Organisational Policy and Procedures
When the martians come: policy and procedure tips for cybersecurity
No matter what business you’re in, you’re likely to rely on information technology(IT).
In social service, health and education agencies, we use IT for a multitude of functions – enrolments, intakes, planning etc. Essentially, we would be lost without it.
But have you given sufficient thought to preventing and defending against cyber threats?
If you think that cyber attacks are still the stuff of sci-fi movies then think again. It was only 6 weeks ago that the New Zealand Stock Exchange was rendered inoperative because of a cyber attack. Not just once but multiple times.
We are all vulnerable and need to be on guard to prevent and defend against attacks. We need to become cyber-brave!
A good start
For cyber smart week, CERT NZ has published some basic tips to help each of us improve our defence against cybersecurity attacks. These include password protection, install updates and using multifactor authentication for login access.
We all need to be cyber-aware but it’s especially important if you’re an organisation. Awareness means understanding and regularly reviewing your cyber risks. There may be risks to individuals, your functions, finances, reputation and/or to your agency’s very existence.
Knowing the risks, will guide the safeguards you need to take and what your policies and procedures should address to help you prevent and respond to cyber-attacks.
You need policies and procedures
Given the rate of change in the IT world, it’s important to review and update your policies and procedures to cover off the “must-dos” for your organisation’s security. Key areas to cover include:
- acceptable use of information and communications technology
- access to data
- remote working
- incident planning.
Staff should be trained to implement the policies and to maintain cyber awareness.
Acceptable/unacceptable use of electronic devices at work
Your policies should cover the use of personal devices eg cellphones, as well as what may or may not be done on work computers eg internet and email access not to be used to download unauthorised software and install games and prohibitions against activities such as gambling and use of pornography.
Access to data
As a general rule, access to data should be restricted to those who need it for work purposes. This helps prevent data breaches. It also helps protect privacy which can be jeopardised by unauthorised access to client or staff personal information.
You should have clear procedures in place for removing and changing access rights as people change and leave roles. No one should have access to data and systems they don’t need for their work purposes.
Remote working
With COVID-19, remote working is much more prevalent. But with remote access, there’s potentially more pathways for cyber attacks. Your policies and procedures can help manage these risks. For example:
- outline organisational responsibilities like organising a VPN
- state the safeguards to be taken by staff/remote workers – that they use their home internet to access the work network and notify management immediately of any unusual events on the system.
If personal devices are used, precautions by remote staff can include:
- keeping their operating system up-to-date
- using a strong password and multi-factor authentication
- uploading documents they save locally to the network
- running and updating their antivirus software regularly.
Incident planning and responses
Your policies and procedures should guide staff when responding to a cybersecurity issue, in particular:
- who they should notify if concerned
- who will manage recovery from the incident
- who should be told (eg Privacy Commissioner from 1 December for serious privacy breaches)
- how to use data backups and resume operating
- steps to mitigate and prevent a recurrence of the incident.
Become cyber-brave
Even though it may feel like a minefield, grow your awareness and become cyber-brave.
The Martians may or may not be coming. But either way, it’s best to be prepared.
If you’re wanting your policies and procedures reviewed and updated, contact us. We aim to protect social service, childcare, health and tertiary education agencies from risks of non-compliance with regulations and standards.
We want to help you become cyber brave!
NEW Online Courses for policy implementation
The Policy Place’s new online courses are going to be a game changer if you’re one of the many workplaces that struggles to get their staff to use organisational policies and procedures,
Policy implementation is one of the most common challenges across industries. And it’s a major risk area for organisations.
The Policy Place’s new offering of online courses is addressing the problem head-on with exciting new courses that get people actively engaged in policy content.
In this post, we look at the importance of policies and procedures in the workplace and how The Policy Place’s pairing of policies and procedures with online courses will improve policy implementation.
Importance of Policies and Procedures
Policies and procedures are crucial to an organisation’s compliance and successful functioning. We’ve recently written about their importance (eg Why are policies and procedures important in 2024?)
We’ve also focused previously on how policies and procedures are a key risk management strategy. They help guide a workplace to deal with key hazards such as corruption, fraud, physical danger, mental injury etc.
They help prove that an organisation takes reasonable care of its people and assets.
