Transcription
National Framework for PersonalProtective Equipment ConformityAssessment - Infrastructure
This page intentionally left blank.
National Framework for PersonalProtective Equipment ConformityAssessment - InfrastructureDEPARTMENT OF HEALTH AND HUMAN SERVICESCenters for Disease Control and PreventionNational Institute for Occupational Safety and Health
This document is in the public domain and may be freely copied or reprinted.DisclaimerThis Framework is intended exclusively as recommendations and to serve informational purposes, anddoes not create any legal obligations or regulatory requirements.Mention of any company or product does not constitute endorsement by the National Institute forOccupational Safety and Health (NIOSH) or the National Institute of Standards and Technology (NIST). Inaddition, citations to websites external to NIOSH or NIST do not constitute NIOSH or NIST endorsementof the sponsoring organizations or their programs or products. Furthermore, NIOSH and NIST are notresponsible for the content of these websites. All web addresses referenced in this document wereaccessible as of the publication date.Ordering InformationTo receive documents or other information about occupational safety and health topics,contact NIOSH:Telephone: 1–800–CDC–INFO (1–800–232–4636)TTY: 1–888–232–6348CDC INFO: www.cdc.gov/infoor visit the NIOSH website at www.cdc.gov/niosh.For a monthly update on news at NIOSH, subscribe to NIOSH eNews by visitingwww.cdc.gov/niosh/eNews.Suggested CitationNIOSH [2017]. National framework for personal protective equipment conformityassessment - infrastructure. By D’Alessandro M. Pittsburgh, PA: U.S. Department of Healthand Human Services, Centers for Disease Control and Prevention, National Institute forOccupational Safety and Health, DHHS (NIOSH) Publication 2018–102.Lisa Carnahan, U.S. Department of Commerce, National Institute of Standards andTechnologyRichard Metzler, Richard W. Metzler, Inc.Joshua Scott, Colorado School of Public Health CU Anschutz Medical CampusMountain & Plains ERCDHHS (NIOSH) Publication No. 2018–102November 2017
TABLE OF CONTENTSForeword . iAcknowledgements.iiiList of Acronyms .iv1. Introduction .11.1 Motivation for a National Framework . 11.2 PPE CA Framework Utility . 22. Conformity Assessment Foundation .32.1 Foundations for U.S. Federal Agencies. 42.2 Standards Used in Conformity Assessment . 62.3 Current PPE Conformity Assessment Programs in the United States. 63. CA Framework and Recommendations for Implementation .63.1 Step 1: Identify Hazards and Risk to Workers . 83.2 Step 2: Identify PPE Types Needed to Address Hazards . 93.3 Step 3: Identify and Select Standards That Address Hazards. 93.4 Step 4: Define the CA Requirements and Activities in Consideration of Risks to Workers . 103.4.1 Leveraging Existing PPE CA Programs . 103.4.2 Obtaining Stakeholder Input . 103.4.3 Understanding CA Program Owner Responsibilities . 113.4.4 Analyzing the Risk of Injury and Illness Associated with Non-conformity . 123.4.5 Independence and Rigor . 133.4.6 Beyond Risk . 143.4.7 Connecting Levels of Risk and Appropriate CA Activities . 143.4.8 Considerations for a First-Party Attestation . 163.4.9 Considerations for Third-Party Use and Attestation. 173.4.10 Labels, Product Lists, and Other Documentation of Conformity . 183.4.11 Design Market Surveillance Strategies . 183.5 Step 5: Perform CA Activities. 203.5.1 Conformity Assessment Improvement Activities. 203.5.2 Surveillance Activities . 204. Conclusions .215. References . A-1Conformity Assessment Activities. A-4Standards for Conformity Assessment Activities . B-1Sample Conformity Assessment Programs . C-1Framework Checklist . D-1
FiguresFigure 1. The Quality Infrastructure . 3Figure 2. PPE CA Framework . 7Figure 3. Analyzing risk for conformity assessment. 12Figure 4. Relating Risk to Rigor & Independence . 13Figure 5. Post Market Surveillance Action [Adapted from PROSAFE:2009, Fig 26] . 19Figure A-1. Functional Approach to Conformity Assessment .A-5TablesTable-1 Conformity Assessment Activities Based on Risk Category . 16Table B-1 ISO Standards and Conformity Assessment .B-1Table B-2 ISO/IEC Conformity Assessment Standards .B-2Table B-3 ISO/IEC 17067 Example Certification Programs .B-4Table C-1 Sample PPE Conformity Assessment Programs in the United States.C-1Table D-1 Checklist for Application of PPE Conformity Assessment Framework . D-1
FOREWORDThe goal of our efforts at the National Institute for Occupational Safety and Health (NIOSH)is to provide national and world leadership to prevent workplace illnesses and injuries. Weaccomplish this by conducting and supporting activities to protect workers from workrelated exposures to hazards. One core objective of this approach involves the developmentand use of personal protective equipment (PPE).Workers are more likely to appropriately use PPE when they are confident that theequipment will provide the intended protections based on its conformance with appropriatestandards. The National Academies of Sciences, Engineering, and Medicine (the Academies)indicates that “for the consumer or worker, conformity assessment provides confidence inthe claims made about the product by the manufacturer and may assist the consumer withpurchasing decisions in determining the