Occupational Safety and Health Act

    North America

    Occupational Safety and Health Act

    Under the U.S. Occupational Safety and Health Act of 1970 (‘OSHA Act’) employers have a duty to provide a safe workspace, which is free from serious recognised hazards, and must comply with the standards, rules, and regulations issued under the OSH Act.   

    The Department of Labor’s Occupational Health and Safety Administration (‘OSHA’) has published the Multi-Employer Citation Policy (‘the Multi-Employer Policy’)which clarifies in which situations multiple employers may be citable for a hazardous condition which violates an OSHA standard.

    Last Updated: July 30, 2019


  • Requirements

    The Multi-Employer Policy, sets out a two-step process to determine whether more than one employer may be cited for a violation:   

    • determine whether the employer is a creating, exposing, correcting, or controlling employerand  
    • determine whether the employer’s actions were sufficient to meet its obligations with respect to OSHA requirements. The extent of these actions will depend on which category applies to the employer.   

    An exposing employer is outlined as an employer whose own employees are exposed to the hazard.  

    The Multi-Employer Policy states that if the exposing employer created the violation, it is citable for the violation as a creating employer. However, if the violation was created by another employer, the exposing employer is citable if it: 

    • knew of the hazardous condition or failed to exercise reasonable diligence to discover the condition; and  
    • failed to take steps consistent with its authority to protect is employees. 

    It further states that, if the exposing employer has authority to correct the hazard, it must do so. If the exposing employer lacks the authority to correct the hazard, it is citable if it fails to do each of the following:  

    • ask the creating and/or controlling employer to correct the hazard;  
    • inform its employees of the hazard; and  
    • take reasonable alternative protective measures.  

    The Multi-Employer Policy states that in extreme circumstances (e.g., imminent danger situations), the exposing employer is citable for failing to remove its employees from the job to avoid the hazard. 

  • How OneTrust Helps

    OneTrust Vendorpedia simplifies third-party risk management by combining automation with aggregated vendor research to streamline the vendor engagement lifecycle, from onboarding to offboarding. The platform helps organizations conduct faster and more in-depth security and privacy reviews. 

    Vendorpedia is backed by the world’s largest and most up-to-date database of privacy and security laws, frameworks, and standards, which directly power and enrich OneTrust Vendorpedia. Research is generated by 30 in-house security and privacy experts and a network of 500 lawyers across 300 jurisdictions. 

    For additional details on Vendorpedia, read more here. 

Want to learn more? Login to the full DataGuidance platform.

About OneTrust


OneTrust is the #1 most widely used privacy, security and third-party risk technology platform trusted by more than 3,000 companies to comply with the CCPA, GDPR, ISO27001 and hundreds of the world’s privacy and security laws. OneTrust's three primary offerings include OneTrust Privacy Management Software, OneTrust PreferenceChoice™ consent and preference management software, and OneTrust Vendorpedia™ third-party risk management software and vendor risk exchange. To learn more, visit OneTrust.com or connect on LinkedIn, Twitter and Facebook.