Understanding OH&S And Safety Obligations For Australian Businesses: What You Need To Know

Running a business in Australia is exciting, but it also comes with legal and ethical responsibilities to keep people safe. If you have employees, contractors, labour hire workers or even volunteers, you’ll need to get on top of Occupational Health and Safety (often called OH&S or Work Health and Safety, WHS).

If you’re not sure what “reasonably practicable” means, when written policies are required, or how to manage risks without drowning in paperwork, you’re not alone. The good news is that a proactive approach and a clear system go a long way to protecting your people and your business.

In this guide, we’ll explain your core OH&S duties in Australia, which laws apply in each jurisdiction, the practical steps to build a compliant safety system, and the documents most businesses need. We’ll also cover incident response, penalties, and how OH&S connects with other workplace laws.

What Is OH&S (WHS) And Why Does It Matter?

Occupational Health and Safety (also known as Work Health and Safety, or WHS) refers to the laws and systems designed to prevent injury, illness and harm at work. Your duty of care isn’t just about employees: it extends to contractors, labour hire workers, visitors, customers and any other person who could be affected by your operations.

Getting OH&S right isn’t just about avoiding fines. Safe workplaces reduce absenteeism, improve productivity and morale, and help you retain great people. It’s also a core part of your duty of care as an employer under Australian law.

What Are Your Legal Duties Under OH&S?

Almost every Australian business has OH&S obligations, regardless of size or industry. If you’re operating a business or undertaking (a PCBU in WHS terms), you must do what is “reasonably practicable” to ensure health and safety. In practice, this usually means you need to:

• Provide and maintain a work environment that is safe and without risks to health
• Ensure safe systems of work (procedures, equipment, supervision)
• Provide and maintain safe plant, structures, facilities and materials
• Provide information, instruction, training and supervision so work is carried out safely
• Consult with workers on safety matters and allow them to contribute to decisions
• Monitor worker health and workplace conditions where relevant

Officers (such as company directors and certain senior managers) also have a duty to exercise due diligence to ensure the business complies with its OH&S obligations. Workers have duties too, including taking reasonable care for their own health and safety and following reasonable instructions.

Which Laws Apply Across Australia?

Australia’s OH&S framework is state and territory-based. Most jurisdictions follow the national model WHS laws developed by Safe Work Australia (with local variations). One key exception is Victoria, which operates under its own Occupational Health and Safety Act 2004 (Vic). At a high level:

• New South Wales, Queensland, South Australia, Tasmania, the Northern Territory, the Australian Capital Territory and Western Australia have WHS laws based on the model framework (with differences in detail).
• Victoria has a separate OHS regime under the Occupational Health and Safety Act 2004 (Vic) and associated regulations and codes.
• Commonwealth workplaces (e.g. some federal agencies and national businesses regulated by Comcare) are covered by the federal WHS framework.

In every jurisdiction, you’ll find a primary Act (setting out the overarching duties), Regulations (detailing specific requirements) and Codes of Practice (practical guidance for how to meet the law). Regulations are legally enforceable. Codes are not law themselves, but they are persuasive evidence of what compliance looks like in practice.

How Do You Build A Compliant And Practical Safety System?

Compliance is easier when you turn your legal duties into a simple, repeatable system. Start with these core steps and scale them to your risk profile and headcount.

1) Identify Hazards And Assess Risks

Walk through your operations (including remote work, vehicles, client sites and warehouses) and list hazards that could cause harm: manual handling, machinery, slips and trips, working at height, fatigue, psychological risks, chemicals, cash handling and aggression, lone work, and more. Consult with your workers-many hazards are easiest to spot at the coalface.

2) Control Risks Using The Hierarchy Of Controls

Eliminate hazards where you reasonably can. If not, reduce risk by substituting safer processes or materials, isolating people from the hazard, using engineering controls, and then administrative controls like procedures and training. Personal protective equipment (PPE) is your last line of defence, not the first. Document what you chose and why.

3) Provide Information, Instruction, Training And Supervision

Make sure each worker understands the risks in their role and the safe way to perform tasks. Keep training current, especially when you introduce new equipment or processes. It’s good practice to maintain training records. For broader obligations around staff development, see your legal requirements for training employees.

4) Consult With Workers

Consultation can be toolbox talks, safety committees, quick stand-ups or anonymous suggestion channels-what matters is that you genuinely involve workers in identifying hazards and deciding on controls. In some jurisdictions and higher-risk industries, worker representation requirements may apply (for example, Health and Safety Representatives).

5) Prepare For Emergencies And Incidents

Have clear procedures for emergencies (fire, medical emergencies, aggression, chemical spills) and for reporting hazards, near misses and incidents. Make sure people know who to contact and how to escalate. Keep a basic incident register and review it for trends.

6) Keep Records And Review Regularly

Record risk assessments, training, consultation, maintenance and incident investigations. Schedule periodic reviews, and trigger an ad-hoc review whenever you change something material (new site, new plant, new process). Good records also support your compliance with data retention laws that may apply to your business documents.

Do You Need Written Policies?

