Preventing Sexual Harassment in the Workplace: What UK Employers Should Consider Doing to Comply with the Worker Protection Act


8 minute read | October.04.2024

The Worker Protection Act (amendment of Equality Act 2010) – entering into force on 26 October 2024 – will impose a legal obligation on all employers to take reasonable steps to prevent sexual harassment in the workplace.

Failure to do so could lead to an uplift of up to 25% on any Employment Tribunal award for sexual harassment and the Equality and Human Rights Commission (EHRC) has powers to take enforcement action against employers for breach of the duty.

The law doesn’t define “reasonable steps,” but the EHRC has updated guidance which states that it will depend on the facts and circumstances of each case and vary by employer, with more apparently expected of larger employers.

The EHRC has also created an eight-step guide to preventing sexual harassment in the workplace.

To comply with the law employers should consider what reasonable steps are needed to prevent sexual harassment and then implement them, which will include updating policies, training staff and conducting risk assessments.

Consult the detailed checklist and read on to learn more about the law and the updated guidance.

What Employers Should Consider Doing – and When

Action Steps to consider Rationale Timing Responsibility
1. Update policies.
  • Define sexual harassment. Provide examples.
  • Maintain a policy for reporting harassment/ sexual harassment distinct from cross-referring to the grievance procedure.
  • Include information about work social events and conduct outside of work, including on social media, that may impact working relationships and employees’ suitability to carry out their role. Also, consider making clear that harassment online or via social media is unacceptable.
  • Encourage witnesses to address harassment.
  • Commit to review policies regularly. Delegate responsibility to a designated person or department.
  • Share the policy on joining and regularly thereafter. Ask employees to acknowledge having read the policy. Share updates with employees. Raise awareness in internal communications or meetings.
  • Make sure the anti-harassment policy is readily accessible to employees.
  • Consider whether any disciplinary policy lists breaching the anti-harassment policy as gross misconduct. Also consider whether any IT, Comms or Social Media policy refers to online harassment.
  • Consider updating privacy policies and notices to ensure the proportionate and safe processing of data relating to harassment. That may involve restricting who has access to the data. Ensure that any privacy notice includes the right to monitor employee communications, including on instant messaging platforms such as Slack and Teams, to investigate employee complaints.
  • EHRC guidance suggests that a good harassment policy:
    • Defines harassment, sexual harassment and victimisation.
    • Calls out that sexual harassment will not be tolerated.
    • Does not conflate different forms of harassment. A policy addressing bullying, for example, should not conflate that with harassment.
    • Provides clear examples to illustrate each definition of the forms of harassment.
    • States that the law requires employers to take reasonable steps to prevent sexual harassment.
    • Applies to employees outside of the working environment, including at social events and on social media, when relevant to an employee’s suitability to carry out their role.
    • Includes an effective procedure to receive and respond to complaints.
    • Includes a commitment to review the policy regularly.

EHRC guidance suggests that:

  • Employers should make workers aware of anti-harassment policies and updates. It also says employees should be able to readily access the policies, including on internal systems.
  • Employers process harassment data in accordance with the UK GDPR.
Now. Review annually or in the event of material developments in legislation or risk. Designated HR Officer/Team

