Guidance Material — Regulation (EU) No 376/2014 and its implementing rules

SECTION 3 — ORGANISATIONS

3.1 What may be the safety benefit of sharing occurrence reports with the competent authority?

GM to Reg. (EU) No 376/2014 and its IRs

See also Sections 1.1 and 2.1. The collection, analysis and follow-up of occurrences are part of organisations safety management systems. It contributes to the identification of risks and to the adoption of relevant mitigation actions by organisations.

Regulation 376/2014 requires the collection, analysis and follow-up by organisations, as well as the transfer of certain occurrences to their competent authority. One could question the safety benefit of transferring this information to the competent authority. Indeed the organisation has already addressed its safety risks in the context of its SMS.

Sharing occurrences with the competent authority (Member States or EASA) allow this authority to be informed about the risks faced at national or European level and to therefore identify measures that may be necessary to ensure aviation safety from a broader (national or European) perspective. Indeed, the reporting of aviation safety occurrences is vital to the understanding safety risks in the aviation system and, importantly, helps decision makers in competent authorities to take the appropriate decisions on safety priorities and on possible changes to rules or procedures. This may in particular trigger the adoption of actions in the context of national safety plans or of the European Plan for Aviation Safety (EPAS)65 The European Plan for Aviation Safety (EPAS) was previously named the European Aviation Safety Plan (EASp).. The entire safety system and its stakeholders should benefit from a more data driven decision making from competent authorities and decision makers.

Furthermore, this information is necessary in the context of the oversight performed by the competent authorities on their organisations.

3.2 How can information be shared with the industry?

GM to Reg. (EU) No 376/2014 and its IRs

i. Information from competent authorities databases

Granting organisations access to occurrences stored in a competent authority database is not prevented by Regulation 376/2014 as long as the purpose of sharing this information is aviation safety. Under this condition, each competent authority can decide to provide or not access to its database (partly or entirely) to its organisations66 Information related to access to EASA (acting as a competent authority) database is available at http://easa.europa.eu/easa-and-you/safety-management/occurrence-reporti…. In particular, Member States and EASA are not prevented from establishing feedback loops with organisations reporting to them, especially in those cases where identified safety issues fall under third party’s responsibility. In these cases, the feedback provided by the competent authority would help reinforcing trust in the system.

But organisations are required to respect the provisions of Regulation 376/2014 relating to disclosure or use of information on occurrences contained in their competent authority database (see Sections 3.16 and 4.7).

ii. Information from the European Central Repository (ECR)

As regards to the ECR (which regroups all occurrences collected by competent authorities), Regulation 376/2014 prohibits direct access by organisations to this database but recognises them as interested parties, allowing them to request certain information issued from the ECR (Article 10(2)). Rules related to the possibility to request information from the ECR is contained in Article 10 to 12 of Regulation 376/2014. More information is provided in Section 4.8.

Furthermore reporting organisations receive feedback on occurrences they have transferred in various format, such as annual safety reviews and safety bulletins. Such information may be provided at national level as well as at European level. In addition, the results of analysis carried out at European level through Regulation 376/2014 are shared through the various safety processes supporting the EPAS.

3.3 What are the organisations subject to Regulation 376/2014?

GM to Reg. (EU) No 376/2014 and its IRs

Key principle

Regulation 376/2014 applies to ‘‘any organisation providing aviation products and/or which employs, contracts or uses the services of persons required to report occurrences in accordance with Article 4(6)’’ (i.e. subject to mandatory reporting obligations) (Article 2(8)). It is therefore understood that organisations which do not, on a professional basis, employ, contract or use the services of a person subject to mandatory reporting obligations (see section 2.2) are not requested to comply with the Regulation.

Example:

Organisations created with the aim of promoting aerial sport and leisure aviation, and which does not, on a professional basis, employ, contract or use the services of someone covered by Article 4(6), are understood as not being subject to Regulation 376/2014 and therefore not requested to comply with it.

Furthermore, Regulation 376/2014 contains a number of provisions applicable to ‘‘each organisation established in a Member Stat’’. It means that among the organisations which are subject to the Regulation only those which are ‘‘established in a Member State’’ are subject to those provisions.

Key principle

“Organisation established in a Member State” is understood as meaning:

             each organisation which has been approved or certified by a Member State, and

             each organisation which has been approved or certified by EASA and whose principal place of business is located in a Member State.

