Summary: What to include in incident reporting starts with the facts needed to document what happened, who was involved, and what actions were taken next. A strong report captures clear event details, supports compliance, and gives safety teams the information they need for investigation, corrective action, and prevention.
Table of contents
What is an Incident Report?
An incident report is a formal document that records any workplace event, situation, or condition that causes — or has the potential to cause — injury, illness, property damage, or operational disruption. Effective incident reporting is a cornerstone of workplace safety management. It creates the documented record required for OSHA compliance and supports root cause analysis. Additionally, it drives corrective action and provides the leading and lagging indicator data that EHS managers use to continuously improve safety performance.
Under OSHA 29 CFR 1904, employers with more than 10 employees in most industries must record work-related injuries and illnesses on OSHA Form 300. They must also complete supplementary OSHA 301 incident investigation reports and maintain these records for five years. Beyond regulatory compliance, robust incident reporting programs cover not only recordable injuries. They also capture near misses, hazards, and security incidents. As a result, organizations gain the operational intelligence needed to prevent the next incident before it occurs.
Types of Incidents to Report
A comprehensive workplace incident reporting program covers four main categories of events. Capturing all four — not only recordable injuries — gives EHS teams the full hazard picture needed to drive proactive risk reduction:
Accidents: These are unplanned events that result in bodily injury, occupational illness, fatality, or property and equipment damage. Workplace accidents include slips, trips, and falls, as well as vehicle collisions, fires, explosions, chemical releases, and equipment failures. OSHA-recordable accidents must be documented within seven calendar days of the employer’s knowledge. Furthermore, fatalities must be reported to OSHA within eight hours. Hospitalizations, amputations, and eye losses require reporting within 24 hours.
Hazards: These are conditions or factors that present a potential risk to people, property, or the environment before an injury has occurred. Hazard reports include defective machinery, exposed electrical wiring, chemical spills, inadequate lighting, structural deficiencies, and blocked emergency exits. Notably, systematic hazard reporting is a leading indicator of safety program effectiveness. Organizations with high hazard-report-to-incident ratios identify and correct risks before they cause harm.
Near misses: These are unplanned events that had the potential to cause injury, illness, or damage but were prevented by circumstance or prompt intervention. For example, a worker might narrowly avoid injury from a falling object. A machine malfunction could be caught before contact with an operator. A forklift near-collision could be avoided by a horn warning. OSHA and safety researchers consistently identify near-miss reporting as one of the highest-value leading indicators available. In fact, each near miss warns that a preventable serious incident may follow if the underlying condition goes uncorrected.
Security incidents: These events involve unauthorized access, theft, vandalism, cyberattacks, fraud, sabotage, or the unauthorized use, disclosure, or destruction of information, assets, or facilities. Security incidents can directly affect worker safety. For instance, tampering with safety-critical systems, theft of PPE, or physical threats to workers all create risks. Therefore, these incidents must be documented to support both security investigations and safety risk assessments.
What to Include in Incident Reporting
1. Date and Time of the Incident
Record the exact date and time of the incident using a standardized format. Specifically, YYYY-MM-DD HH:MM:SS works best for consistency and compatibility with digital reporting systems. Precise timestamp data is critical for several reasons. First, it establishes the timeline and sequence of events. Second, it identifies shift patterns or time-of-day trends in incident occurrence. Additionally, it determines whether regulatory notification deadlines apply.
For example, OSHA’s 8-hour fatality reporting clock begins from the employer’s first knowledge of the incident, not from when it occurred. In addition, organizations using digital safety management platforms benefit from automated timestamps. Mobile incident report submissions eliminate data entry inconsistencies. Consequently, they provide legally defensible documentation of when reports were filed.
2. Location of the Incident
Document the specific location of the incident — building, floor, department, work area, or GPS coordinates for outdoor operations. In addition, supplement textual location descriptions with visual aids wherever possible. Photographs, site maps, floor plan diagrams, and annotated images precisely pinpoint the incident location. These visual aids provide clarity that written descriptions alone cannot match. Moreover, they prove particularly valuable during OSHA investigations or civil litigation.
Accurate location data enables EHS managers to identify spatial patterns in incident occurrence. For instance, repeated incidents in the same work area are a strong signal of an uncontrolled environmental hazard. Furthermore, precise location data ensures that the correct facilities team, supervisor, or contractor handles the investigation and remediation.
3. Name and Role of the Reporter
Record the full name, job title, department, and contact information of the individual who filed the incident report. This information establishes the credibility and authority of the report. Furthermore, it facilitates follow-up for investigation clarification and creates accountability in the reporting chain.
In organizations with effective safety cultures, workers who witnessed or identified the event file incident reports promptly. Notably, these first-hand reports are significantly more accurate than accounts reconstructed hours or days later. Certainty Software’s mobile reporting capability allows workers to submit incident reports immediately from the incident location. Specifically, the system automatically captures reporter identity and timestamp. As a result, the quality and timeliness of incident data improve dramatically.
