| | | |
| | | |
Water Quality Accountability Act (N.J.S.A. 58:31-1 et seq.)
What is the Water Quality Accountability Act?
Notice: The submission of the 2021 WQAA Annual Certification is now being accepted by the Department. Please use the revised Annual Certification Form Submittal Instructions
The Water Quality Accountability Act, P.L. 2017, c. 133 (WQAA), enacted on July 21, 2017, established new requirements for purveyors of public water to improve the safety, reliability, and administrative oversight of water infrastructure. The WQAA became effective on October 19, 2017.
Additionally, on November 8, 2021, amendments to the WQAA were signed into law as P.L. 2021, c. 262. The full text of these changes can be found here. These changes enhance the cybersecurity requirements of the WQAA, among others. To stay up to date on regulatory updates pertinent to the WQAA, please subscribe to the Department’s WQAA mailing list using the “Email Updates” Box below.
2021 WQAA Amendments Overview (3/2022)
DEP Issues, “Water Quality Accountability Act Guidance” (5/22/2020)
Who does the Water Quality Accountability Act affect?
The Act applies to public community water systems with more than 500 service connections, which is approximately 300 water systems in New Jersey.
What are the new requirements created by the Water Quality Accountability Act?
The Act requires purveyors to create and implement an asset management plan designed to inspect, maintain, repair, and renew its infrastructure consistent with standards established by the American Water Works Association. In addition, the Act also specifies a methodology for routinely testing valves and fire hydrants. Also, the Act supplements the Safe Drinking Water Act (N.J.S.A. 58:12A- 1 et seq.), by requiring the submittal of a mitigation plan by purveyors that exceed a certain number of violations in a within any 12-month period. Purveyors regulated by the Act will also need to create cybersecurity programs and join the NJ Cybersecurity and Communications Integration Cell.
How will the Water Quality Accountability Act be implemented by the NJDEP?
While the Act establishes the New Jersey Department of Environmental Protection (NJDEP) as having a central role in its implementation, it also identifies several other agencies (New Jersey Board of Public Utilities, New Jersey Office of Homeland Security and Preparedness, and the New Jersey Department of Community Affairs), with essential roles. The NJDEP is committed to the successful implementation of the Water Quality Accountability Act, and is working to identify all options for implementation that will improve the reliability, resiliency, and sustainability of NJ’s water utilities, ultimately improving the protection of public health and the environment. NJDEP continues to coordinate with partner agencies and also initiated the stakeholder process with a meeting held on November 27, 2017, to solicit comments/input. The Department also intends to follow the statutory requirement posed by the 2021 WQAA Amendments to adopt regulations fully implementing the WQAA by May, 2023.
The 2021 Amendments to the WQAA (P.L. 2021 c. 262), were signed, and became effective on November 8th, 2021. Updates to the original WQAA’s requirements are presented for comparison.
Valves (Section 3)
Valves Greater than or equal to 12"
|Inspect every 2 years – by 10/19/2019 and every other year thereafter
||Inspect every 4 years
|All other valves
||Inspect every 4 years – by 10/19/2021 and every four years thereafter
||Inspect every 8 years
||GPS to the extent possible
|Repair all valves when found to be broken or otherwise not operational
|Retain Inspection Records
||For at least 6 years
||For at least 12 years
- clearing the area
- cleaning out valve box
- dynamic testing – opening and closing valve according to manufacturer or the number of turns equal to 15% of completely open
Hydrants (Section 3)
All fire hydrants
|Test annually – by 10/19/2018
|Implement a plan for hydrants and dead mains
|GPS all to the extent possible
|Label each with the purveyor's name (eg. Abbreviation or corporate symbol), as well as an identifying number or symbol, with paint, brand, or soft metal plate
||Label each with the purveyor’s name (eg. Abbreviation or corporate symbol), as well as an identifying number or symbol, with a soft metal plate, plastic, or another durable material
|Retain inspection records for 6 years
||Retain inspection records for 12 years
Cybersecurity Plans (section 4)
The Water Quality Accountability Act requires that public community water systems that have more than 500 service connections to develop a cybersecurity program in accordance with the requirements established by the Board of Public Utilities (Board), and the 2021 amendments to the WQAA. The Boards’ Order identifies comprehensive cybersecurity requirements for Board regulated electric, natural gas, and water/wastewater utilities and includes the following:
- Establish a cybersecurity program that defines and implements organization accountabilities and responsibilities for cyber risk management activities and establish policies, plans, processes and procedures for identifying and mitigating cyber risk to critical systems;
- Conduct risk assessments and implement appropriate controls to mitigate identified risks;
- Maintain situational awareness of cyber threats and vulnerabilities;
- Report cyber incidents and suspicious activity to Board Staff via the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC);
- Create and exercise Incident Response and Recovery Plans; and,
- Provide cybersecurity awareness and training programs.