The Regulation is understood as applying to all the facilities of the organisation under its approval, regardless of their location.

3.4 What is the reporting flow implied by the Regulation?

GM to Reg. (EU) No 376/2014 and its IRs

Regulation 376/2014 prescribes reporting obligations on certain natural persons (see Section 2.2), organisations and competent authorities.

The information follows a reporting flow from its initial reporting until its registration in the European Central repository (ECR).

The diagram below illustrates the general flow of information, main deadlines and stages of the reporting.

Diagram 2. Flow of information under Regulation 376/2014

This reporting flow starts from the moment the occurrence is detected (T0). From this moment, the individual shall report it to the organisation or to the authority as soon as possible, but before 72 hours if it falls within the mandatory scheme. In this case, the organisation has 72 hours to report to the authority from the moment they become aware of the occurrence.

It should be understood that in certain specific situations the identification of the occurrence might require an additional stage before this reporting flow starts. In particular, for Design or Production Organisations the time start (T0) is the moment where the individuals carrying out this process in the organisation identify the unsafe or the potential unsafe condition. Therefore, these organisations will have 72 hours to report to the competent authority when this process concludes that an occurrence represents an unsafe or potential unsafe condition as per Annex Part 21 of Regulation 748/2012.

In cases where an organisation learns about an occurrence through its automatic data capturing systems (e.g. FDM) and if it has requested a retrospective report to be made, the 72 hours starts when it receives the retrospective report from the reporter.

Information about the various stages part of the reporting is detailed in sections below.

3.5 Which occurrences shall be collected by organisations?

GM to Reg. (EU) No 376/2014 and its IRs

Key principle

Each organisation covered by Regulation 376/2014 is required to put in place systems to facilitate the collection of both mandatorily and voluntarily reportable occurrences. For organisations subject to safety management systems requirements, it is understood that such systems should be part of the organisation SMS.

Detailed information on the persons subject to reporting obligations and the type of occurrences to be collected is contained in Sections 2.2 and 2.3.

3.6 How do these reporting requirements interact with those contained in other rules?

GM to Reg. (EU) No 376/2014 and its IRs

Whereas the reporting of occurrences in the EU is overall regulated under Regulation 376/2014, there are also a number of more sectorial occurrence reporting requirements contained in other European Regulations. This situation is recognised by Regulation 376/2014 (Recital 4) which clarifies that this should not be seen as setting up two parallel systems but only one reporting system.

Key principle

Where reporting requirements also exists in other European rules and are consistent with those contained in Regulation 376/2014, the co-existence of two or more set of rules should not lead to multiple reporting systems. One system is considered sufficient to comply with the various legal obligations that are covering similar aspects. Whereas certain specifications may be contained in different legal act or based on different legal basis, they are all considered as part of a single overall European safety system.

Example:

Design Approval Holders are required to report unsafe or potential unsafe conditions as per Part‑21 requirements under Commission Regulation (EU) No 748/2012.

The same requirement is contained in Regulation 376/2014 through the obligation for organisations certified or approved by EASA to report occurrences listed in Regulation 2015/1018 to EASA.

It is the same requirement which happens to be contained in two set of rules but should be reported once to EASA. It should be noted that when reporting such occurrence, the organisation is required to ensure that all specifications contained in both acts should be complied with (such as for example timeline or format).

It should also be understood that Regulation 376/2014 does not cover all existing reporting requirements in the European system. Other types of reporting requirements may in particular be contained in Regulation 216/2008 and its implementing rules (e.g. reporting between organisations). Organisations are encouraged to properly reflected this in the organisation manual and cover all the specificities of all different obligations.

For reporting requirements under Regulation 216/2008, while efforts have been made to align the list of occurrences to be reported, the list of reporters and the timeline under which occurrences shall be reported, requirements related to other aspects such as reporting formats requires further alignment. A rulemaking task has been initiated to ensure a better alignment of all requirements and support the implementation of a single reporting system.

In the meantime, it is important that individuals and organisations are aware of the various reporting requirements to ensure proper discharge of their obligations.

Furthermore, while the European legislation on the performance scheme for air navigation services and network functions67 Commission Implementing Regulation (EU) No 390/2013 of 3 May 2013 laying down a performance scheme for air navigation services and network functions; OJ L 128, 9.5.2013, p. 1. does not impose the reporting of occurrences, it requires the reporting of certain information such as the level of occurrence reporting and the number of certain defined occurrences. Regulation 376/2014 supports a proper implementation of these rules by ensuring that the availability of the data that is necessary to provide required information.

