Essay About Legislation in the United States

Within this report, I will summarise and go into detail l on the policies, legislations, rules and regulations that effect myself as an employee, and the company on a wider spectrum.

Data protection is a very important factor to consider when handling sensitive internal and/or external customer’s information, as it entails a high level of legal, regulatory and ethical responsibility. If we were to violate the Data Protection Act (2018), it could result in us facing sanctions from regulating bodies such as the ICO (Information commissioner’s office).

The data protection act 1998 had eight main principles, which included; processing personal information fairly and lawfully (Personal data should be processed fairly, lawfully and in particular shall not be processed unless certain conditions which are set out in the act – are met), processing personal data for specified purposes only (Personal data shall be obtained only for one or more specified and lawful purposes and shall not be further processed in any manner incompatible with that purpose/purposes), the amount of personal information (Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed), keeping personal information accurate and up to date (Personal data shall be accurate, and where necessary, kept up to date), keeping personal information (Personal data processed for any purpose shall not be kept for longer that is necessary), ensuring people’s right are maintained, information security (Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of/damage to personal data) and sending information outside the European Union (Personal data shall not be transferred to a country or territory outside the EEA unless that country or territory ensures an adequate level of protection for the rights of data for subjects in relation to the processing of personal data).

The data protection act 2018 replaced it’s 1998 predecessor and addressed some additional issues which are more relevant to today’s society, of which is so dependant and intertwined with digital and social media. These included introducing more stringent legal protection around sensitive information including; ethnic background, political opinions, religious beliefs, health and criminal records.   

GDPR stands for general data protection regulation, and it is another pillar that helps protect consumer’s sensitive and personal data. There are 6 key principles of GDPR, which include, “Processing should be lawful, fair and transparent” - meaning data subjects should have a clear understanding of what personal data is being processed about them – and why it is being processed, “Personal data shall be collected for specified, explicit and legitimate purposes” – meaning data should be collected for a specific purpose and the data subject should know what that purpose is, “Personal data must be adequate, relevant and limited to what is necessary” – meaning organisations should only process the personal data they need to process to achieve the purpose for which it was collected, “Personal data shall be accurate and kept up to date” – meaning organisations should have processes in place to ensure the personal data they process is accurate and up to date, “Personal data shall be kept for no longer than is necessary” – meaning GDPR requires personal data to be deleted or destroyed when it is no longer needed by the organisation, “There must be appropriate security in place in respect of the personal data” – meaning each organisation should put in place security measures (whether technical, organisational or manual) to protect the personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage.

In effect, GDPR and The Data protection act effect my role even as an employee that has limited to no contact with the end-consumer, as I still use databases that house important and potentially sensitive data that belongs to external and internal customers. It is my responsibility to use this data appropriately and in line with the specified regulations to ensure I stay compliant.

One of the main Health & Safety Legislations is the Health and Safety Act of 1974 (also known as HASAWA 1974), which makes it a legal requirement to provide staff with adequate training to ensure health and safety procedures are understood and adhered to. The HASAWA 1974 also ensures workplaces provide a safe working environment where operations are conducted safely within it, which applies to all persons within the workplace, including; permanent employees, temporary employees, contractors and visitors. I comply with this legislation by attending all relevant training around HASAWA to ensure I am proficient and well-informed with the emergency procedures and the expectations of me as an employee of BASF.

Another important pillar of the health and safety regulations is the Display Screen Equipment Regulation 1992/2002 (also known as DSE), which make it a requirement to provide a suitable workspace for DSE users – who are defined by the HSE as workers who use DSE daily, for an hour or more at a time. Employers are required to take steps to protect workers from developing any health risks that would be induced by working with display screen equipment, such as; PC’s, laptops, tablets and smartphones.  As outlined within government guidance, in order to stay compliant with DSE regulations and to protect the health of DSE users, employers are required to; carry out a suitable DSE workstation assessment, reduce any associated risks – including making sure workers take regular breaks from DSE work and provide ancillary equipment if required, provide an eye test (free of charge) upon request by the user and provide relevant training and information for all DSE users.

In addition to HASAWA 1974 and DSE, the Personal Protective Equipment Regulations (PPE) 2018 regulation is very important to protect workers – especially in an environment like my workplace which is described as a tier 1 COMAH site due to the handling of hazardous chemical materials. The PPE regulation delegates a duty to the employer to provide their workers with PPE to reduce the potential risk of harm in instances where it cannot be reduced to mitigated by any other means. A suitable and sufficient risk assessment must be carried out before providing PPE to ensure that the potential risk cannot be reduced/eliminated through other control measure. PPE includes, but is not limited to, high-visibility clothing, protective footwear, eye protection, safety helmets, safety harnesses and respiratory protective equipment where necessary. In order to stay compliant with this regulation, I have been provided with a full set of PPE, which is strictly enforced when entering the production site and includes all expected elements of the required PPE.

Other relevant regulations that affect our site due to its chemical manufacturing nature, include; COMAH (Control of Major Hazards) – which aims to prevent, control and mitigate the effects of accidents involving chemicals that could inflict serious harm to people and/or the environment, and RIDDOR (The Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013) – which applies to all responsible parties and requires them to correctly report and keep a record of certain injuries and incidents that happen at work.

BASF has stern internal policies that ensure all employees are compliant with relevant rules, regulations and legislations. This includes; logging all incidents and ‘near-misses’ to analyse potential improvement areas and to reduce future risk, keeping all employees up-to-date with relevant training and inform of any update to amendments to existing legislations or regulations where individual responsibility could have changed/ increased, and using a newly-introduced system called ‘SafetyHub’ we are able to roll out multiple health and safety training course to relevant staff members and track progress to ensure compliance is synonymous across all of our workforce.