The operating system for
psychosocial safety
ReFresh gives safety and people leaders their time back. One system to see the risk, act on it and prove it, so compliance becomes the byproduct of doing the right thing.
The operating system for
psychosocial safety
ReFresh gives safety and people leaders their time back. One system to see the risk, act on it and prove it, so compliance becomes the byproduct of doing the right thing.
The operating system for
psychosocial safety
ReFresh gives safety and people leaders their time back. One system to see the risk, act on it and prove it, so compliance becomes the byproduct of doing the right thing.
Built with organisational psychologists and WHS compliance specialists. Trusted by Aussie companies.
ONE PLATFORM, EVERY MODULE
Every capability, as a module
Browse the whole platform. Start with the modules you need now and add the rest as you grow, all sharing one data model, one permission system and one audit trail.
WHY TEAMS CHOOSE REFRESH
Built for HR and safety leaders
See risk across every site
Roll risk and incidents up across teams, sites and states in one live view.
Quick to implement
Set up in days, not months, with onboarding that does the heavy lifting for you.
Best practice built in
200+ templates, guided controls and AI drafting, aligned to the regulations.
Support when you need it
You may not need much help, but when you do, our team is on hand.
Get your time back
Pre-built frameworks mean you start from a working system, not a blank page.
Secure by design
SOC 2, GDPR, USDP and Australian Privacy Act compliant.
SECURITY & COMPLIANCE
Your data.
Always protected.
ReFresh is GDPR, SOC2, & USDP compliant
SECURITY & COMPLIANCE
Your data.
Always protected.
ReFresh is GDPR, SOC2, & USDP compliant
Your data. Always protected.
ReFresh is SOC 2, GDPR, and Australian Privacy Act compliant, with privacy and security built into every layer of the platform.
Secure by design
Features end-to-end encryption and independent security audits. ReFresh maintains enterprise-grade protection for all organisational data.
Private and permission-based
Role-based access ensures sensitive information is only visible to the right people.
Your data. Always protected.
ReFresh is SOC 2, GDPR, and Australian Privacy Act compliant, with privacy and security built into every layer of the platform.
Secure by design
Features end-to-end encryption and independent security audits. ReFresh maintains enterprise-grade protection for all organisational data.
Private and permission-based
Role-based access ensures sensitive information is only visible to the right people.
IN THEIR WORDS
Teams that made the switch
Teams that made the switch
GOT QUESTIONS?
Frequently asked questions
Frequently asked
questions
What is psychosocial risk?
Psychosocial risk refers to workplace conditions that could cause psychological harm to workers. Australian WHS regulators have identified 17 specific hazard categories, including:
Job demands and workload
Low role clarity
Poor support from supervisors or colleagues
Workplace bullying, harassment, and conflict
Organisational change
Remote or isolated work
Traumatic events and exposure to violence
These hazards are now regulated under WHS legislation across Australia, which means organisations have a legal duty to identify, assess, and control them, just as they do for physical safety hazards.
Which regulatory bodies apply to my organisation?
It depends on where you operate. ReFresh covers psychosocial compliance across five countries:
Australia
SafeWork Australia sets the national Code of Practice. State regulators (SafeWork NSW, WorkSafe Victoria, etc.) handle enforcement. ComCare adds a layer for Commonwealth employers, and Fair Work covers related employment obligations.
United Kingdom
The Health and Safety Executive (HSE) expects employers to assess and manage psychosocial risks using its Management Standards framework, backed by the Health and Safety at Work Act 1974 and the Management of Health and Safety at Work Regulations 1999.
Canada
CAN/CSA-Z1003 is the national standard for psychological health and safety. The Canada Occupational Health and Safety Regulations require hazard prevention programmes that include psychosocial risks, with enforcement handled at the provincial level.
Singapore
The Workplace Safety and Health Act 2006 covers psychosocial hazards, enforced by the Ministry of Manpower (MOM).
New Zealand
The Health and Safety at Work Act 2015 defines health as including mental health. WorkSafe New Zealand enforces compliance and has published Good Practice Guidelines for managing psychosocial risks.
ISO 45003 provides internationally recognised guidelines across all jurisdictions. ReFresh tracks every applicable framework in one platform, so you can see exactly which obligations apply wherever you operate.
Are audits actually happening? Which organisations are being targeted?
Yes, audits are happening now:
SafeWork NSW has committed $127.7 million over four years and is recruiting 51 new inspectors, including 20 dedicated psychosocial inspectors and 5 psychosocial investigators.
Random and reactive: regulators are conducting both random audits and investigations triggered by worker complaints.
No single industry: audits are occurring across sectors including professional services, education, healthcare, and ASX-listed organisations.
The regulatory posture has shifted from guidance to enforcement, which is why having a continuously maintained evidence base matters more than ever.
What are the actual fines and consequences for non-compliance?