3.7 What information shall be transferred to the competent authority?

GM to Reg. (EU) No 376/2014 and its IRs

i. Occurrence initial notification

Diagram 3. Information flow related to the occurrence initial notification

Note: for the purpose of simplification, the scheme indicates that the reporting by individuals is made to the organisation while it is recognised by Regulation 376/2014 that individuals may report directly to the competent authority. See Section 2.8 for more information on the various reporting channels.

Key principle

Organisations are required to report to their competent authority (Article 4(8) and (9)) all mandatory reportable occurrences they have collected i.e. those contained in Regulation 2015/1018 when reported by a person listed in Article 4(6) (see Sections 2.2 and 2.3).

Occurrences collected under VORS are not all reportable to the competent authority. Indeed, only those that may involve an actual or potential aviation safety risk (Article 5(5) and (6)) shall be reported to the competent authority.

‘Reportable occurrences’ are those subject to an initial notification report requirement as described in the principles above.

It is understood that organisations shall discuss with their competent authorities to determine what types of occurrences are considered involving an actual or potential aviation safety risk. This should ensure an alignment between the occurrences that the organisation intends to transfer from the VORS and the ones that the competent authority expects to receive. It should also ensure harmonisation among all organisations reporting to the same competent authority.

Regulation 376/2014 gives Member States the possibility to request their organisations to transfer them all occurrences they have collected under their VORS (Article 5(6)).

It is also understood that when an occurrence is reported to an organisation, this organisation might need to assess whether or not it falls under MOR or VOR and therefore what the applicable notification obligations are. In a situation where a reporter has transferred the report under VORS, the organisation may reclassify it into MOR and vice-versa.

Organisations are encouraged to include in the occurrence notification sent to the competent authority all available relevant information. If appropriate, this should include the indication that no further analysis and follow-up will be made on that occurrence (‘‘closed-on-issue’’ or the assessment and actions on the safety risk identified from the occurrence.

Organisations are encouraged to report to their competent authority all necessary information to enable a proper understanding and assessment of the occurrence. It is acknowledged that all essential information is not always known at the time of the initial report. However, an effort should be made to gather as much information as possible, especially in the follow-up and final reports.

All occurrences reported to the competent authority (either directly or through organisations) are required to be transferred to the ECR (Article 9(1)).

Key principle

It is understood that an organisation shall not be accountable for not reporting to the competent authority an occurrence which has not been reported to it (e.g. pilot not reporting an occurrence or in service occurrence not reported to the organisation)

ii. Analysis and follow-up related information

Diagram 4. Information flow related to analysis and follow-up related information

All occurrences collected by the organisation (MOR and VOR) are subject to analysis and follow-up requirements (Article 13(1) and (2)). However not all of them (i.e. only reportable ones — see i. above) are subject to further reporting obligations.

Key principle

Analysis and follow-up related information of reportable occurrences is required to be transferred only if it has revealed an actual or potential aviation safety risk (Article 13(4) and (5)).

Whereas Regulation 376/2014 only requires organisations to transfer to their competent authority analysis results and follow-up information for certain occurrences (those which may involve an actual or potential aviation safety risk), it allows a competent authority to require the transfer of analysis and follow-up information related to all reportable occurrences (i.e. all MOR occurrences and the VOR reportable ones — see i. above) (Article 13(4) and (5)).

It is understood that the competent authority may require so on a case by case basis or by adopting a general measure requiring organisations to transfer to it analysis and follow-up related information of all reportable occurrences.

In the same way as for initial notification, it is understood that organisations shall discuss with their competent authority to determine when an actual or potential aviation safety risk is considered identified out of the analysis. This should ensure an alignment between the analysis and follow-up information that the organisation intends to transfer and the one that the competent authority expects to receive. It should also ensure harmonisation among all organisations reporting to the same competent authority. Through the Network of Aviation Safety Analysts, a common approach will be promoted to ensure a standardised approach exists across the Member States.

It is understood that the reporting of the follow-ups or final results of the analysis pertaining to single occurrences should be done in the same format than the initial report.

The mean to report the analysis and follow-up pertaining to a group of occurrences should be agreed with the competent authority of the organisation.

