Bob Quick is executive director of Global Secure Accreditation
A company's duty of care to its employees travelling on business has always been paramount, but it can also raise questions around privacy.
Companies must ensure their workforce is not exposed to unnecessary risk during business trips – failure to so could lead to civil or even criminal liability – but just how far should employers go?
Part of an employer’s duty of care means knowing where to find an employee travelling on business in order to, for example, notify them in the event of an emergency. But keeping tabs on a workforce, especially a large mobile one, has its challenges. That is why some employers – typically those operating in high-risk destinations – have opted for monitors to track the location and movements of employees where deemed necessary.
But with GDPR placing increased importance on data protection, how can employers best serve their employees without violating their individual privacy? This question is particularly complex in ‘bleisure’ situations where lines between work and pleasure are blurred.
What to do as an employer
There are a few things employers can do to ensure they deliver on their duty of care obligations.
Start by assessing the proposed trip and determine that it is safe, ensuring reasonably foreseeable risks are anticipated and action taken to prevent them. For example, if your employee is travelling to a country wrestling with social or political upheaval, then adequate measures must be put in place to make sure all aspects of their stay – from travel to accommodation – are safe.
In the UK, the gov.uk website provides up-to-date information and advice for travellers, including whether travel is recommended or not. However, as these assessments are of countries as a whole and are primarily driven by crime and terrorism threats, they do not provide a thorough evaluation of a given destination – more detailed information is often needed to make an assessment. For example, how safe are the options for transport and accommodation? Are these locations more at risk from natural disasters? What is the infrastructure like?
One way corporates can better demonstrate their duty of care is by undertaking risk assessments of the method of travel, route, destination and accommodation – and there are several third-party companies that provide this. This provides assurance to organisations and their travelling employees.
Taking it to the next level
Despite having the best laid plans, the unexpected can still occur while the employee is abroad. This is where remote tracking can prove invaluable. In the UK, if employers go down this route, they must take steps to ensure staff are fully aware of monitoring, explaining what is being monitored, how and why.
In a post-GDPR world, employers will need to emphasise the positive benefits of monitoring to employees and may wish to offer employees the chance to opt out during non-working hours. Several companies offer GPS monitoring via a mobile phone or a panic button option for employees that encounter a difficult situation.
Employers that wish to monitor employees in this way should seek the consent of individual members of staff and reassure them it is for their own benefit. Employers should not use tracking as a means to identify dissent – any sense of that motive will make employees feel untrusted and resentful.
Leadership should instead develop and maintain policies, systems and arrangements to inform, protect and assist travelling employees, while regularly reporting on the effectiveness of travel, health, safety and security policies and procedures.
To date, meeting duty of care requirements has proved difficult due to a lack of clear standards and guidance. However, the new ISO 31030 global travel risk management standard provides an excellent starting point for employers that want to demonstrate commitment to duty of care.
Employers that can strike a balance between delivering reassurance and safety without invading a travelling employee’s personal life will be on the right track.