Workplace Safeguarding Policy: What SMEs Must Include And Implement

If you run a small business, “safeguarding” might sound like something only schools, charities or care providers need to think about.

But the reality is that many SMEs employ young people, work with customers who may be at risk, host members of the public on-site, or rely on contractors and third parties. Even if your business isn’t “regulated” in the traditional sense, safeguarding risks can still show up - and when they do, they can escalate quickly.

A clear safeguarding in the workplace policy helps you set expectations, spot issues early, and respond properly if something goes wrong. It also shows your team (and your clients) that you take safety, dignity and professional boundaries seriously.

What Is A Safeguarding In The Workplace Policy (And Do SMEs Need One)?

A safeguarding in the workplace policy is a written policy that explains how your business prevents and responds to harm, abuse, exploitation, bullying, harassment, neglect or inappropriate behaviour connected to your workplace activities.

In practical terms, it’s a framework for:

• identifying who may be at risk (employees, interns, apprentices, customers, visitors, clients, service users);
• setting behaviour standards (professional boundaries and acceptable conduct);
• explaining how people can raise concerns safely;
• documenting what your business will do when a concern is reported (internal steps and when external reporting is needed).

When Is A Safeguarding Policy Especially Important?

Even as an SME, you should strongly consider a safeguarding in the workplace policy if any of the following apply:

• You employ or host under-18s (e.g. apprentices, work experience students, trainees, young performers, sports coaches).
• You provide services to adults who may be at risk due to care and support needs, disability, age, illness, trauma, language barriers, or dependency on your services.
• Your team works in customers’ homes (e.g. care, trades, cleaning, tutoring, personal training).
• You run a business where staff are in positions of trust (e.g. teaching, therapy, childcare, healthcare, coaching, mentoring).
• You have lone working, night shifts, or remote sites where supervision is limited.
• You handle sensitive personal data or incident reports and need a clear reporting trail (your Privacy Policy and internal processes should line up with how you manage that data).

Even if safeguarding isn’t a formal legal requirement for your specific sector, having a policy is often a commercial and risk-management must-have. Clients, local authorities, insurers, and larger organisations increasingly expect to see it during onboarding or tendering.

What Laws And Risks Does A Safeguarding Policy Help You Manage?

Safeguarding is a broad concept, so there isn’t one single “Safeguarding Act” that applies to every workplace. Instead, a safeguarding in the workplace policy helps you manage overlapping duties under employment law, health and safety law, equality law, and data protection.

Health And Safety Duties

Under the Health and Safety at Work etc. Act 1974, employers must take reasonable steps to protect employees (and others affected by the business) from health and safety risks. That can include risks tied to violence, harassment, unsafe working environments, and lone working.

A safeguarding policy supports this by documenting:

• how you assess safeguarding risks;
• how incidents are reported and investigated;
• what controls you put in place (supervision, training, safe recruitment, site rules).

Equality, Harassment And Discrimination

The Equality Act 2010 is central to many safeguarding issues because safeguarding concerns often overlap with bullying, harassment, sexual harassment, victimisation, and discrimination.

Your policy can help reinforce “what good looks like” in day-to-day conduct and give staff a clear pathway to raise concerns before behaviour escalates.

Working With Children And Adults At Risk

If your business involves regulated activity with children and/or adults (as defined under safeguarding legislation), you may need to consider:

• DBS checks (and the right level of check);
• barred list checks (only where you’re legally entitled to request them, typically for regulated activity);
• safer recruitment procedures and supervision.

Rules in this area can be complex and depend heavily on what your team actually does, so it’s worth getting tailored legal advice if you’re unsure.

Data Protection And Confidentiality

Safeguarding almost always involves handling sensitive information - incident reports, witness accounts, medical details, CCTV footage, or allegations about individuals. That means your approach needs to line up with UK GDPR and the Data Protection Act 2018.

As a starting point, your policy should make it clear:

• what information will be collected;
• who can access it (and on what basis);
• how long it’s kept;
• when it may need to be shared externally (for example, where there’s a serious risk of harm, or a legal/regulatory duty to report applies).

It’s also where your internal systems should be ready for a “worst case scenario” - for example, if safeguarding records are lost, emailed to the wrong person, or accessed without permission. Having a Data breach response plan can make a huge difference to how calmly and compliantly you respond.

Monitoring, CCTV And Recordings

Some businesses try to “solve” safeguarding concerns by increasing monitoring (for example, more cameras, more call recording, more tracking). This can help in certain contexts - but it can also create privacy issues if it’s not handled properly.

If you use surveillance or recordings as part of your safeguarding controls, make sure you’re across the risks around CCTV in the workplace, and be particularly cautious if you’re considering CCTV with audio.

