The HSE fines organisations not for lacking procedures, but for lacking evidence they were followed.
National Grid Gas was fined £4M because 769 gas riser inspection records could not be produced. No harm had occurred. ISO 45001 Clause 7.5 requires documented information to be protected against loss of integrity — which includes integrity of timestamp.
No harm required. The evidential gap alone attracts a penalty.
National Grid Gas did not have an incident. The HSE inspected 769 high-rise buildings and found that gas riser inspections could not be evidenced as having taken place at the required intervals. The fine was for the failure to maintain a verifiable record, not for any harm caused.
Under the revised HSE Sentencing Framework, culpability is assessed partly by reference to the quality of documentary evidence. A company that can show contemporaneous, tamper-evident records of inspection activity occupies a different sentencing band than one that cannot.
What each standard requires for H&S records.
ISO 45001, HSWA 1974, CDM 2015, RIDDOR, and the HSE Sentencing Framework all turn on the same question: can you prove the control was in place at the time it was required?
Documented information required by the OH&S management system shall be controlled to ensure it is protected against loss of integrity. A document that cannot prove when it was created has suffered a loss of integrity — even if no tampering occurred. ISO 45001 auditors trained by the ISO Auditing Practices Group are expected to challenge documentation that cannot demonstrate contemporaneous creation as a non-conformity under Clause 7.5.
Monitoring, measurement, analysis and performance evaluation records must be retained as documented information. Clause 9.1.1 requires organisations to evaluate their OH&S performance and determine what needs to be monitored, measured, analysed and evaluated, when the results shall be analysed and evaluated, and when the results shall be retained. Each of those 'when' requirements is an evidence trail — a trail that must prove its own timestamp.
Section 2 imposes a duty to ensure the health, safety and welfare of all employees, including the provision and maintenance of a safe system of work and adequate information, instruction, training and supervision. HSE enforcement under HSWA turns on whether procedures existed and were followed, not merely on whether they were declared. The HSE Sentencing Framework requires the court to consider the degree to which the organisation fell short of standards, which is a question of evidence.
Principal Designers are required to compile and maintain pre-construction information and pass it to the Principal Contractor. The Health and Safety File must contain information likely to be needed to ensure the health and safety of any person carrying out construction work. CDM 2015 enforcement focuses heavily on whether these records existed at the point they were required to exist — a contemporaneity test embedded in the regulation itself.
RIDDOR requires accurate recording of workplace accidents and near-misses. Records of reportable incidents must be kept for three years. HSE investigations after a reportable incident will examine whether risk assessments, safe work procedures, and training records existed before the incident occurred. Records created or amended after an incident attract specific scrutiny: they are presumptively suspect if their timestamps cannot be independently verified.
The revised sentencing guidelines for health and safety offences require courts to assess culpability by reference to how far the organisation fell short of the relevant standard. Documentary evidence of what controls were in place, what risk assessments had been completed, and what training had been delivered — all with verifiable timestamps — directly affects whether the court categorises culpability as high, medium, or low, and therefore the fine band applied.
The cases that set the standard.
In every case below, the question was not whether policies existed. The question was whether evidence of compliance at the relevant time could be produced.
769 high-rise buildings had no evidence that gas riser inspections had taken place at required intervals. No harm had occurred. The fine was for the evidential gap alone — the inspection records could not be produced. National Grid Gas had procedures; it could not prove they were followed at the times they were required to have been followed.
Morrison's own procedures required an individual risk assessment for every employee with a disability. An employee with epilepsy died after a seizure on a staff staircase. No individual risk assessment had ever been produced. The question was whether the specific control required by Morrison's own written procedure had ever been performed for this individual, and when.
Following a serious workplace injury, the company submitted a risk assessment and training records to the HSE investigation. The court found both documents had been created after the incident and backdated. The company was convicted for the falsification. The backdating was detected only because the HSE found corroborating evidence from other sources — an ISO 45001 surveillance audit would not have caught it.
A worker sustained serious injuries when a baler machine activated unexpectedly. HSE investigation found that risk assessments and safe operating procedures existed, but the company could not demonstrate they had been reviewed or communicated to operators at the relevant times. The gap between the existence of documentation and the evidence that it was used in practice is the standard enforcement finding.
A risk assessment written after an incident is forensically identical to one written before it.
The West Yorkshire Crown Court case turned on exactly this point. The HSE found corroborating evidence by chance. An ISO 45001 surveillance audit would not have detected the backdating. Blockchain-anchored records created at the time of the assessment cannot be produced after the fact — the record either exists on the ledger at the claimed date, or it does not.
Word documents and PDFs have editable creation metadata. A file saved with a past date is forensically indistinguishable from a genuinely contemporaneous record.
Attendance sheets, toolbox talk logs, and e-learning completion certificates stored in editable formats can all be created retrospectively without detection.
Periodic inspection logs for gas risers, scaffold inspections, machinery checks — any recurring inspection record is susceptible to completion after the inspection window.
Public proof. Private work.
Stamp each H&S record at the moment it is created. The file stays in your systems. The proof of when it existed is on a public blockchain that no-one can alter.
Risk assessments, toolbox talks, inspection logs, training records — any file is hashed locally, in your browser, without transmission.
The hash is recorded on the public blockchain at the moment it is submitted. The timestamp cannot be altered by anyone, including immut.
immut generates a certificate with the hash, XRPL transaction ID, ledger sequence number, and UTC timestamp. HSE-ready.
An HSE inspector, ISO 45001 auditor, or court can verify the record without trusting your systems or representations.
If an HSE inspector asked you to prove that a risk assessment, inspection, or training record existed at the time it was required to exist, could you?
Prove your first file in minutes.
Takes seconds. Works on any file type. No installation required.