Further, the Board Order requires each utility to appoint an executive to oversee the cybersecurity program.
The 2021 amendments to the WQAA require that cybersecurity programs must be updated within 180 days of the effective date of the law (due May 7, 2022), and to ensure that the cybersecurity program conforms to one or more of the following industry-recognized cybersecurity frameworks.
- The Framework for Improving Critical Infrastructure Cybersecurity developed by the National Institute of Standards and Technology;
- The Center for Internet Security Critical Security Controls for Effective Cyber Defense; or
- The International Organization for Standardization and International Electrotechnical Commission 27000 family of standards for an information security management system
Whenever a final revision to one of these frameworks is published, water purveyors whose cybersecurity program align with that framework, must revise their program within 180 days and submit a copy of the revised program to the NJCCIC.
Additionally, effective February 6, 2022 water purveyors are required to notify NJCCIC within 30 days of experiencing a cybersecurity incident that meets the following criteria:
- Any cybersecurity incident that results in the compromise of the confidentiality, integrity, availability, or privacy of the water purveyor’s utility billing, communications, data management, or business information systems, or the information thereon; and
- Any cybersecurity incident against the water purveyor’s industrial control system, including monitoring, operations, and centralized control systems, that adversely impact, disable, or manipulate infrastructure, resulting in loss of service, contamination of finished water, or damage to infrastructure.
NJCCIC will then audit that cybersecurity program within 30 days, at the purveyor’s expense, and identify cyber threats and vulnerabilities to that purveyor, and provide strategies to addresses those weaknesses to mitigate future cybersecurity threats. Following the audit, corrective action plans are required to be submitted to the NJCCIC.
Water Pruveyors are also required to purchase cybersecurity incident insurance policies.
By February 16, 2018, all applicable purveyors are required to have developed a cybersecurity program in accordance with the Board’s requirements. All applicable purveyors will be notified of the date and process for the future submission of the cybersecurity program.
In addition, 60 days after development of the Cybersecurity Plan (by April 17, 2018, if developed on February 16, 2018), applicable purveyors are required to join the New Jersey Cybersecurity and Communications Integration Cell to promote awareness of cyber related threats, attacks, resources and tools, and to create a cyber security incident reporting process.
Notice of Violation/Mitigation Plans (section 5)
- A mitigation plan (including a report by a licensed operator (LO) and professional engineer (PE) that includes a technical analysis of how the mitigation plan is intended to prevent the reoccurrence of the notices of violation) must be submitted to DEP:
- By purveyors who have received 3 notices of violation for any reason within a rolling 12-month period
- By purveyors who have received 2 violations related to MCL exceedances within a rolling 12-month period
Certification (section 6)
- The highest ranking official (e.g. executive director, mayor) must certify in writing to the Department, annually, that the water purveyor complies with all Federal and State drinking water regulations and the relevant sections of the WQAA.
The forms/directions for submission are:
- When completing the Certification Form, please feel free to use the comment lines, or add additional pages for providing supporting details for both compliance and non-compliance with a requirement(s).
- Effective November 8, 2021, annual certification forms must be posted on the purveyor’s website, if the purveyor has a website.
- A dataminer report is available at https://www13.state.nj.us/DataMiner, under the “Water Supply and Geoscience” Category to view certification forms that the Department has received by PWSID.
The 2021 WQAA Amendments require the Department to audit a random selection of 10% of water purveyors’ certification statements. If a water purveyor fails to submit a certification in a timely manner, the Department must audit that certification. If the Department determines that a purveyor has made a false or misleading statement in a certification form, the Department must forward the matter to the Attorney General for additional follow-up.