If policies aren’t being used then managers need to do something about it.
If you’ve never brought a policy to the attention of staff, then if there’s a breach of policy, your ability to take disciplinary action will be severely undermined. Likewise, you can’t rely on your health and safety policy if staff haven’t familiarised themselves with it.
Online courses with policies
So knowing and using organisational policies and procedures is a “no brainer”. But easier said than done?
How do you get your people to actually use the policies?
The Policy Place’s online courses are going to help. The courses cover key compliance and risk areas of policies and procedures.
They address some of the key reasons for non-engagement and resistance to policies. They are online and can be done anytime anywhere. They are interactive and interesting.
They will ensure that staff, management, and governance understand their key responsibilities. Managers will also be able to monitor that kaimahi have completed courses and are updated on key policy areas.
Here’s a brief Intro to the first batch of courses recently released.
Governance compliance courses
The courses for boards, collectives, and other governance groups (3 courses) are going to help them fulfill their responsibilities in areas like financial management, strategy and risk management.
This will help current board members and make the job of recruiting and onboarding new governance/board members easier.
Health and Safety Induction for staff
In the first batch of courses, the Policy Place also has some courses for staff.
A useful and must-do course is the Health and Safety Induction course. It’s not long but sufficiently detailed to inform new kaimahi/staff about their responsibilities, how risks are managed in the workplace and the organisation’s health and safety responsibilities.
Abuse Prevention and Response Course
Another important course, especially for organisations working with tamariki and vulnerable people is the Abuse Prevention and Response course. This course addresses different types of abuse, signs of abuse, responding and reporting abuse.
For an organisation subject to the Social Sector Accreditation Standards or Ngā Paerewa Health and Disability Services Standards, it will help prove compliance with the standards. It will be a great onboarding tool. It will also be a good refresher for existing staff.
Conclusion
You’re not alone if you experience problems implementing your policies. We know it’s a widespread issue.
With our new online courses, we’re addressing the problem.
You can enrol in a course as an organisation or individual. So go ahead and enrol Now!
How policies can help you collaborate
Whakawhanaungatanga – relationships and connection – is what it’s all about.
In the social and health sectors, relationships and collaboration with other services, is key to addressing the range of issues clients OR whānau are dealing with and to making a sustainable difference to people’s lives.
But it’s not always easy to collaborate. Even with the best will in the world, collaboration can still be a struggle.
It can be hard getting everyone on the same waka, steering in the same direction. People come and go in the collaboration; enormous amounts of time can be wasted repeating decisions and plans without anything much being achieved. Not to mention the disruption caused by external events like a global pandemic!
If you’re dealing with these issues in your collaboration, it’s worth considering how policies and procedures can help. Yes, getting them sorted may mean time away from the “real” mahi of the collaboration, but in the longer-term policies and procedures can pay off.
Done well, they can avoid wasted time for your group and contribute to a better quality service or product from your collaboration.
Here’re some policy areas that we think can benefit most collaborations:
POLICY |
POLICY CONTENT |
Governance and management |
|
Kaupapa |
|
Information management |
|
Quality assurance and improvement |
Agree how you will assess and review your progress:
|
Complaint & dispute resolution |
A healthy Collaboration should involve robust discussion and expect disagreements. It should be supported by an agreed dispute resolution process that can be easily accessed and used.If the Collaboration provides a service, it should include a process for service users to give feedback and make a complaint. |
Participation |
The Collaboration membership:
Responsibilities of members to their agencies, such as links back to your governance and management.How the group will address barriers to participation for members, for example:
|
IMPORTANT REMINDER !To participate well in a Collaboration you need to have your own backyard sorted – your organisation’s policies and procedures.At the Policy Place we do that for you – so you can participate in the Collaboration knowing that you, your staff and organisation are supported by good policies and up-to-date with regulatory expectations.Phone or email us for find out more. |
|
5 ways to increase the effectiveness of your complaints process
So you’ve got a complaints process but how effective is it?
Is receiving no complaints the best you can hope for as a sign of effectiveness? Or is it the complaint outcome that matters most – ie that you were right or wrong?
Here’s 5 things that we think are important to a good complaints process:
- Your policy
- Your culture
- Accessibility
- Your process of escalation, and
- Your resolution approach.
