Skip to main content
main content, press tab to continue
Report

California Senate Bill 553: White Paper

By Kate Colberg | March 7, 2024

California Senate Bill 553, was enacted on 30 September 2023 in response to the rising number of mass shootings and instances of workplace violence in the state and the United States more broadly.
Credit and Political Risk|Financial, Executive and Professional Risks (FINEX)|Risk and Analytics
managing-complex-organizational-risks
  1. 01

    Overview

    California Senate Bill 553 (SB 553)[1], Occupational Safety: Workplace Violence: Restraining Orders and Workplace Violence Prevention Plan, was enacted on 30 September 2023 in response to the rising number of mass shootings and instances of workplace violence in the state and the United States (US) more broadly. SB 553 requires employers to maintain an effective plan to mitigate workplace violence and provide requisite training to all their employees. The legislation is similar to workplace violence prevention standards implemented on the healthcare industry in April 2017 by the California Division of Occupational Health and Safety (Cal/OSHA). However, the current bill applies to all employers/industries in general, with a small number of exemptions[2]. Although the law is limited to employers located in California, there is some speculation as to whether similar legislation may be considered in other states in coming years.

    All employers in California are required to enact workplace violence prevention plans by 1 July 2024 in accordance with SB 553. While the legislation outlines some general provisions and specific requirements, Cal/OSHA is mandated to devise new standards and regulations complying with SB 553 by 1 December 2025, with final approval to be granted no later than 31 December 2026. This means that the required provisions and measures could change between the initial 1 July compliance deadline and when Cal/OSHA formulates the new standards.

    Qualifying organizations can expect wide ranging implications and requisite changes to their associated Risk Management programs. This may require enhancements to existing protocols and/or the development of appropriate risk management plans and training to address the impending requirements.

    We are already seeing from clients enquiring about support with the legislation that many have well considered workplace violence programs in place already, but such is the rigour of the legislation that numerous aspects are not fully met still. Consequently, regardless of risk management maturity, we highly recommend affected organizations to conduct a gap analysis of their existing programs against the legislation.

    We are already seeing from clients enquiring about support with the legislation that many have well considered workplace violence programs in place already, but such is the rigour of the legislation that numerous aspects are not fully met still. Consequently, regardless of risk management maturity, we highly recommend affected organizations to conduct a gap analysis of their existing programs against the legislation.”

    Kate Colberg | Alert:24 Risk Advisory, Lead for North America
  2. 02

    Workplace Violence Provisions of SB 553

    In Section 6401.9, the legislation outlines a comprehensive list of provisions that must be included in a compliant Workplace Violence program. For ease, we summarised the core requirements into three core areas: planning, training, and governance.

    Planning

    A Workplace Violence prevention plan is required. This may be incorporated as a standalone section in a written injury and illness prevention program required by Section 3203 of Title 8 of the California Code of Regulations or maintained as a separate document.

    In Summary, the plan must include the following:

    • Clearly identified names or job titles of the individuals responsible for implementing the plan.
    • Means to be in effect at all times, in all work areas, and be specific to the hazards and corrective measures for each work area and operation.
    • Procedures to identify and evaluate workplace violence hazards (risk assessment) and implement consequent necessary corrective actions.
    • Details on a supporting training program (detailed requirements outlined below).
    • Methods to ensure active engagement and input from employees to implementation of the plan and wider program, as well as clearly articulated roles and responsibilities of all relevant stakeholders, including the reporting, investigation and recording of all qualifying incidents.
    • Procedures for the organization to accept and respond to reports of workplace violence.
    • Clearly articulated protocols for employees to report incidents of workplace violence, threats, and/or other concerns related to workplace violence. Including procedures that protect the employee from reprisal and an outline for how an investigation will be conducted, recorded, and more widely disseminated.
    • Response procedures to workplace violence emergencies; addressing the alert notification process, evacuation or sheltering plans, and how to obtain internal (e.g. internal security) and external (e.g. law enforcement) support.
    • Procedures for post-incident response and investigations.
    • Details of an annual review and audit process.
    Training

    A supporting training program is also required. This is applicable from when the plan is first established, and annually thereafter, and when new, or previously unrecognized workplace violence hazards, are identified.

