SB-553 Annual Review: What California Employers Must Do — and What Most Are Getting Wrong

California’s SB-553 has been in effect since July 1, 2024. For employers who built their initial Workplace Violence Prevention Plans around that deadline, the first annual review was due by July 1, 2025. That date passed ten months ago.

Most California employers have done one of three things with their annual review: missed it entirely, signed off on the plan without substantively reviewing it, or conducted a genuine review but failed to document it adequately. Any of these leaves the employer in a weaker compliance position than a properly conducted and documented annual review would produce.

This article covers what the annual review actually requires under California law, what documentation it should produce, what the most common failures look like, and why the approaching permanent Cal/OSHA standard makes the annual review especially consequential in 2026.

What Does the Law Actually Require?

California Labor Code § 6401.9 requires employers to review their Workplace Violence Prevention Plan in three circumstances:

• At least annually — regardless of whether any incidents have occurred
• After any workplace violence incident— to assess whether the plan’s procedures were adequate and whether changes are needed
• Whenever a deficiency is identified — including when an employee raises a concern that reveals a gap in the program

The law does not specify what the annual review must look like or how long it must take. It specifies that it must happen and — by necessary implication — that it must be documented. A review that cannot be demonstrated to have occurred is, from Cal/OSHA’s perspective, a review that did not occur.

What Does a Genuine Annual Review Cover?

The purpose of the annual review is not to sign off on the plan. It is to assess whether the plan is still accurate, still functional, and still adequate given what has happened in the past twelve months. A genuine review asks and answers five questions:

1. Has anything changed at this location?

Physical changes — new work areas, renovated spaces, changed access points, new equipment — may create hazards not addressed in the current plan. Personnel changes — new supervisors, turnover in high-risk roles, changes to the staffing model — affect how the plan functions in practice. The plan must reflect the current reality of the workplace, not the workplace as it existed when the plan was written.

2. Were there any incidents or near-misses in the past year?

Review the Violent Incident Log for the prior twelve months. Every logged incident is a data point about where the program is working and where it is not. Look for patterns — incidents concentrated at a particular location, time of day, or type of interaction. An incident that triggered a corrective action should be reviewed: was the action implemented? Did it work?

If the log is empty or near-empty, ask whether that reflects an absence of incidents or an absence of reporting. An empty log in a high-risk environment often indicates that near-misses and non-injury incidents are not being reported — which is itself a compliance gap.

3. Are the reporting procedures working in practice?

Ask employees — or have supervisors ask employees — whether they know how to report a concern, who to report it to, and whether they would feel comfortable doing so. The plan’s anti-retaliation provisions are only meaningful if employees trust them. If employees are hesitant to report, that hesitancy is a hazard.

4. Has the training requirement been met?

Verify that all employees received annual training within the past twelve months, that training documentation is complete and retrievable, and that the interactive discussion requirement was satisfied and documented. New employees hired since the last training cycle should have received training upon hiring. If documentation gaps exist, address them before the review is finalized.

5. Has the named responsible person changed?

The plan must name a specific individual responsible for implementation. If that person has changed — due to turnover, promotion, or reorganization — the plan must be updated. A plan that names someone who no longer works at the organization or no longer has responsibility for the program is not a compliant plan.

What Should the Review Documentation Look Like?

The annual review should produce a written record that documents:

• The date the review was conducted
• Who participated in the review
• What was reviewed — specifically which elements of the plan were evaluated
• What the review found — including any incidents from the prior year and what corrective actions were taken or are planned
• What changes were made to the plan as a result — or a statement that no changes were required and the basis for that conclusion
• The signature of the responsible party confirming the review was completed

This does not need to be a lengthy document. A one-to-two page review memo that addresses each of these elements is sufficient. What it must be is genuine — a document that reflects an actual evaluation of the program, not a pro forma sign-off on the same plan that was filed twelve months ago.

The review documentation should be retained with your other WVPP records. Cal/OSHA can request to see it during an inspection. An employer who says “we reviewed it” without being able to produce a record of the review is, for compliance purposes, an employer who did not review it.

What Are Most Employers Getting Wrong?

Treating the review as a signature exercise.The most common annual review failure is the least dramatic one: the plan is printed, the responsible person signs the cover page, and the plan is refiled. Nothing is evaluated. Nothing is updated. The review “happened” in the sense that someone touched the document — but nothing that the law contemplates when it requires an annual review actually occurred.

This approach creates a specific liability problem. If an incident occurs and the plan is produced in discovery, a plaintiff’s attorney will note that the plan has been signed off on annually without a single modification over multiple years, in an organization that experienced reportable incidents during that period. That record — annual sign-offs with no changes despite documented incidents — is evidence that the review was nominal, not substantive.

Not updating the plan when conditions change.SB-553 requires review “whenever a deficiency is identified.” A new work area that creates a new hazard is a deficiency. A pattern of incidents concentrated at a specific location is a deficiency. A change in the customer population that creates new Type 2 violence risks is a deficiency. The annual review should be the moment these deficiencies are systematically identified — not the moment they are overlooked.

Failing to verify training documentation. Training documentation gaps are among the most common findings in Cal/OSHA WVPP inspections. The annual review is the right moment to verify that documentation is complete, accurate, and retrievable — not to discover during an inspection that records are missing. For a full treatment of what compliant training documentation looks like, see our article on California compliance requirements.

Why Is the 2026 Annual Review Especially Important?

Cal/OSHA is required to adopt a permanent workplace violence prevention standard for general industry by December 31, 2026. When that standard is adopted — and the rulemaking is in its final stages — every existing WVPP will need to be reviewed against the new requirements.

Organizations that conduct a genuine 2026 annual review are positioning themselves to manage that transition as an incremental update. They will know what their plan currently says, what gaps the 2025 review identified and addressed, and what the delta between their current program and the permanent standard looks like.

Organizations that conduct a nominal 2026 annual review — or no review at all — will face the permanent standard with an unreviewed plan, unknown gaps, and a compressed timeline to comply. That scenario is significantly more expensive and more disruptive than a well-maintained annual review program would have been.

The permanent standard is also expected to be more prescriptive than the current SB-553 requirements in certain areas — the definition of workplace violence, the required content of hazard assessments, and potentially training requirements. Understanding where your current program stands before the permanent standard is finalized is the most cost-efficient time to address gaps.

For a full overview of what the permanent standard is expected to require and the current state of the rulemaking, see our article on the permanent Cal/OSHA standard.

What If You Missed the July 2025 Annual Review?

If your organization has not conducted a documented annual review of its WVPP since July 2024, the right response is not to panic — it is to conduct the review now and document it as the 2025–2026 review cycle completion. Do not backdate documentation. Create an accurate record of what was reviewed, when, and what was found.

Going forward, calendar the annual review as a recurring event with sufficient lead time to gather the necessary information — incident log review, training records verification, hazard assessment walk-through — before the review itself. A review conducted under deadline pressure with incomplete information is better than no review, but a review conducted with adequate preparation is the one that actually improves the program.

If reviewing your plan reveals gaps you are not sure how to address — hazards that require professional assessment, training documentation that needs to be rebuilt, or a plan that is so template-based that it requires substantial rewriting to be genuinely site-specific — see the seven most common SB-553 compliance failures for a structured approach to identifying and prioritizing what needs attention.