Reducing Risks, Protecting People A Harmonised Approach

Transcription

1 Reducing Risks, Protecting People A Harmonised Approach R.B. Foster Health and Safety Executive, Rose Court, 2 Southwark Bridge, London SE1 9HS, UK INTRODUCTION Risk training, education and communication usually refers to the responsibilities of those who generate risk (e.g. operators of nuclear power plants) towards those who are exposed to the risk (e.g. employees working in the plants and those living in the vicinity). In this context training, education and communication are often intended to transfer information from risk professionals to a largely uninformed audience, with a view to improving standards or providing reassurance. However, with higher standards of education and with the growth of media such as the Internet, those to whom such training, education and communication have traditionally been directed are now much better informed. In addition, within developed countries increasing prosperity and higher standards of living have triggered marked shifts in the values, preferences and expectations of society. In general the traditional, paternalistic approach that governments, corporations and associations have taken in the past in determining how involuntary risks should be addressed is no longer acceptable to society. People want to be involved - or at least to have the opportunity to be involved - in decisions about how the risks to which they are involuntarily exposed are addressed. Within the UK, for example, this is very evident for nuclear power and other applications of ionising radiation, and in other areas such as genetically modified food. One outcome, strangely enough, is not a wish by society for institutions to retreat from taking such decisions, but rather that such decisions should be taken only by institutions that are trusted. But such trust is not bestowed lightly. Institutions have to work hard to earn and maintain trust, and hard-earned trust can all too easily be lost. A consequence of these developments is an onus on government regulators of risk from hazardous activities to demonstrate that the decisions they take, and the way they go about taking them, are fair, consistent and accountable. This in turn has led to an increasing expectation that regulators should explain the principles and processes they adopt, and the criteria they apply, in reaching their decisions. All this does not make life easy for regulators! Of course, regulators still have to formulate standards, communicate them to those responsible for risk reduction and see that the necessary controls are in place. But in addition regulators have to be able to answer convincingly questions such as: why are risks from certain work activities (e.g. those involving ionising radiation) controlled to much lower levels than those from others? what determines whether a risk is unacceptable? when should a risk be reduced further? is the approach to risk reduction precautionary? how are stakeholders involved in decisions? This paper describes how the Health and Safety Executive (HSE), the regulator of risk from work activities in Great Britain, has responded to these challenges by preparing and publishing an account of how it goes about its task of regulating risk and assisting the Health and Safety Commission (HSC). The HSC is the statutory body responsible for administering occupational health and safety legislation in Great Britain. Its primary function is to make arrangements to secure the health, safety and welfare of people at work, and the health and safety of the public, in the way work activities are conducted. HSE advises and assists HSC in its functions and is responsible for enforcing health and safety legislation, licensing of nuclear power stations, etc. The scope of work activities within HSC/E s remit is very broad it includes manufacturing, health services, education, construction, farming, railways and extractive industries as well as gas and electricity utilities, including nuclear power. A RISK REGULATION FRAMEWORK HSE has recently set out an account of how it goes about its task of regulating risk in the form of a discussion document entitled Reducing Risks, Protecting People (1). This document develops an approach first used in the context of nuclear power (2) and extends it to risks from all work activities. The discussion document aims to: open to scrutiny HSE's approach to the management and regulation of risk and the philosophy underpinning it; make transparent the factors that inform its decisions on risks, for example scientific knowledge, the technology available to control the risks, and public attitudes towards the risks and associated benefits; 1

