HSE & EHS Basics
What is HSE software?
HSE software (Health, Safety and Environment software) is a digital platform that helps organisations manage their health, safety, and environmental obligations in one unified system. It replaces paper forms, spreadsheets, and disconnected point solutions with configurable workflows covering incident reporting, safety inspections, risk assessments, compliance tracking, and safety analytics. HSE software is also called EHS software in the United States — the terms describe the same discipline.
What is the difference between EHS and HSE software?
EHS (Environmental, Health and Safety) and HSE (Health, Safety and Environment) describe exactly the same professional discipline and software category. The only difference is word order and regional convention: EHS is dominant in the United States and Canada, while HSE is standard in the United Kingdom, Australia, the Middle East, and much of the oil and gas industry. The terminology your software vendor uses has no practical impact on the platform's capabilities.
What does an HSE management system (HSEMS) include?
A complete HSE management system (HSEMS) covers six core disciplines: (1) hazard identification and risk assessment, (2) incident and near miss reporting and investigation, (3) safety inspections and audits, (4) regulatory compliance obligation tracking, (5) training and competency management, and (6) safety performance analytics and reporting. A unified HSEMS connects all six in one data system, so insights flow across disciplines rather than being locked in separate tools.
What is ISO 45001 and how does it relate to HSE software?
ISO 45001:2018 is the international standard for occupational health and safety management systems. It specifies requirements for an OH&S management system covering hazard identification, risk assessment, legal compliance, incident investigation, corrective action, and continual improvement. HSE software directly supports ISO 45001 implementation by providing documented, auditable workflows for every clause. HSETrack's risk register, inspection, incident, and compliance modules align with ISO 45001's core operational requirements.
What is the difference between OHSAS 18001 and ISO 45001?
OHSAS 18001 was the predecessor to ISO 45001, published in 1999. ISO 45001 replaced it in March 2021, when the three-year transition period expired. Key differences: ISO 45001 places greater emphasis on leadership and worker participation, adopts the Annex SL high-level structure (enabling easier integration with ISO 14001 and ISO 9001), and introduces a more explicit focus on organisational context and management of change. If your organisation was certified to OHSAS 18001, it has needed to migrate to ISO 45001.
What industries use HSE software?
HSE software is used across any industry with a workforce exposed to occupational hazards. The heaviest users are construction, oil and gas, manufacturing, mining, utilities, logistics and transportation, healthcare, chemical processing, and food and beverage. However, HSE software is equally relevant to office-based organisations that manage occupational health records, first aid incidents, fire safety compliance, and risk assessments — regardless of sector.
Incident Reporting
What is incident reporting software?
Incident reporting software is a digital platform that enables workers to report workplace incidents — injuries, near misses, dangerous occurrences, property damage, and environmental releases — from any device, including mobile phones. The software routes each report through a structured investigation workflow, assigns corrective actions, tracks them to close-out, and generates regulatory reports (such as OSHA 300 logs) automatically. It replaces paper-based incident forms and manual spreadsheet tracking.
What is a near miss in the workplace?
A near miss (also called a close call or dangerous occurrence) is an unplanned event that did not result in injury, illness, or property damage but had the potential to do so. Examples include a worker tripping but not falling, a dropped object narrowly missing a person, a chemical spill contained before exposure, or a vehicle coming close to a pedestrian. Near misses are leading indicators of future incidents: Heinrich's triangle holds that for every serious injury there are approximately 300 near-miss events involving the same hazard.
What is an OSHA recordable incident?
An OSHA recordable incident is a work-related injury or illness that meets one of OSHA's recording criteria: (1) days away from work, (2) restricted duty or job transfer, (3) medical treatment beyond first aid, (4) loss of consciousness, (5) diagnosis of a significant injury or illness by a healthcare professional, or (6) death. OSHA recordable incidents must be logged on the OSHA 300 Form and summarised on the OSHA 300A posted annually from February 1 to April 30.
What is root cause analysis in incident investigation?