These requirements are aligned with organisations safety management processes where not only occurrences are followed in a closed-loop process but also safety issues (group of occurrences).

iii. Transfer of information on the reporter or other persons mentioned in the report

The Regulation prohibits competent authorities to record personal details (e.g. name of the reporter or anyone else mentioned in the report, addresses of natural persons) in their database (Article 16(1), (2) and (3) and Recital 35). To support this requirement, organisations are encouraged to refrain from including names and personal details when transferring occurrences reports to the competent authority.

iv. Transfer of information subject to export control

When reporting information under Regulation 376/2014 an organisation may provide to its competent authority information subject to export control regulations. In this case, the organisation should declare this fact in the report (dedicated field in the Reduced Interface Taxonomy — RIT) to inform its competent authority. Whereas the authority is required to transfer all safety related information to the ECR, it is understood that this does not cover information subject to export control.

3.8 To whom should organisations report occurrences?

GM to Reg. (EU) No 376/2014 and its IRs

Key principle

Organisations are required to report occurrences to their competent authority.

In most cases, the competent authority is the one which has certified or approved the organisation.

Examples:

Design organisations approved by EASA: EASA is the competent authority.

Air operators certified by a Member State: that Member State is the competent authority.

In a situation where an organisation has two AOC under two different States (State A and B), it shall report occurrences involving aircraft operating under the State A AOC to State A competent authority and occurrences involving aircraft operating under the State B AOC to State B competent authority.

For organisations which are not certified or approved, the competent authority is the State in which the organisation is established.

Example:

A ground handling organisation reports its occurrences under Regulation 376/2014 to the State in which it is established.

3.9 What is the required format to record and transfer occurrences?

GM to Reg. (EU) No 376/2014 and its IRs

Regulation 376/2014 imposes requirements on organisations related to reporting format and content (Article 7). This set of requirements applies to all reportable occurrences (MOR and VOR reportable occurrences).

Key principle

Occurrence reports contained in an organisation database and sent to the competent authority shall comply with format specifications that include:

             The compatibility with the ECCAIRS software and the ADREP taxonomy

             The use of standardised formats

             The provision of mandatory data fields

In addition, organisations are required to use data quality checking processes and to classify occurrences according to their safety risk.

Detailed information about these requirements is provided in Sections 3.10 to 3.14.

These obligations apply to occurrence reports registered in organisations databases.

It is recognised that some of the requested information might necessitate detailed assessment or analysis (e.g. risk classification) and might only be available after the occurrence has been analysed. It is also recognised that the period required for the notification of the occurrence might not allow the organisation to provide complete information within its initial notification. However, organisations should aim to provide the initial report as complete as possible, notably in regards to the safety assessment, as not all reports may be subject to follow-up report.

The European Commission, with the support of EASA, has developed a European Reporting Portal which is available here68 http://www.aviationreporting.eu/. This website offers a single address that can be used by reporting organisations to transfer occurrences to their competent authority in a format that is compliant with Regulation 376/2014.

Key principle

Using tools and methods provided by the European Commission ensures compliance with format related legal requirements.

It is understood that organisations and competent authorities may agree on any other method that brings equivalent level of compliance.

3.10 How to comply with the ADREP/ ECCAIRS compatibility requirement?

GM to Reg. (EU) No 376/2014 and its IRs

Regulation 376/2014 requires organisations to use formats which are compatible with the ECCAIRS software69 http://eccairsportal.jrc.ec.europa.eu/ and the ADREP taxonomy (Article 7(4)).

ADREP taxonomy compatibility is understood as a reporting system which uses the ADREP taxonomy (as integrated in ECCAIRS). The Reduced Interface Taxonomy (RIT), based on ADREP, is integrated into the ECCAIRS software and is published by the European Commission. It is maintained by the Commission, EASA and the Member States in the context of the ECCAIRS Steering Board and Committee.

ECCAIRS software compatibility is understood as a means of reporting which uses technical means and data formats that enable a direct upload of information in an ECCAIRS database. Organisations are expected to agree this technical solution with their competent authority to ensure information is transferred in a compatible format.

To facilitate organisations complying with these requirements the European Commission, supported by EASA, has developed standard methods that could be used to comply with the ECCAIRS/ADREP compatibility requirement.

These acceptable means of compliance are the following:

             E5X file format — mostly meant for large organisations which are producing a large number of occurrence reports a month.

