Duty Of Care Explained: What Businesses Need To Know

If you run a business in Australia, you’ve probably come across the phrase “duty of care” in safety inductions, contracts, or compliance checklists. It’s a core legal concept that underpins how you keep people safe and minimise harm.

In simple terms, duty of care is about taking reasonable steps to avoid causing foreseeable harm to others. For business owners, that covers your workers, contractors, customers, and sometimes members of the public who might be affected by your activities.

In this guide, we’ll explain what duty of care means in Australian law, where it comes from, and what “reasonable steps” look like in everyday business. We’ll also share practical actions, documents and policies that help you stay compliant and protect your team and customers.

What Is Duty Of Care In Australian Business?

Duty of care is a legal obligation to act with reasonable care to avoid foreseeable harm to others.

In business, this usually means creating a safe workplace, delivering safe products and services, and managing risks that could injure someone or cause loss. If you breach that duty and someone suffers harm as a result, you could be liable for negligence (a civil claim) or, in some contexts, a statutory breach (for example, under workplace health and safety laws).

Key ideas to keep in mind:

• Foreseeability: Would a reasonable person in your position have anticipated the risk?
• Reasonableness: Did you take practical, proportionate steps to control that risk?
• Link to harm: Did your act or omission cause the harm, and was that harm not too remote?

These principles apply across many settings – from physical hazards on your premises to the way your products are labelled or how your team interacts with customers. If you employ staff, your duty of care to employees involves providing a safe system of work, proper training, supervision and equipment.

Why Does Duty Of Care Matter For Employers And Business Owners?

Meeting your duty of care is about doing the right thing by people – and it’s also smart risk management.

• It reduces injuries and incidents, which protects your people and keeps your operations running smoothly.
• It helps you avoid negligence claims, regulatory action, penalties and unplanned downtime.
• It builds trust with your customers and community, which is essential for brand reputation.

Importantly, duty of care is not a “set and forget” task. Risks change as your business grows, new technology is introduced, or you start offering new services. That’s why ongoing reviews, training and updates to your processes are part of meeting your obligations.

Which Laws Set Out Duty Of Care Obligations?

In Australia, duty of care sits across a few legal frameworks. Understanding the landscape will help you work out what applies to you.

1) Workplace Health and Safety (WHS) or OHS laws

Most states and territories have harmonised Work Health and Safety (WHS) laws. These create primary duties for a “person conducting a business or undertaking” (PCBU) to ensure, so far as is reasonably practicable, the health and safety of workers and others.

Victoria has a different regime under the Occupational Health and Safety Act 2004 (Vic). The duties are similar in substance – employers must provide and maintain a working environment that is safe and without risks to health – but the terminology and framework vary.

Breaches of WHS/OHS duties can lead to regulatory enforcement, improvement notices and significant penalties.

2) Australian Consumer Law (ACL)

The ACL (a national law) doesn’t use the phrase “duty of care” in the same way as negligence law. Instead, it imposes consumer guarantees, product safety requirements and bans misleading or deceptive conduct. If you sell goods or services to consumers, you must meet those guarantees and ensure your advertising and customer communications are not misleading. These obligations are a crucial part of keeping customers safe and treated fairly under the law, and they sit alongside your negligence-based duties.

If you’re supplying to consumers, make sure your customer-facing terms align with the Australian Consumer Law and reflect your actual practices.

3) Common law negligence

Even where no specific statute spells out the rule for your exact situation, Australian courts recognise a general duty of care in negligence. Courts look at the relationship between the parties (for example, employer–employee, occupier–visitor, manufacturer–consumer), the foreseeability of harm and what a reasonable person would have done to prevent it.

4) Industry-specific rules and codes

In some sectors, like healthcare, childcare, disability support, construction and aged care, there are extra duties, codes and standards. If you operate in a regulated environment, build those obligations into your day-to-day procedures and training.

Remember that duty of care can also be reflected in your contracts and policies. For example, an Employment Contract and a well-implemented staff handbook can clarify safety responsibilities, complaint processes and conduct expectations.

What Does “Reasonable Care” Look Like In Practice?

“Reasonable” doesn’t mean perfect. It means the steps you take should be proportionate to the likelihood and seriousness of the risk, and to your knowledge and resources.

Practical examples across industries

• Retail and hospitality: Keep floors free of spills and obstacles, maintain clear signage, and train staff on safe food handling (including allergen management).
• Construction and trades: Enforce PPE rules, secure materials, and conduct site inductions and toolbox talks to manage hazards for workers and passers-by.
• Offices and remote work: Provide ergonomic setups, manage psychosocial risks (like workload and bullying), and check in on remote workers’ safety.
• Online platforms and service businesses: Protect personal information with appropriate security, publish clear Website Terms and Conditions, and ensure your advertising and refunds comply with the ACL.

