Alex is Sprintlaw’s co-founder and principal lawyer. Alex previously worked at a top-tier firm as a lawyer specialising in technology and media contracts, and founded a digital agency which he sold in 2015.
If you run a business, you probably already know you have a “duty of care” to keep people safe. But there’s a particular kind of responsibility that can catch business owners off guard: a non-delegable duty of care (sometimes described as a “non-delegable duty”).
Why does it matter? Because in some situations, you can’t avoid liability just by outsourcing work, engaging contractors, or assuming another party is “in charge” of safety. Even if you took sensible steps to hire competent people, your business may still be responsible if something goes wrong in circumstances where the law treats the duty as non-delegable.
That can be confronting - especially for small businesses that rely heavily on subcontractors, agencies, or third-party providers. But the upside is that once you understand when a non-delegable duty can apply, you can build systems and contracts that reduce risk and put you in a much stronger position.
Below, we’ll break down what a non-delegable duty of care is, when it commonly arises in Australia, and what you can do (in practical business terms) to manage it.
What Is A Non Delegable Duty Of Care?
A non-delegable duty of care is a duty that the law treats as personal to you (or your business). In other words, you can’t discharge it simply by delegating the task to someone else.
In plain English, it’s the difference between:
- Delegable duty of care: you can generally meet your duty by taking reasonable steps (for example, hiring competent contractors and supervising appropriately).
- Non-delegable duty of care: you may still be liable if the person you engaged is negligent, because the duty is “non-delegable” in that specific relationship or setting.
This doesn’t mean you’re automatically liable for every accident. It means that, in certain recognised categories, the duty is not satisfied merely by choosing a competent contractor. Courts often describe it as a duty to take reasonable care that reasonable care is taken (rather than a duty to guarantee a perfect outcome).
It’s also worth keeping this concept separate from other safety obligations. For example, general negligence duties (including occupiers’ liability principles for premises) and statutory obligations (such as WHS duties, which often can’t be contracted out of) can overlap with the same facts, but they are not the same thing as a non-delegable duty.
If you want a refresher on general principles, duty of care is also discussed in the context of employers and workplaces in Australia (for example, your responsibilities to provide a safe workplace): duty of care.
Why Does The Law Treat Some Duties As “Non-Delegable”?
Courts are more likely to find a non-delegable duty where there is a relationship involving:
- special vulnerability (where one party is especially dependent on the other for safety), and/or
- control and assumption of responsibility (where your business is in a position to control the environment, premises, or system of work).
From a business perspective, the key takeaway is this: if your business sets up the environment or “system” where people are exposed to risk, you may carry a higher level of responsibility - even if a third party is doing some of the hands-on work.
When Can A Non Delegable Duty Apply To Your Business?
There isn’t a single checklist that covers every scenario, and the doctrine applies in relatively specific categories. But there are common situations where courts are more willing to treat the duty as non-delegable. The theme is usually that your business has put someone in a position of reliance on you to take reasonable care for their safety.
Examples of situations where a non-delegable duty of care may be argued include:
- premises-based risks (where your business controls a site that others enter and rely on you to keep reasonably safe),
- high-risk activities (where the nature of the work increases foreseeable harm),
- situations involving children or vulnerable people (for businesses providing services to vulnerable groups), and
- integrated labour arrangements (where labour hire, contractors, and employees work together under your direction or within your system).
Importantly, a non-delegable duty is not limited to “big business”. Small businesses can face these issues too - particularly in construction, events, cleaning, maintenance, hospitality, healthcare-adjacent services, and any business operating from physical premises.
Contractors Don’t Automatically Shift Liability
Many business owners assume: “If I hire a contractor, their insurance and expertise covers it.” Contractors and insurance can help, but they don’t necessarily eliminate your exposure.
Even with a well-drafted agreement, if your business owes a non-delegable duty in the circumstances, you may still be responsible where reasonable care isn’t taken. That’s why contractor arrangements need to be paired with practical systems, appropriate oversight, and the right documentation. A properly scoped Contractor Agreement is one part of that risk-management picture.
Common Non-Delegable Duty Risk Areas For Small Businesses
It’s easier to manage non-delegable duty risks when you can spot where they tend to show up in real operations. Here are some practical examples we often see in small business contexts.
1) Your Premises (Including Shared And Pop-Up Spaces)
If customers, clients, suppliers, or members of the public come to your premises, you’re effectively inviting them into a space you control (even if you lease it). Safety issues can include:
- slips, trips and falls (wet floors, uneven surfaces, poor lighting)
- unsafe equipment accessible to customers
- poorly managed queues or entry/exit points
- inadequate signage or staff training for hazards
A common trap is relying on cleaners, building management, or contractors to manage safety day-to-day, without having clear reporting and escalation processes inside your business.
2) Workplace Systems (Especially If You Rely On Casuals Or Contractors)
Even when you delegate tasks, your business often still controls the overall “system of work” - rosters, training, processes, supervision, and how work is performed on-site.
This is where your internal documentation matters. Having clear written policies (and consistently applying them) can help show your business takes safety and compliance seriously. A tailored Workplace Policy can be a key part of documenting expectations and procedures.
3) Safety And Supervision In Customer-Facing Services
If you provide services where customers follow your instructions (for example, fitness classes, kids’ activities, equipment hire, beauty services, workshops, or events), your customers may rely on your business to:
- provide safe equipment
- give appropriate warnings
- ensure staff are properly trained
- supervise appropriately
In these settings, trying to “pass the risk” to a third-party provider can be difficult - especially if your brand is the primary point of contact and your business controls the service experience.
