How the Employment Rights Act 2025 Will Change Personal Safety at Work in 2026

What Is the Employment Rights Act 2025?

The Employment Rights Act 2025 represents one of the most significant updates to UK workplace safety obligations in recent years. While the Health and Safety at Work Act 1974 remains the foundation of employer responsibility, the realities of modern work have changed — with more people working alone, remotely, or in public-facing roles.

The central change introduced by the Act is a clear shift from reacting to incidents after they occur to preventing harm before it happens.

The legislation strengthens employer duty of care and requires organisations to actively identify, assess, and reduce personal safety risks across a wider range of working environments.

From Reactive Response to Proactive Prevention

Historically, workplace safety compliance focused on policies and post-incident action. Under the Employment Rights Act 2025, this approach is no longer sufficient.

Employers must now take all reasonable steps to prevent harm, rather than relying on how effectively incidents are handled after the fact. This formalises a move towards proactive, prevention-based safety management and shifts responsibility away from individual employees and onto the organisation.

To meet this standard, employers must be able to evidence that risks are anticipated, mitigated, and reviewed on an ongoing basis.

Third-Party Harassment and Public-Facing Risk

A major development under the Employment Rights Act 2025 is the expansion of employer responsibility for third-party harassment.

Employer duty of care now extends beyond colleague behaviour to include harassment, abuse, or threatening behaviour from customers, clients, patients, and members of the public. This has significant implications for public-facing roles in sectors such as retail, hospitality, healthcare, and field-based work.

As Saskia Garner, Head of Policy & Campaigns at Suzy Lamplugh Trust highlights: 

“The introduction of stronger duties around third-party harassment with the advent of the Employment Rights Act is a significant and welcome step forward. Too often, the burden has fallen on individuals to prove repeated patterns of unacceptable behaviour, which can discourage reporting and leave people feeling unsupported. By placing clearer responsibility on employers to prevent and address third-party harassment, this legislation helps create safer working environments and removes some of the barriers that victims face when seeking protection and justice.” 

This shift removes the expectation that employees must evidence repeated incidents before action is taken and instead places accountability firmly with organisations to prevent harm from occurring in the first place. 

Employers are expected to:

• Conduct specific risk assessments for public interaction
• Identify lone working, location-based, and time-based risks
• Implement visible preventative measures such as signage, monitored alarms, or body-worn technology

The legal test is not whether an organisation responded appropriately after an incident, but whether reasonable preventative measures were already in place.

Mental Health as a Statutory Safety Responsibility

The Act also reinforces mental health as a core workplace safety obligation.

Psychological risks such as stress, burnout, anxiety, and isolation must now be assessed and managed with the same rigour as physical hazards. This is particularly relevant for lone workers and remote employees, where reduced supervision and isolation can increase risk.

Employers will be expected to demonstrate that psychosocial risks are identified, monitored, and actively managed as part of their overall safety framework. Mental health is no longer a discretionary wellbeing initiative — it forms part of statutory duty of care.

Enforcement, Evidence, and Accountability

Enforcement under the Employment Rights Act 2025 places increased emphasis on evidence, consistency, and follow-through.

The Fair Work Agency (FWA) has been established to proactively enforce these responsibilities. Its role as regulator will be to assess whether employers can demonstrate:

• Proactive identification of personal safety risks
• Preventative actions taken before incidents occur
• Clear reporting mechanisms and response processes
• Documented evidence of actions taken following reports

Having policies in place will not be sufficient. Organisations must be able to show that preventative measures are actively implemented, reviewed, and improved over time. Failure to do so may result in enforcement action, financial penalties, or increased legal exposure.

What Employers Should Do Now

To meet the enhanced duty of care requirements, employers should adopt a prevention-first safety framework:

• Conduct targeted harassment risk assessments
  • Identify high-risk roles such as lone working, late shifts, and public-facing environments rather than relying solely on general safety audits.
• Set clear behavioural expectations
  • Use visible signage and internal communications to state that abuse or harassment of staff will not be tolerated.
• Review contracts and service agreements
  • Introduce conduct clauses that allow staff to be withdrawn or contracts terminated if harassment occurs.
• Empower employees to disengage
  • Explicitly give staff the right to leave unsafe situations without fear of disciplinary action.
• Deliver practical, scenario-based training
  • Move beyond tick-box compliance with training that reflects real-world intervention (e.g. bystander training) and reporting scenarios.
• Provide multiple reporting channels
  • Offer secure and anonymous reporting options and ensure responses are documented.
• Maintain incident and action logs
  • Record not only incidents, but the actions taken in response — regulators will look for evidence of follow-through.

The Role of Technology in Compliance

Technology can support compliance by improving visibility of risk, enabling faster incident escalation, and helping organisations evidence employer duty of care. When used effectively, it strengthens both preventative action and accountability.

Investing in a workforce safety service, like Peoplesafe, can play a meaningful role in helping employers comply with the Employment Rights Act:

• Puts visible, active safety controls in place (e.g. monitored personal safety apps, devices and check-in processes).
• Provides staff with a discreet way to raise an alarm when facing threatening or abusive behaviour from third parties.
• Demonstrates that reasonable preventative measures were implemented in advance of any incident.
• Contributes to the management of psychological and isolation-related risks.
• Provides clear, defensible evidence of duty of care in line with the Act’s enforcement expectations.

Peoplesafe provides employers with both the operational capability and the evidence base needed to meet their enhanced legal responsibilities.