The future of electrical safety

NFPA 70E brings the hierarchy of controls to the forefront.

By H. Landis “Lanny” Floyd, PE, CSP, CESCP October 19, 2017
Changes in the 2018 edition of NFPA 70E: Standard for Electrical Safety in the Workplace continue the direction established in 2015, which intended to change how stakeholders evaluate and mitigate risk from electrical hazards. Some changes involve better alignment with occupational health and safety and management systems (OHSMS) standards and other standards that address hazards and risk. Other changes are intended to help clarify intent and simplify application of long standing requirements in the standard. 
These changes, coupled with knowledge condensed in the informative annexes, will help stakeholders identify opportunities for ongoing improvement in reduction of risk for injuries and fatalities from electrical hazards. As in previous editions, a summary of the major changes to the standard is provided in the forward of NFPA 70E – 2018. For most stakeholders, reading the forward is a good place to start to compare existing electrical safety programs to the continuing evolution in NFPA 70E and its aim toward eliminating electrical injuries and fatalities.
For those responsible for informing the manufacturing team on requirements in the 2018 edition, paying close attention to changes and additions to the informative annexes, the transformation of informational notes, and the illustration on the front cover may hold the key to achieving real progress in reducing risk of injuries and fatalities. 
The changes to the requirements in the standard are supplemented with annexes and informational notes that are included for informational purposes only. Revisions and additions to the informative annexes and informational notes are the latest enhancements to link and align the standard with proven concepts in occupational safety and health management systems (OSHMS) standards. 
The 2009 edition of NFPA 70E included the first reference to OSHMS with an informational note added to Article 110.3, Electrical Safety Program. Prior revisions included the statement, “Safety-related work practices are just one component of an overall electrical safety program.” Informational Note 2 added in the 2009 edition expanded on this by pointing to ANSI Z10, Standard for Occupational Safety and Health for a framework to establish a comprehensive electrical safety program as a component of an occupational safety and health program. ANSI Z10 is one of several OHSMS standards that have roots in systems safety. 
Systems safety is the application of engineering and management principles, criteria, and techniques to achieve acceptable mishap risk as low as reasonably practicable throughout all phases of a system or facility life cycle. Systems safety emerged in the early 1940s as aircraft designers, manufacturers, and pilots were pushing the envelope in military aviation technology. 
As airplanes became more sophisticated, the cost of mishaps escalated. 
The aviation industry recognized the common practice of analyzing mishaps after that fact was becoming unacceptable in terms of human safety and financial loss. At the same time, scientists were harnessing nuclear energy for military and civilian use. Systems safety methodology quickly matured as it was applied to the risk of nuclear accidents having consequences more catastrophic than any other technology development in history. 
Considering that modern military aircraft can cost $1 billion each and a nuclear accident can render a large portion of a continent uninhabitable for generations, the concept of preventing a mishap has extraordinary value. The primary goal in system safety is to identify and mitigate risk before a mishap occurs. Central to system safety are risk assessment and risk reduction. Thought leaders and researchers in safety management are providing evidence that risk management techniques with demonstrated results in managing technologies with catastrophic consequences can be effectively applied to common occupational risks. 
A 2014 RAND study comparing occupational fatalities in the U.S. and United Kingdom showed that the occupational fatality rate in the U.K. is one-third that of the U.S. Fatalities from electrical hazards in the U.K. is one-quarter that of the U.S. One factor contributing to this difference is that the safety management culture in the U.K. places more emphasis and resources on risk assessment and application of a hierarchy of controls than the safety management culture common in the U.S. 
The first safety management system standard to document system safety methodology was U.S. Military Standard 882, Standard Practice for System Safety, published in 1969. Since then, industry consensus standards including OHSAS 18001, Occupational Safety and Health Management Systems – Requirements, ANSI Z10, Occupational Health and Safety Management Systems, and CSA Z1000, Occupational Safety and Health Management have adapted the methodology for managing occupational safety and health risk. 
Scheduled for publication in 2018, ISO 45001, Occupational Health and Safety Management Systems – requirements of implementation and use, will be the latest OHSMS standard to reinforce robust risk assessment coupled with the hierarchy of controls to reduce the risk of injury to as low as reasonably practicable.
Hierarchy of control measures
Common to all OHSMS standards is the concept of a hierarchy of control measures. NFPA 70E first made reference to the hierarchy of controls in an informational note in Article 110.1(G) in the 2015 edition. The 2018 edition elevates the use of the hierarchy of controls from an informational note to a requirement in Article 110.1(H) and includes a graphic Illustration on the front cover.
OHSMS standards rank effectiveness of the control measures in preventing injury and in life cycle value. 
The top control measures have the highest effectiveness and life cycle value and the bottom control measures are less effective and contribute to lower life cycle value. In applying a hierarchy of controls, the outcome should be that risk for which the probability of an incident or exposure occurring and the severity of harm that could result are as low as reasonably practicable. 
For most situations, a combination of risk control measures is necessary to achieve acceptable risk. The expectation is that consideration will be given to each control in a descending order. There should be reasonable attempts to eliminate hazards or reduce their associated risks through steps higher in the hierarchy before lower steps are considered. 
A lower step in the hierarchy of controls should not be selected until the preceding level or levels are considered. The top three control measures, elimination, substitution and engineering controls, are more effective because they are applied during design and redesign of a facility life cycle. Risk reduction in facility design results in a more inherently safe installation that is less dependent on error-free human performance. 