4) Surveillance, Monitoring And Incident Evidence
When incidents occur, evidence matters. Many businesses use CCTV or other monitoring tools to help manage safety and investigate incidents.
But surveillance introduces its own legal considerations (for example, notice/consent requirements in some contexts, and workplace privacy rules). If your business uses cameras, it’s worth ensuring you’re compliant with Australian workplace rules: workplace camera laws.
The point isn’t that CCTV “solves” a non-delegable duty - it doesn’t. But strong incident reporting and compliant monitoring can help you identify hazards early and respond appropriately.
How Do You Manage Non-Delegable Duty Risks In Practice?
Because a non-delegable duty can’t simply be outsourced, risk management needs to be built into how you run the business. The goal is to reduce the chance of harm occurring in the first place, and to put your business in the strongest position if something does go wrong.
Here are practical steps you can implement.
1) Map Your “High-Reliance” Relationships
Start by identifying where other people rely on your business for safety. Ask:
- Where do customers physically interact with our premises or equipment?
- Where do workers (employees or contractors) follow our processes or directions?
- Where are people vulnerable (children, elderly clients, disability supports, medical-adjacent services)?
- Where are we the “organiser” or “controller” of the environment?
These are the areas where a non-delegable duty of care argument is more likely to come up, and where your systems need to be strongest.
2) Put Safety Responsibilities Into Roles (Not Just Contracts)
Contracts are important, but courts and regulators often look at what actually happens day-to-day.
Make sure someone in your business is responsible for:
- checking hazards (daily/weekly)
- maintaining equipment registers and service records
- ensuring staff induction and refresher training is completed
- logging incidents and near misses
- following up corrective actions (and documenting them)
Even in a small team, assigning responsibility clearly (and reviewing it regularly) can make a big difference.
3) Use The Right Agreements And Keep Them Consistent With Your Operations
Your documents should reflect how your business actually runs - and they should support safer outcomes, not just try to shift blame after the fact.
Depending on how you operate, you might consider:
- Clear worker terms: If you hire staff, a tailored Employment Contract can help set expectations around safety procedures, reporting hazards, and complying with lawful directions.
- Contractor paperwork: If you engage contractors, your Contractor Agreement should clearly outline scope, standards, insurances, safety obligations, and reporting requirements.
- Customer-facing terms: If customers participate in activities with inherent risks, a Waiver may help manage certain risks (noting that waivers have limits. For example, consumer law rights can’t always be excluded, and a waiver won’t necessarily protect you from liability for negligence in all circumstances).
A common mistake is using a generic template that doesn’t match your real-world processes. If your documents say you do X, but your staff do Y, that inconsistency can create risk.
4) Train, Induct, And Refresh (Even For “Experienced” People)
It’s tempting to assume contractors or experienced staff “already know what to do”. But if your business controls the system of work, you should still ensure people understand:
- site rules and safety procedures
- how to escalate hazards
- who to contact in an emergency
- what “stop work” situations look like
This is particularly important where your business has multiple worksites, shared premises, or rotating staff.
5) Document The System (So It’s Repeatable)
One-off safety efforts are hard to prove later. A repeatable system is easier to follow and easier to evidence.
Depending on your industry, this might include:
- checklists (opening/closing, equipment checks)
- maintenance logs
- incident registers
- training records and sign-offs
- standard operating procedures
These steps won’t eliminate the possibility that a non-delegable duty applies, but they can help show your business took safety seriously and acted reasonably.
Does Insurance Or A Privacy Policy Help With Non Delegable Duty?
Two related issues often come up when businesses think about risk: insurance and privacy. Both can be important, but they do different jobs.
Insurance Helps Financially, Not Legally “Transfer” The Duty
Insurance can help cover costs (depending on the policy and what happened), but it doesn’t remove your legal responsibility. You should still assume you need robust safety systems in place.
Privacy Compliance Supports Safer Operations (Especially With Incident Data)
If you collect personal information - for example, incident reports containing names, contact details, medical notes, CCTV footage, or membership records - you need to think about privacy compliance and secure handling.
Having a clear Privacy Policy helps explain what information you collect and how you use it. This won’t change whether a non-delegable duty exists, but it supports safer and more compliant business operations overall.
If your business is using CCTV, safety apps, or online booking systems, privacy compliance becomes even more important as your data handling grows.
Key Takeaways
- A non-delegable duty of care means your business may still be liable for a failure to take reasonable care in certain relationships or settings, even if you outsource the work to contractors or third parties.
- Non-delegable duties are more likely to arise where people are especially vulnerable or rely on your business because you control the premises, system of work, or service environment.
- Small businesses can be exposed to these risks in everyday scenarios like customer premises, contractor-heavy workforces, events, and supervised services.
- Managing risk usually requires practical systems - clear roles, training, maintenance logs, and incident reporting - not just relying on contracts or assumptions.
- Strong legal documents can support your risk strategy, including a tailored Employment Contract, Contractor Agreement, Workplace Policy, and (where appropriate) Waiver (noting waivers have limits under Australian law).
- If you collect incident information or use surveillance tools, privacy compliance also matters - including having a Privacy Policy that fits your operations.
Disclaimer: This article is general information only and does not constitute legal advice. Whether a non-delegable duty of care applies depends on the specific facts and the relevant legal principles in your circumstances.
If you’d like help reviewing your risk setup or putting the right contracts and policies in place for your business, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.