1. Good policy
Staff need to understand the process and rationale for your complaints process. That’s where your policy comes in. It should cover the legal and regulatory imperatives, your commitment to client/customer responsiveness and participation and to organisational learning and improvement. The insertion of some principles like equality, timeliness and fairness will also help staff navigate the process for themselves and with clients/customers.
2. Welcoming and receptive culture
Most of us struggle with criticism and complaints can feel like criticism. So it’s understandable if we feel negative about complaints. But taking a negative approach is deeply problematic.
Negativity can lead to behaviours that stop or prevent people from giving feedback and risks poor quality client service. It can mean that we don’t promote the process, we might respond defensively to feedback and we could minimise and avoid concerns rather than addressing them.
A tendency towards or risk of negativity should therefore be offset in a workplace by strategies such as these:
- adopt a broad focus – invite both positive and negative feedback and make it easy for people to give feedback. Feedback can be as simple for a client as answering a question every now and then about how they’re finding the service and if they would like to see any changes made to improve their experience. Keep a record, consider the feedback with the client and/or others and respond to it;
- take a learning and improvement ethos in the organisation where mistakes and complaints, as much as feedback, are regarded and treated as opportunities to learn and improve;
- share and celebrate feedback and use it to assist team collaboration and planning;
- ensure that staff understand they have rights in the complaints process and that they will be treated fairly and be able to access support if they are involved personally in the process.
3. Easy access and use
How many times, have you gone to make a complaint or raise a concern with an agency to find that there’s no real mechanism for complaining despite claims they have a process.
This might mean you don’t get complaints. But it’s also disastrous in terms of being able to provide a good service as you don’t end up knowing where you’re customers are feeling let down by your service. Some key lessons then:
- Lesson 1 – if you’ve got a complaints process, make sure your clients/customers can easily find it and use it. Yes, it’s important to have a complaints process, it’s also important to have multiple channels for clients and customers to give feedback.
- Lesson 2 – make sure your staff understand the process and can help people with it. It should be part of staff induction and regular staff training.
- Lesson 3 – anticipate and address potential barriers to clients making complaints by making sure that information about the feedback and complaints process is appropriate to your client group (eg age and developmentally appropriate; different languages); there is access to external advocates and there are multiple ways for giving feedback and complaints.
4. Appropriate escalation
A complaints process needs to recognise that people like to deal with conflict and concerns in different ways. Most prefer early and quick resolution.
Promoting and providing a pathway for the early raising and resolution of concerns is important. Remind and encourage clients/customers to share their concerns directly with staff and offer support if needed. This can be a part of the complaints process or separated out from a more formal “complaints” process.
At the other end of the process, provision should also be made for a right of internal and/or external review if a party to the complaint is not happy with the complaint outcome or the process.
5. Systemic approach
Problems rarely arise in a vacuum. They are likely to be systemic and to reflect context. Even if there seems to be an immediate and obvious cause and answer to a complaint there will often be more to it. Certainly, it’s worth thinking about.
Consider how wider systems, organisational norms, work schedules etc may have contributed to the behaviour or attitude that is being complained about and what can be done to address the deficiency(ies). This, plus addressing the more immediate cause, will help prevent recurrence of the matter in the long term.
Conclusion
So going back to start – how do you know if your complaints process is effective? Not receiving complaints is not a reliable indicator. It may indicate top-notch service but if you’re not getting any feedback or complaints then it may well signal the need for more opportunities for client/customers to participate and provide feedback.
Complaint outcome or, who won or lost, is also unreliable. The value and benefits of good feedback and complaints processes are to help an organisation learn and improve and be responsive and relevant to clients/customers.
When assessing effectiveness, think instead about access, use and participation in the process, client/customer feedback on their experience of the process and cost/benefits of resourcing the process against the short and long term benefits of learning and improvement.
9 policy and procedure areas to cover off for COVID- 19
Good policies and procedures can help you steer the course – keep you on track with your compliance and guard against panicked decision making in a time of emergency.
Are all policies and procedures equally important in a time of emergency?
Not all. Here’s what we prioritise.
Compliance
Policies and procedures addressing compliance with regulations and standards. These are the “must dos”. They can help you decide what and how you might pare back to save money and if need be, make changes to how you operate.