2 help to reassure the public that industry, in taking advantage of technological advances, will not be allowed to impose unnecessary risks on people; let other regulators, whose responsibilities may overlap with those of HSC/E, know the basis for the management of occupational health and safety risks and thereby help to promote consistency of decision-making between regulators. The document brings together the criteria, protocols and tools HSE adopts in a six-stage process for informing and reaching decisions: 1. Decide whether the issue is one of health and safety risk and therefore one for HSC/E; 2. Define and characterise the issue; 3. Examine the options available and their merits; 4. Adopt decisions; 5. Implement the decisions; 6. Evaluate the effectiveness of the action taken. Progressing through the stages is an iterative process which often requires earlier stages to be revisited. The involvement of stakeholders at all stages in the process is essential. Stage 1 is necessary because pressure is often put on HSC/E to tackle issues where the health and safety of people is not the prime consideration - for example the development of an airport in a built-up area. In stage 2 HSE decides how the issue should be framed or described in terms of problems to be tackled and the means for tackling them, so the problem is addressed as our stakeholders see it. We also examine how the issue can then be characterised in terms of risk by examining how the risk arises, how it impacts on those affected and on society at large. We usually achieve this by undertaking an assessment of the risks involved, in a way that seeks to ensure that our stakeholders will regard as valid the process and inputs used to carry out the assessment. In stage 3 we identify the options available for managing the risks. These can range from doing nothing to introducing measures (regulatory or non-regulatory) to get rid of the problem altogether, or to reduce it to one which people are prepared to live with in the knowledge that further measures will continue to be sought to reduce the risks as low as reasonably practicable. The courses of action available are many and varied and could include: improving the available knowledge base through research; providing more information and guidance to duty holders to enable them to fulfil their responsibilities; publicity campaigns to create awareness; engaging the assistance of intermediaries in the health and safety system; stronger enforcement of existing legal provisions; exerting pressure for heavier penalties on transgressors; targeting action on those able to control the risks as distinct from imposing lowest common denominator provisions on everybody; and if necessary, proposing new measures that are commensurate with the risks to be addressed, e.g. new law. In stage 4 we review all the information gathered in the previous stages and select the most appropriate option for managing the risk. The criteria that we use for doing this take the form of a framework known as the tolerability of risk (TOR). The TOR framework is illustrated in Figure 1. The triangle in Figure 1 represents an increasing level of 'risk' (measured by the individual risk and the societal concerns they engender) moving from the bottom of the triangle towards the top. The dark zone at the top represents an unacceptable region. For practical purposes, a particular risk falling into that region is regarded as unacceptable whatever the benefits. The light zone at the bottom, on the other hand, represents a broadly acceptable region. Risks falling into this region are regarded as insignificant and adequately controlled. Further action to reduce risks will not usually be required unless reasonably practicable measures are available. The zone between the unacceptable and broadly acceptable regions is the tolerable region. Risks in that region are typical of the risks from activities that people are prepared to tolerate in order to secure benefits, in the expectation that: the nature and level of the risks are properly assessed and the results made available. The assessment of the risks needs to be based on the best available scientific evidence and, where that evidence is lacking, on the best available scientific advice; the risks are not unduly high, are kept as low as reasonably practicable (ALARP), and are periodically reviewed. 2

3 Unacceptable region Risk cannot be justified save in extraordinary circumstances Increasing Individual risks and societal concerns Tolerability Region Broadly acceptable region Control measures must be introduced for risk in this region to drive residual risk towards the broadly acceptable region If residual risk remains in this region, activity is undertaken only if a benefit is desired and risks are tolerable only if further risk reduction is impracticable or if there is gross disproportion between the time, trouble and effort involved and the reduction in risk achieved Level of residual risk is insignificant. Further resources to reduce risk likely to be grossly disproportionate to the risk reduction achieved Negligible risk Figure 1. HSE s tolerability of risk (TOR) framework In stage 5, having reached a decision on the degree to which a risk should be controlled, we decide how the decision can be implemented in practice using the regulatory tools at our disposal. We usually place the responsibility for controlling a risk on the person who creates it or failing that on the person who is in a position to do something about preventing or minimising the risk. Finally, in stage 6 our process includes ex post procedures to establish: whether the actions taken to ensure that the risks are adequately controlled resulted in what was intended; whether decisions previously reached need to be modified. This could arise because, for example, what was considered at the time to be good practice may no longer be regarded as such as a result of new knowledge, advances in technology or changes in the level of societal concerns; the appropriateness of the information gathered in the first two stages of the decision-making process to assist the decision maker, e.g. the methodologies used for the risk assessment and the cost benefit analysis (if prepared), or the assumptions made; whether improved knowledge or data would have helped to reach better decisions; any lessons to guide future regulatory decisions, improve the decision-making process and promote greater trust between regulators and those affected by, or having an interest in, the risk. Having outlined our six-stage process for informing and reaching decisions, and the TOR framework, the remainder of this paper explains how the approach in Reducing Risks, Protecting People is applied in policy formulation, regulatory development and enforcement activities, and specifically how it helps us to answer the five questions posed in the introduction above. WHY ARE THE RISKS FROM CERTAIN WORK ACTIVITIES CONTROLLED TO MUCH LOWER LEVELS THAN THOSE FROM OTHERS? This question is particularly relevant to ionising radiation. The UK (like many other countries) has, for 3

