Back to Resourcesplaybook

"WVPP Playbook: Running Your Workplace Violence Prevention Program"

"Ongoing WVPP management: incident reporting workflow, log maintenance, annual review, training refresh, hazard reassessment, employee committee."

Apr 13, 2026all

Your Workplace Violence Prevention Plan is written. You have a document that satisfies the structural requirements of SB 553. Someone — maybe you, maybe a consultant, maybe a template with your name plugged in — produced a plan that identifies responsible persons, describes reporting procedures, outlines training requirements, and addresses the statutory elements.

That document is worth exactly as much as the operational system behind it. If you wrote the plan and stopped, you have an expensive piece of paper. SB 553 does not require you to have a plan. It requires you to have a program. The difference is the distance between a map and a journey.

This playbook is the journey. It tells you what to do every week, every month, every quarter, and every year to keep your WVPP operating as an actual program — not a shelf decoration that fails the moment an inspector opens it or, worse, the moment an employee needs it to work.

The Weekly Rhythm: Incident Reports and Log Review

Monitoring Incident Reports

Workplace violence does not operate on a quarterly schedule. It operates on the schedule of human behavior, which means your reporting system must be monitored continuously.

Every week, someone — the WVPP administrator or their designated backup — must review incoming reports. This includes:

**Formal reports.** Any written or digital submission through your established reporting channels. These are the easy ones to track because they arrive through a defined process.

**Informal reports.** Verbal complaints to supervisors, concerns raised in meetings, incidents witnessed but not formally reported. Your supervisors need standing instructions: if an employee mentions a workplace violence concern — a threatening customer, an aggressive coworker, a domestic violence situation that may follow an employee to work — the supervisor documents it and notifies the WVPP administrator within 24 hours. Every time. No exceptions. No judgment calls about whether it was "serious enough."

**Near-miss events.** Situations that could have resulted in workplace violence but did not — a confrontation that was de-escalated, a threatening individual who was turned away, a security vulnerability that was identified before it was exploited. Near-misses are predictive data. They tell you where your next incident is likely to occur.

The weekly review is not a deep investigation. It is a triage: What came in? Does anything require immediate action? Does anything require a full investigation? Are there patterns emerging across multiple reports?

The Workplace Violence Incident Log

SB 553 requires employers to maintain a violent incident log. This is a specific, statutory requirement with specific data fields. It is not optional, and it is not the same as your general incident report file.

The log must record every workplace violence incident — whether or not it resulted in injury. The required data elements:

  1. Date, time, and location of the incident
  2. Detailed description of the incident
  3. Classification of who committed the violence (Type 1: criminal intent, Type 2: customer/client, Type 3: coworker, Type 4: personal relationship)
  4. Circumstances at the time of the incident
  5. Where the incident occurred (specific location within the workplace)
  6. Whether the incident involved a physical attack, attack with a weapon, threat of physical force, sexual assault/threat, animal attack, or other
  7. Consequences of the incident (injury type, lost workdays, etc.)
  8. Actions taken by the employer in response
  9. Information about the person who committed the violence (to the extent known and appropriate to record)

**Critical privacy requirement:** The log must not contain information that would allow identification of any victim. No names of victims. No identifying details of victims. This is a legal landmine — if your log identifies victims and that log is produced during an inspection or subpoenaed in litigation, you have created a privacy violation on top of whatever else is happening.

Review the log weekly for completeness. If an incident was reported but not logged, log it. If a log entry is missing required fields, complete them while information is still fresh. Log entries that are completed months after the incident are both unreliable and suspicious.

The Monthly Rhythm: Hazard Check and Supervisor Pulse

Monthly Hazard Environment Scan

Workplace violence hazards are not static. They change with staffing, with seasons, with business volume, with the neighborhood, with the population you serve.

Every month, conduct a focused scan of your workplace violence hazard landscape:

**Physical environment.** Has anything changed about your facility that affects security? Broken locks, malfunctioning cameras, burned-out exterior lighting, new blind spots created by equipment or inventory placement, changes in parking lot visibility. Walk the facility with security in mind, not just safety.

