The Objective of Safety Reporting
The objective of safety reporting is to contribute to the improvement of air safety by ensuring that all information on safety related events are identified, collected, collated and analyzed, allowing the proactive identification of safety risks and the subsequent targeting of these risks to mitigate any possible undesired outcome.
Occurrence Reporting Regulations
Occurrence reporting in Europe is now subject to EU Regulation (namely Regulation (EU) 376/2014) and this regulation includes provisions for reporting to the competent authority in each EU member State using two separate types of reports, Mandatory Occurrence Reports (MOR) and Voluntary Occurrence Reports (VOR). Detailed guidance material issued by the European Commission on the implementation of this regulation may be found here.
The European Commission has also established the list of occurrences that must be mandatorily reported to the competent authority of each EU member State. This list is found in Commission Implementing Regulation (EU) 2015/1018.
Regulation (EU) 376/2014 includes specific provisions regarding confidentiality of occurrence reports, protection of source and use of data. This ensures, for example, that the name of the reporter is protected, whether it is a mandatory report or a voluntary report, and only revealed to those persons in IAA that may need to communicate with the reporter in order to investigate the report. Similarly the name of the reporter is not revealed to the organisation involved (eg in case of a whistleblower report). The same protections are provided to any person named in an occurrence report.
Reporting outside EU regulatory framework
Whereas, the regulatory framework discussed above ensures that those involved in civil aviation can make safety reports to the IAA, very useful information that can help to improve aviation safety may also be provided persons completely outside of the civil aviation system, such as aircraft passengers or members of the public. Although the specific provisions of Regulation (EU) 376/2014 concerning for confidentiality, protection of source and use of data, the IAA will nevertheless apply the same principles to these reports.
In any event the EU General Data Protection Regulation 2016/679 will apply to all reports received by IAA from any source.
IAA action on occurrence reports
The IAA, as competent authority, is also subject to certain obligations in respect of mandatory and voluntary occurrence reports submitted on foot of Regulation (EU) 376/2014, including the classification and analysis of reports, and sharing of safety information with EC/EASA, other EU member States, regulated entities and the public. The IAA is also subject to the strict data protection and use provisions contained in the regulations. Notwithstanding the regulatory framework the IAA applies the following principles in respect of all occurrence reports:
• The IAA values all safety occurrence reports equally, whether they are reported under the regulatory framework (mandatory or voluntary) or whether they are reported outside the regulatory framework.
• All occurrence reports are subject to initial risk assessment and the level of investigation the IAA performs on individual occurrence reports is based on that assessment (the higher the risk the greater the concern).
• The IAA is fully supportive of, and will abide by, the principles of just culture and data protection enshrined in the regulatory framework.
• The IAA will take a balanced view in its investigation of reports received from individuals, where such reports concern perceived actions, or inaction, by the organisation within which the individual works.