Creating A Remote Working Policy: Australian Employer’s Compliance Guide

Remote work is no longer just a temporary response to a crisis - it’s now a permanent feature of the Australian workplace. Done well, flexible and hybrid arrangements help you attract talent, lift engagement and maintain productivity across locations.

However, remote work also changes your legal risk profile. Employers still carry work health and safety duties, privacy and data security obligations, and Fair Work compliance requirements - even when staff are at home or on the road. A clear, practical Remote Working Policy helps you meet those obligations and sets everyone up for success.

In this guide, we’ll explain what a Remote Working Policy is, the key Australian laws that apply, what to include in your policy, and a step-by-step rollout plan. We’ll also highlight common pitfalls and how to avoid them so your team can work flexibly and safely.

What Is A Remote Working Policy?

A Remote Working Policy sets out how your business manages work performed away from your usual workplace (for example, at home, coworking spaces, or on client sites). It explains who’s eligible, how to request remote work, the conditions attached to approval, and how performance, safety and communication will be managed.

Think of it as the bridge between your flexible work practices and your legal obligations. It clarifies expectations for managers and employees, reduces confusion and inconsistency, and helps you demonstrate compliance if an issue or audit arises.

Some businesses publish the policy as a standalone document; others include it within a broader Workplace Policy suite or their Staff Handbook. Either approach is fine - the important part is that it’s tailored to how your team actually works.

Why Your Business Needs One In Australia

You could try to handle remote work informally, but that’s risky. In Australia, your duties as an employer don’t stop at the office door. A written policy helps you:

• Demonstrate compliance: Show you’re meeting obligations under the National Employment Standards (NES), modern awards or enterprise agreements, WHS laws and anti-discrimination law.
• Manage WHS risk: Document how you assess home workspaces, address hazards and respond to incidents - which is critical if an injury occurs at home.
• Protect data: Set rules for secure systems, devices and information handling to reduce privacy and cyber security risks.
• Set fair and consistent expectations: Clarify hours, availability, communication channels, and performance measures so teams stay aligned.
• Support culture and wellbeing: Encourage connection, inclusion and reasonable workloads so remote work is sustainable.

A policy also makes it easier to apply decisions consistently. That consistency can help you avoid discrimination complaints, disputes and unhelpful “one‑off” arrangements that snowball over time.

Which Australian Laws Apply To Remote Work?

There’s no single law that says “you must have a Remote Working Policy,” but several laws still apply when work is done away from your premises. Your policy should reflect these requirements.

Fair Work Act And Flexible Work Requests

Under the Fair Work Act and the NES, eligible employees can request flexible working arrangements (including remote or hybrid work). Recent changes require employers to consult, consider the request genuinely, provide written reasons if refusing, and (in many cases) suggest alternatives. Disputes can be escalated to the Fair Work Commission.

Make sure your policy explains eligibility, the request process, timeframes for responding and the criteria you apply when deciding, so managers follow a consistent approach.

Right To Disconnect

The new “right to disconnect” is being introduced nationally. For non‑small business employers, it applies from 26 August 2024; for small businesses, from 26 August 2025. Employees have a right to refuse to monitor, read or respond to employer contact outside of working hours, where that refusal is reasonable. Your policy should manage after‑hours contact expectations, escalation procedures and any rostered on‑call arrangements in line with the law and applicable awards.

Work Health And Safety (WHS) Duties

WHS laws are state and territory based, but the theme is consistent: your duty of care extends to remote and home work locations you influence or control. That means identifying and managing foreseeable risks (for example, ergonomics, slips/trips, electrical safety, mental health and isolation risks) and providing information, training and supervision to work safely. This sits alongside your general duty of care to workers.

Because WHS rules are jurisdictional, your policy should allow for local nuances (for example, consultation duties or incident notification thresholds), and include a practical home‑workspace assessment process.

