What employers must know about the EU Health and Safety Framework in 2026

What is the EU Health and Safety Framework?

The foundation of occupational safety and health law in Europe is the EU Framework Directive 89/391/EEC, adopted in 1989. It applies to all sectors of activity, both public and private, with very limited exceptions (primarily the armed forces and police in certain specific activities).

The Directive establishes a clear principle: the employer bears responsibility for ensuring the safety and health of workers in every aspect related to work. That obligation cannot be transferred to workers, and employers cannot impose financial costs on workers to achieve it.

Under the Framework Directive, employers must:

  • Carry out risk assessments covering all workplace hazards — including psychosocial risks such as threats, violence and harassment
  • Implement preventive measures based on a defined hierarchy of prevention principles
  • Provide information and training to all workers, adapted to the specific risks they face
  • Designate competent personnel (internal or external) for protective and preventive activities
  • Ensure health surveillance appropriate to the risks workers encounter
  • Consult workers and their representatives on all matters relating to safety and health

The Directive has since been supplemented by 20 individual directives covering specific risks, from workplaces and work equipment to biological agents and carcinogens. Together, they form the most comprehensive occupational health and safety regulatory framework in the world.

Every EU Member State has transposed these requirements into national legislation. But the specifics differ: Sweden has the Arbetsmiljölag (Work Environment Act) and the Arbetsmiljöverket’s provisions (including AFS 2023:2 on systematic work environment management); Germany has the Arbeitsschutzgesetz; Denmark, Norway and Finland each have their own OHS acts shaped by strong tripartite traditions.

If you operate across multiple countries, you’re navigating multiple legal frameworks, all rooted in the same EU Directive, but each with its own nuances.

What’s driving the regulatory focus in 2026?

Three developments are converging to make workplace safety compliance more urgent, and more closely scrutinised, than it has been in years.

1. The EU Strategic Framework on Health and Safety at Work 2021–2027

The European Commission’s current strategic framework sets three priorities for EU-wide action: managing change in the new world of work (driven by digital, green and demographic transitions), improving prevention of workplace accidents and diseases with a “vision zero” approach to work-related deaths, and increasing preparedness for future health crises.

Crucially, the framework explicitly names mental health at work as a priority area. The Commission has committed to an EU-level initiative addressing psychosocial risks, and has called on all Member States to update their national OHS strategies in line with the framework.

2. The Healthy Workplaces Campaign 2026–2028: Mental health and psychosocial risks

EU-OSHA’s upcoming Healthy Workplaces Campaign (2026–2028) will focus specifically on mental health and psychosocial risks at work, including in sectors that have historically been overlooked, such as agriculture and healthcare. This follows the 2023–2025 campaign on digitalisation and the OSH Pulse 2025 survey, which found that over 40% of EU workers report severe time pressure and nearly 30% experience poor communication or cooperation at work.

For employers, the message is clear: psychosocial risks, including threats, violence and harassment, are moving from a peripheral concern to a central compliance and enforcement priority.

3. Stricter national enforcement and emerging legislation

Several Member States are tightening their approach. Sweden’s updated provisions on systematic work environment management (AFS 2023:2) make explicit that employers must identify, assess and address risks related to threats and violence — and that training is a core part of the preventive work. In other countries, new requirements around near-miss reporting and psychosocial risk assessment are either in place or under active development.

The direction is unmistakable: regulators expect more, not less, from employers when it comes to preventing workplace violence and managing psychosocial hazards.

What does this mean for your organisation, practically?

If you’re an HR director, training manager or safety officer, the regulatory landscape points to a few non-negotiable priorities:

Risk assessment must include psychosocial hazards

It’s not enough to assess physical risks alone. Threats, violence, harassment and other psychosocial hazards must be part of your formal risk assessment process. This is not new in the Directive itself — but enforcement attention is sharpening, and gaps here increasingly carry real consequences.

Training must be specific, documented and ongoing

The Framework Directive requires employers to provide training that is adapted to the specific risks workers face. A generic safety briefing once a year does not meet that standard. Workers in high-risk sectors — healthcare, social services, education, public administration — need training that equips them to recognise early warning signs, respond to threatening situations, and understand their organisation’s routines for reporting and follow-up.

Evidence supports this approach. A 2025 meta-analysis published in the International Nursing Review found that structured workplace violence prevention training significantly improves participants’ confidence in managing aggressive behaviour.

And Tesus Academy’s own evaluation data shows that after training, 95% of participants felt equipped to handle conflict situations at work, while 85% reported reduced stress around threatening or conflict-filled situations.