             European Reporting Portal (off-line and on-line reports) — mostly targeting small or medium sized organisations which are not producing many occurrence reports a month.

             Use of the ECCAIRS system — would enable the exchange of ECCAIRS files or data transfer through the DINER software.

The European Reporting Portal70 http://www.aviationreporting.eu/ facilitates the reporting to the competent authority in a format that is compliant with Regulation 376/2014. It provides on-line and off-line reporting forms which are compatible with the ADREP taxonomy and the ECCAIRS software.

It is understood that organisations also have the possibility to agree with their competent authority any other mean that provides similar level of compatibility with ECCAIRS and ADREP.

3.11 How to comply with the standardised format requirement?

GM to Reg. (EU) No 376/2014 and its IRs

Regulation 376/2014 requires industry organisations to use formats which are standardised with a view to facilitate information exchange (Article 7(4)).

One of the methods for reporting provided by the European Commission is the E5X data transfer file.

Another method is to use the off-line or on-line reporting forms provided on the European Reporting Portal. It notably provides for standard reporting forms by type of reporting organisation.

3.12 How to comply with the mandatory data fields requirement?

GM to Reg. (EU) No 376/2014 and its IRs

Occurrence databases of organisations subject to Regulation 376/2014 shall contain the mandatory data fields listed in Annex I (Article 7(1)).

Key principle

The set of common mandatory data fields included in Annex I.1. is required to be provided includes for each reportable occurrence71 See definition of reportable occurrence in Section 3.7.i..

The set of specific mandatory data fields included in Annex I.2 is required to be provided only for certain specific occurrences i.e. occurrences for which that data is relevant.

The objective is to ensure that data necessary to the proper understanding of the occurrence is provided.

Examples:

Aerodrome-related data fields (Location Indicator and Location on the aerodrome) are required to be provided only if an aerodrome is involved in the occurrence, such as for example a runway excursion.

Aircraft-related data fields are required to be provided only if one or more aircraft is involved in the occurrence. This may not be relevant for certain occurrences such as for example a failure of navigation service, an unauthorised person left unsupervised on apron or an engine production issue.

Key principle

Mandatory data fields cannot be left blank when they are relevant to the occurrence. They should always be filled with a value (Annex I).

If the information of any mandatory attribute is not known, the attribute may be transmitted with the value “Unknown” (Annex I). Other attributes may be relevant in specific circumstances (e.g. ‘‘Not applicable’’).

The transfer of mandatory data fields should be done in an ECCAIRS/ADREP compatible format (Article 7(4)) such that it can be uploaded automatically to the ECCAIRS database of the competent authority (see Section 3.10 on the issue of ECCAIRS/ADREP compatibility).

The European Reporting Portal facilitates the completion of mandatory data fields by indicating the attributes to be provided.

Regulation 376/2014 foresees the possibility to amend the list of mandatory data fields based on experience. The Commission, with the support of EASA, will regularly review the completeness and relevance of the mandatory data fields list and may propose changes to it.

3.13 What is the requirement related to risk classification?

GM to Reg. (EU) No 376/2014 and its IRs

Key principle

Organisations are required to provide a risk classification for each reportable occurrence (Article 7(1) and Annex I.1.).

Risk classification is one of the common mandatory data fields and should therefore be completed for each reportable occurrence. It is expected that, where analysis and follow up is needed, such risk assessment may be preliminary, based on information available at the time of the initial report.

Key principle

Organisations have the possibility to use the risk methodology of their choice.

As from the adoption of the European Risk Classification Scheme (no later than May 2017), competent authorities will be required to use it to review and classify the risk of occurrences they collect (Article 7(2)). It shall be noticed that several industry organisations, across aviation domains, participate in the development of the European Risk Classification scheme. The use of this scheme by industry organisations would support a better harmonisation of risk classification across the EU. It should therefore be encouraged.

3.14 How to apply the requirement related to data quality checking processes?

GM to Reg. (EU) No 376/2014 and its IRs

Key principle

Organisations are required to establish data quality checking processes to ensure the quality of the information stored in and transmitted from their databases (Article 7(3)).

It is understood that data quality checking processes should address four main areas:

             Errors in data entry

             Completeness of data, specially referring to mandatory data

             Proper use of the ADREP taxonomy

             Improve data consistency, notably between the information collected initially and the report stored in the database (Article 7(3)).