Root cause analysis (RCA) is a structured investigation methodology used to identify the underlying causes of an incident, rather than just its immediate cause. Common RCA methods include the 5-Whys (repeatedly asking "why?" to trace back to the root), Fishbone/Ishikawa diagrams (categorising causes by people, equipment, process, environment), and more formal methods like TapRooT and ICAM used in high-consequence industries. Addressing root causes prevents recurrence; addressing only immediate causes typically leads to the same incident happening again.
How quickly must I report a workplace fatality to OSHA?
Under OSHA regulations (29 CFR 1904.39), employers must report a workplace fatality to OSHA within 8 hours of learning of the death. In-patient hospitalisations of one or more workers must be reported within 24 hours. An amputation or loss of an eye must also be reported within 24 hours. Reports can be made by calling the OSHA area office, the OSHA 24-hour hotline (1-800-321-OSHA), or via the OSHA online reporting portal.
Can workers report incidents anonymously?
Yes — HSETrack supports anonymous incident and near-miss submission. Anonymous reporting is particularly valuable for near-miss capture, where workers may fear blame or embarrassment. Organisations with anonymous reporting programmes consistently capture higher near-miss volumes, which provides safety managers with better early-warning data. HSETrack's anonymous submissions are stored and routed for investigation without identifying the reporter.
Safety Inspections & Audits
What is safety inspection software?
Safety inspection software enables safety managers and frontline supervisors to conduct workplace inspections on mobile devices using digital checklists. The software replaces paper inspection forms with configurable digital forms that support photo attachments, GPS tagging, signature capture, and automatic scoring. Inspection findings are automatically converted into corrective actions with assigned owners and due dates. Completed inspections are stored in a searchable database with a full audit trail.
What types of safety inspections should organisations conduct?
Organisations should conduct a range of inspection types: (1) routine site safety walks — regular walkthroughs to identify physical hazards, (2) pre-task inspections — checks before starting high-risk work such as hot work or confined space entry, (3) planned maintenance inspections — periodic checks on equipment, machinery, and facilities, (4) regulatory compliance audits — systematic reviews against specific OSHA standards or permit conditions, and (5) third-party inspections — conducted by external auditors, insurers, or certification bodies.
How often should safety inspections be conducted?
Inspection frequency depends on the risk level of the activity and the specific regulatory requirements that apply. High-risk operations (construction sites, chemical plants, offshore platforms) typically require daily or weekly inspections. General workplaces may require monthly or quarterly safety walks. Equipment inspections are often governed by manufacturers' specifications or regulations — for example, forklift pre-shift inspections are required before each use. HSETrack's scheduling function allows you to set recurring inspection frequencies and receive automated reminders.
What is the difference between a safety inspection and a safety audit?
A safety inspection is typically a physical examination of a workplace, equipment, or work activity to identify hazards and unsafe conditions. It is operational in focus — checking whether physical conditions meet safe standards. A safety audit is a systematic, documented review of an organisation's safety management system — examining whether policies, procedures, training, and management controls are in place and working as intended. Audits are more strategic and systemic; inspections are more tactical and specific.
OSHA Compliance
What is OSHA compliance software?
OSHA compliance software helps US employers meet their legal obligations under Occupational Safety and Health Administration regulations. Core capabilities include OSHA 300 log maintenance and 300A summary generation, compliance obligation tracking against specific OSHA standards, inspection and audit management for OSHA citations and abatement, training record management, and corrective action tracking. OSHA compliance software reduces the administrative burden of regulatory compliance and ensures documentation is audit-ready when OSHA inspectors arrive.
What is the OSHA 300 log?
The OSHA Form 300 (Log of Work-Related Injuries and Illnesses) is a required record that US employers with 10 or more employees must maintain for each establishment. It records each work-related recordable injury and illness during the year, including the type of incident, the injured worker's job title, the date and location, and the outcome (days away, restricted duty, etc.). The OSHA 300A Summary must be posted at the workplace from February 1 through April 30 each year. HSETrack auto-populates 300 log data from incident reports.
Which employers are exempt from OSHA recordkeeping?
