As the holiday approaches, it seems like everyone is on the move. People jet off to end-of-year conferences, take advantage of remote-work flexibility for sunnier time zones, or visit family abroad. For companies, every trip introduces a new layer of risk.
I was reminded of this recently on a work trip to Singapore — one of two dozen trips this year — when I found myself 10,000 miles from home. When employees are far from their usual support systems, the risks feel bigger. Companies have a responsibility to be ready.
Whether an employee experiences a medical emergency abroad, a natural disaster affects a company-sponsored event, or someone falls victim to a cybersecurity breach while working remotely, the company’s response hinges on one concept: duty of care.
What Is Duty of Care
Duty of care is a company’s legal and ethical obligation to protect the health, safety, and well-being of its people, no matter where they are.
While risk and HR often own operational pieces, duty of care extends across an entire organization. It encompasses travel guidelines, emergency protocols, benefits, insurance coverage, vendor selection, cyber security, and even security and badge procedures in offices.
Why the Holiday Season Amplifies Risk
The holiday season compounds risk exposure in ways companies often underestimate. Here are some dynamics risk leaders should keep top of mind:
More travel, more variability
More employees find themselves in unfamiliar environments with varying medical, safety, and infrastructure standards. They could deal with foreign healthcare systems, different legal frameworks, and locations they don’t know well.
Blended trips
Personal travel tacked onto business trips muddies coverage and liability. For example: Is someone covered by company insurance still covered when they extend a business trip for a family vacation?
Remote work goes global
Working abroad can introduce new cyber security risks and create challenges for emergency response. Even domestic remote work introduces complications. And in both scenarios, similar liability questions emerge: Who is responsible if an employee is injured while working remotely, say, from an in-law’s home?
Common Duty of Care Blind Spots
Even mature organizations struggle with duty of care gaps. Here are areas that often fall through the cracks:
- Conferences and large-scale events
Hosting a conference or major event carries significant risk if you don’t have a crisis playbook outlining how to manage potential emergencies. - Remote and hybrid arrangements
Are employees truly covered by insurance while working in another country? Many assume so — and many are wrong. - Contract and gig workers
These workers are often excluded from safety protocols, creating ethical and legal gaps. - Third-party risks
Travel agencies, event planners, and other vendors must be vetted. Their failures quickly become your failures. - Cyber security abroad
Are remote workers using secure networks? Do they understand the risks of public Wi-Fi in foreign airports and hotels? - Medical access
Is support available globally, or does your care network stop at the border?
Is support available globally, or does your care network stop at the border?
Preparedness means integrating duty of care into your broader risk management strategy. Here’s how:
1. Assessment: Know where your people are
Start by identifying where employees are, where they’re headed, and what risks they face. Map travel patterns and remote work locations. Account for upcoming conferences, off-sites, and seasonal travel spikes. You can’t protect people if you don’t know where they are.
2. Scenario Planning: Prepare for the worst
This is where tabletop exercises earn their keep. What would you do if executives traveling to São Paulo faced a medical emergency or political unrest? What steps would you take? Run through cyber security scenarios, too.
These exercises should align with board-level risk narratives and investor expectations. The conversations you have in the conference room prepare you for the calls you hope you’ll never have to make.
3. Preparedness: Build the Infrastructure
Establish emergency protocols and communication plans before you need them. Review insurance coverage for international travel and remote work. Set up a travel platform that helps you track where employees are, so you’re not scrambling during a crisis.
One often-overlooked resource: Encourage employees traveling abroad to register with the US State Department. If anything happens in that country while they’re there, the State Department will know they’re present and can provide assistance.
4. Partnerships: You can’t do this alone
Collaborate across HR, legal, risk, and external providers. Engage global assistance partners for medical, security, and logistical support. Many insurance carriers work with organizations like International SOS that provide vetted vendors and resources. Your insurance broker should help you connect the dots and identify the right partners.
Insurance Policies That Help Mitigate Duty of Care Risks
You can’t fulfill your duty of care obligations without insurance. Here are key policies that support risk mitigation:
- Business Travel Accident (BTA) Insurance
Covers employees traveling on company business, including emergency medical evacuation, accidental death, and repatriation. Some policies extend to blended personal/business travel if properly disclosed. - Foreign Voluntary Workers’ Compensation
Provides coverage for employees injured while working abroad, including medical expenses and lost wages. This coverage is essential for companies with international operations or remote workers overseas. - Kidnap & Ransom (K&R) Insurance
Relevant for high-risk travel regions, this covers ransom payments, crisis response, and legal fees. And it often includes access to specialized security consultants. - Cyber Liability Insurance
Protects against data breaches and cyber incidents. It’s especially critical when employees work remotely using unsecured networks. It may include coverage for regulatory fines and forensic investigation. - Emergency Assistance Services (often bundled with travel insurance)
Includes 24/7 access to medical, legal, and security support. It can be a lifeline during international emergencies. - Group Health Plans with Global Coverage
Ensures employees have access to mental health and medical care regardless of location. Some plans offer telehealth services and international provider networks. - General Liability and Umbrella Policies
Provide broader protection for incidents involving third parties, such as injuries at company-sponsored events or vendor-related exposures.
Work with your broker and insurers to tailor coverage to your workforce’s actual mobility patterns. And here’s the step many companies skip: communicate clearly with employees about what is covered and what isn’t. Post resources on your travel booking site if it’s centralized and include information in the employee handbook.
Make sure to review your coverage annually and align it with your travel policies and risk assessments.
Executive Buy-In: Why the C-Suite Should Care
When something goes wrong on the road, the financial, operational, and cultural ripple effects land squarely in the executive suite. That’s why every member of the C-suite has a specific stake in duty of care.
- CFOs need to understand the financial exposure tied to travel incidents and insurance gaps. One uncovered emergency can cost hundreds of thousands of dollars. And that’s before you factor in potential litigation.
- COOs must ensure operational resilience across geographies. If key team members are stranded or injured, can your operations continue?
- CEOs are accountable to investors and the public for how the company treats its people. A robust duty of care program is a talent differentiator, especially in industries where top talent expects global mobility and support.
The Promise We Need to Keep
Duty of care is a year-round commitment to protect your people wherever work takes them. Companies that embed this promise into their risk strategy not only reduce exposure—they build trust, resilience, and a reputation for doing right by their teams.
Ready to Strengthen Your Duty of Care?
Don’t wait for a crisis to expose the gaps. If you’re unsure where to begin, learn more about how Sequoia can help you manage business risk or connect with a Sequoia risk advisor.
Related stories:
- Cyber Liability Risk in the Age of AI: Smarter Tools, Higher Stakes
- Risk Management Is a Story Worth Telling
- Are You Really Covered? Why General Liability Isn’t Enough for Third-Party Risk
