On Safety: A look at OSHA’s National Emphasis Program on COVID-19

On March 12, OSHA launched a much-anticipated National Emphasis Program targeting enforcement of establishments in which workers are at risk of exposure to COVID-19. The NEP is part of the agency’s response to the Executive Order on Protecting Worker Health and Safety, signed by President Joe Biden on Jan. 21. 

In addition to focusing on establishments in which employees are at increased risk of COVID-19 exposure and those that have the greatest number of employees at risk, the NEP focuses on employer retaliation against workers who complain about unsafe conditions under the agency’s Whistleblower Protection Program. The directive applies OSHA-wide. However, adoption of the NEP by State Plans is encouraged but not required. State Plans must inform the agency about their intention to adopt the NEP within 60 days. Federal agencies subject to OSHA inspection with employees potentially exposed to COVID-19 are also included in the NEP. Establishments with fewer than 10 employees are included in the NEP, which remains in effect for 12 months unless extended or canceled by OSHA.

From an inspection perspective, the NEP will dedicate at least 5% of agency resources (about 1,600 inspections) to combating employee exposure to the virus. Follow-up inspections will be included in the NEP strategy. However, the criteria aren’t clearly spelled out. Establishment selection and targeting for inspection are based on industries listed in Appendices A and B of the directive. Under the NEP, OSHA will generate two master lists. 

Master List 1 will include companies with North American Industry Classification System codes included in Appendices A and B of the directive. Master List 2 will include establishments also having a NAICS code listed in Appendices A and B, but also having an elevated illness rate as indicated by OSHA Form 300A data. OSHA area offices can use either Master List 1 or 2, or a combination of both, to create their inspection targeting goals.

Appendix A of the NEP includes two tables. Table 1 is for targeted industries in health care and Table 2 is for targeted industries for non-health care. Tables 1 and 2 are derived from enforcement data, including complaints, fatality/catastrophes, referrals, inspections, COVID-19-related violations, hazard alert letters and areas in which the greatest number of employees are potentially exposed. Appendix B contains NAICS codes for industries in which employees have the highest frequency of close contact exposures to the public and/or co-workers. 

The NAICS list in Appendix B was generated by the Cybersecurity and Infrastructure Security Agency and the Centers for Disease Control and Prevention Advisory Committee on Immunization Practices. Inspection targeting lists under the NEP will be randomized. Under the NEP, OSHA area offices have the authority to add establishments to the list based on information from appropriate sources, including local establishment knowledge, commercial directories and referrals from the local health department.

Normally, before launching an NEP, OSHA would conduct 90 days of outreach. For this NEP, OSHA is waiving this requirement, as the agency determined that outreach and guidance was already provided over the past year. OSHA will, however, continue to provide outreach during the course of the NEP.

What OSHA will hold employers accountable for, surprisingly, is not directly spelled out in the directive. However, also on March 12, OSHA issued a revised enforcement guide that outlines what the agency will be pursing under the NEP.

Under this enforcement guide, OSHA will focus on:

• 29 CFR Part 1904 – Recording and Reporting Occupational Injuries and Illnesses
• 29 CFR 1910.132 – General Requirements – Personal Protective Equipment
• 29 CFR 1910.134 – Respiratory Protection
• 29 CFR 1910.141 – Sanitation
• 29 CFR 1910.1020 – Access to Employee Exposure and Medical Records
• 29 CFR 1910.145 – Specification for Accident Prevention Signs and Tags
• 29 CFR 1910.1030 – Bloodborne Pathogens (OSHA has determined that this standard may offer a framework that may help control some sources of the virus, including exposure to body fluids.)
• Section 5(a)(1) of the Occupational Safety and Health Act of 1970 – the General Duty Clause

The General Duty Clause is a key element of this list. OSHA will, under the clause, expect employers to develop and implement an exposure (infection) control plan. Depending on the level of risk, the plan can be simple or expansive. 

The first step in developing an ECP is to determine the level of risk, which will determine where an establishment stands in regard to the NEP. Refer to Appendices A and B of the NEP and determine if an establishment has been identified through the industry NAICS code as high risk by OSHA and therefore subject to potential inspection. If an industry group is covered in Appendices A and B, it should develop an ECP and examine its compliance with the standards listed above. 

If an NAICS code isn’t included in Appendices A and B, that establishment could still be subject to inspection and an ECP should be considered. The scope of the ECP for a facility at lower risk can be less comprehensive than a high-risk facility, but the risk will need to be assessed to determine the scope of the ECP. Refer to the risk guidance document provided by OSHA.

As part of the risk assessment, facilities should:

• Determine whether there are or were infections in the facility (doesn’t matter where they originated). If there are infections, ascertain whether there are any clusters in the facility.
• Check with the city, county and/or state health departments to look at the number of cases as well as the number of deaths in your city or county. This will help in determining the general risk in the community. Finally, check with the city, county and state health departments to see what they are recommending for businesses in your area.

If you have contractors onsite, look at their plans and programs to ensure their program is compliant with your program and procedures.

Once the risk assessment has been completed and the level of risk determined, develop an ECP based on the risk level. For example, low-risk establishments may include physical distancing, medical questionnaire, employee training, setting up of barriers, personal protective equipment and so forth. Again, the scope of the ECP depends on the risk level. Look at OSHA’s tuberculosis directive for guidance. Although it focuses on five industries in which the risk of TB exposure is high based on CDC guidelines, it provides some solid guidance.

In developing an ECP, refer to a joint CDC and OSHA guidance document for manufacturing workers and employers that was issued in May. Regardless of the scope of the risk level, determine which of the following points should be included in the program:

1. Assessing the potential exposure and level of exposure risk to employees based on their work and occupation, as well as activities for communicable and infectious agents that are present or can reasonably be anticipated to be present
2. Assigning a coordinator for overseeing the ECP
3. Onsite screening (temperature checks and questionnaires)
4. Developing precautions based on the level of risk – use of the Hierarchy of Controls (engineering, work practice and PPE controls)
5. Identification and isolation of any infected individuals
6. Safe distancing
7. Housekeeping and sanitation
8. Address testing for COVID-19 and vaccinations
9. Management of health care workers’ risks of exposure to infected persons, including post-exposure prophylaxis
10. Work restrictions for exposed or infected health care personnel
11. Highlighting and referencing existing OSHA standards, including:
    1. Bloodborne Pathogens (1910.1030)
    2. Respiratory Protection (1910.134)
    3. PPE (1910.132)
    4. Housekeeping and Warning Signs (1910.141)
    5. Specification for Accident Prevention Signs and Tags (1910.145)
    6. The General Duty Clause
12. Procedures to provide information and training to managers and employees about potential or actual occupational exposure to communicable and infectious agents and the elements of the ECP
13. Procedures for reporting an incident
14. Medical surveillance procedures to identify suspected or confirmed cases of a communicable or infectious disease and a plan to isolate or transfer individuals
15. Recordkeeping and recording on illness

Depending on the level of risk at the worksite, some or all of these provisions will need to be in place to avoid a General Duty Clause citation from OSHA. You should also periodically review CDC and OSHA guidelines for any additional recommendations.