Penalties vary by jurisdiction, but they are substantial:
Fines for WHS breaches can reach $500,000 or more for organisations, and officers can face personal liability including criminal charges in serious cases.
Average fine: the average SafeWork penalty for a psychosocial breach sits around $380,000.
Claim costs: a single psychological injury claim averages approximately $288,000, roughly four times the cost of a physical injury claim.
Enforcement is scaling: SafeWork NSW alone has increased its psychosocial audit budget by $121 million and added 51 new auditors specifically for psychosocial compliance.
Does having the right systems actually protect us, or are executives still liable regardless?
Regulators assess whether you had reasonable systems in place and followed them. This is a process-based assessment, not an outcomes-based one. SafeWork and equivalent bodies want to see that you:
Identified hazards
Assessed risks
Implemented controls
Consulted workers
Reviewed your approach on an ongoing basis
If you can demonstrate that you did those things systematically and documented them, that constitutes a defensible position. No system eliminates all risk, but having structured, evidenced processes is exactly what regulators expect when they inspect.
Does this apply to our contractors and offshore teams, or just Australian employees?
Under SafeWork and state WHS regulators, the obligation covers workers, which is broadly defined and includes:
Employees
Contractors and subcontractors
Labour hire workers
Outworkers, apprentices, trainees, and work experience students
Volunteers
Offshore teams are generally not covered under Australian psychosocial safety legislation. However, the Fair Work Act may extend to offshore workers where there is a sufficient connection to Australia. A 2025 Fair Work Commission decision found a Philippines-based worker engaged by an Australian employer was covered by unfair dismissal protections, and this is an evolving area of law. Many organisations, particularly those that are ASX-listed, choose to roll out compliance across their entire workforce globally. It comes down to your risk appetite. ReFresh supports both Australian-only and global rollouts.
How is ReFresh different from hiring a consultant?
Consultants provide valuable point-in-time advice, but they cannot provide continuous compliance evidence. The key differences:
Consultants typically deliver a risk assessment report, a set of recommendations, and then leave. The organisation is responsible for implementing, tracking, and evidencing everything afterwards.
ReFresh provides an ongoing system that maintains your compliance posture continuously, with automated legislation tracking, control monitoring, and board reporting.
Evidence gap: regulators do not just want to see that you identified risks once; they want to see that you are managing them on an ongoing basis. A consultant engagement from 18 months ago does not demonstrate current compliance.
Many organisations use both: a consultant for specialist advice and ReFresh as the system that operationalises and evidences the ongoing work.
How is ReFresh different from an engagement survey tool?
Engagement surveys and psychosocial compliance surveys serve different purposes:
Engagement surveys (Culture Amp, Officevibe, Peakon) measure how people feel about their work, their manager, and the organisation. They are useful for culture and retention but are not designed to meet WHS regulatory requirements.
ReFresh surveys are structured around the 17 psychosocial hazard categories and generate the specific data regulators expect to see as part of a hazard identification process.
Beyond surveys: ReFresh also covers risk assessment, control tracking, incident management, consultation, legislation updates, and board reporting. An engagement survey tool covers one step of a multi-step regulatory obligation.
ReFresh can sit alongside your engagement survey tool. They serve different jobs.
Do we need ReFresh if we already have an EAP?
Yes. An EAP and ReFresh serve fundamentally different functions:
EAPs provide reactive, individual-level support when an employee is experiencing personal or workplace difficulties.
ReFresh addresses the organisational compliance obligation: identifying hazards, assessing risks, implementing controls, and producing governance-ready evidence.
Having an EAP does not demonstrate that you have identified and managed psychosocial hazards in the workplace. Regulators assess whether you have a systematic approach to hazard identification and control, which is what ReFresh provides. Think of it this way: your EAP supports individuals after harm occurs; ReFresh helps you prevent the conditions that cause harm in the first place.
How fast can we get set up?
Most organisations move through setup quickly:
Week 1: configure your organisational structure, activate compliance frameworks, and import existing documentation.
Weeks 2–4: full compliance mapping including risk scenarios, first survey, and control setup.
Ongoing: continuous monitoring, automated legislation updates, and board reporting from day one.
We also offer a hands-on onboarding service where the ReFresh team comes in (online or in person) and sets everything up with you, including HRIS integrations.
GOT QUESTIONS?
Frequently asked questions
What is psychosocial risk?
Psychosocial risk refers to workplace conditions that could cause psychological harm to workers. Australian WHS regulators have identified 17 specific hazard categories, including:
Job demands and workload
Low role clarity
Poor support from supervisors or colleagues
Workplace bullying, harassment, and conflict
Organisational change
Remote or isolated work
Traumatic events and exposure to violence
These hazards are now regulated under WHS legislation across Australia, which means organisations have a legal duty to identify, assess, and control them, just as they do for physical safety hazards.
Which regulatory bodies apply to my organisation?
