competency Based Job Training – Part 3

In this final post in our series about competency based job training, we will look at a few of the characteristics that help build a successful program.

Keep It in the Workplace

Since true competency can only be demonstrated in the context of the job, learning in the training program should occur in the workplace as much as possible. Learning in the environment of the job also helps ensure that the program is correctly targeted. It will become obvious fairly quickly if certain activities in the training program actually help get work done more quickly and efficiently or if they are just “busy work” that should be cut from the curriculum.

Allow Customization within the Overall Parameters

Because the goal is to provide a consistent standard of performance, every worker should be expected to gain all the competencies required for their job. However, there must be flexibility for customization in terms of the pace of learning. A modular, self-service program gives learners the ability to progress at their own pace. A typical module might include an overview and details about a given task, exercises, a quiz, and a performance evaluation.

One module may build on the next, but each should also be self-contained enough to be taken on its own. In this way, workers can prioritize areas where evaluation has shown an urgent need for improvement or skip modules if their competence in a particular area has already been demonstrated. When employees can participate more fully in creating and implementing the program in ways that make sense, they have a greater sense of accountability.

Always Include a Mentoring Aspect

Although self-service learning, self-evaluation, and automated reporting can be useful, the interpersonal aspect of the program is of critical importance. Learners must have regular contact with their supervisor or evaluator for review and follow up discussion to ensure the best outcome. This emphasis on feedback and ongoing communication will deliver a training program that is continuously improved. As employees become used to this feedback occurring on a regular basis and see their own progress, they become more confident and capable as a result.

Competency based training can include many of the tasks and responsibilities of a job. But safety is one topic that often deserves urgent attention due to the risks associated with poor competence in this area. For more information about incorporating competency training into your safety program, contact DKF Solutions today.

Competency Based Job Training Part 2

Last month, we took a look at competency based job training and the important first step of defining success. Next, it’s time to understand how far the organization is from reaching its goals and how much work it’s going to take to get there.

Step 2: Explore the Gap

Developing a competency based program must include assessing current employee knowledge and skills. It’s not uncommon to discover that employees already have many of the skills they need. To avoid frustrating and boring employees with redundant training, it’s important not to create a program that covers too much of what they already know. On the other hand, you may also find some surprising gaps in knowledge that need to be addressed. For example, if processes or job requirements have changed significantly in the past few years, new employees may be coming in to an environment where they receive conflicting advice about how things are supposed to be done. This would indicate gaps in skills or knowledge across the workforce—including both long time and new workers.

Step 3: Identify Universal Competencies

What do employees really need to know to do their jobs well? Engaging the workforce in identifying key skills may be helpful at this stage. For example, experienced employees have likely seen common mistakes made by new workers. They may have good suggestions for competencies to add to the training program. Be sure to identify competencies that are:

(a) applicable to a large number of employees

(b) able to be learned

(c) trackable and measureable

For example, good communication is a skill that can be learned. Knowledge in this area can be transferred through training and developed with practice. Improvement can also be measured by tracking incidents and processes where poor communication is causing delays, errors, and conflict.

Generalities and Specifics Matter

Basics like understanding the employee handbook and knowing emergency protocols are broad areas of competence that apply across an organization. But it’s also beneficial to drill down and create competency profiles for smaller groups based on the specifics of the job.  For example, installation and maintenance crews that work off-site may require in-depth training on a different set of skills than those who work within the facility. Creating separate modules that target specific business objectives by focusing on high-value skills can help make a training program show results more quickly.

Next month, we will explore more of the characteristics of a successful job competency training program—and what type of outcomes to expect.

Competency Based Job Training Part 1

For many roles in the workplace, employers rely on a combination of classroom or online education, and on-the-job training/mentoring to ensure that workers are properly equipped to carry out their job duties. Yet inconsistent performance, lack of compliance, errors, accidents, and other issues still arise. Why does this occur?

What is learned in the classroom may not transfer well to the worksite. Not all workers have the ability to take a concept they learn in a theoretical setting and apply the principle when they are faced with a real-world scenario that may seem quite different. Even on-the-job training that has a new employee shadow a coworker for a few days or weeks can yield widely varying results based on the capability, attitude, and teaching style of the mentor. Often, there is no standardized way to track whether employees are learning and retaining the competencies they need to do their jobs safely and well.

At the end of the day, key questions remain:

  • Do employees know what is expected of them in both general and specific terms?
  • Do they have the skills required for their roles and assigned tasks?
  • Do those skills translate into the ability to perform in the real-world context of the workplace?
  • How are these factors being measured so they can be improved?

Competency based job training helps provide a framework to answer all of these questions. This form of training focuses on learning and applying necessary skills in the context of the workplace, allowing agencies to develop knowledgeable and capable employees throughout their organization.

Where to Begin in Creating a Competency Based Training Program

There are several initial assessments that should be undertaken before developing a training program. This month, we will explore the first step.