fitness of a product for it its intended use.” [IOM,2011, page 3] A comprehensive and tailor-made conformity assessment (CA) program isthe most effective way to manage risks of a non-conforming PPE and instill this confidencein PPE users.Following recommendations from the Academies, we have defined a Framework to assist indeveloping, structuring, and managing PPE CA for American workplaces.This Framework is the product of collaboration among the NIOSH representatives and abroad cross-section of members of the PPE community. This group’s multi-year effort;(1) identified and analyzed national and international conformity assessment programs andrequirements, (2) investigated injury and enforcement surveillance databases, (3)researched and gathered PPE standards, and (4) developed a risk-based approach toconformity assessment resulting in this Framework.The Framework was informed by a comprehensive review of good practice criteria derivedfrom current CA programs and is based on national and international standards published bythe International Organization for Standardization and International ElectrotechnicalCommission (ISO/IEC) (e.g., ISO/IEC 17065, 17025). These standards, which serve as thebasis for CA requirements in many programs worldwide, help U.S. suppliers meetinternational requirements for evidence of conformity.The recommendations in this document are intended to serve as foundational principles forvarious types of conformity assessment programs for occupational PPE. They are notrequirements for how these programs must, or will, function. Conformity assessmentactivities should be tailored to the needs of product users, suppliers, and regulatoryauthorities. They should result in products that protect workers who rely on PPE; facilitatetrade, fair competition, and market access; be cost-effective; and provide assurance ofconformance.We developed the Framework in a way that it can be appropriately tailored and broadlyapplied to all PPE that protects from a variety of risks regardless of the hazard, type, orenvironment. For example, the conformity assessment program for firefighter boots wouldi
look different than the conformity assessment program for steel toe boots for constructionworkers. The Framework describes the foundational principles of CA to enable programowners and operators to define the level of independence and rigor based on risk toworkers.The Framework defines a process that contains five steps that link the elements of the welldeveloped public health hierarchy of controls with those of CA. The Framework is supportedby a checklist assisting prospective CA program owners to evaluate and then define anapproach specific to workplace needs. This document represents the first in a series ofdocuments supporting the National Framework for Conformity Assessment of PPE. NIOSHwill use this document series to publish additional documents related to the development,implementation and use of conformity assessment programs for PPE.To support the Framework and facilitate its use NIOSH will continue to:1. Provide impartial research leadership to define and fill scientific gaps;2. Lead the development and incorporation of scientific input into PPE standards;3. Support a sustainable U.S. PPE CA infrastructure by providing national leadership;4. Establish a PPE clearinghouse to support national occupational safety and health; and5. Develop and publish additional documents to support implementation of theframework.ii
ACKNOWLEDGEMENTSThis report was prepared by the NIOSH, National Personal Protective Technology Laboratory(NPPTL) to address the Institute of Medicine (IOM)1 and National Research Council (NRC)recommendations regarding the need for national risk-based conformity assessment (CA)activities for personal protective equipment (PPE). NIOSH is appreciative of the followingcurrent and former NIOSH employees, and stakeholders who actively contributed to thestudy of national and international CA programs and requirements, investigated injury andenforcement surveillance databases, researched and gathered PPE standards in support ofthe PPE CA Working Group (PCAWG) [NIOSH Docket 237-A]2, or provided information usedby NIOSH to formulate this national Framework. 3M Company, Occupational HealthAdso Enterprises, Inc.AFL-CIO, Department of OccupationalSafety and HealthAssociation of Occupational HealthProfessionals in HealthcareAmerican Association for LaboratoryAccreditationAmerican National Standards InstituteASTM InternationalDuPont Protective TechnologiesEmergint Technologies, Inc.Gateway SafetyICS Laboratories, Inc.Institute of Medicine, Committee onPersonal Protective EquipmentInternational Association of Fire FightersInternational Safety Equipment AssociationInternational Personnel Protection, Inc.J.P. Zeigler Co., LLCJSJ and AssociatesKimberly Clark ProfessionalMine Safety and Health AdministrationNational Institute of Standards andTechnologyNational Fire Protection AssociationNational Safety Council, International &Environmental Health and SafetyJSJ and AssociatesKimberly Clark ProfessionalMine Safety and Health AdministrationNational Institute of Standards andTechnologyNational Fire Protection AssociationNational Safety Council, International &Environmental Health and Safety Occupational Safety and Health