For BPU regulated purveyors, the certification form may be sent via email to Board.Secretary@bpu.nj.gov or mailed to:
Secretary of the Board
Board of Public Utilities
44 South Clinton Avenue
3rd Floor, Suite 314
Post Office Box 350
Trenton, NJ 08625-0350
Asset Management Plans (section 7)
- By April 19, 2019 – purveyors need to have implemented an Asset Management Plan.
- Though the plan does not need to be submitted, it must be available upon request during inspection by the Department, and certification that the plan has been implemented must be completed on the annual October certification form.
- Minimum requirements of the Plan are:
- A water main renewal program with a 150-year replacement cycle or other appropriate replacement cycle determined by a detailed engineering analysis, or by the Department
- A water supply and treatment program designed to inspect, maintain, repair, renew, and upgrade pumps, sources and treatment facilities
- Asset management plans and system condition reports must be certified by the LO or PE and the person required to sign the annual certification form outlined in section 6 (e.g. executive director, mayor).
- Consistent with AWWA standards
- The Department’s Asset Management Plan Technical Guidance can be found here.
- Annually – each purveyor must dedicate funds to address/remediate the highest priority projects in their plan
- By April 19, 2022 and annually thereafter, each purveyor must submit to the Department and BPU or DCA (whichever is applicable) a report based on the infrastructure improvements taken, and to be taken and the costs of those improvements. The Department is finalizing the central portal to receive these reports, and will share more details with purveyors once they are available.
Agency partners are working to build a portal available for the electronic submission of this requirement in the future.
Visit the Department’s existing Asset Management Program website for more general information on Asset Management Planning.
Per the 2021 Amendments to the WQAA, By April 19, 2022 and annually thereafter, each purveyor must submit to the Department and BPU or DCA (whichever is applicable) a report based on the infrastructure improvements taken, and to be taken and the costs of those improvements. The Department has finalized the central portal to receive these reports at https://www.nj.gov/dep/online/. The below worksheet outlines the requirements for this submittal, and instructions for how to access the submittal service. This report must be submitted for each Public Community Water System with more than 500 service connections on a per-PWSID basis.
Capital Improvement Report Template Worksheet
Please note that this spreadsheet is only a guidance tool to assist you in compiling information, and is not an acceptable means for submitting information to the Department. Failure to use the portal to submit this information may result in enforcement actions. For questions, or issues related to this requirement, please contact the Department at WQAA@dep.nj.gov, and a staff member will be in contact with you to provide assistance.
For 2022 only
, an extension to the April 19th deadline is possible upon request. To submit an extension request, send an email to WQAA@dep.nj.gov
including your water system’s PWSID and “CIR Extension Request” in the subject line. Do not submit extension requests until after April 1, 2022.
The 2021 Amendments to the WQAA include a number of steps that the Department must take. Those steps include the following:
- The adoption of rules to full implement the WQAA by May, 2023. Per the rulemaking timeline, the Department expects to issue a rule proposal by May, 2022.
- The creation of a Report Card by November 8, 2022. The 2021 Amendments require the Department to develop and publish a report card for each water purveyor in the State, indicating the water purveyor’s compliance with federal and State drinking water quality standards, the WQAA, and any other factors the department deems appropriate. The Department is in the process of evaluating the factors to be considered in that report card, and will share more information as the due date approaches.
- The Department will be required to issue a report to the Governor on the Legislature on May 8, 2023, and every three years afterwards, outlining the data received by the Department in the Capital Improvement Reports. This report must include an analysis of the analysis of the total estimate cost of water infrastructure improvements statewide over the next ten years, as well as compliance with the WQAA as a whole.
Frequently Asked Questions
Question - Who does this legislation apply to?
Answer – All public community water systems with 500 or more service connections.
VALVE/HYDRANT INSPECTION QUESTIONS
Question – Do I have to submit my inspection/flushing records?
Answer – Not currently, however you are required to maintain these records for at least twelve years, and they should be made available during inspections conducted by the Department. However, the Capital Improvement Report requirement will require some baseline reporting on valve and hydrant testing frequency.
Question – Can I use a sticker or ring to label my fire hydrant?
Answer –Yes. The 2021 amendments to the WQAA provide additional flexibility for purveyors to select a way to label their fire hydrants, being a soft metal plate, plastic, or another durable material.
Question – Do I need to inspect all of the valves in my system, including the treatment system?
Answer – The Department interprets the legislation to include the valves in the distribution system, and not those in the treatment system.