Step 1: Define Success

Identify what outcome the organization wants to achieve. Ideally, a highly targeted, competency based approach to employee development puts the emphasis on performance with a focus on what matters most to the organization. Areas of interest could be risk reduction, productivity, profitability, and other business metrics that can be readily measured. Being able to put a value on the outcome makes it more likely that stakeholders will be willing to allocate resources to the program.

Next month, we will cover additional decisions that must be made before designing a competency based job training initiative as well as key characteristics of a good program.

Repeat Offenders Face New Risks with Rules Change

Late last year, Cal-OSHA was contemplating changes to the rules regarding repeat violations. With encouragement from Federal-OSHA to create regulations and practices consistent with those of the national agency, the rules are in line for some significant revision. Here’s a quick look at updates for 2016.

Look Back Period Is Extended

How far back can OSHA look to determine if there is a pattern of violations? The current California standard puts a time limit of three years on the look back period. But the new rules will give OSHA inspectors leeway to review a full five years of safety history to determine if employers are repeat offenders. If an employer has previously corrected a workplace safety problem after being cited and then allows the same violation to recur within a five year period, they will face steep penalties.

Location Becomes Less Important

In recognition of the fact that safety is as much an issue of company culture as it is work-site specific, employers will be held accountable for repeat violations at any work location or facility in the state. A violation that is identified and cited at one work site should be immediately abated at all work sites. Otherwise, OSHA inspectors could potentially go looking for similar problems at other locations to hold employers accountable for repeated violations within a short time frame.

Fines Are Going Up

When these changes take place, Cal-OSHA expects to substantially increase the number of repeat violation citations issued annually. In addition to making it easier to cite employers, the proposed increases in fines from a maximum of $70,000 to a maximum of $124,709 per repeat violation went into effect in early August.

Be Careful Not to Repeat Past Mistakes

This is a good time for wastewater agencies to review their history of any citations and ensure that none of the conditions have recurred. In the wastewater industry where construction and maintenance may occur at many different sites, there is a special need to be vigilant about developing and consistently implementing an appropriate safety program. For assistance in evaluating your safety practices, contact DKF Solutions today.

When the Next Big Earthquake Hits, Will You Be Ready?

Earthquakes are impossible to prevent and difficult to predict. But along the West Coast, everyone knows that these natural disasters are inevitable. According to the United States Geological Survey, there is a 75% chance that a 7.0 magnitude earthquake will hit Southern California sometime in the next 30 years. That’s not an earth shattering quake, just large enough to cause extensive destruction. MSN recently took a look at the potential disaster scenario, and the results aren’t pretty. Newer buildings are constructed to be earthquake resistant, and many older buildings are being retrofitted with seismic protection measures. But no workplace is completely safe when an earthquake strikes.

Potential Earthquake Hazards at Work

During and after an earthquake, a workplace can pose many hazards. Employees may be:

  • Crushed by structural components that give way
  • Struck by furnishings or décor that moves with the quake
  • Poisoned or suffocated by harmful chemicals released from ruptured containers or lines
  • Burned by fires resulting from gas leaks or electrical shorts

How to Prepare Employees for an Earthquake

An earthquake happens very suddenly and workers must react quickly to find shelter wherever they are. They should be trained to move immediately to a “safer place”. Outdoors, this would be a location away from trees, buildings, street lamps, and overhead lines. Indoors, this might be under a sturdy table or near an interior wall away from windows and heavy furniture such as shelving. Moving the shortest distance possible to get to a safe place reduces the chance of injury. Have employees practice the “drop, cover, hold on” move in a variety of safe places on a regular basis. During this exercise, they should:

  • Take cover under a sturdy desk or table
  • Hold on to one leg of the furniture
  • Cover their eyes by keeping their head down

When the initial quake is over, workers must be aware that danger is still present. They should move with caution, watching for hazards such as broken glass, fires, falling debris, damaged electrical lines, and chemical leaks. Aftershocks may further weaken structures and create new hazards. When instructed to evacuate, workers should follow the emergency evacuation plan being sure to use the stairs rather than the elevator.

How to Prepare Facilities for an Earthquake

In a wastewater treatment facility, there are many toxic, flammable, explosive, and asphyxiating materials present. If these substances are released, the resulting hazards could make an earthquake even more deadly. Ensuring chemicals and hazardous substances are properly stored is essential for earthquake preparedness. Safety measures might include using special containers, securing tanks and cylinders, and isolating ventilation systems in areas where chemicals are used, generated, or stored.

There are many additional ways to reduce the risk of injury during and after an earthquake. This includes:

  • Restraining and anchoring objects that might move
  • Stocking shelter-in-place locations with disaster supply kits
  • Keeping the emergency evacuation plan and associated training up to date.

For a fresh look at your emergency response plans and employee safety training programs, contact DKF Solutions for a consultation.

Top Cal-OSHA Violations and Appeals for 2015

What kinds of trouble have California employers gotten into recently? According to OSHA reports for 2015, the total number of citations increased since 2014. But the types of most commonly issued citations are basically the same, indicating that employers are still making many of the same mistakes they have in the past.