**Operational changes.** Have you added late-night hours? Changed cash-handling procedures? Started serving a new client population? Reduced staffing on certain shifts? Every operational change carries a potential workplace violence implication that needs evaluation.

**External environment.** Has the area around your workplace changed? New construction that affects sightlines or access routes? Increased foot traffic? Changes in neighboring businesses? A nearby business closure that has increased loitering?

**Employee concerns.** Are employees expressing new concerns about safety? Has anyone reported feeling unsafe in ways they did not before? Employee perception is data — not conclusive data, but data that deserves investigation.

Document the monthly scan. Note what was reviewed, what was found, what actions were taken. If nothing changed, document that nothing changed. The documentation pattern proves ongoing program management.

Supervisor Check-In

Your supervisors are your front line for workplace violence prevention. Every month, check in with each supervisor about workplace violence issues in their area:

  • Have they received any reports or informal complaints?
  • Have they observed any concerning behaviors?
  • Are employees using the reporting channels?
  • Have any new employees or clients introduced new risk factors?
  • Do they need any resources or support?

This does not need to be a formal meeting. It can be a standing agenda item in your regular supervisor check-ins. But it must be documented — date, supervisor name, topics discussed, issues raised, actions taken.

Supervisors who are never asked about workplace violence stop thinking about workplace violence. The monthly check-in keeps it in their operating awareness.

The Quarterly Rhythm: Training and Committee

Quarterly Training Reinforcement

SB 553 requires initial training and annual refresher training at minimum. If you are only training annually, you are doing the minimum — and the minimum is not a program, it is a checkbox.

Quarterly training sessions should rotate through four focus areas:

**Q1: Recognition and Reporting.** How to recognize warning signs of workplace violence. How to use the reporting system. Review of reporting channel options. Emphasis on anti-retaliation protections. Review of any incidents from the previous year (anonymized) to illustrate what gets reported and why.

**Q2: De-escalation and Response.** Practical de-escalation techniques for the situations your employees actually encounter. This is not generic "conflict resolution" training — it is scenario-based training using the types of workplace violence your hazard assessment identified as most likely. A healthcare receptionist faces different scenarios than a retail cashier. Train to your actual risk profile.

**Q3: Emergency Procedures.** What to do when de-escalation fails. Active threat response. Evacuation procedures. Lockdown procedures. Communication protocols during an emergency. Where are the safe rooms? Where are the exits? How do you alert other employees? How do you contact law enforcement? Practice, not just presentation.

**Q4: Program Review and Employee Input.** Present a summary of the year's program activity — incidents reported, hazards identified, corrective actions taken, training delivered. Solicit employee feedback on the program. What is working? What is not? What concerns do employees have that have not been addressed? This is your annual employee involvement requirement built into a training session.

**Document every session:** date, topic, trainer, attendees, materials used. Employees who miss a session get makeup training before the next quarter. No exceptions.

Employee Committee

SB 553 requires active employee involvement in the program. An employee safety committee — or a workplace violence prevention subcommittee of an existing safety committee — is the most effective mechanism.

The committee should meet quarterly, at minimum, and include:

  • Representation from each work area or department
  • At least one supervisor
  • The WVPP administrator (or their designee)
  • Voluntary participation (do not compel membership, but actively recruit)

Quarterly committee responsibilities:

  1. **Review incident data** (anonymized). What types of incidents occurred? Where? When? What was the response? Are there patterns?
  2. **Review hazard assessment currency.** Have workplace conditions changed since the last assessment? Are there new hazards that need to be added?
  3. **Provide input on corrective actions.** Do proposed or implemented corrective measures actually address the hazards? Are they practical? Do employees feel they are effective?
  4. **Recommend program improvements.** The people doing the work see things management does not. Their recommendations are operational intelligence.

Document committee meetings: date, attendees, topics discussed, recommendations made, management response to recommendations. If management declines a committee recommendation, document the reason. "We decided not to" is not a reason. "The recommended action was evaluated and determined to be infeasible because [specific reason], and the alternative action taken was [specific alternative]" is a reason.