    The training must cover the following:

    • The Workplace Prevention plan, how to obtain a copy and how employees can participate in the development and implementation of it.
    • The definitions and requirements set out in the plan.
    • How to report workplace violence incidents or concerns to the employer or law enforcement.
    • Workplace violence hazards specific to the employees’ jobs, the corrective measures implemented, how to seek assistance to prevent or respond to violence, and strategies to avoid physical harm.
    • Details of the violent incident log required (see below) and how to obtain copies of relevant records.
    • Contact details and an opportunity to engage with the owners of the Workplace Violence program.
    • Procedures on how to respond to violent emergencies, evacuations, and sheltering plans.
    Governance & Compliance

    Finally, a number of broader Governance & Compliance provisions are interweaved within the provisions, predominantly centered around accessibility of the content, record keeping and incident logs.

    • Workplace Violence Plan should be in writing and easily accessible to employees, authorized employee representatives, and to Cal/OSHA representatives at all times.
    • The employer shall record information in a violent incident log for every workplace violence incident (the minimum information required is outlined in Section 6401.9. (d) (2) and should be templated).
    • Records of workplace violence hazard identification, evaluation, and correction shall be created and maintained for a minimum of five years.
    • Training records must be maintained for at least one year and should record training dates, a summary of the content, names and qualifications of the trainers and the names and job titles of all attendees.
    • The violent incident log for every reported incident must be maintained for a minimum of five years.
    • Records of incident investigations shall be maintained for a minimum of five years.
    • All associated records, except for incident investigations, must be made available to employees and their representatives within 15 days of request.

    The information listed above should not be considered exhaustive, with more specific detail located within the legislation, and reporting requirements may change when Cal/OSHA releases its own standards for complying with SB 553.

  3. 03

    The Impact to Business

    If an employer fails to adhere to and/or properly implement any SB 553 requirements, they may face a range of fines per violation. Additionally, companies can incur multiple fines per incident, depending on the range of violations noted. For example, an employer can be fined for failing to assess workplace violence hazards; they may then face an additional citation for failing to address those unidentified hazards, and/or ineffectively training employees regarding the issues it failed to identify. To avoid potential punitive actions, as well as associated reputational and Duty of Care risks, companies should take all appropriate steps to ensure compliance in this interim time period ahead of the 1 July 2024 deadline.

    These actions may include:

    • Review existing workplace violence programs and conduct a gap analysis against the SB 553 legislative requirements. In particular:
      • Review your wider governance frameworks (HR, Occupational Safety, Security, etc) and ensure they address the new requirements, in particular around incident logging, ownership and recordkeeping.
      • Ensure your Workplace Violence Plan incorporates the specific requirements outlined in Section 6401.9. (c) (2).
      • Align or develop your existing training programs to integrate the additional trainings needs set out in the legislation.
    • If no program is currently in place, review your eligibility and, as required, develop one in accordance with SB 553.
    • Validate or develop your Workplace Violence program in junction with a qualified third-party.
    • Ensure the program is appropriately communicated internally and externally via the relevant channels.

    Should you have any enquiries regarding how we can support you this area, please contact WTW’s in-house security consulting practice, Alert:24, via the below contact details.

Footnote

  1. California Senate Bill 553, California Legislative Information, Published: October 2 ,2023.,” Return to article
  2. Health Care facilities (including related service categories, and operations), facilities operated by the Department of Corrections and Rehabilitation, employers that are law enforcement agencies, employees teleworking from a location of the employee’s choice, and places of employment with less than 10 employees working at any given time that are inaccessible to the public. Return to article

This article was originally written by our North American colleagues for a U.S. audience. We have shared this article for informational purposes only as it may be of interest to our global clients. Please speak to your local office contact to further discuss any of the points raised in this article.

Author


Risk Advisory Lead

Contact


Head of Risk Advisory – Alert:24, Crisis Management

Contact us