AdministrationRaytheon CompanyRichard W. Metzler, Inc.RTI InternationalSafety Equipment InstituteScott SafetySyntech, InternationalCPWR - The Center for Construction Researchand TrainingUniversity of Maryland – School of MedicineUniversity of Maryland – Eastern ShoreUniversity of PittsburghUniversity of WisconsinUnderwriters LaboratoriesUnited States Coast GuardURS CorporationCurrent and former NIOSH employeesBryan BeamerRoland Berry AnnDavid BookChristopher CoffeyJudi CoyneBrent DoneyWilliam HaskellJackie KrahWilliam NewcombCharles OkeJay ParkerJohn PerrotteLynn RethiTeresa SeitzRonald ShafferJohn SporrerJonathan Szalajda1On March 15, 2016 the Institute of Medicine was renamed the Health and Medicine Division (HMD) of theNational Academies of Sciences, Engineering, and Medicine (the Academies).iii
LIST OF ACRONYMSACUSAdministrative Conference of the U.S.ANSIAmerican National Standards InstituteCAConformity AssessmentCASCOISO Committee on Conformity AssessmentCFRCode of Federal RegulationsFITFollow-up Inspection and TestingIECInternational Electrotechnical CommissionIOMInstitute of Medicine now the Health and Medicine Division (HMD)NFPANational Fire Protection AssociationNIJNational Institute of JusticeNIJ CTPNational Institute of Justice Compliance Testing ProgramNIOSHNational Institute for Occupational Safety and HealthNISTNational Institute of Standards and TechnologyNPPTLNational Personal Protective Technology LaboratoryNRCNational Research CouncilNTTAANational Technology Transfer and Advancement ActOMBOffice of Management and BudgetOSHAOccupational Safety and Health AdministrationPCAWGPPE Conformity Assessment Working GroupPPEPersonal Protective EquipmentPPTPersonal Protective TechnologiesSDoCSupplier’s Declaration of ConformitySDOStandards Development OrganizationUSCGUnited States Coast GuardWTOWorld Trade Organizationiv
1. IntroductionConformity assessment (CA) is the demonstration that a product meets specifiedrequirements. “Conformity assessment can verify that a particular product meets a givenlevel of quality or safety. It can provide explicit or implicit information about the product’scharacteristics, the consistency of those characteristics and/or the performance of theproduct. Conformity assessment can also increase a buyer’s confidence in a product, furnishuseful information to a buyer, and help to substantiate advertising and labeling claims.Information on conformance (or non-conformance) to a particular standard can provide anefficient method of conveying information needed by regulators or buyers on the product’ssafety and suitability” [ANSI 2014a, page 3]. CA is the vital link between productrequirements and the products themselves. Although the Occupational Safety and HealthAdministration (OSHA) and other agencies publish guidance for effective worker protectionusing PPE, there is currently no single regulatory body, official guidance, or mandatingauthority for the CA of all PPE. In the absence of national policy and guidance, NIOSH hasdeveloped the Framework to provide a risk-based, evidence-driven PPE CA approach foroccupational use PPE.1.1 Motivation for a National FrameworkWhen PPE is used to protect the health and safety of workers, those workers must haveconfidence that the product they are using conforms to applicable standards. Acomprehensive, tailored CA program is the most effective way to instill this confidence inPPE users. Assurances that products provide the expected protection may be determined byfollowing a rigorous conformity assessment process using relevant technical standards andmetrics.In 2008, the Institute of Medicine (IOM) and National Research Council (NRC) issued areport on the NIOSH Personal Protective Technology (PPT) Program. In that report arecommendation was made for the NIOSH to “Implement and Sustain a ComprehensiveNational Personal Protective Technology Program.” Regarding overseeing PPT certification,the National Program should also “collaborate with other relevant government agencies,private sector organizations, and not-for-profit organizations to conduct an assessment ofthe certification mechanisms needed to ensure the efficacy of all types of PPT” [IOM andNRC, 2008, page 117].A follow-up study published in 2011 by the IOM elaborated on the 2008 report byrecommending that NIOSH “Develop and Implement Risk-Based Conformity AssessmentProcesses for Non-Respirator PPT” and NPPTL “should serve in a leadership role andconvene other relevant government agencies, certifying and accrediting organizations,manufacturers, and end users to develop and implement a comprehensive , tiered risk –based framework for the classification and conformity assessment of PPT products forspecific applications.” The IOM emphasized that “This framework should be based on thedegree of risk to the safety and health of the user and other factors affecting the feasibilityof implementing the proposed conformity assessment processes.” [IOM, 2011, page 9]. Inaddition to health and safety risks, the framework is to take into account “[ ] economic andother pragmatic factors (e.g., cost of conformance, impediments to innovation, risk to1