The same goes for taking recordings during meetings or calls - there are legal and practical pitfalls around recording conversations, especially if you’re collecting personal data or using recordings in disciplinary processes.

What To Include In A Safeguarding In The Workplace Policy (Checklist)

A good safeguarding in the workplace policy is practical and readable. It shouldn’t be a 40-page legal document that no one uses - it should be something your managers and staff can actually follow.

Below is a checklist of what SMEs usually need to include.

1. Purpose And Scope

• Why the policy exists (to prevent and respond to safeguarding concerns).
• Who it applies to (employees, directors, contractors, volunteers, interns, agency staff).
• Where it applies (office, worksites, off-site events, customer locations, online/remote work, company travel).

2. Definitions (In Plain English)

This section matters more than most people think. Clear definitions reduce “grey area” arguments later.

Consider defining:

• Safeguarding (what it means in your business context).
• Child (under 18).
• Adult at risk (often linked to care and support needs and risk of abuse/neglect, without labelling everyone).
• Abuse (physical, sexual, emotional, financial, neglect, coercive control).
• Bullying and harassment (including sexual harassment).
• Grooming and boundary violations (especially relevant where staff work with minors).

3. Your Safeguarding Principles And Standards Of Behaviour

This is where you translate “values” into workable rules.

For example:

• professional boundaries with clients and colleagues (in person and online);
• rules around one-to-one situations (supervision, visibility, sign-in/out);
• appropriate communication channels (e.g. no private messaging with under-18 clients from personal accounts);
• clear expectations about respect, language and conduct;
• zero tolerance for retaliation against someone who raises a concern.

4. Roles And Responsibilities

Safeguarding fails when everyone assumes it’s “someone else’s job”. Spell out:

• who is the safeguarding lead (and a deputy, if possible);
• manager responsibilities (responding, documenting, escalating);
• staff responsibilities (reporting concerns, cooperating with investigations);
• director/owner oversight (resources, training, reviewing incidents).

If you already have a broader Workplace policy set, your safeguarding policy should fit neatly within it rather than contradict other policies.

5. Reporting Pathways (And How To Raise A Concern)

This is the “make or break” section. If reporting is confusing, people won’t report.

Include:

• how to report (email, form, phone, in person);
• who to report to (named role, not just “management”);
• what information to include (dates, names, what was seen/heard, immediate risks);
• what happens after a report is made (initial response timeline, triage);
• options for anonymous/confidential reporting (and realistic limits to confidentiality).

If you use whistleblowing as a reporting pathway for serious wrongdoing, make sure your Whistleblower policy and safeguarding process are consistent.

6. Responding To Immediate Risk

SMEs often miss this, but it’s critical: what should staff do if there is an immediate risk of harm?

• When to call emergency services.
• How to remove someone from danger (where safe to do so).
• Who must be notified internally straight away.
• How to preserve evidence (without putting anyone at further risk).

7. Investigation And Outcome Process

Your safeguarding in the workplace policy should clearly separate:

• fact finding (what happened, what evidence exists);
• employment processes (disciplinary, suspension, performance management);
• external escalation (police, local authority safeguarding, regulators, professional bodies).

You don’t need to promise specific outcomes - but you do need to promise a fair process, proper documentation, and appropriate escalation where required (including where a legal duty to refer/report applies, for example to the DBS in certain cases involving regulated activity).

8. Safer Recruitment And Onboarding

Prevention starts before day one. Depending on your sector, include:

• reference checks (and what you ask references);
• DBS checks where appropriate (and ensuring you only request the level of check you’re entitled to);
• clear job descriptions that set expectations around boundaries;
• training during onboarding;
• probation review checkpoints.

9. Training And Ongoing Awareness

A safeguarding policy only works if your team knows it exists and understands it.

Outline:

• mandatory training for new starters;
• refresher training frequency;
• extra training for managers and safeguarding leads;
• how you record completion (and what happens if someone doesn’t complete training).

10. Recordkeeping, Privacy And Data Handling

Safeguarding records should be handled carefully. This section should cover:

• what records you keep (incident reports, notes, emails, CCTV clips);
• where they are stored (restricted folder, HR system, encrypted drive);
• who can access them and on what basis;
• how long they’re kept (retention period);
• how you manage subject access requests (where applicable).

This is where your privacy compliance should align with your other business-facing documents, including your Privacy Policy.

How To Implement Your Safeguarding Policy Day To Day

Writing a safeguarding in the workplace policy is the easy part. Implementation is what actually reduces risk.

Here’s a simple, SME-friendly rollout plan you can follow.