Employers with 10 or fewer employees during all of the previous calendar year are partially exempt from routine OSHA injury and illness recordkeeping — though they must still report fatalities and severe injuries. Additionally, establishments in certain low-hazard industries (as classified by NAICS code) are also partially exempt from routine recordkeeping regardless of size, but must still report severe injuries. All employers covered by OSHA must comply with all other safety standards regardless of recordkeeping exemption.
How much are OSHA penalties for violations?
OSHA penalty amounts are adjusted annually for inflation. As of 2025, the maximum penalty for a serious violation is $16,550 per violation. Willful or repeated violations carry penalties up to $165,514 per violation. Failure to abate a cited hazard can result in penalties of up to $16,550 per day beyond the abatement deadline. OSHA can also refer egregious cases for criminal prosecution. Organisations with proactive safety programmes and good documentation typically receive reduced penalties during inspections.
What is a Cal/OSHA State Plan?
Cal/OSHA is California's state-run occupational safety and health programme, which operates under a State Plan approved by federal OSHA. Cal/OSHA standards must be at least as effective as federal OSHA standards, but California often imposes stricter requirements — for example, Cal/OSHA has a more comprehensive Heat Illness Prevention standard, stricter silica exposure limits, and a broader Injury and Illness Prevention Programme (IIPP) requirement that applies to all California employers. Similar state plans exist in 26 other states and territories, including Washington (L&I), Michigan (MIOSHA), and Oregon (OR-OSHA).
HSETrack Features & Pricing
How much does HSETrack cost?
HSETrack uses per-user, per-month pricing with three tiers: Basic Safety at $59/month, Professional at $179/month, and Enterprise with custom pricing for large organisations. Annual billing is available at a discount. All pricing is published transparently on the website — no sales call required to get a number. You can start a free trial without a credit card to evaluate the platform before committing to a subscription.
Does HSETrack work offline?
Yes — HSETrack's mobile app supports offline data capture. Workers can complete incident reports, inspection checklists, and near-miss forms without an internet connection. Data is stored locally on the device and automatically syncs to the cloud when connectivity is restored. This is essential for construction sites, offshore platforms, remote manufacturing facilities, and any workplace with unreliable network coverage.
How long does it take to implement HSETrack?
HSETrack can be live within hours of sign-up. Configuring custom forms, workflows, and user roles typically takes one to three days, depending on complexity. Full team onboarding — including user training and any data migration from legacy systems — typically takes two to four weeks for most organisations. HSETrack's no-code configuration tools mean most organisations complete setup without requiring IT or implementation consultants.
Is HSETrack OSHA compliant?
HSETrack supports OSHA compliance by automatically generating OSHA Form 300 log data from incident reports, tracking compliance obligations against OSHA standards, managing safety training records, and maintaining the audit-ready documentation that OSHA inspectors require. HSETrack is not a legal compliance advisory service — compliance responsibility remains with the employer — but the platform provides the tools to manage and demonstrate compliance systematically.
Can HSETrack manage multiple sites?
Yes — HSETrack is built for multi-site organisations. Each site can have its own forms, workflows, user permissions, and inspection schedules, while sharing a unified data structure that enables cross-site analytics and benchmarking. Safety managers can view performance at site, regional, or enterprise level. This is particularly valuable for construction companies, manufacturers, logistics providers, and any organisation with employees working across multiple locations.
Does HSETrack have a mobile app?
Yes — HSETrack is available as a native mobile app for iOS and Android, as well as a fully responsive web application accessible from any browser. The mobile app supports offline data capture, camera integration for photo evidence, GPS tagging of incident and inspection locations, and push notifications for assigned tasks and overdue actions. Workers can submit incident reports and complete inspections entirely from their smartphones.
What data security certifications does HSETrack have?
HSETrack implements enterprise-grade security controls including data encryption at rest and in transit (TLS 1.2+), role-based access control, multi-factor authentication, and regular security assessments. Data is hosted on ISO 27001-certified cloud infrastructure with 99.9% uptime SLA. Role-based permissions ensure sensitive occupational health data is only accessible to authorised users. For enterprise customers, single sign-on (SSO) integration is available via SAML 2.0.
