FREE TRIAL UPGRADE!
Thank you for investing in EnvironmentalHazmatHuman ResourcesHuman Resources, Hazmat & Environmental related content. Click 'UPGRADE' to continue.
CANCEL
YOU'RE ALL SET!
Enjoy your limited-time access to the Compliance Network!
A confirmation welcome email has been sent to your email address from ComplianceNetwork@t.jjkellercompliancenetwork.com. Please check your spam/junk folder if you can't find it in your inbox.
YOU'RE ALL SET!
Thank you for your interest in EnvironmentalHazmatHuman ResourcesHuman Resources, Hazmat & Environmental related content.
WHOOPS!
You've reached your limit of free access, if you'd like more info, please contact us at 800-327-6868.
CLOSE
 
 

...

Chemical facility security

RegSenseToxic/Hazardous Substance ReleasesChemical Facility SecuritySARA ComplianceCERCLA, SARA, EPCRATerrorismEnvironmental Protection Agency (EPA)Occupational Safety and Health Administration (OSHA), DOLWorkplace SecurityEnglishFacility SecurityFacility SecurityezExplanationRelease NotificationsSafety & HealthGeneral Industry SafetyBest ResultsEnvironmentalSARA ComplianceFocus AreaUSA

Facilities that use chemicals, even in very low volumes, are under particular scrutiny, as their operations are considered especially vulnerable to threats. These threats may come in different forms and from different sources: from outside the facility (trespassing, unauthorized entry, theft, burglary, vandalism, bomb threats, or terrorism); or from inside the facility (theft, substance abuse, sabotage, disgruntled employee or contractor, and workplace violence).

Because of the increased threat, chemical facilities need to focus on terrorist or criminal actions that could have significant national impact (e.g., through the loss of chemicals vital to the national defense or economy) or cause releases of hazardous chemicals that would compromise the integrity of the facility, cause serious injuries or fatalities among facility employees, contaminate adjoining areas, or cause injuries or fatalities among adjoining populations.

Scope

For many facilities, compliance with existing regulations led to changes in operations that reduced risk and increased security. Facilities have been able to identify and reduce the chemicals of greatest concern at their facilities. For companies not previously affected by security-related regulations, existing regulations and guidance provide a solid starting point for evaluating processes and implementing changes to improve security.

Regulatory citations

  • 6 CFR 27Chemical facility anti-terrorism standards (see note below)
  • 29 CFR 1910.38Emergency action plans
  • 29 CFR 1910.39Fire prevention plans
  • 29 CFR 1910.119Process safety management of highly hazardous chemicals
  • 29 CFR 1910.120Hazardous waste operations and emergency response
  • 29 CFR 1910.1200Hazard communication
  • 33 CFR 6 — Protection and security of vessels, harbors, and waterfront facilities
  • 33 CFR 101 to 107 — Maritime security
  • 40 CFR 68Chemical accident prevention provisions
  • 40 CFR 112Oil pollution prevention
  • 40 CFR 355Emergency planning and notification
  • 49 CFR 130Oil spill prevention and response plans
  • 49 CFR 172.800 to .822Safety and security plans
  • 49 CFR 1570Maritime and land transportation security: General rules
  • 49 CFR 1572Credentialing and security threat assessments
  • 49 CFR 1580Rail transportation security

Note: As of July 28, 2023, Congress allowed the statutory authority for the Chemical Facility Anti-Terrorism Standards (CFATS) program at 6 CFR 27 to expire. Therefore, the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) cannot enforce compliance with the CFATS regulations at this time. Because Congress has the power to return statutory authority, watch for updates at https://www.cisa.gov/resources-tools/programs/chemical-facility-anti-terrorism-standards-cfats.)

Key definitions

  • Information security: Protecting sensitive information and preventing disruption of operations. These measures include securing records, shredding documents, following retention periods, using passwords, backing up data, and supervising visitors.
  • In-transit security: Protecting assets while they are being transported or transmitted. These measures include background checks, fingerprinting, locks, and satellite tracking.
  • People security: Protecting employees, contractors, customers, and visitors. These measures include installing metal detectors and emergency telephones, using code words and the buddy system, and reporting suspicious behavior.
  • Physical security: Delaying, denying, or detecting the access of unauthorized persons. These measures include installing locks, fencing, security cameras, proper lighting, and network firewalls.

Summary of requirements

  • Determine if the regulations listed in the Regulatory Citations section apply. If so comply with the applicable regulations. Each regulation has its own applicability and requirements to consider.
  • In addition to the regulatory programs, consider:
    • Guidance from chemical industry associations, and
    • Guidance from federal and state regulatory agencies. (Note: EPA issued EPA-K-550-F00-002, Chemical Accident Prevention: Site Security.)
  • Consider general principles applied when increasing security at a chemical plant facility:
    • Identify potential targets at your facility (assess the hazards).
    • Characterize potential threats (internal, external, IS vulnerability, employee screening).
    • Eliminate targets when feasible (e.g., change chemicals).
    • Control/minimize access to remaining targets (add protections/barriers, relocate processes/storage areas, security procedures, etc.).
    • Mitigate/minimize potential effects of incidents involving remaining targets (minimize amounts onsite, relocate/alter processes or equipment, add protections (provide shut-offs, etc.), emergency planning/response plans, etc.).
  • Consider creating a facility security program. Several different components should be included in a comprehensive facility security program:
    • Physical security. Physical security is the process of permitting access to the facility or systems by authorized persons while denying access to others.
    • Information security. Information security is protecting sensitive information, preventing sabotage and disruption, and keeping critical business processes operational.
    • Personal security. People (employees, contractors, customers, and visitors) are a company’s largest assets. Consider these as part of your security plan. Background checks help ensure that you hire trustworthy employees.
    • In-transit security. People, products, property, cash, and information are especially vulnerable while being transported or transmitted from one location to another.
  • Consider adequately training all employees to understand the need for and workings of your site security procedures.
['CERCLA, SARA, EPCRA', 'Facility Security']
['Release Notifications', 'Terrorism', 'Chemical Facility Security', 'Toxic/Hazardous Substance Releases', 'Workplace Security', 'Facility Security', 'SARA Compliance']
UPGRADE TO CONTINUE READING
Load More