Pandemic policy/plan
An obvious policy.
As indicated by the recent resurgence of COVID-19 in Tamaki Makaurau/Auckland, the plan needs to be robust enough to support flexible and quick responses to changing Alert levels. If your plan is based on a linear trajectory, it should be updated accordingly.
While you’re at it, check that your plan is consistent with the legislated requirements for contact tracing, restrictions on movements and physical distancing.
Staff at risk of infection
The situation of staff in this circumstance can be part of a pandemic or leave policy or because of its high-interest value, as a separate policy. The status of and responses to staff in the following circumstances should be clarified:
- staff exposed to infection through an event or personal contact (ie where increased risk)
- staff concerned about risk (but no indications of exposure)
- staff who may be especially vulnerable to infection because of a pre-existing condition, age etc
- staff are quarantined/required to self-isolate (may differentiate cases where it was forseeable/not forseeable)
- staff returning from international travel
- community lock-down.
Leave policy
Employees’ minimum leave entitlements are addressed in legislation. Organisations will have their own policy and procedure where leave is above the minimum and to outline how leave should be applied for etc.
Leave entitlements are especially important for staff when jobs start looking uncertain. It will also be pressing for staff at risk of infection, staff who become sick and those caring for dependents.
Your leave policy should address the application process for annual leave, sick leave, dependent/caregiver leave (may be added to or part of sick leave) and access to other leave – eg paid special leave; unpaid leave.
Flexible working policy
This policy should cover the relevant legal requirements eg that arrangements are requested and responded to, when formality might be waived and reasons why a request might be declined. It should cover options such as staff working on flexible schedules and in remote locations; recording variations to employment terms, clocking in and out, shared calendars and monitoring and review of arrangements.
Working from home policy
Working from home is a form of remote working. It could be part of your flexible working policy. However, its become a dominant way of working while in the pandemic so we think it warrants specific attention as a policy.
Your policy should cover expectations for how and when work is to be achieved, connection with the mothership (ie workplace and other colleagues), workplace hui; shared calendar and time recording; health and safety; roles and responsibilities. See here for help.
IT, privacy & communications policy
Most organisations will have policies about what’s acceptable/unacceptable use of email, online systems, software and social media. If staff are moving to remote working, it’s important that these policies cover roles and responsibilities, (eg for hardware, authorisations, arranging staff logins), safeguards for the transfer, use and recording of organisational and personal information and log in/access to online organisational resources including client management system and policies and procedures.
Diversity and inclusion
This may seem a surprising “must have” for Covid 19. It reflects the law (eg Human Rights Act; health and disability and social sector accreditation standards.)
We’ve included it here to counter the risks of xenophobia and exclusion. There have been instances of racist attacks related to Covid-19 and more recently, animosity towards returning citizens and residents. Yes, we’re concerned about health and safety. But this can not be at the expense of equality.
We all benefit from inclusive and welcoming work cultures where staff and others who may be infectious are supported and disinformation about the virus is rejected.
Delegations
If you’re a funded social or health service you’re required to have a delegations policy. At least, you should be able to evidence clear parameters around management versus governance functions and powers.
With Covid 19, it may be a good idea to think more extensively about delegations. For business continuity purposes, delegations should be in place and enable sufficient cover for when usual decision-makers are absent or become ill.
Ways you can address these areas
For those who’ve got it all covered, make sure your staff are aware of the policies. Enable their 24/7 access to your policies, procedures and other systems if they start to work remotely.
If you haven’t got them covered, it’s not too late. You can:
- amend your related policies to cover off the key areas
- develop and incorporate new procedures into existing policies
- contact us for help so it’s one less worry and there’s less stress.
For those into DIY, check out some of our other posts and these resources for help with drafting your policies:
5 takeaways from the Coroner’s and Ombudsman’s children’s reports
The Ombudsman and Coroner reports, released this month, identified inadequate treatment and care of children/tamariki by Crown agencies. The Coroner was reviewing the tragic death of a young two-year-old. The Ombudsman was reviewing policies and practices relating to the removal of newborn babies from their parents and whānau by Oranga Tamariki- the Ministry for Children.
Both reports identified big policy problems that we can all learn from.
