Most organisations, large and small, recognize that they have a responsibility to protect their staff, many organisations still fail to appreciate the full range of their duty of care responsibilities and the implications that these have for security risk management.
The duty of care standard has escalated significantly over the past decade, and what was once considered good enough would certainly not be considered sufficient today. Though duty of care is a legal term for the responsibilities organizations have regarding their staff, there is also an ethical obligation that organizations should consider.
Principally, duty of care means confirming that suitable mitigation measures and support are in place to prevent and respond to incidents and that all staff are sufficiently informed of the risks and the applicable mitigating measures. It is vital to understand that duty of care is more than just security. Security risk management is one element among organization’s key responsibility for the health, safety, security and wellbeing of its staff.
Duty of care responsibilities is not limited to contractual relations between employer and employee. Organizations also have a duty of care concerning those who are acting on behalf of the organizations, such as official visitors, contractors, consultants, volunteers, and beneficiaries.