The European Commission is developing reference material that will help organisations to develop their own quality rules. This reference material will contain coding guidelines for all mandatorily occurrences listed in Regulation 2015/1018 and it will be accompanied by the corresponding libraries detailing the necessary quality checks in the ECCAIRS environment. This reference material will be made available on the European Reporting Portal as soon as finalised.

3.15 How to apply the requirement related to transfer of analysis and follow-up?

GM to Reg. (EU) No 376/2014 and its IRs

While all occurrences collected by an organisation (MOR and VOR) are subject to analysis and follow‑up requirements (Article 13(1) and (2)), only those which are reportable (see Section 3.7) are subject to further reporting obligations to the competent authority.

Key principle

Among reportable occurrences only those for which the analysis (of single occurrence or together with a group of other occurrences) has led to the identification of an actual or potential aviation safety risk are covered by the obligation to transfer analysis and follow-up related information.

For those occurrences, Regulation 376/2014 requires organisations to transmit to their competent authority the results of the analysis performed, if any; and any action to be taken pursuant to that analysis.

Organisations are required to report preliminary results within 30 days from the date of notification of the occurrence by the reporter and are encouraged to report final results as soon available and no later than three months after the notification (Article 13(4) and (5)).

Regulation 376/2014 however gives the competent authority the possibility to require organisations to transfer information on analysis and follow-up of any other reportable occurrences. It is understood that the competent authority may require so on a case by case basis or by adopting a general measure requiring organisations to transfer analysis and follow-up related information of all their reportable occurrences.

It is understood that organisations shall discuss with their competent authorities to determine in which cases an actual or potential aviation safety risk is identified out of the analysis. This should ensure an alignment between the analysis and follow-up information that the organisation intends to transfer and the one that the competent authority expects to receive. Through the Network of Aviation Safety Analysts, a common approach will be promoted to ensure consistency among Member States.

It is understood that the analysis and follow-up of occurrences required under Regulation 376/2014 is taking place in the context of existing processes such as management systems mandated under implementing rules to Regulation 216/2008, SMS, safety processes required under EU law or similar safety processes. Where it already exists, it is therefore not intended to create another system alongside the safety management system of an organisation.

Key principle

Whereas organisations are encouraged to provide complete analysis and follow-up as soon as available and, in principle, no later than three months after the occurrence notification, it is recognised that analysing an occurrence may take longer than three months, especially in the event of a complex investigation or where the services of a specialist investigator are required.

The follow up requirements are not intended to jeopardise the quality and thoroughness of an occurrence analysis. It may be detrimental to safety if rushed in order to be completed within the encouraged three months period without properly establishing root cause and determining relevant remedial action.

Organisations should agree with their competent authority the format and nature of follow up and details of final analysis to be provided. Through the Network of Aviation Safety Analysts, a common approach will be promoted to ensure consistency across Member States.

3.16 How shall information collected be handled?

GM to Reg. (EU) No 376/2014 and its IRs

Detailed information on those aspects is contained in Sections 2.12 and 2.13.

Key principle

Organisations are required to take the necessary measures to ensure appropriate confidentiality of occurrences they collect and to comply with rules on the processing of personal data.

It is notably recognised by Regulation 376/2014 that a clear separation between the departments handling occurrence reports and the rest of the organisation may be an efficient way to achieve this objective (Recital 34). This should therefore be encouraged where practicable.

In addition Regulation 376/2014 requires organisations to process personal data only to the extent necessary for the purposes of this Regulation and in accordance with applicable personal data rules (Article 15(1)).

Regulation 376/2014 prevents certain actions to be taken against reporters and persons mentioned in an occurrence report while identifying unacceptable behaviours that are not covered by this protective framework.

Key principle

Employees and contracted personnel who report or are mentioned in occurrence reports shall not be subject to any prejudice by their employer or by the organisation for which the services are provided on the basis of the information supplied by the reporter except in cases of unacceptable behaviour (Article 16(9)).

This principle is implemented by several provisions which prevent certain actions to be taken against reporters and persons mentioned in an occurrence report while identifying unacceptable behaviours that are not covered under this protective framework.

It means that if a person reports an occurrence to his/her organisation, the organisation is not allowed to blame that person or to impose prejudice on him/her on the basis of the occurrence reported. This rule also applies if the person is not the reporter but is mentioned in the occurrence report.