4 example, a strict licensing system for nuclear power stations covering all aspects of the design, construction, operation, and modification of each installation, together with a rigorous system for scrutinising licence applications and amendments against high standards of engineering and good management practice. In addition, the licensing system is policed by a dedicated inspectorate (the Nuclear Installations Inspectorate) within HSE. The standards applied and the resources devoted to this particular work activity could not be justified on the basis of the level of individual risk to workers, the public or the environment (which are controlled to very low levels), or by the accident history. Figure 1, however, makes clear that our judgement about levels of risk to people that are unacceptable, tolerable or broadly acceptable is a combination of both individual risk and societal concerns. Societal concerns arise where aspects or attributes of the hazard could, if the risk were realised, provoke a socio-political response. For nuclear power the levels of societal concern are very high, reflecting the well-known perception and cultural factors associated with ionising radiation (e.g. 3, 4). These require us to apply a very stringent control regime, both to reduce the level of individual risk to and to assuage the societal concerns, such that the overall level of risk is brought down to a very low level. WHAT DETERMINES WHETHER A RISK IS UNACCEPTABLE? Figure 1 makes clear that there are levels of risk (in terms of a combination of both individual risk and societal concerns) that are unacceptable. Any activity or practice giving rise to risks falling in the unacceptable region would be ruled out (i.e. banned) whatever the benefits unless the activity or practice can be modified to reduce the risk such that it becomes tolerable or broadly acceptable. Risks, therefore, may be unacceptable on the grounds of a high level of risk to exposed individuals, or because of the repercussions of an activity or an event (e.g. a nuclear incident) on society as a whole, or because of a combination of the two. Indeed, it would be surprising if high levels of individual risk did not give rise to societal concerns on the basis of equity. The converse, however, is not true societal concerns can arise from hazards which give rise to relatively low levels of individual risk, but which can, for example, impact disproportionately on groups which society considers vulnerable and so deserving special protection. For ionising radiation this includes, e.g. the unborn. It follows, therefore, that the boundary between the tolerable and unacceptable regions depends on the nature of the hazard as well as the consequence of the risk. However, based on criteria first applied in the context of nuclear power (2), we adopt as a working rule for risks entailing fatalities that an individual risk of death of one in a thousand per annum should on its own represent the dividing line between what could be just tolerable (provided everything has already been done to reduce the risk ALARP) for any substantial category of workers for any large part of a working life. For members of the public who have a risk imposed on them in the wider interests of society we reduce this criterion by an order of magnitude, i.e. to one in ten thousand per annum. However, these limits rarely bite. These levels of individual risks are set for exceptional activities where the risk is most difficult to control, and are based on international agreements. In practice most industries in the UK (including the nuclear industry) do very much better. In addition, where the societal concerns arise from the risk of multiple fatalities from one incident from a single major industrial activity, HSE has proposed that the risk of an accident causing the death of fifty or more people in a single event should be less than one in five thousand per annum (1). WHEN SHOULD A RISK BE REDUCED FURTHER? The levels of risk characterising the broadly acceptable region in Figure 1 are comparable to those that people regard as insignificant or trivial in their daily lives. They are typical of the risk from activities that are inherently not very hazardous or from hazardous activities that are so well controlled that risk control measures are at the limit of practicability. At this point the residual risks are such that the resources needed to introduce further control measures are likely to be grossly disproportionate to the risk reduction achieved. Nonetheless, we take the view that, if it is possible to reduce the risk at minimal cost, such action would be warranted. In general, however, HSE considers that an individual risk of death of one in a million per annum for both workers and the public corresponds to a very low level of risk that represents a reasonable guideline for the boundary between the broadly acceptable and tolerable regions (Figure 1). Whilst this guideline for the boundary is useful for HSE as a regulator in indicating when resources may be better deployed elsewhere, it applies only to individual risk where the consequence is death. In occupational health and safety issues there are many potential consequences and the hazards may give rise to societal concerns. Regulators and duty holders need other criteria to decide when the level of residual risk is tolerable. HSE s approach is pragmatic we refer to good practice. Our starting point is that suitable controls must be in place to address all significant hazards and that, at a minimum, those controls must implement authoritative good practice precautions irrespective of situation-based risk estimates. In effect we take authoritative good practice as representing a consensus between regulators, technical experts, duty holders, safety representatives, etc. on the action necessary (taking account of what is technically feasible, the balance of costs and benefits and, 4