Privacy And Cyber Security

When staff access systems and handle information remotely, your exposure to data breaches can increase. Under the Privacy Act 1988 (Cth), Australian Privacy Principles (APPs) apply to most larger businesses (APP entities) and certain small businesses (for example, health service providers or credit reporting bodies), but many small businesses under the $3 million annual turnover threshold are currently exempt from parts of the Act.

Regardless of APP status, it’s good practice - and often expected by customers and partners - to implement robust information governance, including an Privacy Policy where required, an Information Security Policy, and a Data Breach Response Plan. Your Remote Working Policy should reinforce secure log‑ins, password standards, multi‑factor authentication, approved devices, and how to report suspected incidents quickly.

Anti‑Discrimination And Equal Opportunity

Remote work should be offered and managed in a non‑discriminatory way. Your policy can promote fair access to remote options, reasonable adjustments for disability or carer responsibilities, and inclusive communication practices for hybrid teams.

Employment Contracts, Awards And Enterprise Agreements

Check your modern award or enterprise agreement for rules about hours, overtime, breaks and rostering that continue to apply when staff work remotely. Align your Remote Working Policy with your Employment Contract terms so there’s no confusion about location, hours, confidentiality and equipment.

What Should Your Remote Working Policy Include?

Every business is different, but most policies cover the areas below. Keep the language clear and practical so managers and employees can follow it day to day.

• Purpose and scope: Why the policy exists, who it applies to, and the types of remote work covered (ad‑hoc, regular, hybrid, interstate or international work).
• Eligibility: Roles that can/can’t work remotely and the criteria you use (operational needs, WHS risks, client requirements, data sensitivity).
• Request and approval process: How to apply, what information to provide (location, workspace setup, days requested), who decides, and timeframes for responses.
• WHS requirements: A home‑workspace assessment or checklist, mandatory safety standards (ergonomics, power boards, lighting), incident reporting and emergency contacts.
• Hours, availability and breaks: Core hours, how to record time, when to be contactable, rules for overtime, and compliance with breaks and rest periods under awards/agreements.
• Right to disconnect and after‑hours contact: When after‑hours contact may occur, how “urgent” is defined, and on‑call arrangements where relevant.
• Performance and deliverables: Outcomes, communication rhythm (check‑ins, team meetings), and how performance is measured away from the office.
• Devices, systems and cyber security: Approved devices, remote access tools, multi‑factor authentication, VPN use, data storage rules and reporting cyber incidents.
• Confidentiality and privacy: Working in shared spaces, screen privacy, document disposal, and how personal information must be handled in line with your Privacy Policy (if applicable).
• Expenses and equipment: What the business provides (for example, laptop, monitor), what will be reimbursed (for example, a portion of internet) and how to claim.
• Insurance and liabilities: Workers compensation coverage, home contents insurance considerations for employee‑owned equipment, and the incident reporting process.
• Location limits: Whether remote work is permitted interstate or overseas (and any tax, payroll, or data transfer implications).
• Return to workplace: When you may require staff to attend the office, notice of changes, and how hybrid rosters are managed.
• Interaction with other policies: Cross‑references to your Workplace Policy suite, Staff Handbook, code of conduct, and IT/security policies.

If your team uses AI or automation tools remotely, consider referencing your Generative AI Use Policy to manage the specific privacy, IP and confidentiality risks those tools can introduce.

How To Create And Roll Out Your Policy (Step By Step)

1) Map Your Operational And People Needs

List the roles and tasks that suit remote or hybrid arrangements, along with constraints (for example, client-facing functions, data sensitivity, supervision requirements). Talk to managers and employees about what’s working now and where the pain points are. This input will make your policy practical, not theoretical.

2) Check The Legal Baseline

Confirm the award or enterprise agreement coverage for each role, NES obligations (hours, breaks, flexible work requests), and WHS duties in the states or territories where your staff work. Document the minimum standards your policy must meet - then build your own rules on top of that baseline.

