Duty of Care in Security Practice – What you need to know


Group of 5 young people around a white board holding papers discussing risk management and security HEAT e-learning

Duty of care is a complex topic and one that is being discussed and evaluated more closely than ever. Employers have a legal responsibility to take reasonable care for the health and safety of their employees, contractors and sub-contractors wherever they are working or travelling. But what does this truly mean and who does duty of care apply to?


Providing duty of care means knowing your legal obligations regarding the duty of care as well as being able to systematically reduce the safety and security risks faced, is essential for protecting the interests of any institution working in suchenvironments. By implementing an enabling risk management system, you may also be able to increase your ability to implement projects and increasing your productivity and your reputation.


At Safer Edge, our aim is to support your institution in addressing safety and security risks faced and to help you comply with legal requirements. One way this can be achieved is through an enhanced Risk Management System tailored to integrate with your existing ways of working and complimentary to your organisational structure and culture.


The current global environment presents countless challenges to those seeking to engage in international development, research and business opportunities. Significant economic turbulence, targeting of those with ‘Western’ affiliations and an increase in the frequency of natural disaster events continues to obstruct effective project delivery and threaten employee safety. Knowing your legal obligations regarding the duty of care you owe, as well as being able to systematically reduce the security risks faced, is essential for protecting the interests of any business working in such environments. However, by implementing an enabling risk management system, you may also be able to increase your ability to operate, your productivity and ultimately, your reputational advantage. This article outlines what you need to know about your duty of care and leads you towards self-assessing if your organisation is legally fulfilling its obligations.


What do we mean by duty of care?


English law states that employers have a legal responsibility to take reasonable care for the health and safety of their employees, contractors and sub-contractors wherever they are working. In addition, they are also responsible for third parties who could be affected by the acts or omissions of an employer’s, employee’s or contractor’s behaviour. Employers should take all reasonable steps to ensure the health, safety and wellbeing of employees and ensure that their activities do not cause injury or damage to anotherthrough some act of carelessness or through an omission.


In English law, employers must take reasonable care to avoid acts or omissions which you would reasonably foresee to be likely to injure your ‘neighbour’. Conditions to be provedfor this are:


  1. A duty of care must be owed by the employer to the employee/contractor/third party - duty to take reasonable care to avoid injury, loss and damage to other persons based on reasonable foresight of harm and a relationship of proximity. It must be fair, just and reasonable to impose a duty of care.

  2. The duty of care must have been breached - using the ‘reasonable’ person test did the organisation act or failto act in a way that a reasonable person wouldhave in those particular circumstances.

  3. The injury or loss suffered by the employee/contractor/third party must have been due to the breach of duty of care - theinjury, disease, damage and/or loss suffered was as a direct resultof the breach


“An employer can be deemed to have breached their duty of care by failing to do everything that was reasonable in the circumstances to keep the employee safe from harm. Employees also have responsibilities for their health and wellbeing at work - forexample, they are entitled by law to refuse to undertake work that isn't safe without fear of disciplinary action.”
-ACAS

What are the costs and benefits?


A lack of adequate duty of care exposes yourorganisation or institution to several potential implications:


  • Damage – injuryor death to employees/contractors/third parties, property damage

  • Project disruption – damage to key equipment/infrastructure, suspension or cessation of project activities, reduced morale and productivity, legal restrictions

  • Financial – medical and evacuation expenses, sick pay, compensation claims for damage, increasedinsurance costs, legal claims resulting from injury or death, litigation costs

  • Reputational – inability to achieve project/research aims, loss of clients/donors, inability to attract newbusiness, high staffturnover


An appropriate duty of care system, fully integrated into organisational practice and culture, will mitigate theseimplications. Beyond the legal requirement for duty of care, it is increasingly seen that an organisation demonstrating attention to its moral duty of care can achieve greater success through:


5 benefits of duty of care in securiy risk management sytem; attracting and retaining better skilled employees; increased employee trust; increased productivity; increased reputation; attracting and retaining donors or clients

Moreover, it will allow your organisation to work more safely for longer in challenging environments, further increasing your ability to achieve greater project and organisational success.


What are the requirements?

An employer owes a duty of care to its employees, contractors, sub-contractors and others who may be affected by its actions or the actionsof its employees, contractors and sub-contractors.


Duty of Care applies at:

  • All employers’ offices and other placesof work

  • At third party premises where employees or contractors/sub-contractors are working on behalf of the employerAnywhere else where employees, contractors and sub-contractors may be working on behalf of the employer, e.g., out in another country location.

What must an employer do to satisfy duty of care?

