OSHA Security Breach - A Quick Guide

August 22, 2017 Pamala Bobbitt

August 22, 2017

 

According to a recent report from Bloomberg BNA, the Labor Department recently had to temporarily shut down OSHA’s Injury Tracking Application due to a potential compromise of a company’s electronic data. The article noted that OSHA was informed by Homeland Security of the breach on August 14, 2017 and access to the ITA website has been suspended as officials work with the system developer to examine the issue to determine the extent of the problem. Currently, the ITA website is not collecting any confidential data, which is good news for OSHA since the current system does not contain any confidential data.

 

These types of security breaches remind us all that we are only as secure as our weakest link. At Cority, data security is fundamentally important to us. We began as an Occupational Health and Industrial Hygiene software company and therefore have been working with sensitive data for over thirty years.  According to Stan Marsden, Cority’s CTO and EVP, “Maintaining secure, private records is a must for OH and IH work, so we have built a platform with these needs front and center.” We work continuously to ensure that the data clients house on our platform are secured with the best and most current technology. We also have strict rules governing who can access data, how it can be accessed and when it can be accessed. Additionally, we have rules regarding who can access our hardware (servers).

 

Because of these steps, we are one of only a few companies in the EHSQ software space that is ISO 27001 certified. Many of our competitors rely on the data centers they contract with to be ISO certified; however, we know that this is extremely important to many of our clients, so we have decided to go beyond and certify our entire company directly. Each year our internal IT procedures are audited by an independent third party auditing team to ensure that we are meeting the ISO 27001 obligations. They also provide us with industry best practices and inform us of areas for improvement, if any. 

 

In addition to our ISO 27001 certification, we were recently ranked as one of the best platforms for application security and data center security by Verdantix, an independent research and consulting firm. We scored a Green Quadrant-leading 2.7 and 2.5 out of 3.0 for application security and data center security, respectively, in Verdantix’s  Green Quadrant EHS Software 2017 report. This reinforces the fact that we take our commitment to data security seriously, and we are proud to be able to offer clients one of the most secure and safe cloud-basedEHSQ solutions on the market today. 

About the Author

Pamala Bobbitt

Pam Bobbitt is Director of Channels and Product Marketing at Cority where she is in charge of the expansion of Cority's partner program. She brings deep expertise in EHS processes and software to the role. Having trained as a Chemist, Pam spent over 15 years as an EHS professional in the pharmaceutical, chemical and automotive industries. Most recently, she has spent seven years at EHS Software vendors using her industry expertise to translate business requirements into successful software programs.

More Content by Pamala Bobbitt
Previous Article
ISO 9001 vs. AS 9100 for the Aerospace and Defense Industry
ISO 9001 vs. AS 9100 for the Aerospace and Defense Industry

ISO 9001 and AS 9100 - A quick guide for the aerospace and defense industry. This guide takes you through t...

Next Article
OSHA’s Updated Silica Regulation – What you Need to Know
OSHA’s Updated Silica Regulation – What you Need to Know

A rundown of the coming changes to OSHA's Silica Exposure Regulation.