manufacturer’s reputation due to poor product quality and/or product failure)” [IOM, 2011,page 7].In response to these recommendations, NIOSH formed the PPE CA Working Group (PCAWG)comprised of representatives from more than 30 public and private organizations. The groupdeveloped a comprehensive evaluation of conformity assessment and subsequent workproducts which are available in NIOSH Docket 237-A [NIOSH Docket 237-A] that served asinput to the development of this Framework.The Framework is intended to help the PPE industry meet the need for “a consistent riskbased approach to PPE CA” as highlighted in the IOM 2011 report. It supports CA programsto effectively demonstrate and attest that a PPE product conforms to the performance,quality, reliability, and other standards that are selected to meet health and safety needsfor reducing the wearer’s exposure to workplace hazards to acceptable levels.1.2 PPE CA Framework UtilityThe Framework is based on good practice criteria derived from international CA standardsand practices, current U.S. legal and regulatory requirements, and evidence from existingCA activities in the United States and other industrialized economies. [NIOSH Docket 237-A]The CA concepts on which the Framework is based are identified in Appendix A.An approach for developing, structuring, and managing PPE CA in the U.S. is provided andcan be tailored and applied to all PPE that protects from a variety of occupational risksregardless of the hazard, type, or environment. The Framework describes the foundationalprinciples of CA to enable CA program developers and operators to stratify the level ofindependence and rigor based on likely risk to workers.The Framework elements are not regulatory requirements for a CA program. The elementsmay be used to improve existing programs, develop new programs, and provide informationto those interested in the concept of conformity assessment.Both public agencies and private organizations operate PPE CA programs in the U.S. Theprograms vary along a continuum of rigor in requirements and testing as well asindependence from the PPE supplier.The Framework is intended to serve all organizations that are or may become owners of CAprograms. These foundational CA principles provide support for effectively demonstratingthat a PPE product conforms to selected standards. CA activities should be tailored to theneeds of product users, suppliers, and regulatory authorities. They should result in productsthat protect workers who rely on PPE; facilitate trade, fair competition, and market access;be cost-effective; and provide regulatory confidence.The Framework draws upon federal policy and administrative guidance as well as currentnational public and private CA programs. It aims to facilitate commerce by incorporatingexisting CA infrastructure in the U.S. and recommending practices that link hazards toprotection requirements in PPE standards. In addition, it suggests appropriate CA activitiesbased upon the risk to workers associated with a non-conforming PPE.2
Docket 237-A contains resources developed from the multi-year effort of the PCAWG whichled to the development of the Framework.Personal protective technologies (PPT) such as instrumentation and sampling devices arenot included in the Framework for PPE; however, the Framework may be applied to addressconformity of PPT in the future.2. Conformity Assessment FoundationCA is defined as “demonstration thatspecified requirements relating to aproduct, process, system, person, orbody are fulfilled.” [ISO/IEC 17000] Thestandard also describes theinterrelationships of CA procedures. CAprocedures evaluate whether theproducts, services, or systems producedor operated have the requiredcharacteristics and whether thesecharacteristics are consistent fromproduct to product, service to service, orsystem to system. CA includes samplingand testing, inspection, supplier’sdeclaration, certification, and qualityand environmental system assessmentand registration. It also includesaccreditation of the competence of theprovider of those activities by a thirdparty and recognition of an accreditationprogram's capability. CA processes andactivities are described in Appendix A.Societal ConcernsHealth, Safety, Environment, Economic well-being,Fair trade, consumer protection, Governmental laws and smentBusiness ConcernsTrading, Quality, Profitability, Manufacturing, Distribution,Purchasing, Use, Specifications, ContractsCA is one of the three interdependentFigure 1. The Quality Infrastructurepillars of a quality infrastructure (see Figure 1).[ISO-UNIDO (2010:6)]Together with metrology and standardization (i.e., thedevelopment and use of technical standards), CA is an efficient means to achieve publichealth and safety goals and to remove barriers to commerce and trade.Consumers benefit from CA because it gives them a basis for selecting products and forhaving confidence that their health and safety requirements are met. Conforming productsare directly related to health and safety requirements through standards used in the CAprocesses. Suppliers and service providers benefit both by avoiding the costs of productfailures in the market and by obtaining access to internal and external markets.The basic building block of CA is a program that relates to a particular group of productswith “sufficiently similar characteristics that the same set of rules and procedures can becarried out under the same management for assessing conformity with the same set of3