4. Name and Role of Those Involved
Identify all individuals directly or indirectly involved in the incident. This includes injured workers, responsible parties, supervisors on duty, and any contractors or visitors present. Record their job titles, departments, and contact details. For injured workers, this section should also capture employment status (employee, contractor, or temporary worker) and length of time in the role. Additionally, note whether the individual had received the relevant safety training for the task being performed.
These details serve several essential purposes. First, they help determine the scope of injury and liability. Second, they fulfill OSHA 300 log documentation requirements. Furthermore, they help assess whether training or supervision gaps contributed to the event. Finally, they ensure that workers’ compensation processes begin promptly for injured parties.
5. Name and Role of Witnesses
Collect the full name, job title, and contact information of all individuals who witnessed the incident. Similarly, include anyone who was present in the immediate area when it occurred. Witness accounts provide independent verification of the incident description. In addition, they can identify contributing factors that the primary reporter or directly involved parties did not see.
Gather witness statements as soon as possible following the incident. Memory accuracy degrades significantly within hours. Therefore, document witness accounts separately from the reporter’s account to preserve independence. In regulatory investigations and legal proceedings, contemporaneous witness statements carry substantial evidentiary weight. For this reason, thorough witness documentation forms a critical component of defensible incident records.
6. Description of the Incident
Provide a factual, objective, and comprehensive narrative of what occurred. Specifically, describe how it happened, the sequence of events leading up to the incident, and any immediate consequences. Apply the 5W1H framework — Who, What, When, Where, Why, and How — to address all relevant dimensions. Write in plain, precise language. Above all, avoid speculation, personal opinion, and jargon that may cause misinterpretation during regulatory review. The description should be thorough enough that an absent investigator can reconstruct a clear picture from the report alone.
Example: On January 25, 2024, at 10:15 a.m., a fire broke out in the ABC Restaurant’s kitchen at 123 Main Street. A malfunctioning gas burner ignited a grease spill on the floor, starting the blaze. Flames spread swiftly to surrounding cupboards and appliances, producing intense smoke. The smoke alarm alerted the restaurant’s personnel and customers, and they fled the premises. Emergency responders arrived within 10 minutes and extinguished the fire. There were no injuries, but the kitchen sustained severe damage, forcing the restaurant to close for repairs.
7. Cause of The Incident
Identify the root cause and all contributing factors that produced the incident. Specifically, these include immediate causes (the direct physical or behavioral event), contributing causes (the conditions that allowed the immediate cause to occur), and systemic root causes (the underlying organizational or management system failures).
The 5 Whys technique is a practical starting point. By repeatedly asking “Why did this happen?” investigators move from symptom to cause. The answers should point to a process failure or management system gap rather than an individual action. Additionally, Fishbone (Ishikawa) diagrams and fault tree analysis are structured tools for complex incidents with multiple contributing factors. Understanding root causes — not just immediate causes — is the foundation of effective corrective action. In fact, organizations that address only the surface-level cause routinely see the same events recur.
8. Action Taken During or After the Incident
Document all immediate response actions during and after the incident. For example, these include first aid administered, emergency services contacted, affected areas isolated or evacuated, equipment secured, and spills contained. Also record any temporary corrective measures you implemented to prevent recurrence until permanent controls are in place.
For each action, record who performed it, when it occurred, and what outcome it produced. This section is critical for evaluating the effectiveness of your emergency response procedures. Specifically, it reveals whether workers followed established protocols and whether the response matched the nature and severity of the event. Consequently, gaps identified in incident response quality should trigger updates to emergency action plans and response training.
9. Injuries or Damages Caused by the Incident
Report all injuries, illnesses, and property or equipment damage resulting from the incident. Include specific details on type, severity, and extent. For injuries, document the body part(s) affected and the nature of the injury (laceration, fracture, burn, strain, etc.). In addition, record the initial medical treatment provided.
Furthermore, note whether the injury meets OSHA recordability thresholds under 29 CFR 1904.7. These thresholds include days away from work, restricted duty, medical treatment beyond first aid, and loss of consciousness. They also include diagnosis of a significant injury by a healthcare professional. Quantify property damage in dollar terms where possible. Ultimately, accurate injury and damage documentation supports OSHA 300 log recordkeeping, workers’ compensation claims, insurance reporting, and TRIR and DART rate calculations.
10. Recommendations Prevent or Minimize Future Incidents
Provide specific, actionable corrective action recommendations that directly address the root causes and contributing factors from the investigation. Effective recommendations follow the hierarchy of controls. Most importantly, elimination of the hazard (most protective) takes priority over engineering controls, administrative controls, and PPE (least protective).
Each recommendation should be specific enough to assign to a responsible owner with a defined deadline. In contrast, vague recommendations like “improve training” or “increase awareness” are rarely implemented effectively. For each corrective action, describe how it addresses the identified root cause. Also explain what measurable outcome you expect and how you will verify completion. Notably, organizations that track corrective action closure rates from incident reports as a KPI demonstrate the management system discipline that regulators and certification auditors expect.