Who owes the duty, and to whom?

In business, anyone with control over work environments, equipment or activities may owe a duty of care – typically owners, directors, managers and supervisors. The duty can extend to employees, contractors, customers, visitors and, in some cases, people nearby who could be affected by your operations.

Some relationships are well-established as giving rise to a duty of care (for example, employer-to-employee, occupier-to-visitor, manufacturer-to-consumer and professional-to-client). But even if your situation doesn’t fit neatly into those categories, you may still owe a duty where harm is reasonably foreseeable.

What happens if there’s a breach?

Consequences depend on the legal framework involved:

• Negligence claims: A person who suffers loss or injury may seek compensation (damages).
• WHS/OHS enforcement: Regulators can issue notices, prosecute offences and seek penalties where safety duties are breached.
• ACL enforcement: The ACCC or state consumer authorities can seek penalties, injunctions or other orders where conduct breaches consumer guarantees or bans (for example, misleading claims or unsafe goods).

Robust policies, training and documentation can reduce the risk of both incidents and legal exposure – and they help you show that you took reasonable steps if something does go wrong.

How Can Your Business Meet Its Duty Of Care?

Think of duty of care as an ongoing cycle: identify risks, control them, train your people, and review regularly. Here’s a practical roadmap you can apply in most businesses.

1) Identify foreseeable risks

• Walk through your premises and processes to spot hazards (physical, chemical, psychosocial, data-related).
• Talk to your team about near-misses and pain points – workers often see issues first.
• Review incident records to find patterns and recurring risks.

2) Put proportionate controls in place

• Eliminate the risk where you can (for example, substitute a safer chemical or redesign a layout).
• Engineer controls (guards, barriers, ventilation) and administrative controls (procedures, rosters, signage).
• Provide and enforce PPE where appropriate.

3) Document and communicate

• Use clear policies and procedures (for example, incident reporting, hazard control, bullying and harassment, and emergency response).
• Train staff at onboarding and refresh regularly; record completion and competency checks.
• Keep records of inspections, maintenance and corrective actions – documentation helps prove you acted reasonably.

4) Build safety into your contracts and customer touchpoints

• Ensure your Customer Contract and refunds process align with the ACL and your actual operations.
• Use a Employment Contract and up-to-date policies to set safety expectations with staff.
• Publish Website Terms and Conditions that explain how your site and services are used and any limitations or rules that keep users safe.

5) Manage data and privacy risks

If you collect personal information, you need to handle it securely and transparently. Many small businesses will choose to publish a Privacy Policy to explain what data is collected and how it’s used.

Under the Privacy Act, a formal Privacy Policy is mandatory for “APP entities” (generally businesses with over $3 million in annual turnover, or smaller businesses in certain categories such as health service providers or those trading in personal information). Even if you’re not yet legally required, publishing a clear policy and following strong security practices is good governance and can form part of your broader duty-of-care approach to customers.

6) Keep improving

• Review risks after incidents, near-misses or when you change equipment, processes or locations.
• Consult workers about improvements – engagement lifts compliance and safety outcomes.
• Monitor legal updates and industry guidance, and update your procedures accordingly.

Essential legal documents that support compliance

• Workplace policies and handbooks: A single, accessible set of rules covering safety, conduct, complaints and incident reporting helps staff know what to do and when. Many employers centralise these in a workplace policy and staff handbook.
• Customer-facing terms: Clear service or sales terms, warranties and refund processes aligned with the ACL reduce disputes and set realistic expectations.
• Employment agreements: A tailored Employment Contract clarifies responsibilities, safety obligations and behaviour standards.
• Privacy documentation: A Privacy Policy and internal procedures for handling personal information support safe, compliant data practices.

Which documents you need will depend on your size, industry and business model. If you’re unsure, it’s worth getting advice so your documentation actually reflects how you operate day to day.

Key Takeaways

• Duty of care means taking reasonable steps to prevent foreseeable harm to workers, customers and others affected by your business activities.
• In Australia, duty of care arises under WHS/OHS laws, the common law of negligence, and consumer protection rules like the ACL (which impose guarantees and product safety obligations).
• “Reasonable” depends on the risk: consider likelihood, potential harm, industry standards and your resources, then apply proportionate controls.
• Practical compliance looks like ongoing risk assessments, clear policies, training, records, and customer-facing terms that match the ACL and your operations.
• Helpful tools include a staff handbook, a tailored Customer Contract, a clear Privacy Policy (where required or recommended), and consistent safety procedures.
• If you employ staff, your duty of care to employees includes a safe system of work, proper training and supervision, and psychosocial safety.

If you’d like a consultation on understanding or meeting your duty of care as a business owner, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.