Labor Secretary Alexander Acosta greets employees. The department has shut down part of a website where companies report employee injuries and deaths, blaming a data breach. Credit: Andrew Harnik/Associated Press

Once again, the nation’s top workplace safety regulator has a message for employers: Don’t send us your injury logs. But rather than bureaucratic red tape, this time, the online filing system is hamstrung by a data breach.

The Labor Department on Wednesday temporarily shut down the website so computer experts can evaluate any security problems. The shutdown was prompted by an alert from the Department of Homeland Security that a company’s information had been compromised, said Kimberly Darby, an agency spokeswoman.

“They are still working on it,” she said in a phone interview Thursday. “We’re hoping it will be up in the next day or so.”

As of today, the site still contains warnings that some pages are unavailable due to technical difficulties.

The injury reporting requirements are intended to encourage employers to improve safety, provide workers with a deeper understanding of risks associated with their workplaces and help Occupational Safety and Health Administration officials prioritize investigations. Industry groups have assailed the new requirements for companies to electronically submit data from their injury and illness logs, arguing that they will force employers to disclose private information.

The Trump administration may overturn the Obama-era requirement, which applies to roughly 450,000 companies. In May, Reveal highlighted how OSHA had failed to post the website even though it had been ready months earlier. The Trump administration then moved the date for employers to comply from July 1 to Dec. 1.

Jordan Barab, the former deputy assistant secretary of OSHA under President Barack Obama, argued in a blog post that the logs companies must submit initially don’t contain employee names or personally identifiable information.

Even some management lawyers agreed.

“It would not be personal information in the classic sense of Social Security numbers or detailed health information,” said Howard Mavity, a management lawyer in Atlanta. “Initial uploads are going to be summaries or injuries and illnesses. I don’t know that it meets the true definition of personal information.”

Nevertheless, he added: “The concern is even if nonessential data was hacked, you’re now on notice that someone got in the system.”

Jennifer Gollan can be reached at jgollan@revealnews.org. Follow her on Twitter: @jennifergollan.

Jennifer Gollan

Jennifer Gollan is an award-winning reporter for Reveal from The Center for Investigative Reporting.

She has reported on topics ranging from oil companies that dodge accountability for workers’ deaths to shoddy tire manufacturing practices that kill motorists. Her series on rampant exploitation and abuse of caregivers in the burgeoning elder care-home industry, Caregivers and Takers, prompted a congressional hearing and a statewide enforcement sweep in California to recover workers’ wages. Another investigation — focused on how Navy shipbuilders received billions in public money even after their workers were killed or injured on the job — led to tightened federal oversight of contractors’ safety violations.

Gollan’s work has appeared in The New York Times, The Associated Press, The Guardian US and Politico Magazine, as well as on PBS NewsHour and Al Jazeera English’s “Fault Lines” program. Her honors include a national Emmy Award, a Hillman Prize for web journalism, two Sigma Delta Chi Awards from the Society of Professional Journalists, a National Headliner Award, a Gracie Award and two Society for Advancing Business Editing and Writing awards. Gollan is based in the San Francisco Bay Area.