The Annual Rhythm: Comprehensive Review

Annual WVPP Review

Once per year, your entire WVPP undergoes a comprehensive review. SB 553 requires this. It is not a suggestion.

The annual review evaluates every element of the program:

**Plan document review.** Is the written plan still accurate? Do the named responsible persons still hold those roles? Do the described procedures still match actual practice? Have regulatory requirements changed? Update the document to reflect current reality.

**Hazard assessment review.** Conduct a fresh workplace violence hazard assessment. Compare it to the previous year's assessment. What changed? What was added? What was resolved? The annual hazard assessment is a full assessment, not a delta review — you are evaluating your entire workplace violence hazard landscape as if seeing it for the first time, then comparing that fresh assessment to your existing one.

**Incident log review.** Analyze the full year of incident data. Types, frequencies, locations, times, perpetrator categories, outcomes. Identify trends. One incident is an event. Three similar incidents are a pattern. A pattern demands a systemic response, not just individual incident response.

**Training effectiveness review.** Did employees who received training demonstrate the behaviors the training was designed to produce? Were there incidents where trained employees failed to follow procedures? If so, the training content or delivery method needs modification — the gap is not in the employee, it is in the training.

**Corrective action effectiveness review.** Were corrective actions implemented as planned? Did they achieve the intended result? Are there hazards that were identified and corrected but have recurred? Recurring hazards indicate that the corrective action addressed a symptom, not a root cause.

**Employee feedback summary.** Compile and review all employee feedback received throughout the year — from training sessions, committee meetings, and individual reports. What themes emerge? What concerns have not been addressed?

**Produce a written annual review report.** Date, reviewer(s), methodology, findings by program element, corrective actions planned, timeline for implementation. This document is your proof of program management. Without it, your program has no documented evidence of annual evaluation, and the inspector has no reason to believe one occurred.

Responsible Person Verification

Immediately after the annual review — and immediately after any personnel change during the year — verify every named individual in your WVPP:

  • WVPP administrator: still in role, still trained, still actively managing the program
  • Backup administrator: still in role, still trained, able to assume primary responsibility
  • Supervisors with WVPP responsibilities: still in those supervisory roles, still aware of their WVPP obligations
  • Employee committee members: still employed, still participating

Update the plan document within 30 days of any personnel change. A plan that names people who no longer work for you is a plan that demonstrates no one is managing the plan.

After an Incident: The 72-Hour Protocol

When a workplace violence incident occurs, the next 72 hours determine whether it becomes a managed event or an unmanaged liability.

**Hour 0-4: Immediate Response**
- Ensure physical safety of all employees
- Contact law enforcement if warranted
- Provide immediate support to affected employees (medical attention, counseling referral, safe transportation home)
- Secure the scene if evidence preservation is needed
- Notify the WVPP administrator

**Hour 4-24: Documentation and Communication**
- Complete the incident log entry with all required fields
- Begin the incident investigation
- Communicate with affected employees about next steps and available resources
- Notify management chain per your communication protocol
- Evaluate whether interim protective measures are needed (changed schedules, additional security, temporary work location changes)

**Hour 24-72: Investigation and Corrective Action**
- Complete the initial investigation
- Identify root causes and contributing factors
- Determine corrective actions with implementation timeline
- Update the hazard assessment if the incident revealed a previously unidentified hazard
- Schedule follow-up with affected employees
- Document everything

The 72-hour window is not a regulatory requirement — it is an operational discipline. Investigations that begin a week after the incident lose witness reliability, physical evidence, and institutional urgency. The longer you wait, the less you learn.

Protekon Runs This Playbook For You

Everything described in this playbook — the weekly log monitoring, the monthly hazard scans, the quarterly training and committee management, the annual comprehensive review, the incident response protocols — Protekon operates as a managed program.

You do not maintain a spreadsheet of training dates. You do not wonder whether the incident log is complete. You do not discover during an inspection that your WVPP administrator left the company three months ago and nobody updated the plan.

The program runs on schedule. The documentation generates automatically. The gaps get flagged before they become findings.

That is what a program looks like — not a plan in a binder, but a system that operates whether you are thinking about it or not.