United States
Environmental Protection
Agency
Office of Enforcement
and Compliance
Assurance (2201A)
EPA 300-N-99-010
SEPA Enforcement Alert
Y2K: Is Your Facility Ready?
Regulated Entities Have an Obligation to Prevent
Hazardous Releases
The U.S. Environmental Protection
Agency (EPA) is encouraging
regulated entities to take prompt and
proper measures to prevent potential
Year 2000 (Y2K) computer failures that
may cause releases detrimental to hu-
About
Enforcement Alert
"Enforcement Alert" L
published periodically by the
Office of Regulatory
Enforcement to inform and
educate the public and regulated
community of important
environmental enforcement
issues, recent trends and
significant enforcement actions.
This information should helpthe
regulated community anticipate
and prevent violations of federal
environmental law that could
otherwise lead to enforcement
action.
See Page 4 for useful EPA
Websites and additional
resources.
Eric V. Schaeffer
Director, Office of
Regulatory Enforcement
Editor: Virginia Bueno
(202) 564-8684
bueno.virginia@epamail.epa.gov
Please email all address and
name changes or subscription
requests for this newsletter.
man health and the environment.
A number of federal environmental
laws require regulated entities to be de-
signed, operated, and maintained in a
manner to prevent hazardous releases
into the environment. Due to potential
Y2K computer chip and programming
problems, date-related failures could
occur that may lead to the release of
hazardous chemicals or other pollutants
into the air, water and land.
This issue of Enforcement Alert
highlights:
• Several laws that require the
prevention of releases to the environ-
ment;
• Examples of potential Y2K
problems; and
• Recommended steps to avoid
potential Y2K, environment or public
health problems.
In addition, this issue directs read-
ers' attention to new legislation, H.R.
775, the "Y2K Act," which was signed
by President William J. Clinton on July
20. This time-limited legislation is de-
signed to establish certain procedures
for civil actions brought for damages
relating to Year 2000 computer failures.
Finally in this issue, EPA highlights
its new enforcement policy that is in-
tended to encourage regulated entities
to perform computer testing for poten-
tial Y2K glitches.
the of
The Clean Air Act's (CAA) "Gen-
eral Duty Clause," Section 112(r)(l),
requires owners and operators of sta-
Continued on page 2
Air Act 112(r)
Accidental Release: An unanticipated emission of a regulated substance or
other extremely hazardous substance (EHS).
Listed Substances: List of chemical substances that pose the greatest risk of
causing death, injury, or serious adverse effects to human health and the environ-
ment including, but not limited to, the list of extremely hazardous substances (EHS)
published under the Emergency Planning and Community Right-to-Know Act
(EPCRA).
Stationary Source: Buildings, structures, equipment installations or substance
emitting stationary activities that belong to the same industrial group; are located
on one or more contiguous properties; are under control of the same person (or
persons under common control); and may have an accidental release.
-------�
Enforcement Alert
Continued from page 1
tionary sources producing, processing,
handling or storing listed substances or
extremely hazardous substances
("regulated" substances) to:
• Identify hazards that may re-
sult from accidental releases using ap-
propriate hazard assessment tech-
niques;
• Design and maintain a safe fa-
cility, taking such steps as are neces-
sary to prevent releases; and
• Minimize the consequences of
accidental releases that occur.
This clause applies to any station-
ary sources that handle any extremely
hazardous substance regardless of the
quantity on-site.
The Resource Conservation and
Recovery Act (RCRA)
requires generators and
owners and operators
of hazardous waste
treatment, storage and
disposal facilities to
maintain and operate
their facilities to mini-
mize the possibility of a
fire, explosion, or any
unplanned sudden or
non-sudden release of
hazardous waste or haz-
ardous waste constitu-
ents to air, soil, or sur-
face water, which could
threaten human health or
the environment. 40
C.F.R. Sections
262.34(a)(4), 264.31 and 265.31.
All Y2K computer failures that po-
tentially could cause a fire, explosion,
or unplanned sudden or non-sudden re-
lease to the environment need to be ad-
dressed by the hazardous waste gen-
erators and treatment, storage and dis-
posal (TSD) facilities.
The Clean Water Act (CWA) states
that the discharge of any pollutant with-
out a permit or in violation of a permit
is illegal; facilities that discharge to wa-
ter must maintain compliance with their
permits.
The Safe Drinking Water Act
(SDWA) sets standards for public wa-
ter systems to assure safe drinking
water for the American public. Water
systems must maintain compliance
with these standards.
