# The HSE fines organisations not for lacking procedures, but for lacking evidence they were followed. National Grid Gas was fined £4M because 769 gas riser inspection records could not be produced; no harm had occurred. ISO 45001 Clause 7.5 requires documented information to be protected against loss of integrity, which includes integrity of timestamp. immut timestamps every H&S record at creation by anchoring a SHA-256 hash to the XRP Ledger: contemporaneous, tamper-evident, independently verifiable by an HSE inspector, an ISO 45001 auditor, or a court. ## Does the HSE fine companies even when no one is harmed? Yes. No harm is required: the evidential gap alone attracts a penalty. National Grid Gas did not have an incident. The HSE inspected 769 high-rise buildings and found that gas riser inspections could not be evidenced as having taken place at the required intervals. The fine was for the failure to maintain a verifiable record, not for any harm caused. Under the revised HSE Sentencing Framework, culpability is assessed partly by reference to the quality of documentary evidence: a company that can show contemporaneous, tamper-evident records of inspection activity occupies a different sentencing band than one that cannot. ## What does each standard require for H&S records? ISO 45001, HSWA 1974, CDM 2015, RIDDOR and the HSE Sentencing Framework all turn on the same question: can you prove the control was in place at the time it was required? - **ISO 45001:2018, Clause 7.5 (Documented information).** Documented information must be controlled to ensure it is protected against loss of integrity. A document that cannot prove when it was created has suffered a loss of integrity, even if no tampering occurred. Auditors trained by the ISO Auditing Practices Group are expected to challenge documentation that cannot demonstrate contemporaneous creation as a non-conformity. - **ISO 45001:2018, Clause 9.1 (Monitoring and measurement).** Monitoring, measurement, analysis and performance evaluation records must be retained as documented information, including when results shall be analysed, evaluated and retained. Each of those "when" requirements is an evidence trail that must prove its own timestamp. - **HSWA 1974 (Health and Safety at Work Act).** Section 2 imposes a duty to ensure the health, safety and welfare of all employees, including a safe system of work and adequate information, instruction, training and supervision. HSE enforcement turns on whether procedures existed and were followed, not merely on whether they were declared. - **CDM 2015 (Construction Design and Management).** Principal Designers must compile and maintain pre-construction information, and the Health and Safety File must contain information needed to ensure the health and safety of anyone carrying out construction work. Enforcement focuses on whether these records existed at the point they were required to exist: a contemporaneity test embedded in the regulation itself. - **RIDDOR 2013 (Reporting regulations).** Records of reportable incidents must be kept for three years. HSE investigations after a reportable incident examine whether risk assessments, safe work procedures and training records existed before the incident. Records created or amended after an incident are presumptively suspect if their timestamps cannot be independently verified. - **HSE Sentencing Framework (revised 2025).** Courts assess culpability by how far the organisation fell short of the relevant standard. Documentary evidence of controls, risk assessments and training, all with verifiable timestamps, directly affects whether culpability is categorised as high, medium or low, and therefore the fine band applied. ## Which enforcement cases set the standard? In every case below, the question was not whether policies existed but whether evidence of compliance at the relevant time could be produced. - **National Grid Gas, £4M (UK HSE, 2016).** 769 high-rise buildings had no evidence that gas riser inspections had taken place at required intervals. No harm had occurred; the fine was for the evidential gap alone. National Grid Gas had procedures; it could not prove they were followed at the times they were required to have been followed. - **Wm Morrison Supermarkets, £3.5M (UK HSE, 2018).** Morrison's own procedures required an individual risk assessment for every employee with a disability. An employee with epilepsy died after a seizure on a staff staircase; no individual risk assessment had ever been produced. - **West Yorkshire manufacturer, £70K plus costs (UK HSE, Crown Court).** Following a serious workplace injury, the company submitted a risk assessment and training records to the HSE investigation. The court found both documents had been created after the incident and backdated. The backdating was detected only because the HSE found corroborating evidence from other sources; an ISO 45001 surveillance audit would not have caught it. - **Bakkavor Foods, £800K (UK HSE, 2022).** A worker sustained serious injuries when a baler machine activated unexpectedly. Risk assessments and safe operating procedures existed, but the company could not demonstrate they had been reviewed or communicated to operators at the relevant times. ## Why can't backdated records be detected? A risk assessment written after an incident is forensically identical to one written before it. The West Yorkshire Crown Court case turned on exactly this point: the HSE found corroborating evidence by chance. Blockchain-anchored records created at the time of the assessment cannot be produced after the fact; the record either exists on the ledger at the claimed date, or it does not. - **Risk assessments.** Word documents and PDFs have editable creation metadata. A file saved with a past date is forensically indistinguishable from a genuinely contemporaneous record. - **Training records.** Attendance sheets, toolbox talk logs and e-learning completion certificates stored in editable formats can all be created retrospectively without detection. - **Inspection records.** Periodic inspection logs for gas risers, scaffold inspections and machinery checks are all susceptible to completion after the inspection window. ## How does immut work for H&S records? Public proof, private work. Stamp each H&S record at the moment it is created; the file stays in your systems, and the proof of when it existed is on a public blockchain that no one can alter. 1. **Hash your H&S records.** Risk assessments, toolbox talks, inspection logs, training records: any file is hashed locally, in your browser, without transmission. 2. **Anchored to the XRP Ledger.** The hash is recorded on the public blockchain at the moment it is submitted. The timestamp cannot be altered by anyone, including immut. 3. **Certificate issued.** immut generates a certificate with the hash, XRPL transaction ID, ledger sequence number, and UTC timestamp. HSE-ready. 4. **Independently verifiable.** An HSE inspector, ISO 45001 auditor, or court can verify the record without trusting your systems or representations. ## The question to ask yourself If an HSE inspector asked you to prove that a risk assessment, inspection, or training record existed at the time it was required to exist, could you? ## Links - Live page: https://www.immut.io/evidence/health-safety - Developer docs: https://www.immut.io/docs - For AI agents: https://www.immut.io/ai-agents