Written policies and procedures are best practice and often expected by regulators-especially where risks are higher or you have multiple workers. Some industries or circumstances require written procedures (for example, specific high-risk construction tasks). For most small, low-risk businesses, the law doesn’t mandate a particular format, but having an accessible workplace policy suite makes training, supervision and consistency much easier.

Note that a Whistleblower Policy is only mandatory for certain companies under the Corporations Act (such as public companies and large proprietary companies). For many small businesses, it’s optional. If you do adopt one, ensure it fits your size and structure.

What About Contractors, Labour Hire And Volunteers?

OH&S duties extend beyond your own employees. If you bring in contractors, labour hire workers or volunteers, you must still manage the risks they face while doing work for you, so far as reasonably practicable. Share relevant procedures, provide site inductions and make sure supervision is clear. If you engage workers overseas or cross-border, factor in coordination challenges and responsibilities when engaging contractors.

How Do Breaks And Rostering Fit In?

Fatigue management is a safety issue. Ensure rosters and breaks are reasonable and compliant. Your obligations under the Fair Work framework-such as break entitlements and minimum rest periods-support safe work and should be reflected in your safety system.

Documents And Policies Most Businesses Should Consider

Every business is different, but these documents commonly form part of a simple, effective OH&S system (and they scale as you grow):

• Workplace Policy Suite: A clear set of policies covering safety, incident reporting, hazard management, fatigue, bullying and harassment, drugs and alcohol, PPE and emergency procedures. Start with a concise workplace policy and add modules as risks require.
• Risk Assessment Templates: Practical checklists or forms to record hazards, risk ratings and controls for tasks, sites and equipment.
• Training And Induction Records: A simple system to track who has been trained on what, and when refreshers are due.
• Employment Contract: Your Employment Contract should align with safety obligations (e.g. following policies, wearing PPE, reporting hazards) and set clear expectations.
• Contractor Agreements: Where you engage contractors, ensure responsibilities for safety, supervision, equipment and incident reporting are clear in the contract.
• Privacy Policy: If you collect personal or sensitive information in your safety system (e.g. injury reports or medical certificates), you may need a Privacy Policy and appropriate controls. Note: many small businesses under $3m annual turnover are exempt from the Privacy Act 1988 (Cth) unless they meet certain criteria (for example, health service providers or those trading in personal information). If in doubt, get advice.

Not every business needs every document in the same way. Focus on what is “reasonably practicable” for your risks and workforce, and build from there.

Incidents, Notifications And Penalties

Even with strong systems, incidents can happen. Your response matters-for people’s wellbeing and for compliance.

How To Respond To An Incident

• Ensure the safety of anyone injured and call emergency services if needed.
• Secure the area to prevent further harm and preserve the scene where required.
• Notify your regulator immediately if it’s a notifiable incident (serious injury or illness, a dangerous incident, or a fatality). The threshold and timing depend on your jurisdiction.
• Record the incident, investigate the cause and implement corrective actions.
• Consult with workers about findings and improvements.

What Are The Penalties For Breaches?

Penalties vary by state and territory and depend on the severity of the breach and the level of culpability. They can include improvement and prohibition notices, significant fines for businesses and individuals, enforceable undertakings, and-in the most serious cases-prosecution and potential imprisonment. Officers (directors and certain senior managers) can also be personally liable for due diligence failures.

How OH&S Interacts With Other Laws

OH&S intersects with several other legal areas you’ll already be managing day to day:

• Fair Work And Rostering: Fatigue, breaks and rostering contribute to safe systems of work. Build your rosters around applicable award or agreement requirements such as break entitlements.
• Training And Supervision: Your safety obligations sit alongside your broader training requirements for employees.
• Privacy: Injury records and medical information may be sensitive information. Depending on your status under the Privacy Act, appropriate consent, access controls and a Privacy Policy may be required.
• Contracts: Align your Employment Contracts and contractor agreements with your safety policies so obligations are consistent and enforceable.
• Data And Records: Keep records in line with your safety system and consider retention needs under data retention laws.

Key Takeaways

• OH&S (WHS) duties apply to almost all Australian businesses and extend to employees, contractors, labour hire workers, volunteers and visitors.
• Your core obligation is to do what is “reasonably practicable” to eliminate or minimise risks, supported by training, consultation and supervision.
• Most jurisdictions follow the model WHS laws (with local variations), while Victoria operates under its own OHS framework-know which regime applies to you.
• Build a simple safety system: identify hazards, control risks, train and supervise, consult, keep records and review regularly.
• Written policies are best practice and often expected; tailor your workplace policy suite to your risks and workforce. Whistleblower policies are only mandatory for certain larger companies.
• Align OH&S with connected areas like Employment Contracts, Privacy Policies, training obligations and fair rostering to support safe work.
• Be prepared for incidents, understand notification thresholds in your jurisdiction and document your response and corrective actions.

If you’d like a consultation on meeting your OH&S and workplace safety obligations, you can reach us at 1800 730 617 or team@sprintlaw.com.au for a free, no-obligations chat.