Coroner’s report – In the matter of Hineihana Sosefina Mausii
The Coroner was looking into the tragic death of 2-year-old Hineihana Sosefina Mausii in 2013. There had previously been a serious adverse event (SAE) review by the Southern District Health Board(SDHB) and an investigation and review by the Health and Disability Commissioner. Both reviews had found critical failures in Hineihana’s care.
The question for the Coroner was whether she should make any comments or recommendations to reduce the chance of further deaths in similar circumstances.
Key findings of facts
The key facts were that Hineihana was taken twice, within 48 hours, to the Emergency Department(ED) of Dunedin Hospital with an acute health condition. On her second presentation, she was assessed by a junior doctor working under the supervision of a senior doctor. His assessment was found to have been inadequate and to have missed “red flags” about Hineihana’s poor health.
The senior doctor, responsible for supervising the junior doctor, failed to provide an adequate level of supervision appropriate to the junior doctor’s level of experience. As a result, Hineihana’s acute condition was not identified when it should have been. She was wrongly discharged with her parents not given any discharge information about follow up care and when to return to the ED.
Policy gaps
With her preventive hat on, the Coroner identified a couple of big policy gaps that had contributed to Hineihana’s inadequate treatment.
At the time of Hineihana’s re-presentation to the ED there had been no clear policy requiring her (ie as a child) to be assessed by a senior registrar or consultant. The SDHB claimed that requirement had since been introduced. The Coroner however disagreed.
Although it was stated as a requirement in several documents, there was no “single source of truth” aka operational policy requirement for unscheduled representations of children to ED within 48 to be assessed by a senior doctor. The status of the documents mentioning the requirement was unclear. So was the “requirement.” She recommended that this be addressed to prevent future tragedy.
The second policy gap concerned safety-netting at discharge. The SAE Review recommendations included the development of a written policy for safety-netting, and provision of both spoken and written advice for patients/parents/caregivers regarding when to return to the ED. It hadn’t yet been done. The Coroner reinforced the recommendation.
Ombudsman’s Inquiry
The Ombudsman reported back this month on their inquiry into the removal of newborns/pēpi from their parents. It made a number of key findings about poor practice. They also identified some critical policy gaps and errors concerning:
- the use of without notice s78 applications (interim custody applications) and criteria for how staff should identify and assess the viability of other options to make tamariki safe
- working effectively and equitably with disabled parents and other parents suffering from mental distress and drug and alcohol issues (ie using a disability-rights approach)
- for unborn and newborn pēpi, policy requiring:
- trauma-informed social work practice to be applied to assessments of the parents’ own childhood histories of abuse or neglect
- specialist assessments for parents with alcohol or drug misuse, mental health needs or intellectual disabilities.
- the Ministry to assist parents and whānau where their pēpi has been identified as at risk.
- a lack of policy guidance about the process of removing a pēpi from their parents once a s78 interim order has been granted.
The Ombudsman recommended these gaps be addressed to support better decisions and large scale practice change by the Ministry when care and protection are held for newborns.
Key takeaways
Although these reports were looking at different issues. They shared a focus on the care, health and wellbeing of our most precious tamariki. They identified and recommended that some key policy problems be fixed.
Although they concerned Crown agencies, there are some key takeaways for social and health services:
- critical issues that require the application of professional judgement and skill should be supported by operational policy requirements
- policy should reflect legal requirements and in the area of disability and mental health the United Nations Convention on the Rights of People with Disabilities
- to avoid confusion and uncertainty in the workforce, there should be a “single source of truth” when it comes to requirements and this should be your operational policy
- organisational policy must be usable and accessible for busy operational staff
- training should align with and support good operational policy.
If you want to know more about how our online policy and procedure service can support good practice and your compliance with regulations and standards, contact us.
3 tips for upping your game using policies & procedures
With so much going on the world, continuous improvement might seem like a tall ask. But don’t get dispirited. It’s not about doing more.
If you monitor and check for quality, encourage and respond to feedback and enable client/consumer participation and have the policies and procedures to show for it, then you’ve got the basics covered.
Below, we set out some policy and procedure requirements for 3 key areas of continuous key areas.
If you want to know about policies and procedures for quality assurance and continuous improvement contact us.
