Love Your Employees by Protecting Them: The Duty of Care
We’re gonna cut to the chase: investing in the protection of your people, places, and digital assets is not an option. It’s a legal requirement called Duty of Care.
Duty of Care is a critical issue with tangible implications for any company, large or small. The legal responsibility organizations have to prevent any reasonably foreseen acts or omissions that could harm others. A company violating its duty of care by acting negligently or in a reckless manner may be liable for harm suffered from many events, including those caused by inadequate security.
What’s past that legal-eze? If you could have prevented it, if it was a knowable risk, if people were harmed in any way, the company is exposed. Legally. Financially. Reputationally.
What to Do with Duty
Start with a structured plan. It should be a companywide effort – from the C-Suite down – to ensure people, facilities, and other assets are protected. Enable communications between all departments such as medical, legal, travel, public affairs, risk management, finance, and others relevant to the Duty of Care concerns. As with all efforts of this scale, a facilitator is key. SAGE Integration leaders are trained for this type of comprehensive engagement. (Spoiler alert: Many integrators aren’t.)
Identify a company’s security strengths and weaknesses. Look for any previous security breaches and propose remedies to prevent them from occurring again. Show your work. Documentation is a critical defense against the complex network of state and national Duty of Care laws. Prioritize risks based on probability and scale, everything from active shooters to natural disasters. Plan and budget for your security infrastructure investments. Engage an integrator who can work strategically, and efficiently use your investment to link cyber and physical protections. Formalize your policy manual to outline employee roles in an emergency. Build-in regularly scheduled drills and employee training to support.
It’s Not Just On-Prem
In a modern work structure, it should go without saying that your Duty of Care extends past your property lines. WFH and traveling employees extend the boundaries of your responsibilities. Investments in protocols and supports to improve their safety goes a long way. Remember that with employees accessing your network from anywhere and your network’s connectivity to your perimeter management and access control, your physical security depends on cyber alertness. Increasing anecdotal data is showing that low occupancy environments in everything from corporate headquarters to senior living are increasing security risk. All of this deepens and widens your Duty of Care. It’s a brave new work of risk out there, is your security planning rising to the challenge? You simply do not want litigation and the headlines of the Wall Street Journal to be the moment you realize that your Duty was left unsecured.
What It’s Going to Take
We won’t dance around this: It’s going to take commitment, time, and budget to confidently meet the requirements of your duty to protect your people. You can’t one-off this, and it’s not the moment to find the discount solution. Your organization has unique needs and you need a customized plan, not some boiler-plate string of devices that were installed during the Bush administration.
Budgets are real. And that’s why you’ve got to take this seriously. The cost of just one poorly managed situation may far outweigh the costs of implementing a well-planned program.
Security technology and today’s innovations can transform a hobbling care plan with swiss cheese scale holes in its protections into a proactive risk prevention plan that is budget-managed and responsive to an ever-changing world of threats.
At Sage, we have a duty of care to protect our clients, a responsibility we take very seriously. Our diverse client base and national footprint enable us to provide expert advice to help protect against loss of life, business disruptions, and damage to a company’s reputation. Our employees are embedded inside the operations of our enterprise clients. This isn’t theory to us.
We fight for your Duty of Care because we live it ourselves, every day. A radical obsession with threat prevention is what employee-empowered companies do.