Prioritising safety for leaders and boards – lessons from a tragedy

The targeted killing of Brian Thompson, the CEO of US insurer United Healthcare, in December sent shockwaves through the governance community worldwide. 

This tragic incident serves as a stark reminder of the vulnerabilities faced by senior leaders and the need for boards to prioritise the safety of executives, staff and themselves.

The IoD recognises that public leadership roles often come with increased risks. Boards in New Zealand must ensure that their organisations not only comply with health and safety requirements but also adopt proactive measures to address modern threats, including physical safety, privacy concerns and online safety.

Under the Health and Safety at Work Act 2015, directors have a duty to take all reasonable steps to ensure workplace safety. This duty extends beyond traditional workplace risks to include the personal safety of executives and staff, particularly those in high-profile or high-risk roles. Boards should consider how their health and safety policies reflect these evolving responsibilities.

In New Zealand, the public availability of directors’ home addresses through the Companies Office presents a significant safety concern. The IoD has been advocating for legislative reform to address this issue. Recent assurances from Ministers that this will be prioritised are welcome. During our advocacy the IoD community shared numerous examples of where real and significant safety issues had occurred for directors and their families from home addresses being publicly accessible. Protecting the personal information of directors is critical to reducing their exposure to threats.

The rise of digital threats, such as hacking, harassment, deepfakes and misinformation, adds a new layer of complexity to governance and to ensuring the online health and safety for directors and executives . Boards must ensure robust cybersecurity measures are in place to protect organisational data and provide directors with tools to safeguard their personal digital profiles.

Executives, particularly those in high-profile or controversial sectors, face unique risks. Boards should prioritise security assessments and implement tailored measures to protect their leaders. This might include personal security protocols, training on threat management and the use of professional security advisors.

Taking action 

To ensure the safety and security of their people, boards could:

• Conduct comprehensive risk assessments: Regularly evaluate both physical and digital threats facing executives and directors.
• Enhance privacy protections: Advocate for, and implement, measures to safeguard directors’ personal information, such as restricting access to home addresses.
• Provide safety training: Equip executives and board members with the knowledge and tools needed to handle threats, including incident response planning.
• Engage security professionals: Collaborate with experts to develop customised security strategies for high-risk individuals and situations.

The IoD is committed to advocating for the safety and privacy of directors. Our efforts to secure legislative changes to protect directors’ personal information remain a top priority. Additionally, we provide guidance and resources to help boards fulfil their health and safety responsibilities.

This tragedy reminds us that safety is not just an operational concern – it is a governance imperative. Boards have a critical role in fostering secure environments that allow leaders to focus on their organisational roles without fear for themselves or their families. 

Former Commissioner of Police Mike Bush MInstD, now global security consultant, will be hosting a free webinar for IoD members on 5 March to share his reflections and advice on the topic of CEO and director safety for boards.