Continuous improvement areas |
Policies and procedures |
Welcome and seek out feedback – the good, the bad and the ugly.
|
Policy requirements for:
|
Enable participation
|
Policies and procedures relating to governance, management, organisational integrity and client services should require:
|
Monitor, review & adjust
|
Self-reflection is good, but nothing beats data and using it to monitor and review performance.
It doesn’t have to be scientific. But you should have processes in place to collect it from sources that can provide real insight to your operations. Some examples are:
Use can use this same data to monitor improvements you make and to set goals. |
Treaty-based change for NZ’s health & disability system
We’re in for a new Treaty-based health and disability system. That’s one of the recommendations of the final report on the Health and Disability System Review.
The Review recommends that the Treaty/ te Tiriti principles are embedded through New Zealand’s health and disability system. It also recommends amending the New Zealand Public Health and Disability Act 2000 to reflect more recent interpretations of the Treaty of Waitangi (for the final report see here).
The Waitangi Tribunal’s principles will be important.
In its report – Hauora: Report on Stage One of the Health Services and Outcomes Kaupapa Inquiry (Hauora report)25 (Wai 2575) -the Tribunal criticised the 3 Ps approach to Treaty interpretation (Participation. Instead, it outlined 5 Treaty principles for our future health system (see below).
(For more about what the Tribunal report check out Learning from the Tribunal Health Report)
9 tips to help you prepare for Alert Level 1 & beyond
We’re heading towards Alert level 1 so let’s get our workplaces ready.
We don’t know exactly what’s involved in Level 1 but we do know that we’re going to have to be careful and vigilant about public health. Always.
COVID-19 won’t be our last pandemic. Pandemic readiness must be part of how we prepare for Alert Level 1 and beyond. Here are some tips to help you prepare.
Tip 1: Distancing
Current physical distancing requirements will relax, but if it’s possible maintain workplace measures to support distancing like:
-
more physical spacing between people
-
more online and fewer in-person meetings
-
staggered/rostered work schedules
-
smaller programmes/courses
-
contactless deliveries.
Tip 2: Keep up with the hygiene and cleaning routine
This is just good practice and should continue in the workplace. Maintain signage about coughing/sneezing hygiene and ensure wide access to tissues, soap, sanitiser, masks and other relevant protective gear.
Ensure that shared spaces are thoroughly cleaned each day. If staff take turns with this, develop an agreed checklist of hygiene and cleaning tasks to be achieved.
Tip 3: Contact Tracing
Continue to keep a record of who you are working with and who is entering the workplace. Make sure people understand why and what you’re doing it for.
Contact tracing is important for public health purposes. It’s a key way to track and contain infection outbreaks.
Tip 4: Strengthen remote capability
If you’ve been working remotely, keep it up. It is your back-up plan if there’s another infectious outbreak.
Ensure you’ve got the basics covered:
-
your tech solutions for communication
-
training for staff
-
remote/flexible working arrangements agreed with staff and reflected in their employment agreements
-
your handbook with policies and procedures updated and online for easy access and use by remote staff.
Tip 5: Encourage personal responsibility for health
You need everyone on board – everyone you work with- to stay at home if they are sick.
Communicate this consistently.
Action it by:
-
allowing sick or special leave when staff report minor – serious symptoms of COVID-19
-
allowing staff to work remotely so they can self-isolate whenever they are reasonably concerned about exposure to COVID-19 or are experiencing symptoms.
The costs of these measures will be less than the cost of a future lock down. If you’re worried they will be mis-used, make sure your other policies dealing with conduct, performance expectations and disciplinary action are fit for purpose.
Tip 6: Review and respond
COVID-19 economic impacts are predicted to broaden so keep an eye on what’s happening for those you serve. It may be necessary to re-purpose resourcing or to scale an activity you do up or down to become more responsive and viable in the post-COVID 19 world.
Need help with that? Check out the range of government support available.
Tip 7: Take special care of people-facing and vulnerable staff
Monitor and address risks to:
-
staff with pre-existing conditions like heart disease and diabetes that make them especially vulnerable to COVID 19
-
essential workers and public -facing staff (eg foodbank staff; caregivers; health practitioners; bus & delivery drivers).
