Labor Secretary Alexander Acosta greets employees. The department has shut down part of a website where companies report employee injuries and deaths, blaming a data breach. Credit: Andrew Harnik/Associated Press

Once again, the nation’s top workplace safety regulator has a message for employers: Don’t send us your injury logs. But rather than bureaucratic red tape, this time, the online filing system is hamstrung by a data breach.

The Labor Department on Wednesday temporarily shut down the website so computer experts can evaluate any security problems. The shutdown was prompted by an alert from the Department of Homeland Security that a company’s information had been compromised, said Kimberly Darby, an agency spokeswoman.

“They are still working on it,” she said in a phone interview Thursday. “We’re hoping it will be up in the next day or so.”

As of today, the site still contains warnings that some pages are unavailable due to technical difficulties.

The injury reporting requirements are intended to encourage employers to improve safety, provide workers with a deeper understanding of risks associated with their workplaces and help Occupational Safety and Health Administration officials prioritize investigations. Industry groups have assailed the new requirements for companies to electronically submit data from their injury and illness logs, arguing that they will force employers to disclose private information.

The Trump administration may overturn the Obama-era requirement, which applies to roughly 450,000 companies. In May, Reveal highlighted how OSHA had failed to post the website even though it had been ready months earlier. The Trump administration then moved the date for employers to comply from July 1 to Dec. 1.

Jordan Barab, the former deputy assistant secretary of OSHA under President Barack Obama, argued in a blog post that the logs companies must submit initially don’t contain employee names or personally identifiable information.

Even some management lawyers agreed.

“It would not be personal information in the classic sense of Social Security numbers or detailed health information,” said Howard Mavity, a management lawyer in Atlanta. “Initial uploads are going to be summaries or injuries and illnesses. I don’t know that it meets the true definition of personal information.”

Nevertheless, he added: “The concern is even if nonessential data was hacked, you’re now on notice that someone got in the system.”

Jennifer Gollan can be reached at jgollan@revealnews.org. Follow her on Twitter: @jennifergollan.

Jennifer Gollan

Jennifer Gollan is a reporter for Reveal, covering labor and corporate accountability.

An Emmy Award winner, Gollan has reported on topics ranging from oil companies that dodge accountability for workers’ deaths to lax manufacturing practices that contributed to deadly tire blowouts.

Gollan uncovered rampant exploitation and abuse of caregivers in the burgeoning elder care-home industry. The series, Caregivers and Takers, detailed how operators enriched themselves while paying workers about $2 an hour to work around the clock. The stories prompted a congressional hearing, plans for prosecutions and new state legislation. 

Gollan exposed how Navy shipbuilders received billions in public money even after their workers were killed or injured. In response to her reporting, Congress passed a new federal law, the Government Accountability Office produced a report and the Pentagon began scrutinizing the safety records of more defense contractors.

Gollan’s work has appeared in The New York Times, The Associated Press, The Guardian U.S., Politico Magazine and PBS NewsHour.

Her honors include a national Emmy Award, a Hillman Prize for web journalism, two Sigma Delta Chi Awards, a National Headliner Award, a Gracie Award and two Society for Advancing Business Editing and Writing Awards. She has been a finalist for an ONA Online Journalism Award, an IRE Award and two Gerald Loeb Awards. Gollan is based in Reveal’s Emeryville, California, office.