Life cycle value is created by reducing dependence on administrative controls and personal protective equipment (PPE), which are costly to maintain. The bottom three control measures, warnings, administrative controls, and PPE, are typically applied during construction, operation, maintenance, and demolition phases of a facility life cycle. They are highly dependent on human performance, not just for the worker at risk, but also for supervision and other support personnel. 
The six categories of hazard control measures are:
1. Elimination
MIL Standard 882E Systems Safety states that when a hazard is eliminated, a mishap (i.e., incident, injury, property damage) is “incapable of occurrence for the life of the item.” In the ideal situation, hazards would be identified appropriately and considered in the initial design and subsequent redesign processes so that there is no risk to be eliminated in an organization’s construction, operational maintenance, and ultimate dismantlement phases of the installation’s life cycle. Elimination is most effective early in the design process, when it may be inexpensive and simple to implement. It is more difficult to implement for an existing process, when major changes in equipment and procedures may be required. 
We live in an electrical world, and elimination of hazardous electrical energy completely by modifying the design may be rare. More often the goal is to modify the design so that the likelihood of human errors and the need for PPE is at a practical minimum. 
For example, when siting an equipment receiving and storage yard for a large industrial construction project, locate the yard, access roadways, material storage and handling areas, and areas with cranes or other mobile lifting equipment a sufficient distance from overhead electric lines. Then the electric lines will not be close enough to be a concern. Elimination is 100% effective, with no residual risk. 
2. Substitution
If the hazard cannot be eliminated, substitution of less hazardous equipment, materials or energy can result in reducing frequency or potential severity of exposure. Substituting 24V control for 120V control is an example of selecting a less hazardous energy. Replacing 120V cord-powered tools with battery-powered tools is another example of substitution. In this case, risk of electric shock when handling the battery powered tool is significantly reduced, however the hazard of electric shock associated with battery charging stations is not eliminated and must be addressed with administrative controls.
3. Engineering Controls
Engineering controls are design choices that function to reduce frequency or consequences of exposure to a hazard. Passive engineering controls function automatically, without any action by personnel, A ground fault circuit interrupter (GFCI) is an example of a passive engineering control that automatically reduces severity of an electric shock exposure. Passive engineering controls may have risk of loss of function which must then be addressed by lower order controls. 
For the GFCI example, administrative controls, including maintenance inspection and testing, are required to address risk of loss of its shock protection function. Touch safe terminals in component design is an example of a passive engineering control that does not depend on maintenance to assure its function as a barrier, automatically reducing likelihood of finger contact. An isolation switch is an example of an active engineering control. 
Action is required by workers in order to achieve isolation. The switch must be coupled with lockout/tagout procedures, an administrative control, in order to accomplish energy isolation.
4. Warnings
Warnings are used to alert workers of hazards that were not reduced to acceptable levels during design processes. Warnings may be temporary or permanent, audible or visible. Signs, labels, lights, barriers, barricades, and alerting personnel are examples of warnings. 
Warnings are highly dependent on administrative controls such as training, installation in appropriate locations, and maintenance of legibility and visibility. Effectiveness of warnings is vulnerable to errors in human performance in understanding the warning and responding appropriately. 
5. Administrative Controls
OSHA Recommended Practices for Safety and Health Programs describes administrative controls as those measures that require employers or workers to do something to reduce risk of injury. Examples of administrative controls include safe work practices, standard operating procedures, maintenance programs, personnel selection, training, work scheduling, permitting systems, lockout/tagout procedures, and audits. 
For many organizations it is common that administrative controls comprise the primary approach to risk management. Effectiveness of administrative controls is highly dependent on human performance and operational discipline of supervision and support personnel throughout the organization. 
The worker at risk of injury is dependent on administrative controls being properly designed, maintained, and implemented by other personnel. Administrative controls typically require significant resources in order to maintain continuing levels of effectiveness over long periods of time. 
Administrative controls are highly dependent on management and supervision commitment to providing visible leadership and resources to maintain the controls, worker competency in understanding the controls, and worker discipline in compliance with expected behavior.
6. Personal Protective Equipment
This control measure requires the worker at risk to wear something. The proper use of PPE relies heavily on multiple administrative controls including, but not limited to, quality assurance of facility design and installation, hazards assessment, worker training on hazards recognition, maintenance of equipment critical to electrical safety, and selection, fitting, training, inspection and maintenance of PPE to help assure PPE is available when needed, the worker recognizes the need, and it is used properly. 
Although an important element in injury prevention, use of PPE is considered the least effective control measure because of vulnerability of error in human performance in designing, implementing, and monitoring the administrative controls noted above, as well potential errors in hazard recognition and errors in proper selection and use by the worker at risk. 
H. Landis “Lanny” Floyd, PE, CSP, CESCP, Life Fellow IEEE, is a member of Plant Engineering’s Editorial Advisory Board. Lanny is an adjunct professor in the Advanced Safety and Engineering Management graduate engineering program at the University of Alabama at Birmingham. He retired from DuPont in 2014 after a 45-year career devoted to prevention of electrical injuries and fatalities.


