OSHA Security Breach – A Quick Guide

OSHA Security Breach

According to a recent report from Bloomberg BNA, the Labor Department recently had to temporarily shut down OSHA’s Injury Tracking Application due to a potential compromise of a company’s electronic data. The article noted that OSHA was informed by Homeland Security of the breach on August 14, 2017 and access to the ITA website has been suspended as officials work with the system developer to examine the issue to determine the extent of the problem. Currently, the ITA website is not collecting any confidential data, which is good news for OSHA since the current system does not contain any confidential data.

These types of security breaches remind us all that we are only as secure as our weakest link. At Cority, data security is fundamentally important to us. We began as an Occupational Health and Industrial Hygiene software company and therefore have been working with sensitive data for over thirty years.  According to Stan Marsden, Cority’s CTO and EVP, “Maintaining secure, private records is a must for OH and IH work, so we have built a platform with these needs front and center.” We work continuously to ensure that the data clients house on our platform are secured with the best and most current technology. We also have strict rules governing who can access data, how it can be accessed and when it can be accessed. Additionally, we have rules regarding who can access our hardware (servers).

Because of these steps, we are one of only a few companies in the EHSQ software space that is ISO 27001 certified. Many of our competitors rely on the data centers they contract with to be ISO certified; however, we know that this is extremely important to many of our clients, so we have decided to go beyond and certify our entire company directly. Each year our internal IT procedures are audited by an independent third party auditing team to ensure that we are meeting the ISO 27001 obligations. They also provide us with industry best practices and inform us of areas for improvement, if any. 

In addition to our ISO 27001 certification, we were recently ranked as one of the best platforms for application security and data center security by Verdantix, an independent research and consulting firm. We scored a Green Quadrant-leading 2.7 and 2.5 out of 3.0 for application security and data center security, respectively, in Verdantix’s  Green Quadrant EHS Software 2017 report. This reinforces the fact that we take our commitment to data security seriously, and we are proud to be able to offer clients one of the most secure and safe cloud-basedEHSQ solutions on the market today.