Key principle

Regulation 376/2014 recognises two exceptions to this principle (Article 16(10)):

             wilful misconduct; and

             situations where there has been a manifest, severe and serious disregard of an obvious risk and profound failure of professional responsibility to take such care as is evidently required in the circumstances, causing foreseeable damage to a person or property, or which seriously compromises the level of aviation safety.

The objective is to clearly set, in the legislation, the line between acceptable behaviours (which shall not be punished) and unacceptable behaviours (which can be punished).

Furthermore, Regulation 376/2014 states additional principles limiting the possibility for an organisation to disclose or use occurrence reports.

Key principle

Organisations can only use an occurrence report for the purpose for which it has been collected (Article 15(1)).

Organisations are not allowed to make available or use occurrence reports:

             in order to attribute blame or liability; or

             for any purpose other than the maintenance or improvement of aviation safety (Article 15(2)).

Those limitations to the disclosure or use of occurrence reports apply within the organisation as well as outside of it.

It is therefore understood that sharing information on occurrences with press and media is not allowed by the Regulation. Disclosure of information on occurrence reports to judicial authorities is similarly not allowed.

It is understood from this principle that organisations can use the information with the view to maintain or improve aviation safety. This covers in particular the measures and actions foreseen under Article 13. It also includes existing procedures and actions (e.g. safety recommendations, airworthiness directives, safety information bulletin etc), including sharing of lessons learnt with the organisation personnel.

It is also understood that ‘for the purpose of maintaining or improving aviation safety’ includes any measure necessary for safety and therefore can include the suspension of a licence or requesting a person to do additional training.

Key principle

In addition, there are however few exceptions to those principles.

Firstly, it is understood that in a situation where safety might be endangered, information on occurrences may be shared or used with a view to maintain or improve aviation safety. It is therefore understood that sharing or using information on occurrences in the cases detailed in Article 16(10) with the view to address the risks to safety is allowed by the Regulation.

Secondly, exception may apply in a situation where an investigation under Regulation (EU) No 996/2010 has been instituted, as the provisions of Regulation 996/2010 have precedent in such case (Article 15(2)).

Regulation 996/2010 foresees in its Article 14(2) and (3) that, in cases where it applies (opening of a formal technical accident or incident investigation), occurrences reports shall not be made available or used for purposes other than aviation safety unless the administration of justice or the authority competent to decide on the disclosure of records according to national law decides that the benefits of the disclosure of the occurrence report outweigh the adverse domestic and international impact that such action may have on that or any future safety investigation (balancing test). If this balancing test concludes that the information on occurrences should be disclosed, then the organisation should make it available to the requesting authority.

An organisation shall only disseminate personal details within the organisation in those cases where it is essential to progress the investigation or to ensure the safety actions are properly taken (Article 16(2)). In this regards, the organisation may use the same protocols and agreements than the ones established and consulted with staff representatives to deal with other safety information (e.g. Flight Data Monitoring).

In order to support all these legal provisions, each organisation is required to adopt internal rules describing how Just Culture principles are guaranteed and implemented within that organisation (Article 16(11)). It is specified that staff representatives shall be consulted before the adoption of these internal rules. The body designated pursuant to Article 16(12) may ask to review the internal rules of organisations before those internal rules are implemented.

With the support of the Commission and of EASA, staff and employers representatives across aviation domains have developed a European Corporate Just Culture Declaration which contains principles to be implemented in each organisation and reflected in its internal Just Culture rules, with a view to ensure an effective Just Culture within the organisation. This initiative is expected to support a proper and harmonised implementation of this legal provision and should guarantee a similar level of protection across European organisations.

In addition a best practice issued from experience in a number of operators is the setting up an ‘occurrence review committee’ within the organisation whose role is to support the practical implementation of the protection principles.

3.17 How is information transferred to the competent authority protected?

GM to Reg. (EU) No 376/2014 and its IRs

Information provided by organisations to their competent authority under Regulation 376/2014 is stored in the competent authority database. Strong protection rules apply to this database (see Sections 2.12, 2.13, 4.3, 4.7 and 4.8).

All information contained in a competent authority database is later transferred to the European Central Repository (ECR). The database is subject to even stricter protection rules. Indeed, in addition to the legal provisions to limiting the possible use of the information, the access to the ECR is restricted to regulatory and investigation authorities, to the EASA and to the European Commission. This access is granted by a controlled and restricted personal access code based on unique IP address.