Documentation is your compliance evidence

Regulators don’t just want you to do the work, they want to see that you’ve done it. Risk assessments, training records, incident reports and follow-up actions all need to be documented systematically. If an inspection or audit occurs, your documentation is your first line of defence.

Cross-border operations require a coordinated strategy

If your organisation operates in multiple EU or EEA countries, you’re subject to each country’s national transposition of the Framework Directive. The core obligations are consistent, but the details, reporting requirements, training frequency, specific risk assessment methodologies, vary. A single, centrally designed training programme that meets a common European baseline, adapted where necessary for local regulatory requirements, is the most efficient approach.

The gap between obligation and action

Here’s what makes this challenging: the obligations are clear, but compliance in practice lags behind. The ILO/Gallup survey found that roughly half of all victims of workplace violence and harassment never report what happened to them. The most common reason? They believed it would be a waste of time.

That underreporting signals a deeper problem — one that regulation alone can’t solve. When staff don’t trust that reporting will lead to action, when they don’t have the language or confidence to describe what’s happening, or when they simply don’t know what their rights are, the system fails silently.

Training addresses this. Not theoretical training about policies that live in a binder, but practical, scenario-based training that helps people recognise risk, respond with confidence and understand why reporting matters. That’s the shift from reactive to proactive — and it’s what the regulatory framework was designed to achieve.

Where to start

If your organisation hasn’t reviewed its approach to workplace threats and violence recently, 2026 is the year to do it. The regulatory environment is tightening, the evidence base for effective training is growing, and the cost of inaction — in sick leave, turnover, legal liability and human suffering — is substantial.

Start with a clear-eyed risk assessment that includes psychosocial hazards. Build training into your systematic work environment management. Document everything. And choose training that’s adapted to your sector, grounded in evidence, and built to create real behavioural change — not just tick a box.

Ready to strengthen your compliance? Tesus offers E-learning on workplace threats and violence, built by leading experts in conflict management and safety.

Sources

  1. EU Framework Directive 89/391/EEC (1989) EUR-Lex: Council Directive 89/391/EEC https://osha.europa.eu/en/legislation/directives/the-osh-framework-directive/the-osh-framework-directive-introduction
  2. 23% of workers globally experienced violence/harassment; ~50% never report ILO / Lloyd's Register Foundation / Gallup, Experiences of Violence and Harassment at Work: A Global First Survey, 2022 https://www.ilo.org/publications/major-publications/experiences-violence-and-harassment-work-global-first-survey
  3. 12.5% of EU workers experienced adverse social behaviour at work in 2021 Eurofound, European Working Conditions Telephone Survey (EWCTS), 2021 https://www.eurofound.europa.eu/en/commentary-and-analysis/all-content/violence-workplace-women-and-frontline-workers-face-higher-risks
  4. Healthcare workers: 2–3x EU average for bullying, harassment and violence Eurofound EWCTS data analysis, 2023 https://www.socialeurope.eu/abuse-at-work-who-bears-the-brunt
  5. EU Strategic Framework on Health and Safety at Work 2021–2027 European Commission, COM(2021) 323, June 2021 https://osha.europa.eu/en/safety-and-health-legislation/eu-strategic-framework-health-and-safety-work-2021-2027
  6. Healthy Workplaces Campaign 2026–2028: mental health and psychosocial risks EU-OSHA https://osha.europa.eu/en/themes/psychosocial-risks-and-mental-health/research
  7. OSH Pulse 2025: 40%+ severe time pressure, ~30% poor communication EU-OSHA, World Mental Health Day release, 2025 https://osha.europa.eu/en/highlights/world-mental-health-day-29-eu-workers-suffer-stress-depression-or-anxiety
  8. Meta-analysis: training improves confidence in managing aggressive behaviour Chung et al., International Nursing Review, 2025
  9. Sweden AFS 2023:2 on systematic work environment management Arbetsmiljöverket (Swedish Work Environment Authority) https://www.av.se
  10. 20 individual directives under Framework Directive 89/391/EEC EUR-Lex / Wikipedia compilation https://en.wikipedia.org/wiki/Directive_89/391/EEC
  11. EU-OSHA overview of the Framework Directive EU-OSHA https://osha.europa.eu/en/legislation/directives/the-osh-framework-directive/the-osh-framework-directive-introduction
  12. Guidance on risk assessment at work under Directive 89/391/EEC EU-OSHA https://osha.europa.eu/en/legislation/guidelines/guidance-risk-assessment-work