California Senate Bill 553 Mandates Workplace Violence Prevention Programs for Organizations

On September 30, 2023, the California State Senate passed Senate Bill 553, which addresses workplace violence prevention plans and employer applications for restraining orders as measures to increase occupational safety. The law is scheduled to take effect on July 1, 2024, and mandates that all companies with 10 or more employees have workplace violence prevention programs in place to better equip staff in times of unforeseen acts of violence.

Kroll’s Enterprise Security Risk Management experts reviewed this legislation in depth to understand its requirements and assess how a company can best comply. First, the law sets forth that “an employer shall establish, implement and maintain an effective workplace violence prevention plan.” In a nutshell: Plans must be developed with direct involvement from employees and authorized representatives, be readily available and accessible post-development and be represented in writing. They are also subject to a lengthy list of requirements to be compliant with the law; organizations need to develop procedures for identifying and correcting workplace violence hazards, maintain an incident log and conduct employee training.

While places of employment with less than 10 employees working at any given time and organizations not accessible to the public are exempt, most enterprises are now expected to comply with Senate Bill 553. This means that organizations will have mere months to comply with new regulations and take immediate action to ensure compliance with the new standards of workplace care.

What Are New Challenges Companies Will Face in Adhering to These Requirements?

California companies must determine which department within their organizational structure—for example, health and safety personnel, security or the human resources departments—is responsible for “owning” the plan, i.e., initiating the process of creating the workplace violence prevention program, verifying it meets requirements and implementing it within the organization. Depending on the type of incident or threat, multiple departments within the organization may need to be involved, adding to the confusion over responsibility and how to effectively proceed.

While the Division of Occupational Safety and Health (DOSH), better known as “Cal/OSHA,” released a template in February that organizations can use in the first instance, many aspects of the template require further clarification and using the template does not guarantee compliance with the requirements. Cal/OSHA has also not disclosed how it will measure and audit compliance and to what degree. So, the question remains, how does an organization establish a viable workplace violence program that meets the standards put forth by the rule? Though employees may have familiarity with the physical workplace and identification of reporting practices for workplace violence related hazards, many will lack the subject matter expertise, awareness and training necessary to objectively contribute to the development of these plans. That’s where third-party specialists come in.

Furthermore, while the bill states that individual requirements need to be “effective” to be compliant, it does not establish how effectiveness will be measured. From a regulatory perspective, while Cal/OSHA will conduct compliance-related inspections, the onus will be on the employer or a third-party vendor engaged by an employer to conduct incident-related investigations and assessments, and to identify and address hazards. Workplace violence investigations typically require interviews with all parties involved, a threat assessment establishing a level of concern for the instigator, development of a threat management plan and the involvement of forensic behavioral specialists. Many companies may likely not have the internal capabilities required to conduct the various steps of the process. Even if they do, programmatic assessment results are likely to be viewed as more objective when performed by a neutral third-party.

Ultimately, it’s not only challenging to design a workplace violence prevention program that meets the Senate bill’s requirements, but also equally, if not more, challenging to enact it within an organization. A successful program is reflected in workplace practices, such as employees’ awareness of workplace violence, their ability to recognize and report it, and the steps they need to take next. This effort takes time and adds costs to an organization’s bottom line.

How Kroll is Assisting Organizations with Compliance

Kroll's workplace violence prevention experts are helping companies in assessing gaps within their organizations regarding Senate Bill 553 compliance. We are working with companies to fully develop their workplace violence prevention plan by soliciting input and feedback from their employees and developing or conducting training across their locations, including those outside of California. In California, we visit client sites to speak with employees and conduct security assessments of their physical spaces, including reviewing evacuation plans and sheltering capabilities. Leveraging our in-house technology, the Kroll-Resolver Threat Application, we offer solutions that seamlessly address the essential elements of a workplace violence prevention plan.

A recent case reflective of Kroll’s support involved a U.S.-based venture capital firm. Following the separation of an employee, over a period of a year, members of the firm’s C-Suite began receiving threats of harm from the subject. Investigative follow-up by Kroll revealed that the individual had committed several violent felonies, including threatening a university president, a judge and a U.S. government executive branch-level official. The individual employed numerous active techniques to prevent detection and to thwart his apprehension. These techniques included transitioning to being homeless, making cash-only transactions and using private mailboxes and encrypted email services. A cross-functional team consisting of Kroll’s enterprise security and forensic investigations experts was organized. Kroll delivered threat management, investigative support, protective services and physical security assessments that led to long-term physical security improvements to their corporate offices. Liaison and advocacy with U.S. local and federal law enforcement agencies led to the apprehension of the subject.

Building a Holistic Workplace Violence Prevention Program

As questions surrounding the California Senate Ruling continue to grow, organizations can benefit by partnering with experts who can assess existing plans and programs and recommend appropriate solutions to fill gaps. Once identified, these gaps may be addressed through governance, plans, training and operational practices; in some instances, a new program may need to be built from scratch. The Kroll team has been operating in this space for decades, providing corporations, educational institutions and government agencies holistic solutions that answer these challenges. We take the time to perform discovery by listening to your unique security-related concerns and developing sustainable solutions that both fit your culture and build upon what may already be in place—reducing time and development costs.

From a duty of care perspective, California Senate Bill 553 puts into writing the standards that corporations of all sizes should already have in place to protect their most valuable asset: their personnel. The Occupational Safety and Health Administration (OSHA) estimates that over $120 billion is lost directly and indirectly due to workplace violence. The National Safety Council puts the costs even higher at $171 billion annually. Simply put: It’s too expensive for organizations not to have a proper workplace violence prevention program in place.

Investments in prevention and mitigation are far less costly than the consequences of an actual event, which may include loss of or injury to life, loss of productivity, facility and product damage and loss, reputational damage and loss of consumer confidence and long-term employee trauma. For example, according to the Center for American Progress, the 2007 Virginia Tech shooting cost $48.2 million. In another recent incident, MGM Resorts in Las Vegas, the owner of Mandalay Bay, agreed to pay victims up to $800 million after an active shooter incident during a Live Nation Music Festival. Kroll’s industry-leading risk management experts are ready to assist in building a thorough and everlasting workplace violence prevention program. Contact our experts to learn more here.