October 3, 2023

A thin line

Bob Quick, Executive Director and Founder of Global Secure Accreditation, throws light on the important question: Where is the line between Duty of Care and employee privacy?

Most businesses have a global presence that requires employees to travel overseas, and it is the duty of the employer to ensure employees stay safe every step of the way, from the moment they leave home or the office until they return. Awareness is essential. Employers should understand their duty of care and ensure that employees are not exposed to unnecessary risk during their trip. Failure to do so could result in civil or criminal liability.

Part of an employer’s duty of care means knowing where to find a business-travelling employee – for example, to notify them in the event of an emergency. But keeping tabs on a workforce, especially a large mobile one, has its challenges. That is why some employers have opted for monitors to track everything from location and movements to conversations about health to ensure the traveller is fit to undertake the proposed travel.

But, in a post-GDPR era, where is the line between ensuring your mobile workforce is safe and invading individual employee privacy?

Employer best practice

There are a few things employers should consider if they wish to deliver on their duty of care requirements. It is first important to assess the proposed trip and determine that it is safe to ensure reasonably foreseeable risks are anticipated and action taken. For example, if your employee is travelling to a war-torn country or one that is undergoing social or political upheaval, then adequate measures must be put in place to ensure they are able to not only journey safely to the destination but navigate it safely throughout the course of their stay.

“With all the due diligence in the world, the unexpected can still happen while the employee is at the destination”

The Gov.uk website provides up-to-date information and advice for travellers, including advice on whether travel is recommended or not. However, this is primarily driven by crime and terrorism threats and is provided on a country basis, meaning it does not necessarily consider the risks within a particular city or area. It does not provide the necessary granular detail to assess a specific trip for threats and risks, so more detailed information is needed in order to make an assessment. For example, how safe are the transportation options? Are there safe accommodation options? Are there local conditions which need to be considered such as the threat from natural hazards, poor infrastructure or roads, civil unrest or political instability?

One way corporates can better demonstrate their duty of care is by undertaking risk assessments of the method of travel, destination and accommodation, and there are several third-party companies that provide this. At GSA, we cover accommodation safety and security by offering the first independent, global assessment and audit scheme for hotels and serviced accommodation. This provides assurance to organisations and their business-travelling employees.  

Why are you spying on me?

Still, with all the due diligence in the world, the unexpected can still happen while the employee is at the destination. What happens then? This is where remote tracking can prove useful. In the UK, post-GDPR, employers should take steps to ensure staff are fully aware of monitoring – what is being monitored and why it is necessary.

Employers will want to emphasise the positive benefits of monitoring to employees and may wish to offer employees the chance to opt out during non-working hours, while also reassuring them that the purpose is to support them in times of emergency, not to monitor where they are and when. Several companies offer GPS monitoring via a mobile phone or a panic button for employees that encounter a difficult situation. 

“Awareness is essential. Employers should understand their duty of care and ensure that employees are not exposed to unnecessary risk during their trip”

Employers that wish to monitor should seek the explicit consent of individual members of staff. They should be mindful that if monitoring is used to enforce behaviour rather than watch for safety and security issues, it can have the adverse effect of making employees feel resentful and untrusted. It is the responsibility of leadership to develop and maintain the policies, systems and arrangements to inform, protect and assist travelling employees, as well as maintain a system to report on the performance of travel, safety, health and security.

To date, meeting duty of care requirements was difficult due to a lack of clear standards and guidance. However, the new ISO 31030 global travel risk management standard provides an excellent starting point for employers that want to demonstrate commitment to duty of care. Employers that can find a balance between delivering reassurance and safety without intruding on the personal life of a traveller will generally strike the right note.

Bob Quick is Founder and Executive Director and Founder of Global Secure Accreditation. Before that, he spent 32 years with the British Police Service, specialising in counter terrorism, anti-corruption and tackling organised crime, and was most recently Chief Constable of Surrey and then Assistant Commissioner Specialist Operations at The Metropolitan Police

Get Accreditation – GS Accreditation