In addition to controls like masks and screens, encourage regular testing of your front-facing staff and essential workers for COVID-19 and that they get the flu shot.
Tip 8: Improve business continuity planning
We’re all in this together and stronger for it.
Improve your business continuity planning by making arrangements now with others operating in related areas about sharing resources, staffing and volunteers, obtaining supplies etc during a pandemic outbreak.
Tip 9: Stay on top of public health information
COVID-19 has reminded us we are all in the business of public health.
We need to stay on top of public health data so we can reliably identify hazardous activities and the risks and develop controls in a responsive way. Stay informed and keep your staff and others informed.
How parenting helps you manage workplace health and safety
Parenting is “risky” business. So is managing health and safety in the workplace. Apply what you know as a parent and you’ll be on course to health and safety in the workplace.
Similarities
Risk-management is ordinary
We want our kids to be happy and thrive so we let them take chances, make mistakes. We let them climb the highest tree, take a high skate ramp or bike jump even though “secretly” it may scare us to death.
Healthy risk-taking helps kids become resilient. Also important are caring & supportive relationships, coping skills, encouraging kids to problem-solve and letting them make mistakes to learn. Rather than say no to our kids risk-taking, we prepare them, inform and equip them, support them through the challenges and mishaps.
Risk-taking is also an inevitable part of business. It goes with employing staff; working with people; living with climate change and prospects of natural disasters etc. Preventing and dealing with risks therefore, needs to be BAU in terms of workplace culture, staff and client relationships, policies and procedures and decision-making processes.
Guided by a risk appetite
Sometimes we have to say “no” to our kids’ options for fun. But more often we don’t. Our response depends on our “risk appetite” – the level and nature of risk that we will accept given the likely benefits of the activity (eg can I live with the consequence of torn clothing, damage, a broken bone if the risk eventuates?).
Similarly, as managers, governors and staff, faced with choices that carry risks, we will consider what level and types of risks we can live with and manage. We communicate and engage with staff and others around what risks we’re comfortable with through our policies and procedures, when assessing risks and adequacy of controls.
Fair response
As a parent and as a manager, our response to risk(s) will depend on how severe we think the consequence will be and how likely it is. Our response should be proportionate, reasonable and ideally, particular to the risk(s).
Risk scenarios involving the most severe consequences should be prioritised and receive the most intense response.
Differences
Regulations
Regulations require workplace health and safety to be front and centre for workplaces. The job of a parent is less regulated with laws applying only in specific circumstances (eg riding with a helmet, use of child restraints, criminal offences).
This difference has important consequences. For example, organisations face sanctions if they don’t comply with legal requirements. More positively, a business or organisation can gain from the ready-made guidance provided by regulations.
Disclosure
As parents, we’re not usually obligated to talk to our child(ren) about risks. By contrast, full and transparent disclosure of information about risks is necessary in the workplace. Staff, clients and visitors to the workplace have a right to be fully informed about of risks to their safety and to make decisions about their safety based on that.
Gut versus informed
As a parent, we’ll often act on our “gut” about risks. Sometimes, we might do extra homework to get better informed about the real picture but it’s not required.
A more systematic and thorough approach is however expected of management. A manager must take reasonable steps to keep themselves informed about risks and put effective safety controls in place. Managers should therefore be aware of relevant data from industry and elsewhere about risks and effective safety controls (eg protective equipment; MoH guidelines).
Participation
The extent to which we talk to our children about risks and safety will depend on their age, our parenting style and preferences etc.
As managers, though, the law is clear that we must engage and allow staff to participate in health and safety decision making in the workplace. It makes sense too if we want to ensure that we are over the risks and taking all due care about the health and safety of those in our workforce.
Conclusion
Our health and safety responsibilities can sometimes feel overwhelming. Now, more than ever, health and safety must be front and centre for organisations.
If you’re into DIY policies and procedures, remember you’ve got a lot to practical experience of managing risk to draw on if you’ve been or are a parent.
But if you’re not into DIY and want the convenience and relief of having someone else take care of your agency’s policies and procedures, contact us. Our online policy and procedure service, accessible 24/7, includes health and safety policies that we can customise to you.
Let us look after your policy and procedure needs so you have more time to focus on your work and whānau.
Contact us NOW!