Question – Are there specific standards I need to adhere to when collecting GPS data?
Answer – Yes, all GPS data must be collected in accordance with NJDEP standards. Please see the “NJDEP GPS Data Collection Standards for GIS Data Development.”
Question – What AWWA standards should I be using for my hydrant and valve inspections?
Answer – AWWA manuals M17 (Fire Hydrants: Installation, Field Testing & Maintenance) and M44 (Distribution Valves: Selection, Installation, Field Testing & Maintenance).
Question – What are the submission requirements of the cybersecurity plan?
Answer - In March 2016, the Board of Public Utilities (BPU) adopted cybersecurity requirements applicable to their regulated universe (Electric Sector, Natural Gas Sector, and regulated water/wastewater systems.) The requirements established were developed in consultation with experts in utility cybersecurity and involved the NJ Cybersecurity & Communications Integration Cell (branch of NJOHSP), and the FBI. The Executive Order can be found at www.nj.gov/bpu/pdf/boardorders/2016/20160318/3-18-16-6A.pdf. These same requirements are also applicable to systems subject to the Water Quality Accountability Act.
Question – What counts as an “internet-connected control system?"
Answer – With the 2021 Amendments to the WQAA, there is no longer an exemption for water purveyors without internet-connected controlled systems. All public community water systems with >500 service connections must develop cybersecurity programs. For more information please contact NJCCIC
Question – What is the New Jersey Cybersecurity and Communications Integration Cell, and how do I join it?
Answer – The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) is the State’s one-stop shop for cybersecurity information sharing, threat analysis, and incident reporting. All purveyors under the WQAA (that have internet-connected control systems) must join NJCCIC within 60 days of developing their cybersecurity program. This can be done by accessing their website: www.cyber.nj.gov/, clicking on the “Membership” tab, and filling out the relevant contact information.
ASSET MANAGEMENT QUESTIONS
Question – Is there funding available for developing an Asset Management Plan?
Answer – Yes, through the Drinking Water State Revolving Fund, up to $100,000 per applicant is available, with principal forgiveness, for systems with less than 10,000 people. Short-term interest free loans are available for larger systems with a capital improvement. Click on the “Funding” tab.
Question – Do I need to submit my Asset Management Plan?
Answer –No, you do not need to submit your Asset Management Plan; however, the Asset Management Plan must be implemented by April 19, 2019, and must be available upon request during inspection by the Department. Also, you must certify that your Asset Management Plan has been implemented on the annual October certification form. In addition, an Asset Management Plan Report will be required to be submitted in April 2022.
Question – What should be included in the content of the annual Capital Improvement Report?
Answer – The first report that will be submitted to DEP, BPU, and DCA regarding the status of each purveyor’s Asset Management Plan will not be due until April 19, 2022. A template and guidance will be provided as the Department and agency partners develop specific requirements for this submittal item. Broadly speaking, the report should be submitted annually. It must include updates about infrastructure improvements that have been made both in the previous three years, and planned improvements in the next three to ten years.
Question – Do all water mains need to be on a 150-year replacement cycle?
Answer – The mains must be replaced on a 150-year replacement cycle, an other appropriate cycle as determined by a detailed engineering analysis, or as determined by the Department.
Question – Do I need to do a water loss audit as part of my Asset Management Plan?
Answer - Yes, a thorough Asset Management Plan should include a water loss audit. Free water loss audit software can be obtained on the American Water Works Association website.
Question – Are there any AWWA manuals that would be useful in developing my Asset Management Plan?
Answer - AWWA manuals M28 (Rehabilitation of Water Mains) and M36 (Water Loss Audits and Loss Control Programs).
The Water Bank has the ability to finance any planning, design, Asset Management or Fiscal Sustainability Plan development or investigative activities as required under the Water Quality Accountability Act, as long as these activities result in a Capital Improvement Project. The Financing is available in the form of a Short Term (3 year) Loan, presently at low interest rates with the expectation to convert this financing into a Long Term (30 Year or useful life) Loan along with the Financing of the Capital Improvement Project through the program. Principal Forgiveness up to $500,000 for systems serving a population 10,000 or fewer may also be available. Please contact the Water Bank for more information.
Questions about the WQAA can be addressed to the WQAA@dep.nj.gov email address or by calling the Division of Water Supply & Geoscience at 609-292-7219