So many believe that if they are “in compliance” with industry rules and regulations, that they have “achieved security”. This, unfortunately, is FAR from fact! Compliance does not equate to real security. What does compliance mean? That you have done what you are required to do and, as a result, you will not be fined or sanctioned by governing bodies for not being in compliance. That’s it! Does compiance equal immunity from liability? Absolutely not. When it comes to liability, being in compliance is critical however, there are far too many things, when it comes to safety and security, that compliance and regulation do not address.
The question is really this:
Do you really want to keep your employees and/or clients safe and secure or do you just want to feel like you are keeping them safe and secure? Feeling like they are safe and secure is simple – just be in compliance. Really and truly keeping them safe and secure needs to go well beyond compliance and regulation. In reality, there is very, very little correlation between the two and, if something were to happen, and the victims attorney (because you will be sued) has the right people investigating, there is a high likelihood of being found negligent for not doing enough and, more importantly, not seeing the potential danger that resulted in victimization.
If you truly want to keep people safe and limit exposure to liability, you have to do more than what is required and, the more you do beyond “required” the safer and more secure people will be and the lower your exposure to liability.