Can I import our existing safety data into HSETrack?
Yes — HSETrack supports data import for historical incident records, inspection templates, employee records, and compliance obligations. Common import formats include CSV, Excel, and JSON. For organisations with large legacy datasets or complex data structures, the HSETrack team provides data migration assistance. The REST API also enables programmatic data import from other systems for ongoing integration.
HSE Programme Management
What is a safety culture?
Safety culture refers to the shared values, beliefs, attitudes, and behaviours within an organisation that collectively determine how seriously safety is taken in daily work. A positive safety culture is characterised by visible leadership commitment to safety, open reporting of near misses and hazards without fear of blame, worker participation in safety decisions, and a genuine belief that safety and operational performance are complementary rather than competing goals. Safety culture is the difference between an organisation that complies with safety rules because it has to and one that manages safety because it wants to.
What is a risk assessment?
A risk assessment is a systematic process of identifying hazards in a workplace or work activity, evaluating the likelihood and potential severity of harm from each hazard, and determining what controls should be applied to eliminate or adequately reduce the risk. Most risk assessments follow a five-step process: (1) identify hazards, (2) determine who might be harmed and how, (3) evaluate risks and decide on precautions, (4) record the findings and implement the controls, and (5) review and update the assessment when conditions change.
What is the hierarchy of controls?
The hierarchy of controls is a risk management framework that ranks hazard control methods from most to least effective: (1) Elimination — physically remove the hazard, (2) Substitution — replace the hazard with something less dangerous, (3) Engineering controls — isolate people from the hazard (guarding, ventilation, interlocks), (4) Administrative controls — change the way people work (procedures, training, permits), (5) Personal Protective Equipment (PPE) — protect the worker with equipment. Controls higher in the hierarchy are more reliable because they do not depend on human behaviour.
What is a permit to work?
A permit to work (PTW) is a formal authorisation process for high-risk work activities where standard procedures alone are insufficient to control the hazard. Common permit types include hot work permits (for welding, grinding, and other ignition sources), confined space entry permits, working at height permits, and electrical isolation permits. The PTW process typically involves a formal risk assessment, identification and implementation of specific controls, authorisation by a competent person, and a sign-off process when the work is complete.
What is TRIR and how is it calculated?
TRIR (Total Recordable Incident Rate) is the most widely used lagging safety performance indicator. It measures the number of OSHA recordable incidents per 200,000 hours worked (equivalent to 100 full-time workers for one year). Formula: TRIR = (Number of recordable incidents × 200,000) ÷ Total hours worked. TRIR enables comparison of safety performance across organisations of different sizes and across time periods. Industry TRIR averages published by the Bureau of Labor Statistics (BLS) provide a benchmark for assessing performance.
What is RIDDOR reporting in the UK?
RIDDOR stands for the Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013 — the UK law that requires employers to report certain workplace incidents to the Health and Safety Executive (HSE). Reportable events include deaths, specified injuries (fractures, amputations, loss of sight, serious burns), over-7-day injuries, occupational diseases (such as carpal tunnel syndrome, occupational dermatitis, and hand-arm vibration syndrome), and dangerous occurrences. RIDDOR reports must be submitted online to the HSE within specified timeframes.
What are leading vs lagging safety indicators?
Lagging indicators measure safety outcomes that have already occurred — incident rates (TRIR, LTIFR), days away from work, and injury costs. They tell you how safe the organisation has been historically but cannot predict what is about to happen. Leading indicators measure proactive safety activities that prevent future incidents — near miss reporting rates, inspection completion rates, training completion rates, corrective action closure rates, and hazard observation submissions. A mature safety programme tracks both, using leading indicators to drive improvement before incidents occur.
Still Have Questions?
Our team is happy to walk you through HSETrack and answer any questions specific to your organisation. Or start a free trial and explore the platform yourself — no credit card required.