"Duty of care" appears in every safety policy and almost no incident playbooks. It shows up in HR onboarding, executive risk reports, and insurance renewals — but ask the average safety leader what they would actually do, today, to demonstrate it after an incident, and the answer is usually a list of intentions rather than a list of capabilities. The gap matters. Regulators, plaintiffs, and the affected people themselves don't grade duty of care on policy language. They grade it on what happened, and whether you can prove it.
What duty of care actually means
At its core, duty of care is the obligation an employer carries to take reasonable steps to protect the people on their premises — employees, contractors, visitors, vendors — from foreseeable harm. The legal definition varies by jurisdiction but the operational meaning doesn't. You're expected to know who is there, warn them when something is wrong, give them a reasonable way to reach safety, and be able to show afterward what you did and when. The standard isn't perfection. It's reasonableness measured against similarly situated employers. The question regulators and courts ask is rarely "could this have been prevented?" It's "given what you knew, did you act?"
The framework: four obligations every employer carries
A practical duty-of-care program reduces the obligation to four executable categories:
- Inform — Reach the people who need to know on the channels they will actually see, in time to act.
- Account for — Confirm who is safe, who needs help, and who hasn't checked in, in real time, while the incident is still unfolding.
- Protect onsite — Control who is allowed in the building, who is denied, and what happens when someone shouldn't be there.
- Document — Capture an evidentiary record of every notification, every response, every decision, and every approval — automatically, so the record exists whether or not someone remembered to make it.
The remaining work is mapping each obligation to the specific capability that delivers it.
Obligation 1: Inform
The inform obligation is where single-channel notification platforms fail. SMS gets throttled. Email lands in junk. Push doesn't reach the employee whose phone is in a locker. Voice goes to voicemail. Hitting one channel and hoping for the best is the cheap version of duty of care, and it loses in every meaningful test.
Multi-channel delivery — SMS, voice, push, email, and desktop alerts firing in parallel — is what makes informing reliable. It reaches whichever device or surface each recipient happens to be near. Castatus Crisis Manager is built around this model, with pre-built templates per scenario (evacuation, lockdown, severe weather, IT outage) so the message goes out in seconds, not in the time it takes someone to write it. The standard for "informed" isn't "we sent the message." It's "the message reached them, and we know it did."
Obligation 2: Account for
Informing without accountability is a press release. Duty of care expects you to know who got out, who didn't, and who you still haven't heard from — while the incident is happening, not in the after-action report. That requires two-way response: every recipient can reply "safe," "need help," or simply doesn't reply, and the platform organizes those statuses for incident command to act on in real time.
The 5% who didn't respond are the entire job. SafeStatus inside Crisis Manager keeps that unaccounted list visible and continuously updated. As people check in, the list shrinks; the names that remain get handed off to a supervisor or first responder to physically locate. That visibility is the difference between "we evacuated" and "we evacuated and we know everyone is safe."
Obligation 3: Protect onsite
Inform and account-for assume the incident has already started. Protect-onsite is the obligation to prevent foreseeable risks at the door before they become incidents. That means knowing who is in the building, denying entry to people who shouldn't be, and producing a record of every visitor decision.
Castatus Visitor Manager covers this side of the framework: digital sign-in that captures identity, watchlist screening that pauses badge printing for banned individuals or persons of interest, host notification with the visitor's photo so staff aren't waving through strangers, and self-expiring badges so credentials don't outlive the visit. For lone workers and field staff, SafeStatus extends protection beyond the four walls — a discreet panic action with location attached, used when an employee can't perform a phone call.
Obligation 4: Document
The hardest part of duty of care isn't doing the right thing — it's proving you did. Most organizations realize this only when they're asked. The audit trail required is specific: who was notified, when, on what channel, what they responded, who decided what at each escalation, and what the after-action review concluded.
Crisis Manager and Visitor Manager produce that record automatically. Every cast, every safe-or-not reply, every watchlist match and decision, every approval is logged with timestamps and reviewer identity. For regulated industries — financial institutions, healthcare, schools — the audit trail is what compliance teams build their narrative around. For litigation, it's the exhibit that demonstrates reasonableness. The right system makes the documentation a byproduct of normal operations, not a separate task someone has to remember.
Where most programs fall short
Programs fail at duty of care for predictable reasons. The plan is written but never tested. The notification platform reaches employees but ignores visitors. The accountability check happens on a clipboard nobody can find. The audit log lives in three systems that don't talk to each other. The training is annual and never reinforced.
The pattern: the program treats duty of care as four separate problems handled by four separate tools, when it's really one obligation that needs one connected workflow. Inform, account for, protect onsite, and document aren't independent — they're sequential steps in the same response. When a single platform handles all four, each step makes the next stronger.
What to do this week
Take a real incident from the last twelve months — severe weather, an evacuation, a near-miss at the front desk — and walk it backward against the four obligations. For each one, ask: did we inform everyone, can we account for everyone, did we protect against foreseeable risk, and can we document it now without reconstructing? The obligations that pass are working. The ones that don't are the conversation worth having with leadership before the next incident makes the case for you. For broader context on employer duty-of-care expectations, the OSHA workplace violence prevention guidance is a useful reference.