NFPA 70E annex documents

Revised and New Informative Annexes

Recent editions have been revised and new informational annexes have been added to support risk assessment and application of the hierarchy of controls. The 2018 edition includes these changes:

Annex F Risk Assessment and Risk Control

Simplification of the title from previous editions reflects a rewrite of this annex to simplify and focus the information to facilitate application. The annex is rewritten to more closely conform with ISO 31010 Risk management – Risk assessment techniques and ANSI Z10 Occupational Health and Safety Management Systems. For stakeholders wanting to learn more on the subject of risk assessment and control, the Risk Assessment Institute offers educational materials, many of which are accessible at no cost. Established by the American Society of Safety Engineers in 2013, the Risk Assessment Institute serves as a center of excellence for risk-related information and tools relevant to the occupational safety and health profession. More than 20 free online video lectures and other resources are available by visiting www.oshrisk.org.

Annex K General Categories of Electrical Hazards

This annex is rewritten to include up-to-date statistics and sources for data on injuries and fatalities from contact with or exposure to electrical energy. Current and credible injury data is helpful in justifying requirements for risk assessment and application of hierarchy of controls.

Annex O Safety Related Design Requirements

Engineering design options that provide inherently safer facilities and installations are added to support application of higher order control measures of Substitution and Engineering Controls.

Annex P Aligning Implementation of This Standard with Occupational Health and Safety Management Standards

This annex first appeared in the 2012 edition. It supports reference to ANSI Z10 Standard for Occupational Health and Safety Management Systems in Article 110.1(A) Informational Note 2. 

Annex Q Human Performance and Workplace Electrical Safety

This is a new annex that will help stakeholders better understand vulnerability to human error, value higher order controls that reduce dependence on error-free performance, and provide insight in addressing organizational deficiencies that lead to human error. The annex conveys information on human performance that evolved from efforts in nuclear energy industries aimed at identifying and mitigating causes of human error with potential catastrophic consequences. To learn more on this topic, the U.S. Department of Energy has a 175-page publication available for free download from its website. Search “DoE Human Performance Handbook.”


Author Bio: H. Landis “Lanny” Floyd, PE, CSP, CESCP, Life Fellow IEEE, is a member of Plant Engineering’s Editorial Advisory Board. He is an adjunct professor in the Advanced Safety and Engineering Management graduate engineering program at the University of Alabama at Birmingham. In that position, he teaches Electrical Systems Safety, Introduction to Prevention through Design and Systems Safety and Engineering Ethics and Acceptable Risk. He retired from DuPont in 2014 after a 45-year career devoted to prevention of electrical injuries and fatalities.