Who is Responsible for Ensuring that there are Risk Assessments in your Organisation?

Risk assessments are an important part of any organisation’s health and safety strategy. Far from being “just another piece of paperwork”, they are a very useful way of spotting hazards, working out the appropriate control measures for those hazards and keeping track of health and safety progress over time.

Every business with five or more employees is required to have a written risk assessment document. Many smaller businesses do so anyway, as it’s handy to keep a written record of which hazards have been tackled and which staff have received the appropriate training.

There are no hard and fast rules about who needs to conduct the risk assessment, but they must be competent to do so. Good quality training in the correct way to carry out risk assessments can be very helpful and ensure hazards are not missed.

What is a Working at Height Risk Assessment?

Falls from height are the biggest cause of fatal workplace accidents in the UK. They account for 8% of non-fatal accidents and often leave survivors with life-changing injuries, preventing the victim from working again in a significant number of cases. The Work at Height Regulations 2005 were introduced to reduce the accident rate for this kind of job and though there have been improvements in the fatality rate since, they remain stubbornly high. The good news is that most of these accidents are foreseeable and can be avoided with good preparation and training.

A good work at height risk assessment will consider the various risks posed to workers and the public from this type of work. It will record what actions have been taken to minimise these risks and will be reviewed regularly to check it is still relevant. For example, if a construction company is planning a barn renovation that will require extensive work at height, their risk assessment should take into account who will be most at risk from the work, which specific hazards they will face and ensure they have the right equipment for the job and all the protections they require. Bear in mind that “work at height” can take place at or below ground level as well as on ladders or scaffolding above ground; the legislation covers any work where a person could be hurt by falling.

The importance of proper preparation and training was highlighted by the case against LS Scaffolding Limited, after one of their workers fell and damaged his femur during a job in July 2016. They were found to have committed several breaches of health and safety legislation, including the regulation of the Work at Height Regulations 2005 that requires staff to have been appropriately trained to carry out the job. The firm was fined over £50,000 (including costs) and their director was given a separate fine and a suspended jail sentence.

Who Conducts the Risk Assessment?

All risk assessments must be carried out by someone who is competent enough to complete the task. If a company needs guidance to conduct a thorough risk assessment, there is training available.

In this context, a competent person is someone who has the necessary knowledge, skills and experience to spot all of the hazards and work out adequate control measures to prevent harm.

Creating risk assessments doesn’t have to be a one-person job. In fact, the most effective risk assessments are written with significant input from workers from all areas of the business. In the case of work at height, employees who regularly undertake such work are in the best position possible to suggest additional safety control measures and might have noticed additional health and safety concerns that need to be addressed.

Work at height often takes place on a project by project basis and the risk assessment needs to reflect that. Not all jobs will require the same control measures and the hazards will vary between projects – for example, falling through a fragile surface might be a hazard in one renovation job but not be relevant to another.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.