Y2K
Y2K computer problems may oc-
cur where embedded computer chips,
and older operating system software
and application programs may only read
the last two digits of a date. As a re-
sult, several critical future dates could
be misread by the computer. Date-re-
lated problems may affect computer
clock mechanisms, operating systems,
Sept. 9, 1999: Many computer systems use or are programmed to
use 9/9/99 as a file purge date.
munication systems and devices, emer-
gency protection systems and equip-
ment (e.g., fire and gas detectors,
evacuation alarms, and fire alarms), and
heating and cooling systems. Also, er-
roneous information caused by Y2K
problems may lead process operators
to take unsafe and incorrect actions that
can result in the accidental release of
hazardous substances. If a number of
systems are affected by Y2K problems,
cascading failures can occur.
In the drinking water and waste-
water sector, Y2K issues could impact
the ability of a Publicly Owned Treat-
ment Works (POTW) to collect and
treat sewage, potentially causing back-
ups or overflows of raw sewage and
creating a public health emergency. In
drinking water systems, Y2K problems
could limit drinking water facilities' abil-
ity to provide an adequate quantity of
water or to produce the
^^^^^_ quality of water pro-
vided under normal op-
erations. This water
must meet EPA regula-
tory requirements.
Jan. 1,2000: Rollover of the date may halt, confuse or disrupt many
systems and devices.
Feb. 29, 2000: Many systems may fail to recognize 2000 as a leap
year.
Oct. 10, 2000: First occurrence that requires the use of eight digits.
May cause failures.
Dec. 31, 2000: Some systems using Julian dates may not recognize
the 366th day of the Leap Year.
software packages, libraries, tools and
application software.
In the chemical processing and
manufacturing industries, Y2K issues
could place workers, communities and
the environment at risk. These risks
could include unintended, complete
shutdowns and malfunctions of auto-
mated process machinery (e.g., valves
and pumps), control room and telecom-
Year 2000 problems
must be promptly iden-
tified and corrected be-
fore they occur. Doing
so now can signifi-
cantly reduce the risk of
safety failures, acciden-
tal chemical or pollutant releases, and/
or drinking water or wastewater treat-
ment system failures. This effort can
also reduce potential liability for viola-
tions of federal environmental laws.
EPA recommends that the follow-
ing steps be taken, at a minimum, to
Continued on page 3
AUGUST 1999
-------�
Enforcement Alert
Continued from page 2
identify and remedy the Y2K problem:
1 Identify, check and list every sys-
tem for date-sensitive logic con-
trols. Focus efforts on software and
equipment with embedded chips. Pri-
oritize systems based on the likelihood
of causing safety, health, and environ-
mental releases. Review all process haz-
ard analysis to be certain that Y2K de-
pendent control systems, process
equipment, and safety devices are in-
ventoried and addressed. Proactive
steps such as hiring an expert consult-
ant may be wise if regulated entities are
unable to identify and implement Y2K
remedies in-house. It also is important
that contingency plans be developed
that allow for "business as usual." For
example, publicly-owned water systems
should review and amend their contin-
gency plans to provide safe drinking
water in emergency situations.
2 Remedy problems by repair-
ing, modifying or replacing sys-
tems, devices or equipment. If vital pro-
cess control systems and equipment
can not be adequately addressed, then
consider operating the system in a
manual override setting. Retrain person-
nel if they are unfamiliar with the manual
operations. Confirm that employees can
shut down the process manually if nec-
essary.
3 Test all embedded software to
determine if they will be affected
by the Year 2000 date change. Embed-
ded software is software that perma-
nently resides on some internal memory
device (e.g., Central Processing Units,
Basic Input Output Systems, device
drivers, middleware, etc.) in a computer
system or other machinery or equip-
ment that is not removable in the ordi-
nary course of operation and is of a
type necessary for routine operation.
Verify that the updated systems work
properly for all potential failure dates.
Due to
potential Y2K
programming
to the
of
hazardous
into the
air, and
land.
4 Establish and train workers on
site-specific Y2K contingency
plans in order to prepare for unantici-
pated problems with process control
systems. Contingency plans should not
be dependent on backup systems and
equipment that could also fail because
of Y2K problems. Contingency plans
should also address how systems can
be manually operated. Most impor-
tantly, advise employees to alert local
emergency officials and the commu-
nity of possible failures that may inad-
vertently release hazardous sub-
stances.
5 Coordinate contingency plan-
ning with critical service provid-
ers such as electric and gas utilities,
medical and fire emergency response
establishments, telecommunications
companies, and transportation ser-
vices. These services may be delayed
or not arrive at all because of failures
in non-Y2K compliant computers and
chips in their systems.
6 If necessary, have extra staff
available onsite for a number of
hours just before and immediately af-
ter critical date changes. Train staff in
the contingency plans and in the manual
operation of process controls with po-
tential Y2K operational complications.
^J Conduct Y2K computer failure
/ scenarios to learn valuable lessons
that can be used to improve emergency
response, prevent communication fail-
ures, and diagnose and correct equip-
ment malfunctions.
