Contents
The concept of ‘duty of care’ has become increasingly crucial for organizations, particularly in the realm of corporate security. This legal and ethical obligation requires companies to take reasonable steps to protect the health, safety, and well-being of their employees, customers, and other stakeholders.
The Evolution of Duty of Care as a Concept
Like any framework and pillar in corporate security, the notion of duty of care has undergone a significant transformation over the past 50 years. It has evolved from a narrow legal obligation to a comprehensive ethical imperative that shapes corporate policies and practices.
Initially centered on protecting employees' physical safety in the workplace and directors' responsibilities to act with reasonable care, the scope of duty of care has broadened considerably. Today, it encompasses a wide range of concerns, including global employee protection, mental well-being, data security, and environmental stewardship. This expansion reflects a more holistic understanding of an organization's responsibilities towards its employees, stakeholders, and the wider community.
Several factors have driven this evolution, including globalization, technological advancements, changing societal expectations, and an evolving regulatory landscape. The rise of multinational corporations and global workforce mobility has necessitated a more comprehensive approach to employee care. Moreover, the digital revolution has also introduced new risks and responsibilities, particularly items like executive doxxing, phishing, and social engineering, to name a few. There's also been a shift in public perception, with increased expectations for businesses to act responsibly towards all stakeholders, not just shareholders.
In present-day corporate society, duty of care is viewed as a critical component of corporate strategy and risk management, and many companies recognize the strategic importance of fulfilling these obligations, understanding that it can enhance employee loyalty, improve reputation, and contribute to long-term success.
Recent events, including the COVID-19 pandemic and the tragic shooting of UnitedHealthcare CEO Brian Thompson in New York City on December 4, 2024, have underscored the critical importance of robust duty of care programs. These incidents have prompted organizations to reassess and strengthen their executive and employee protection protocols. Such events serve as stark reminders that duty of care obligations are not static but must continually evolve.
As corporations adapt to new realities, we can expect duty of care programs to become increasingly sophisticated, comprehensive, and integrated into core business strategies.
Understanding Duty of Care in Corporate Security
Understanding duty of care in corporate security emphasizes the proactive approach organizations must take to mitigate threats and protect their stakeholders. This involves a comprehensive strategy that identifies potential risks early, assesses their likelihood and impact, and implements measures to prevent or minimize harm.
Through the strategic use of advanced technologies and intelligence tools, companies can anticipate and address emerging threats across physical, cyber, and reputational domains.
Duty of Care programs in corporate security should include:
The Impact of Neglecting Duty of Care
Neglecting corporate responsibilities surrounding duty of care can have severe consequences for organizations, both financially and reputationally. Companies may face significant legal ramifications, including lawsuits and financial penalties for negligence. An example of this is the case of the Baton Rouge Convenience Store Stabbing in 2022.
OSHA fined the convenience store company $17,000 after an assistant manager was stabbed during a workplace violence incident. OSHA cited that the employer failed to protect workers from violence and delayed reporting the hospitalization, violating federal reporting requirements. To make matters worse, this followed multiple prior violent incidents at the location. OSHA surmised that the previous incidents should have been enough for the company to act and that they had not represented neglect.
We can also look at the case of the multi-billion dollar company Kroger. It came under scrutiny when a former employee in Collierville, TN, returned and perpetrated a mass shooting which resulted in 15 injuries and one death. Kroger was ultimately sued for $10 million for negligence in not addressing the potential danger posed by the terminated employee.
Plausible Deniability
The previous are two cases where the organization had an opportunity to mitigate the crisis but did not. In similar cases, you can also hear organizations state that they were not aware that things were this dire or that a threat was imminent, with some relying on plausible deniability, but it is not a defence.
Plausible deniability, while often used as a strategy to avoid legal culpability, can be a dangerous approach when it comes to duty of care obligations. In the context of duty of care, plausible deniability can be seen as a form of willful negligence. It demonstrates a lack of proactive risk management and a failure to prioritize the safety and well-being of employees.
Courts and regulatory bodies are increasingly recognizing this tactic and are less likely to accept ignorance as a defense. For instance, in cases of workplace violence or environmental hazards, companies that claim they were unaware of the risks may still be held liable if it's determined they should have reasonably known about and addressed these dangers.
Taking the plausible deniability approach not only contradicts the fundamental principles of duty of care but also erodes trust, damages corporate culture, and can lead to more severe penalties when incidents do occur.
Conclusion
Duty of care in corporate security is a critical component of responsible business practice, extending beyond legal obligations. Organizations that focus on the safety and well-being of their employees can build trust, strengthen their reputation, and establish a more resilient and secure operational framework.
As we move forward, duty of care will undoubtedly become an even more integral part of corporate governance and strategy. This shift reflects a broader transformation in business philosophy – moving away from a narrow focus on shareholder value towards a more holistic consideration of all stakeholders' well-being.
Duty of care measures should be seen as not just ethical imperatives but strategic necessities for sustainable business success.