Data protection officer
2. Provide training.
  • Consider training:
    • At the outset of employment for new joiners.
    • At regular intervals for all staff.
    • At the time of any promotion to a managerial role.
    • In person from time to time.
  • Tailor training for different levels of employees. Managers may need training on dealing with complaints and calling out harassment – as well a reminder of the effect of  their own behaviour as senior employees. Staff may need  an overview of the definition of sexual harassment and training on reporting it – and intervening if they witness such behaviour.
  • Keep a log of who attended training.
  • EHRC guidance suggests training:
    • Should be tailored to the nature of the employer, target audience (taking into account seniority and job titles) and the employer's policies and procedures.
    • Address all types of harassment (i.e. harassment on the grounds of any protected characteristic, sexual harassment and victimisation).
    • Explain the harassment reporting procedure, including for third parties.
  • After updating policies.
  • On induction or promotion – and regularly thereafter – consider annual refreshers.
HR/ Compliance/ External training provider
3.  Conduct risk assessments and create an action plan.
  • Conduct a risk assessment specific to the business. Keep a record identifying the risks of sexual harassment in the workplace and steps taken to mitigate those risks.
  • Risk areas may include:
    • Whether senior individuals work regularly with more junior individuals, particularly 1:1.
    • Whether a work culture includes overtime/late night working or working alone.
    • Client/customer facing functions.
    • Whether workers regularly travel for business.
    • The social and networking environment relevant to an employee's role, including whether alcohol is present at events.
    • Lack of diversity in the workforce.
    • Individuals on secondment.
    • Whether individuals are routinely around third party/non-employees e.g. clients/ customers, suppliers etc. – and in what context.
  • Consider risk assessments before key social events.
  • Keep copies of the risk assessment and the rationale for taking/not taking certain steps.
  • Produce an action plan to address and monitor identified risks.
  • EHRC guidance suggests that:
    • Employers should assess risks relating to harassment and victimisation.
    • Risk assessments employers traditionally use, such as those on health and safety, could serve as a model for a harassment assessment.
    • EHRC guidance says employers should craft an action plan based on the risk assessment and consider publishing it on the employer’s website.
In advance of the implementation date for the new duty. Update it annually and/or in the event of material developments, such as a large hire, merger or acquisition, relocation, changes to the law etc. HR/ Compliance
4. Take action to address key events.
  • Consider posters or signs in the workplace (and/or in public-facing areas) about the employer's zero tolerance approach to harassment and how to report it.
  • Email staff before key social events reminding them about appropriate conduct and the employer's policy on harassment.
  • Consider appointing a "responsible person(s)" for each event to oversee risk areas/watch for inappropriate conduct/stay until the conclusion of the event.
  • EHRC guidance recommends employers send staff their policy on harassment prior to key social events.
With effect from the implementation date of the new duty and before events. Management
5. Ensure effective reporting procedures and promote a "speak-up" culture.
  • Ensure a harassment procedure distinct from the grievance procedure.
  • Consider any crossover/cross-references in whistleblowing policies/reporting lines.
  • Create a separate channel/hotline or other ways employees can report issues relating to harassment (outside of the harassment reporting procedure).
  • In the event of potential criminal activity, discuss with the complainant the possibility of reporting it to police.
  • Respect the complainant's wishes when deciding on action to take but balance that with an employer's obligations (sometimes you will need to act or investigate even if the complainant does not want that).
  • Respect the complainant’s confidentiality. Ensure those involved investigating know of the confidential nature of the investigation and the need to prevent victimisation of the complainant.
  • Consider proactively seeking feedback on anything to report –  in employee surveys, exit interviews, reverse-mentoring and post-employment surveys, for example, to encourage a “speak-up” culture.
  • EHRC guidance states employees should have clear and accessible channels to voice harassment concerns. (The guidance also explores the possibility of multiple and less conventional channels).

EHRC guidance also suggests:

  • Best practices for preventing further harassment or victimisation.
  • Factors to avoid that may deter complaints.
  • Any policy should encourage witness to address harassment or victimisation.
With effect from the implementation date of the new duty and to be reviewed in line with policies/training. HR Compliance/ Office Management
6. Address complaints effectively.
  • Ensure a thorough investigation that takes into account all relevant evidence. Speak with witnesses.
  • Be as transparent as possible, telling a complainant how the employer plans to address the concern and prevent a recurrence.
  • Take steps to prevent further harassment or victimisation of the complainant following a complaint.
  • Appoint "champions” or "guardians" to support individuals affected by harassment. Support may include counselling, mediation or offers of redeployment (taking care to avoid allegations of detrimental treatment or victimisation).
  • Train the alleged harasser and staff after incidents to avoid additional similar complaints.

EHRC guidance outlines best practice for dealing formally and informally with complaints of harassment.

At the time of a complaint and in follow-up. HR/Legal
7. Monitor the workplace.
  • Even where no formal action is taken, keep a record  of reported incidents, the alleged perpetrator and any action taken.
  • Audit/monitor complaints and risk assessment areas regularly. Look for trends. Tailor training and policies to deal with issues.
  • Determine whether broader systemic issues  need addressing – and, if so, how to do that. (This may go beyond training and policy updates.)

EHRC guidance suggests:

  • Reviewing policies regularly  to ensure their effectiveness.
  • A designated lead take responsibility for implementing an action plan and complying with the Worker Protection Act’s preventative duty.
Annually and/or as warranted by material activity or developments. HR/ Legal/ Compliance
8. Consider third parties.
  • Review how your organization uses agency workers, contractors and other non-employees, how they interact with employees and what awareness and training they need.
  • Consider updating contracts with suppliers and vendors to make clear the employer's policy on harassment.
  • In public-facing roles, consider pre-recorded phone messages making clear that the organization will not tolerate harassment of staff.
  • Include anti-harassment provisions in terms of customer engagements.

EHRC guidance:

  • Makes clear that the duty to prevent sexual harassment includes behaviour by third parties.
  • Says employers should have procedures to report third-party harassment.
  • Instructs an agency to check with the employer to ensure arrangements to prevent harassment.
  • Envisions a clear division of responsibilities between an agency and client on responsibilities for handling harassment complaints.
  • States employers can be liable for an agency’s actions they have not briefed the agency on the harassment procedure.
On entering or renewing third party contracts. HR/ Recruitment

Want to know more? Contact one of the authors (Nicola Whiteley and Emma Zarb).