Contact Sounjay K. Gairola, Of-
fice of Regulatory Enforcement,
RCRA Enforcement Division,
(202)564-4003,Email:
gairola. sounjay@epamail. epa.gov or
Leslie Oif, RCRA Enforcement Divi-
sion, (2 02) 5 64 -2291; Email:
oif.lesHe@epamail epa.gov.
Policy'
On July 20, President Clinton
signed into law "The Y2K Act," which
is intended to ensure that Y2K prob-
lems do not disrupt commerce or cre-
ate unnecessary caseloads in the
courts. Most provisions do not apply
to government enforcement actions.
The Y2K Act establishes a "Y2K
upset defense" for some federal law
violations and provides civil penalty
immunity for small businesses for some
first-time violations. The Y2K upset
defense and the civil penalty immunity
expire after June 30, 2000 and Dec.
31,2000, respectively. In addition, re-
lief is not available under either provi-
sion if the violation causes actual or
imminent harm.
The Y2K upset defense applies to
any temporary violations of federally
enforceable monitoring and reporting
Continued on page 4
AUGUST 1999
-------�
xvEPA
United
Environmental Protection Agency
Office of Regulatory Enforcement
2201A
Washington, D.C. 20460
Bulk Rate
Postage and Fees Paid
EPA
Permit No. G-35
Official Business
Penalty for Private Use $300
Continued from page 3
violations by any business (regardless
of its size) that are directly related to a
Y2K failure.
Among other qualifying conditions,
the violations cannot result from lack
of reasonable preventive maintenance
or preparedness for a Y2K failure or
be caused by operational error or neg-
ligence.
The small business civil penalty
immunity provisions provide relief to
businesses with less than 50 full-time
employees.
Available only for small businesses
that have not committed the same vio-
lation in the previous three years, the
violation must have been caused by a
Y2K failure and the business must have
taken steps to prevent and remediate
the failure. Among other qualifying con-
ditions, the business must undertake
reasonable and prompt measures to cor-
rect the violation.
The full text of the Y2K Act can be
found at http://thomas.loc.gov and
keyin"H.R. 775."
In November 1998, EPA issued a
"Y2K Enforcement Policy" that is de-
signed to encourage the expeditious
testing of computer associated hard-
ware and software that may be poten-
tially vulnerable to Y2K problems. The
policy was published in the Federal Reg-
ister on March 10, 1999.
Under this policy, EPA intends to
waive 100 percent of the civil penalties
and recommend against criminal pros-
ecution for environmental violations re-
sulting from Y2K testing designed to
identify and eliminate Y2K-related mal-
functions. To receive the policy's ben-
efits (e.g., waiver of penalties due to
testing), regulated entities must address
specific criteria and conditions identi-
fied in the policy.
To the extent that the Y2K Act pro-
vides greater relief than EPA's Y2K En-
forcement Policy, the Act takes prece-
dence and will apply. In at least one cir-
cumstance, however, EPA's policy may
be applicable where the Y2K Act does
not apply (e.g., where an entity that is
not a small business violates an under-
lying substantive requirement and not
just a monitoring or reporting require-
ment, EPA's policy may provide greater
relief).
Contact Gary Jonesi, Office of Regu-
latory Enforcement, (202) 564-4002 or
E-mail: jonesi.gary@epamail. epa.gov.
Useful Websites
RCRA Enforcement Division:
http ://www.e pa. g o v/oeca/o re/red/
EPA's Office of Water Home Page:
htl p ://ww w. e pa. go v/o w
Chemical Emergency Prepared-
ness and Prevention Office:
http: //www, e pa. g o v/swe ree p p/
y2k.htm
EPA's Year 2000 website:
http ://www. epa. g o v/yea r2QQQ
EPA's Y2K Enforcement Policy:
http: //www.e pa. go v/fed rgstr/ E PA-
GEN ERAL/1988/March/Day-10/
g5958.hfm
President's Council on Y2K
Conversion: http://www.y2k.goY/
text/index.htm (the Council Is
responsible for coordinating the
Federal Government's effort to
address Y2K Issues and readiness).
U.S. Small Business Administra-
tion: http://www.sba.gov/y2k
(provides information to help small
businesses gel Y2K ready).
EPA's Small Business Gateway:
htlp: //www. epa.gov/
U.S. Chemical Safety and Hazard
Investigation Board (CSB): http://
www.chemsafety.gov ( offers Y2K
help to small and medium businesses)
EPA's Audit Policy Website: http://
www.epa .gov/oeea/a udllpol.htm
AUGUST 1999
' Recycled/Recyclable. Printed with Soy/Canola Inkon paperthat contains at least 50% recycled fiber
-------� |