Step 1: Map Your Safeguarding Risks

Start with your real-world operations, not generic templates. Ask:

• Who interacts with customers or the public?
• Do staff ever work alone, off-site, or in private spaces?
• Do you employ younger workers or host placements?
• Do managers have one-to-one authority over junior staff?
• Are there particular high-risk times (late shifts, events, travel)?

This risk map will shape what you include (and what you don’t) so your policy stays relevant.

Step 2: Appoint A Safeguarding Lead (Even If You’re Small)

In a micro business, the lead might be the founder or the operations manager - that’s fine. What matters is that everyone knows:

• who makes the call on escalation,
• who keeps records, and
• who supports staff through the process.

Step 3: Train Managers First

Managers are usually the first people a concern gets reported to - and their response can either stop a problem early or make it worse.

Train managers on:

• how to respond without “investigating on the spot”,
• how to avoid victim-blaming language,
• how to keep good notes,
• when to escalate immediately,
• how to maintain confidentiality appropriately.

Step 4: Roll Out To Staff (And Make It Easy To Find)

Don’t just email a PDF and hope for the best.

Instead:

• introduce the policy at a team meeting;
• include it in onboarding;
• store it in a central place (HR folder, staff intranet);
• use short reminders (posters, pinned messages) that show how to report concerns.

Step 5: Align Your Other Policies And Processes

Your safeguarding in the workplace policy shouldn’t live in isolation. For SMEs, safeguarding often overlaps with:

• disciplinary and grievance processes;
• bullying and harassment policies;
• IT and communications rules (e.g. messaging clients, social media boundaries);
• CCTV and monitoring policies;
• privacy and record retention.

When you align these properly, you reduce the risk of inconsistent decisions - which is where many disputes start.

Step 6: Test The Process (Before You Need It)

A good exercise is to run a simple “tabletop scenario” with your safeguarding lead and one manager:

• A junior staff member reports inappropriate messages from a supervisor.
• A customer complains about a staff member behaving aggressively on-site.
• A young apprentice discloses a concern that suggests risk outside the workplace.

Walk through what you’d do step by step. If you hit confusion, your policy needs tightening.

Common Mistakes SMEs Make (And How To Avoid Them)

Safeguarding can feel daunting - especially when you’re busy running the business. The aim is progress, not perfection. But there are a few common pitfalls worth avoiding.

Using A Generic Template That Doesn’t Match Your Business

Templates can be a starting point, but safeguarding is highly context-specific. A policy written for a large care provider may be useless for a small events company (and vice versa).

Where possible, tailor your safeguarding in the workplace policy to:

• your services and locations,
• your staffing structure,
• your customer base,
• your actual reporting lines.

Confusing Safeguarding With General “Workplace Misconduct”

Not every performance issue is a safeguarding issue - but many safeguarding issues will require an employment law response too.

Your policy should make it clear when something is:

• a safeguarding concern needing escalation and careful handling, versus
• a standard HR issue that can be addressed through normal management processes.

Over-Promising Confidentiality

It’s normal to want to reassure staff that their concern will be kept confidential. But you should be careful not to promise secrecy you can’t legally or practically maintain.

A safer approach is to explain that information will be shared only on a “need to know” basis, and may be escalated if there’s a serious risk or a legal obligation to report.

Collecting Evidence In A Risky Or Non-Compliant Way

For example, recording meetings without thinking through privacy, or installing surveillance without proper notices and justification. If you need monitoring as part of your safeguarding controls, ensure you handle CCTV and recordings carefully (including the risks around recording conversations).

Not Reviewing The Policy After An Incident

One of the best times to improve your safeguarding in the workplace policy is after you’ve handled a real concern. If something was unclear, slow, or inconsistent, build that learning back into the policy and training.

Key Takeaways

• A safeguarding in the workplace policy helps SMEs prevent and respond to risks like abuse, harassment, boundary violations and harm connected to work activities.
• Even if safeguarding isn’t a formal requirement in your sector, it can be a crucial risk-management tool - especially if you work with under-18s, adults at risk, or the public.
• A strong policy should cover scope, definitions, behaviour standards, reporting pathways, investigation steps, safer recruitment, training, and recordkeeping.
• Safeguarding often overlaps with privacy and monitoring, so be careful if you use CCTV or recordings as part of your controls.
• Implementation matters: appoint a safeguarding lead, train managers, make reporting easy, and regularly review the policy after incidents or changes in your business.

If you’d like help drafting or reviewing a safeguarding in the workplace policy that actually fits how your business operates, you can reach us at 08081347754 or team@sprintlaw.co.uk for a free, no-obligations chat.