11. Signature of the Reporter and the Supervisor
Obtain signatures — or digital verification in electronic systems — from both the reporter and the responsible supervisor. Include printed names, job titles, and the date of signing. In particular, reporter and supervisor sign-off confirms the accuracy and completeness of the recorded information. It also establishes that management has reviewed the incident.
Moreover, this creates a documented accountability trail essential for OSHA compliance audits and legal proceedings. In digital safety management systems, electronic signature capture with automatic timestamping provides a tamper-evident record. As a result, it satisfies both regulatory requirements and organizational governance needs more reliably than paper signatures.
12. Attachments or Appendices
Attach all supporting documentation that provides additional context, evidence, or verification for the incident report. This includes photographs of the incident scene, equipment inspection records, maintenance logs, and training records for involved workers. Additionally, include MSDS/SDS sheets for chemical incidents, medical reports, repair receipts, surveillance footage references, and any other relevant investigation materials.
Clearly label, number, and cross-reference all attachments within the main report body. Comprehensive documentation packages significantly strengthen incident investigation quality. Moreover, they support more accurate root cause determinations and provide the evidentiary record needed for regulatory compliance, insurance claims, and legal proceedings. Digital incident reporting platforms like Certainty let users attach photos and documents directly to mobile-submitted reports. Therefore, critical evidence stays preserved immediately rather than getting lost before a formal investigation begins.
Let Certainty Help
Certainty Software transforms your manual, paper-based incident reporting process into an immediate, accurate, and fully digital system. In other words, it drives real safety improvement. Certainty’s mobile-enabled platform allows workers to submit incident reports from anywhere — including offline in areas without connectivity. The platform captures all required fields, photos, and supporting documentation at the point of occurrence.
Furthermore, the configurable Checklist Builder lets EHS managers design incident report forms aligned with OSHA 301 requirements. These forms also match organizational investigation protocols and industry-specific regulatory standards. As a result, you get consistent, compliant data collection across every site and shift.
Automated corrective action workflows immediately route action items to the responsible owner with defined deadlines and escalation triggers. This closes the gap between incident identification and hazard remediation — the most common failure point in traditional incident management programs. Additionally, Certainty’s real-time reporting dashboards give safety directors complete visibility into incident trends, open corrective actions, investigation status, and TRIR/DART rate trajectories. Ultimately, this provides the management intelligence needed to drive continuous improvement and demonstrate compliance readiness.
Schedule a demo today to learn how Certainty can improve your performance and sustainability.
Browse our library of free safety audit and inspection checklist templates and improve safety performance today.
You might also be interested in:
Knowing what to include in incident reporting helps teams create records that are useful during investigations and audits. Clear guidance on what to include in incident reporting also improves consistency across locations and supervisors. Training employees on what to include in incident reporting can reduce missing details and follow-up delays.
For more information, see OSHA recordkeeping requirements.
For more information, see NIOSH workplace injury investigation resources.
Frequently Asked Questions (FAQs)
What incidents are required to be reported to OSHA?
Under OSHA 29 CFR 1904, most employers with more than 10 employees must record work-related injuries and illnesses that result in: days away from work; restricted work or job transfer; medical treatment beyond first aid; loss of consciousness; or diagnosis of a significant injury or illness by a healthcare professional. In addition, all employers — regardless of size or industry exemption — must report to OSHA within 8 hours any work-related fatality, and within 24 hours any work-related inpatient hospitalization, amputation, or loss of an eye. Certain severe injuries and fatalities also require immediate reporting to the nearest OSHA office.
Why is near-miss reporting important?
Near-miss reporting is one of the most valuable leading indicators in workplace safety management. Every near miss represents an event where injury or damage was narrowly avoided — meaning the hazard and failure conditions are still present and will likely produce a more serious outcome in a future occurrence. OSHA strongly encourages near-miss reporting as part of a proactive safety program because organizations that systematically capture and investigate near misses can eliminate hazards before serious injuries occur. Near-miss data also helps EHS managers identify systemic risk patterns, prioritize corrective actions, and demonstrate the proactive hazard identification that characterizes high-performing safety programs.
How long should incident reports be retained?
OSHA requires that OSHA 300 logs, 300A summaries, and 301 incident reports be retained for five years following the end of the calendar year they cover. However, organizations should consider retaining incident reports for longer periods — particularly for incidents involving serious injuries, chemical exposures with long latency periods (such as silica or asbestos exposure), or events that generated workers’ compensation claims or litigation. Many organizations retain all incident records for 10 years or more as a best practice, especially in industries governed by EPA, DOT, or MSHA regulations that may impose separate, longer retention requirements.
What is the difference between an incident report and an accident report?
An incident report is the broader category — it covers any unplanned workplace event that causes or could cause injury, illness, property damage, or operational disruption, including near misses and hazard observations where no injury occurred. An accident report specifically documents events where injury, illness, or property damage actually resulted. Most modern safety management programs use the term “incident report” to encompass all categories, because capturing near misses and hazards — not only actual accidents — provides the leading indicator data needed for proactive safety improvement and is required by ISO 45001 Clause 10.2.
