Top 5 EHS risk management FAQs from high-tech companies

EHS challenges at high-tech firms can differ from those in the manufacturing sector. Lean EHS teams who must “do more with less” despite a huge global presence, worldwide data centers that may not be in the company’s direct control, and different risk profiles to consider given the prevalence of remote workers — are just three of these challenges. Nevertheless, they might sound familiar to many industries as technology’s impact grows.

Elaine Ye, Senior Expert Services Manager at Enhesa, works with high-tech companies, including many of the largest and most well-known brands in the world. She specializes in helping them implement Enhesa solutions across their global sites, advising them on EHS compliance, and completing specialized consulting projects for high tech clients of all sizes.

As leaders in their space, these companies can have an outsized influence on industries, employees, customers, and our planet. So we asked Elaine what frequently asked questions high-tech firms have regarding their compliance initiatives — plus what they can teach us about best practices in compliance for any industry.

Here are their top five questions, answered.

1. How do we efficiently and effectively manage EHS risks to ensure compliance across the globe with limited personnel on the ground?

Elaine Ye: High tech is different. Unlike the manufacturing sector, tech organizations usually have slimmer EHS teams overseeing numerous facilities across the globe. So these firms need to build an EHS compliance program in a standardized and consistent way across the board to save time and resources — instead of reinventing the wheel for every location or scope. These efforts should include everything from risk assessment and compliance tracking to implementing corrective actions.

Secondly, it’s advisable to build a centralized management program to enhance corporate visibility. Some businesses in the manufacturing sector shift away from a centralized approach, delegating some EHS responsibilities to regional/business units to allow more autonomy for a certain degree of efficiency. But, for companies with limited bandwidth — like tech companies with smaller EHS teams — a centralized management program allows these teams to identify high risk areas and understand pressing regulatory changes through a global lens. This enables the corporate team to determine which areas require more resources and support — acting more strategically and more proactively with their resources.

Finally, it’s also good practice to build out corporate and global EHS standards. These can work as a “bare minimum” for all facilities to comply with across the entire organization — setting a higher bar than many local regions might set. Companies can use these standards as a yardstick for self-assessment and best practices. With the right Compliance Intelligence solution, businesses can assure complete visibility of what’s required.

2. For buildings, datacenters, or other types of locations that aren’t within corporate’s direct control, what would be a good approach to assess or verify their compliance to eliminate/reduce EHS risks for these locations?

EY: Unlike manufacturing centers, it’s common for tech organizations to have co-located datacenters and shared workplaces, where the organization is merely a tenant or co-tenant on the premises. In those cases, the organization may not have direct control over many EHS matters, such as limiting air emissions, energy supply, fire safety, etc.

To ensure compliance, an organization should retain EHS compliance intelligence on local regulations and rules for their own in-house teams to identify the potential risk areas for assessment and mitigation.

The company also needs a compliance verification mechanism in place, particularly in those areas outside of its visibility and direct control. For example, co-located businesses may wish to request that landlords or building management provide the necessary documents and proof of compliance to keep track of records at the corporate level as evidence of compliance.

3. When an organization doesn’t directly own and is not involved in any industrial/manufacturing activities, which areas are of highest risk for that organization, and what would be the best approach to identifying them?

EY: Put simply — set the bar higher. For the tech sector, some real properties and workplaces (such as administrative offices and retail stores) have fewer risks compared to typical manufacturing facilities.  

But this doesn’t necessarily mean that the consequences of non-compliance are any less significant. Some of the EHS obligations may be less stringent or simplified (such as less frequent reporting requirements), but the sites are still subject to these obligations. 

Some of the risks may be even more profound for non-labor-intensive tech workers. Mental health and work stress can be amplified with commonly adopted remote work policies, especially for employees working in silos with limited communication and connection to colleagues. So it’s important to set the standard high to ensure well-rounded EHS programs and avoid missing issues that could affect compliance across your company.

4. What potential risks/liabilities should an organization consider regarding remote working, and how should they manage these risks?

EY: It’s recommended that companies review existing risk assessment programs to include remote workers, ergonomic and mental health, and other emerging risks. Some of the risks like mental health, remote working health and safety are usually difficult to assess and often overlooked compared to other potential risks.

It’s important to provide sufficient training to raise awareness. This can be done through micro-learning sessions, to build awareness and risk prevention into a corporate culture of compliance.

Furthermore, certain health and safety programs should be in place, even when most employees work remotely. For instance, companies can implement suitable medical surveillance and support for employees’ wellness. This is required in some countries/regions, even if your employees only have a desk job or most work remotely. Having medical professionals available for health consultations regularly also helps address these potential risks.

Even though the tech sector’s workplaces are largely low risk, it’s still important to have a thorough risk assessment program and have effective prevention programs to address these risk areas.

5. How do we overcome compliance challenges when the risk areas are overseen by multiple teams who work in silos within an organization?

EY: It’s best to have an open and robust channel of communication across different teams and build a pool of shared resources and intelligence to support them. This can be easier said than done because overlapping responsibilities may fall under several teams that usually work in silos. For example, EHS provisions usually are not part of the real estate’s contract negotiation.

It’s also recommended to have a shared place to keep track of identified risks and compliance progress to enhance transparency among teams. This helps companies avoid duplicated or conflicting efforts.