5 if necessary, other factors such as the need to alleviate societal concerns) to result in a tolerable level of residual risk. We accept as authoritative good practice the requirements of UK legislation, Approved Codes of Practice and Government guidance. In general we also accept standards produced by standards-making organisations (e.g. CEN, CENELEC, ISO, ICRP, BS) and guidance produced by bodies representing UK industrial or occupational sectors (e.g. trade federations, professional institutions, etc.) provided the guidance has gained general acceptance in the safety movement that it does represent good practice. In effect all this provides an abundance of authoritative good practice on which to draw in determining when the level of residual risk is tolerable. Only where there is no reliable base of good practice for ensuring that risks are adequately controlled, is it necessary to go through a risk assessment and evaluation process for deciding the degree to which the risks should be controlled. In these circumstances Reducing Risks, Protecting People includes a number of protocols that assist this process, including: our usual practice of performing a risk assessment on the basis of a hypothetical person, i.e. an imaginary person who is deliberately placed in a fixed relationship with the hazard; the architecture of UK health and safety law; the constraints that have to be taken into account; a hierarchy of options for new non-regulatory and regulatory measures; guidelines on how to undertake a cost benefit analysis and for ensuring consistency when comparing costs against benefits. IS THE APPROACH TO RISK REDUCTION PRECAUTIONARY? HSE s approach is inherently precautionary in that our risk assessment procedures address uncertainty by: requiring that assumptions to fill gaps in knowledge be tested through recognised methods, e.g. sensitivity analysis; attaching more weight to consequences for hazards giving rise to irreversible and potentially severe detriment, e.g. cancer; giving more weight to the consequences of a risk being realised than to its likelihood the greater the uncertainty about the latter; building safety factors into the assessment process where appropriate, e.g. in considering the effects of ingestion of radioactive material; considering worst case scenarios the greater the uncertainty about consequences; making use of comparative risk assessment for novel hazards that bear a similarity with existing hazards requiring a stringent control regime for reducing risks to tolerable levels. The general approach is indicated in Figure 2. consequences increasingly uncertain likelihood increasingly uncertain conventional risk assessment emphasis on consequences eg if serious/irreversible or need to address societal concerns rely on past experience of generic hazard consider putative consequences and scenarios towards ignorance Figure 2. Procedures for tackling uncertainty when assessing risks This inherently precautionary approach is balanced by the need to ensure than the action we take is proportionate to risk and is compatible with the operation of a free market economy. Getting the balance right is, of course, a matter of judgement. Inevitably there is usually a spectrum of opinion on where the balance lies on 5

6 any issue, and HSE has to come to a view on the appropriate course of action in accordance with the process, criteria and protocols outlined in Reducing Risks, Protecting People. HOW ARE STAKEHOLDERS INVOLVED IN DECISIONS? HSE makes decisions by: following the six-stage process set out under A risk regulation framework above; and seeking to involve the stakeholders at every stage. The process, criteria and protocols in Reducing Risks, Protecting People are designed to meet the principles of good regulation (proportionality, targeting, consistency, transparency, accountability) that apply across the UK government (5). Whilst HSC/E have a long tradition of engaging their stakeholders, the trends are for wider engagement earlier in the process using an increasing array of techniques (e.g. focus groups, people panels, consensus conferences, etc.). Two-way risk communication is an important tool, and significant efforts continue to be made to improve skills (6). In addition we are researching which techniques of engagement are likely to be most effective in particular circumstances. CONCLUSIONS HSE s initiative in setting out for discussion an integrated account of how we seek to regulate the risks from work activities reflects a concerted effort to ensure that our approaches to regulating risk are coherent and consistent across all work activities in the UK, and to make what we do more open and transparent. The document Reducing Risks, Protecting People has sparked considerable interest, both within the UK and further afield. To date over 15,000 paper copies have been circulated, more downloaded from the Internet and a series of dialogues has been established on the concepts and material presented. We have received numerous responses, almost all applauding the initiative and many providing thoughtful and considered comment. Preparation and publication of Reducing Risks, Protecting People has in itself been an instructive and informative exercise involving two-way education and communication, first within HSE and subsequently with our stakeholders. In addition we have found the document to be a valuable training aid in helping those who join the organisation to understand its purpose and modus operandi. Ministers have asked other UK governmental departments to prepare and publish their own accounts of how they regulate risks from hazardous activities. REFERENCES 1. HSE Discussion Document, Reducing Risks, Protecting People. Available (free) from HSE Books, PO Box 1999, Sudbury, Suffolk, CO10 6FS, UK, tel , fax and from the Internet at (1999). 2. The Tolerability of Risk from Nuclear Power Stations. HSE Books, ISBN, (1992). 3. N.C.Pidgeon, C.Hood, D.Jones, B.Turner and R.Gibson, Risk Analysis, Perception and Management. The Royal Society, London, (1992). 4. M.S.Douglas and A.Wildasky, Risk and Culture. University of California Press, Berkeley (1982). 5. Principles of Good Regulation. A leaflet issued by the Better Regulation Task Force, Cabinet Office, Horse Guards Road, London SW1P 3AL, UK. 6. Risk Communication, A Guide to Regulatory Practice. Inter-departmental Group on Risk Assessment (ILGRA), available from the Risk Assessment Policy Unit, Health and Safety Executive, Rose Court, 2 Southwark Bridge, London SE1 9HS, UK and from the Internet at (1998). 6