specified requirements” [ISO, 2010:47]. A program consists of rules, procedures, andmanagement requirements related to assessing conformity with a particular set of specifiedrequirements. In the international conformity assessment community the term CA schemeis used rather than CA program. Per ISO/IEC 17000, the terms CA scheme and CA programare synonymous.Each CA program should have an owner. The program owner can be any type oforganization – public or private. Common types of organizations are government orregulatory bodies, non-governmental organizations, trade or manufacturing associations,product certification bodies or groups of certification bodies, and consumer organizations.[ISO/IEC 17067:2013[E]].Many types of organizations can perform CA activities including: (1) a first party, which isgenerally the manufacturer or other supplier; (2) a second party, which is generally thepurchaser or user of the product; or (3) a third party, which is an independent entity that isgenerally distinct from the first or second party and has no interest in transactions betweenthe first and second parties.Terminology for CA processes is found in standard ISO/IEC 17000. Additional terminologycommon to PPE CA can be found in NIOSH Docket 237-A.2.1 Foundations for U.S. Federal AgenciesThe Framework is informed in part by federal law, regulatory policy, and administrativeguidance. The National Technology Transfer and Advancement Act (NTTAA) (Public Law104-113) requires all U.S. federal agencies to use voluntary consensus standards to theextent possible [IOM, 2011:26-27]. The Office of Management and Budget (OMB) CircularA-119, Revised, “Federal Participation in the Development and Use of Voluntary ConsensusStandards and in Conformity Assessment Activities” establishes policies on federal use anddevelopment of voluntary consensus standards and on CA activities.The Agreement on Technical Barriers to Trade (TBT), one of the agreements within theWorld Trade Organization (WTO) and to which the U.S. is a signatory, prohibits thesignatories from having CA procedures that are more trade restrictive than necessary tomeet their legitimate regulatory objectives. To comply with these agreements WTOmembers should ensure that the results of another member’s CA procedures based on equivalentprocedures are accepted, even when they differ from their own,follow strict transparency provisions to enable members to understand and havean opportunity to influence another member’s proposed CA practices that couldaffect international trade, andsupport global harmonization of CA procedures.The NTTAA directs the U.S. National Institute of Standards and Technology (NIST) tocoordinate CA activities of federal, state, and local entities with private sector technicalstandards activities and CA activities to eliminate any unnecessary duplication of CA4
activities [NIST: 2012]. NIST has published guidance outlining federal agencies’considerations for evaluating the efficiency and effectiveness of their CA activities. NISTguidance is intended to help federal agencies improve the management and coordination oftheir own CA activities in support of their regulatory, procurement, and other missionobjectives [NIST: 2012]. NIST makes specific recommendations to: provide a rationale for use of specified CA procedures and processes,use the results of other governmental agency and private sector organization CApractices, programs, and activities,use relevant guides or standards for CA practices published by domestic andinternational standardizing bodies to enhance the safety and efficacy of proposednew CA requirements and measures,participate in efforts designed to be cost-effective and reduce industry burden:––––– improve coordination among governmental and private sector CA activities,avoid unnecessary duplication and complexity in federal CA activities,harmonize federal requirements for quality and environmental managementsystems for use in procurement and regulation,establish criteria for the development and implementation of governmentalrecognition systems to meet government recognition requirements imposedby other nations and regional groups in support of the efforts of the U.S.government to facilitate international market access for U.S. products, anddevelop national infrastructures for coordinating and harmonizing U.S. CAneeds, practices, and requirements.encourage domestic and international recognition of U.S. CA results bysupporting the work of the U.S. government in international trade and relatednegotiations with foreign countries and U.S. industry in pursuing agreements withforeign national and international private sector organizations.Recommendation 2012-7 of the Administrative Conference of the U.S. (ACUS) sets forthguidance for federal agencies when deciding whether to develop a third-party program tospecifically assess regulatory compliance. ACUS makes these recommendations: consult governmental and nongovernmental resources relating to third-party CA;compa
and use of personal protective equipment (PPE). Workers are more likely to appropriately use PPE when they are confiden t that the equipment will provide the intended protections based on its conformancewith appropriate standards. The National Academi