Last year, Cal-OSHA issued almost 2,000 general citations that fall under the IIPP heading (fortunately, less than 7% were serious violations). More than 1,700 Heat Illness Prevention violations were issued as well. This is not surprising since California has placed a great deal of focus on preventing heat related fatalities and illnesses in the past few years and inspectors are on the lookout for safety issues. Construction Illness and Injury Prevention was #3 on the list with over 1,200 violations.

Most Serious Violations Are Linked to Deadly Hazards

The distant fourth place runner up involved requirements to clean, repair, service, set up and adjust prime movers, machinery & equipment. What makes this category stand out is that more than one out of three violations was considered serious.

Which categories have an even higher percentage of serious violations? Not surprisingly, personal fall arrest systems, table saws, and belt/pulley drive guarding all topped 75%. Between gravity, sharp edges, and moving parts, these safety issues have the potential to lead to very serious injuries and fatalities.

Employers Are Appealing Many Citations

The list of most frequently appealed violations is a little different. Apparently, employers find it particularly grating when they are cited for certain types of safety order violations. Most of the categories of appealed citations have to do with appropriate guarding of moving parts on hazardous equipment. For example, safety violations regarding belt and pulley drives, abrasive wheels, and table saws all made the list. In general, failure to guard points of operation was high on the list of appealed safety violations.

From OSHA’s perspective, it is probably easy to find such safety problems on a typical work site. The agency’s inspectors see crush, laceration, and amputation injuries related to moving parts on a regular basis. In contrast, employers who have gotten lucky and had few or no injuries related to machinery may think their equipment and procedures are reasonably safe in their current condition.

Conflicting Opinions over Hazard Assessment and Administrative Responsibilities

Permit required confined spaces accounted for another frequently contested violation category. This is not surprising since confined space safety is one of the more complex OSHA regulations to follow properly. Without an examination of a space by a qualified professional, it’s easy to miss safety issues.

One surprising item on the contested citation list was the percentage of appeals about failure to report serious injuries and fatalities. Employers may not realize that there are strict requirements to disclose such incidents to OSHA in a timely fashion. However, only 1 serious violation was issued in this category for 2015, making it evident that this is usually an administrative oversight rather than a willful flouting of the rules.

To reduce the chances that your organization will make the list of cited companies in 2016, contact DKF Solutions to review your safety procedures and protocols today.

Ransomware: Paying the Price for Poor Cybersecurity?

Ransomware: Paying the Price for Poor Cyber-Security?

In our extensive series on cybersecurity in the water utility sector, we explored many of the ways that organizations can help harden their infrastructure and computing resources against intrusion. But there are still many threats that have the potential to disrupt critical services. One “prevalent and increasing threat”, according to the FBI, is the use of ransomware to target victims from small businesses up to large organizations.

A Clear and Present Motive

Cyberterrorists might seek to damage utilities for the sake of chaos and to create a human health crisis. A disgruntled ex-employee might want to do harm for simple revenge. But cybercriminals who specialize in using ransomware are much more pragmatic. Their goal is to extract as much money from a target as they can without running a high risk of getting caught or having their demands denied.

Why Are These Criminals Thriving?

There are a number of reasons it is simple for IT “kidnappers” to continue their practice of holding data and systems hostage. First, the technology that makes this possible is easy to come by. There are any number of readily available subscription software packages such as CryptoWall or TorrentLocker that can be deployed to lock authorized users out of their own PCs. Some ransomware is also designed to lock down servers as well, allowing criminals to target entire networks.

The risk of getting caught is fairly low for a savvy cybercriminal. Unfortunately, many of these criminal organizations are located in Eastern Europe and other places that can’t be touched by United States law enforcement. They often demand the ransom to be made in BitCoin so that even tracing where the money goes is difficult.

The Problem Is Growing

The FBI points out that one of the main reasons criminals keep using ransomware is because victims keep paying ransoms. In 2015, targets of such attacks reported $24 million in losses. That’s likely just the tip of the iceberg since many organizations don’t want to report or otherwise publicize security breaches. The attacks are likely to continue or escalate as cybercriminals re-invest their ill-gotten gains in developing better ransomware.

Big Industries Make Tempting Targets

Financial services and healthcare are two sectors that have been targeted recently for specialized ransomware attacks. These victims tend to have deep pockets and can’t afford to have any interruption in their business processes. But criminals are always looking for more victims who have a strong motivation to pay up to prevent disaster. What can organizations do to make themselves an unappetizing target?

First, it’s important to use up-to-date anti-malware software to detect and block suspicious activity. Keeping current data backups on isolated media is another important step in protecting an organization from being held hostage. Finally, the FBI cautions against ever paying a ransom so that criminals will learn that it isn’t worth the time and effort to continue holding computer resources for ransom. For a water utility, the steps taken to isolate critical infrastructure should definitely include a plan to keep things running even if there is an attempted ransomware attack.