3) Draft The Policy In Plain English

Write for managers and employees who need to use the policy quickly. Use headings, short paragraphs and checklists where possible. Aim for clarity over complexity. If you don’t yet have one, consider consolidating your broader rules into a Staff Handbook and including the Remote Working Policy as a chapter.

4) Build Your WHS And Security Processes

Develop a remote work WHS checklist and decide when assessments are repeated (for example, annually or if the location changes). Provide short guidance on ergonomics and mental health support. On the security front, align your rules with your Information Security Policy and set up processes to respond quickly under your Data Breach Response Plan.

5) Align Contracts And Key Documents

Make sure your policy is consistent with the documents you already rely on. It often helps to include remote work clauses in each employee’s Employment Contract (for example, location, equipment, confidentiality and monitoring). The documents below commonly support a compliant, low‑friction remote setup:

• Employment Contract: Sets out duties, hours, place of work, confidentiality and IP, and can reference your Remote Working Policy.
• Workplace Policy (and related policies): Brings together code of conduct, leave, performance, bullying/harassment and grievance processes that apply whether staff are on‑site or at home.
• Staff Handbook: The practical, user‑friendly location for policies your team uses often, including remote work, WHS and communications.
• Privacy Policy: Required for APP entities and certain small businesses; good practice for many others handling personal information (customers or staff).
• Information Security Policy: Defines device standards, access controls, encryption, and secure work practices for remote users.
• Data Breach Response Plan: A clear playbook if an incident occurs, including who to notify and when.

Not every business needs every document, but most will rely on several of these. If in doubt, keep it simple and add depth as your team grows.

6) Consult, Train And Roll Out

Where consultation is required (for example, under WHS or a consultation term in an enterprise agreement), follow the process. Share the draft, ask for feedback, and finalise timelines for rollout.

Train managers first so they can answer common questions and apply the policy consistently. Then onboard the whole team. Keep practical tools handy - the home‑workspace checklist, request form, and a one‑pager of do’s and don’ts for cyber safety.

7) Monitor, Enforce And Improve

Track what’s working and where friction shows up (for example, scheduling, responsiveness, or equipment needs). Refresh the policy when the law changes (for example, right to disconnect timeframes) or your operations evolve. Apply the policy consistently - selective enforcement can trigger disputes.

Remote Work Best Practices (And Pitfalls To Avoid)

• Prioritise safety: Don’t skip home‑workspace assessments. Underestimating WHS duties is one of the most common (and costly) mistakes.
• Keep records: Store approvals, checklists and incident reports. Good records reduce disputes and help you improve processes.
• Set communication rhythms: Regular check‑ins and clear channels reduce isolation and ensure work stays on track.
• Protect information: Limit use of personal devices, enforce MFA and encrypt storage. Remote work increases your attack surface.
• Avoid inconsistent decisions: Make your criteria transparent. Inconsistency can look like bias and lead to complaints.
• Support wellbeing: Promote reasonable hours, encourage breaks, and use the right to disconnect as a positive guardrail - not just a legal line.

Key Takeaways

• Remote and hybrid work are here to stay - and your legal duties as an employer continue wherever work is performed.
• A clear Remote Working Policy helps you meet Fair Work, WHS and privacy obligations while setting fair, practical expectations for managers and staff.
• Cover eligibility, requests, WHS, hours and breaks, right to disconnect, performance, equipment, expenses, privacy and cyber security in plain English.
• Align your policy with core documents like your Employment Contract, Workplace Policy, Privacy Policy (if applicable), Information Security Policy and Data Breach Response Plan.
• Remember the privacy law caveat: APP obligations apply to APP entities and certain small businesses - but strong privacy practices are good risk management for all.
• Consult, train and review regularly so your policy stays compliant with evolving laws (including the right to disconnect) and your team’s needs.

If you’d like a consultation on setting up a Remote Working Policy for your business, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no‑obligations chat.