Security guards routinely work alone, at night, in isolated locations, and in situations that carry a genuine risk of violence or injury. Under UK law, sending a guard to work in those conditions without a proper lone worker safety framework is not just operationally risky — it is a legal liability. Here is what UK security companies need to know about their duty of care to lone workers, what the legislation requires, and what a robust lone worker policy actually looks like in practice.
Who Counts as a Lone Worker?
For ACS compliance, this is important. The Health and Safety Executive (HSE) defines lone workers as “those who work by themselves without close or direct supervision.” In the security industry, that covers a significant proportion of your workforce:
- Static guards working single-officer posts
- Mobile patrol officers covering a route overnight
- Key-holding response guards attending premises alone
- Guards making site visits or conducting empty property checks
Even where multiple guards are assigned to a site, if they are separated by distance — patrolling different zones of a large site, for example — they may each be working in effective isolation. The key question is not headcount; it is whether a guard in difficulty could get help quickly.
What the Law Requires
There is no single piece of legislation called the “Lone Worker Act.” Instead, your duty of care to lone-working guards comes from several overlapping pieces of law:
The Health and Safety at Work etc. Act 1974
Section 2 of HSWA requires employers to ensure, so far as is reasonably practicable, the health, safety, and welfare of employees. That duty applies in full to guards working alone. “Reasonably practicable” means you must weigh the risk against the cost and effort of reducing it — but courts have consistently found that basic lone worker precautions are very low cost relative to the risk in the security sector.
The Management of Health and Safety at Work Regulations 1999
These regulations require employers to conduct a written risk assessment for all work activities. For lone working in security, that means formally assessing the specific risks at each site and post, including the risk of violence, the risk of accident (slips, falls, manual handling), and the risk that an incapacitated guard will not be found in time.
The Corporate Manslaughter and Corporate Homicide Act 2007
If a guard dies as a result of a serious failure in the way your organisation managed health and safety, your company can face prosecution for corporate manslaughter. There is no minimum company size threshold. A small security firm with inadequate lone worker procedures is as exposed as a large one.
The Working Alone in Safety guidance (HSE)
HSE’s specific guidance on lone workers sets out the practical steps expected of employers, including risk assessment, supervision arrangements, and emergency procedures. While guidance is not law, courts and regulators treat it as the baseline for what “reasonable” looks like.
The Risk Assessment: What It Must Cover
A lone worker risk assessment for a security post is not a generic form. It needs to address the specific conditions of that post:
Violence and aggression risk
Security work carries one of the highest rates of work-related violence of any sector. Your risk assessment must address: What is the nature of the site? Is it licensed premises, retail, residential, industrial? What is the historical profile of incidents at that site or in that area? Is the guard likely to encounter hostile members of the public, trespassers, or intruders? Does the post require lone confrontation with individuals who may be intoxicated or aggressive?
Physical environment risks
Patrol routes should be assessed for physical hazards — uneven ground, unsecured structures, extreme weather exposure, and areas without mobile signal. Guards who have an accident during a lone patrol need a reliable way to raise the alarm even if injured and unable to move.
Health and fatigue risk
Long night shifts, particularly 10–12 hour static posts, carry a genuine risk of medical emergency — from cardiovascular events to diabetic episodes. Does your risk assessment account for guards with known health conditions on lone posts?
Communication failure risk
What happens if a guard’s phone runs out of battery, loses signal, or is damaged? Your risk assessment should identify communication dead zones and require backup procedures where primary communication cannot be guaranteed.
Supervision and Check-In: The Core Requirement
The HSE makes clear that lone workers must have a means of raising an alarm and must be subject to some form of supervisory contact. This does not mean a supervisor physically present at the site — it means a system that will detect when a guard is in difficulty and trigger a response.
In practice, this means one or more of the following:
Regular check-in calls or messages
The guard checks in by phone or app at defined intervals — typically every 30, 60, or 90 minutes depending on the risk profile of the post. If the check-in is missed, the control room follows an escalation procedure: try to contact the guard, contact the client, dispatch backup, contact emergency services.
Automated welfare check systems
More sophisticated lone worker platforms automatically prompt the guard to confirm they are safe at set intervals. If the guard does not respond within a defined window, the system automatically raises an alert without requiring a controller to notice a missed call.
GPS location tracking
GPS tracking of guards on lone posts provides two layers of protection: it confirms that patrol routes are being completed (identifying guards who have stopped moving, which may indicate an incident), and it gives emergency services an accurate location if a guard needs assistance.
Panic alerts
For higher-risk posts — key-holding response, licensed premises, or sites with a history of violence — guards should have access to a panic function that immediately triggers an alert to the control room. This may be a physical device or an in-app button.
Documenting Your Lone Worker Policy
Having a lone worker policy is only part of the requirement. You must also be able to demonstrate that:
- Guards have read, understood, and signed the policy
- Risk assessments have been completed for every lone-working post and reviewed when conditions change
- Guards have been trained in the check-in procedure and emergency escalation process
- Check-in records are retained so that compliance can be audited
- Incidents, near-misses, and failed check-ins are recorded and investigated
If a guard is injured or worse, and your company is investigated by the HSE or faces a civil claim, the first question will be: “Where is your documented lone worker risk assessment for that post?” If the answer is that it doesn’t exist or can’t be found, the consequences are severe.
ACS Compliance and Lone Worker Safety
For companies pursuing or maintaining Approved Contractor Status (ACS), lone worker safety is not optional. The SIA’s ACS standard requires evidence of documented welfare and safety procedures, and assessors will look for working risk assessments, check-in procedures, and records of compliance. Companies that cannot demonstrate a robust lone worker framework are at risk of non-conformities that delay or prevent accreditation.
How TacDesk Supports Lone Worker Compliance
TacDesk’s real-time guard tracking is built with lone worker safety as a core use case, not an afterthought. Every guard on shift has their GPS location recorded throughout their working hours. Control room staff can see at a glance which guards are on post, where they are, when they last confirmed they were safe, and whether any scheduled patrol points have been missed.
Automated welfare check alerts trigger when guards do not respond within the configured window. All check-in events and any missed checks are logged with timestamps and retained for audit purposes — exactly what HSE and ACS assessors expect to see. When a guard misses a check-in, TacDesk’s escalation workflow guides the control room through the right steps, reducing the risk of a delayed response.
For security companies managing lone workers across multiple sites, TacDesk replaces manual check-in spreadsheets and phone logs with a system that actively monitors welfare rather than relying on someone remembering to call.
Key Takeaways
- UK law requires security companies to conduct written lone worker risk assessments for every post
- Guards must have a reliable means of raising an alarm, and supervisory contact must be maintained at appropriate intervals
- GPS tracking, automated welfare checks, and panic alerts are increasingly the standard — not a premium add-on
- Check-in records must be retained and available for HSE inspection and ACS audit
- Failure to have adequate lone worker procedures in place can result in criminal prosecution, civil liability, and ACS non-conformities
This article is for general information only. For guidance specific to your company’s circumstances, consult the HSE guidance on lone working and, where appropriate, an occupational health and safety specialist.