In English law, an employer must provide:

  1. A safe place of work, including access and egress

  2. Safe location and equipment

  3. A safe system of work

  4. Safe and competent fellow employees

  5. Adequate levelsof supervision, information and training


In essence, employers are expected to demonstrate good risk management of safety and security through an approach that assesses hazards and ensures that appropriate controls (mitigating measures) are put inplace.


In practical terms for organisations or institutions working in challenging environments this includes:

  • Undertaking riskassessments as partof project designand prior to travel

  • Monitoring changing contexts and updating risk assessments as required

  • Implementing standard procedures to mitigate the identified risks

  • Providing adequate accommodation and transport

  • Tracking of employees

  • Considering if employees/contractors are capable and suited to working in particular environments

  • Training employees so that they understand the context they will work in, the threats they may be exposed to and the mitigation procedures they must follow

  • Providing travel and medical insurance

  • Ensuing contingency plans are in place for managing incidents or crises that may occur, such as medical evacuation or kidnap


An Enabling Risk Management Solution

We recommend a simple three-step process to ensure that organisations and institutions are able to provide sufficient duty of care through an enabling risk management system:



Graphic describing 3 step security risk management system: Step 1: Audit & Review; Step 2: System Creation; Step 3: Support


System Audit & Review - review of relevant documentation, and discussions with individuals and group meetings with key management. This will reveal strengths in the current ways of working, identify where existing systems may be lacking, prioritise gaps and determine who is owed whatlevel of dutyof care.


Creating/Adapting the System - with a comprehensive picture of your requirements collaborative design of the risk management system can be achieved, formulating a solution that builds on and fully integrates into your existing practices and procedures. The solution elements are likely to cover safety & security policy, collation of relevant information, provision of an analytical framework to make informed decisions, ability to record and disseminate decisions and guidance, standard procedures for everyday operations/activities, business continuity planning, development of crisismanagement capacity, insurance arrangements, analysis of employee training requirements.


Ongoing Support Services while the Risk Management system gives you a framework in which to effectively manage risk different requirements to support that system will be identified as your organisational operations/projects develop. Additional support will ensureyou further buildyour organisational capacity and confidence in risk management, allowing you to rapidly exploitnew opportunities as they arise.Support requirements may include:


Advisory: Security reviews, risk assessments, pre-deployment context briefings, facilities reviews, budgeting guidance, logistics support (accommodation, venues, transport), incident/crisis management advice


On The Ground: Arrival briefings, unarmed close protection, emergency local contacts, trauma medics, safetyand security managers, partner organisation support.


Capacity Building: General or bespoke face-face training, live onlinetraining, e-learning, coaching/mentoring


Ultimately, this approach will ensure you achieve a functioning risk management system, adaptable as your organisation grows, that enables proactive engagement with risk management, and that reduces your legal,financial and reputational vulnerability.



Enabling Risk Management in Practice

One law organisation we worked with adopted a complete integrated and inclusive risk management solution to support and protect their teams of staff over a three-year period of work in the Niger Delta area of Nigeria. This focused on a high-profile case, requiring travel to and around remote locations. The security management plan and in-country logistic support, based on equitable security principles, facilitated travel around remote locations in support of the high profile, sensitive case. The project remained incident free, was low cost and highly effective.


Several organisations, including a growing and internationally active Monitoring and Evaluation organisation, a large multinational development organisation, and a leading academic development institute have recently adopted a more pro-active, equitable risk management approach. As a result, they have been able to:

  • Create compelling and credible risk management elements to fulfil duty of care criteria in project bids

  • Ensure trustees/management canmake more informed Go/No Go decisions for international projects

  • Ensure that security considerations are properly budgeted in proposals according to ‘minimum effective dose’ principles – enough to stay cost-effective/competitive and enough to ensure that the project does not lose money due to unforeseen costs

  • Understand a country context and associated risks, and so develop context-appropriate procedures to minimise those risk

  • Provide employees, consultants or researchers with pre departure briefings, in country briefings, and any required training

  • Easily locate suitable accommodation and other logistics requirements

  • Develop capacity within the organisation to manage potential crises in order to reduce the personal, financial and reputational impact faced by the organisation


At Safer Edge. we have a long history of supporting aid organisations in security and risk management enabling them to establish and maintain projects delivering aid to people everywhere in the world. This includes online security management and security e-learning courses. Our aim is to support your organisation in addressing safety and security needs to reduce the risks faced and comply with legal requirements. This is achieved through the development of a comprehensive Risk Management system, tailored to integrate with your existing ways of working and complimentary to your organisational structure and culture. In so doing, we will provide a stronger foundation upon which you can better capitalise on opportunities and achieve project success in the complex global environment.


Email us at: operations@saferedge.com if you'd like to know more!