ISO 14001 - Determining and Keeping Current with Legal Requirements

[RMJ]

Legal Requirements

Hi
We just recently had our Doc & Readiness Review and the auditors suggested that we need to tighten up our procedures for tracking legal requirements. Right now we are using an Environmental service which sends out reports every 2 weeks to let members know which laws (federal & provincial) have changes upcoming and gives the websites where they may be viewed. What I have been doing is to check the sites, when they apply to one of our requirements, to note any applicable changes. I was hoping for some ideas to make our system easier to handle and less time consuming. Any help would be greatly appreciated.

 

[Randy]

There is no cut and dried easy way. I managed EHS departments for some time and one of the toughest things there is to do is track changes to laws. You have executive, legislative and judicial organizations continually making new decisions and judgements.

The easy way is the one that works for you and which is adequate for your needs. What you seem to be doing is pretty standard and about as effective as it gets.

What are you doing about local requirements? Other requirements?

 

[RMJ]

Our local and other requirements I have added into the table I set up for the legal requirements. We have various customers and each has a different form to fill out at the time of PPAP, so I created a heading Customer & Other Requirements. I will also include any municipal requirements that don't apply under the other headings. Is it typical for companies to keep the applicable Acts & Regs on their server or just to access them via Internet? Right now, I am monitoring them only on the net.

 

[Randy]

It's either / or with how folks keep this stuff. Bottom line...what works for you? Is it easy to maintain and can others access the info? No matter what you do, it's going to take time. here in the good ol' U S of A there are 10's of thousands of regulatory changes every year, probably the same way in Canada. We are both nation's of laws. As you use your system you will be able to come up with ways to improve upon it (remember continual improvement? ) I know what your auditors are saying..I say the same thing, but in the end it's you who has to do the work, not the auditors.

 

[nljong25]

Nice example of how registrars can differ. We have almost the same system at our site in the Netherlands: We maintain a list of laws and regulations and every week we receive an e-mail with new stuff and links to the documents. If it's important, I fill out a form with a basic explanation and the consequences for the site. This form is distributed to the people it concernes. Tehy have to take action to implement the new of changed rules.
The local requirements (permit) are checked quartlery with a checklist.

The registrars we're very pleased with.
In fact, last wednesday we received the 14001-certificate for the second period with no non conformity at all! Must say I'm proud of it...

 

[D.Scott]

In fact, last wednesday we received the 14001-certificate for the second period with no non conformity at all! Must say I'm proud of it...

And so you should be - well done.

Dave

 

[Dean P.]

RMJ,

We are probably using the same service for updates to the regulations (EMRCB out of London, ON). I have been through several audits over the past 5 years - including a Doc. & Readiness Review last Tuesday - and this bi-weekly service has been more than adequate. All we needed to do was show that we were reviewing the information in some way. You could print it out and initial the report, or simply store it in a file on your computer, which would indicate you have gone in and read the info. What the auditor may want to see is an example of a legislative change that did affect you and how you responded to it. But depending on your business, this may not have happened yet.

Our only issue was how we track the 'other' requirements, namely corporate and customer, but this was only an opportunity for improvement for us, he didn't see any issues with what we had now (checking the websites regularly).

As Randy said, if the bi-weekly reports are adequate for your business, then that's all you need to prove to an auditor.

 

[Randy]

Don't get wrapped around an axle with this issue. This is just 1 of the 17 required elements of 14K+1 and it is no more or no less important than any of the others. If it works - Great If it doesn't - Fix it

 

[RMJ]

I want to thank everyone for all their input...I've put together a work instruction to ensure that the managers can access them; developed a checklist and I have been saving all the EMRCB reports to the server so that everyone can review them. I just got managemnt buy off on this today at our Mgmt meeting , so we'll see how it goes.
Again, thanks, I can always find the answers when I come here.

 

[Randy Stewart]

HAZMAT

During my Internal ISO 14000 audit of our new facility I came across some Uniform Hazardous Waste Manifests that I had questions on. We bought the building from a printing company and it had some left over chemicals in some of the spaces. We contracted a company to remove the drums (US Liquids of Detroit) so the handling wasn't an issue. My question is that the person signing the document for our company has no knowledge of HAZMAT other than what MIOSHA requires for normal shop environment. I found that one of the UN numbers was incorrect and if you "read" what the "Generator's Certification" block states he was verifying that "I hereby declare that the contents listed . . . are classified, packed, marked, and labeled, and are in all respects in proper condition for transport. . . . ". He went by what was on the labels and didn't know what he was signing for. I wrote up the nonconformance, but is there anything else that needs to be done for legal requirements? We are going to make sure all our facilities have a certified person for HAZMAT. Once again, this was left over from the previous owners of the building.