It depends on where you operate. ReFresh covers psychosocial compliance across five countries:
Australia
SafeWork Australia sets the national Code of Practice. State regulators (SafeWork NSW, WorkSafe Victoria, etc.) handle enforcement. ComCare adds a layer for Commonwealth employers, and Fair Work covers related employment obligations.
United Kingdom
The Health and Safety Executive (HSE) expects employers to assess and manage psychosocial risks using its Management Standards framework, backed by the Health and Safety at Work Act 1974 and the Management of Health and Safety at Work Regulations 1999.
Canada
CAN/CSA-Z1003 is the national standard for psychological health and safety. The Canada Occupational Health and Safety Regulations require hazard prevention programmes that include psychosocial risks, with enforcement handled at the provincial level.
Singapore
The Workplace Safety and Health Act 2006 covers psychosocial hazards, enforced by the Ministry of Manpower (MOM).
New Zealand
The Health and Safety at Work Act 2015 defines health as including mental health. WorkSafe New Zealand enforces compliance and has published Good Practice Guidelines for managing psychosocial risks.
ISO 45003 provides internationally recognised guidelines across all jurisdictions. ReFresh tracks every applicable framework in one platform, so you can see exactly which obligations apply wherever you operate.
Are audits actually happening? Which organisations are being targeted?
Yes, audits are happening now:
SafeWork NSW has committed $127.7 million over four years and is recruiting 51 new inspectors, including 20 dedicated psychosocial inspectors and 5 psychosocial investigators.
Random and reactive: regulators are conducting both random audits and investigations triggered by worker complaints.
No single industry: audits are occurring across sectors including professional services, education, healthcare, and ASX-listed organisations.
The regulatory posture has shifted from guidance to enforcement, which is why having a continuously maintained evidence base matters more than ever.
What are the actual fines and consequences for non-compliance?
Penalties vary by jurisdiction, but they are substantial:
Fines for WHS breaches can reach $500,000 or more for organisations, and officers can face personal liability including criminal charges in serious cases.
Average fine: the average SafeWork penalty for a psychosocial breach sits around $380,000.
Claim costs: a single psychological injury claim averages approximately $288,000, roughly four times the cost of a physical injury claim.
Enforcement is scaling: SafeWork NSW alone has increased its psychosocial audit budget by $121 million and added 51 new auditors specifically for psychosocial compliance.
Does having the right systems actually protect us, or are executives still liable regardless?
Regulators assess whether you had reasonable systems in place and followed them. This is a process-based assessment, not an outcomes-based one. SafeWork and equivalent bodies want to see that you:
Identified hazards
Assessed risks
Implemented controls
Consulted workers
Reviewed your approach on an ongoing basis
If you can demonstrate that you did those things systematically and documented them, that constitutes a defensible position. No system eliminates all risk, but having structured, evidenced processes is exactly what regulators expect when they inspect.
Does this apply to our contractors and offshore teams, or just Australian employees?
Under SafeWork and state WHS regulators, the obligation covers workers, which is broadly defined and includes:
Employees
Contractors and subcontractors
Labour hire workers
Outworkers, apprentices, trainees, and work experience students
Volunteers
Offshore teams are generally not covered under Australian psychosocial safety legislation. However, the Fair Work Act may extend to offshore workers where there is a sufficient connection to Australia. A 2025 Fair Work Commission decision found a Philippines-based worker engaged by an Australian employer was covered by unfair dismissal protections, and this is an evolving area of law. Many organisations, particularly those that are ASX-listed, choose to roll out compliance across their entire workforce globally. It comes down to your risk appetite. ReFresh supports both Australian-only and global rollouts.
How is ReFresh different from hiring a consultant?
Consultants provide valuable point-in-time advice, but they cannot provide continuous compliance evidence. The key differences:
Consultants typically deliver a risk assessment report, a set of recommendations, and then leave. The organisation is responsible for implementing, tracking, and evidencing everything afterwards.
ReFresh provides an ongoing system that maintains your compliance posture continuously, with automated legislation tracking, control monitoring, and board reporting.
Evidence gap: regulators do not just want to see that you identified risks once; they want to see that you are managing them on an ongoing basis. A consultant engagement from 18 months ago does not demonstrate current compliance.
Many organisations use both: a consultant for specialist advice and ReFresh as the system that operationalises and evidences the ongoing work.
How is ReFresh different from an engagement survey tool?
Engagement surveys and psychosocial compliance surveys serve different purposes:
Engagement surveys (Culture Amp, Officevibe, Peakon) measure how people feel about their work, their manager, and the organisation. They are useful for culture and retention but are not designed to meet WHS regulatory requirements.
ReFresh surveys are structured around the 17 psychosocial hazard categories and generate the specific data regulators expect to see as part of a hazard identification process.
Beyond surveys: ReFresh also covers risk assessment, control tracking, incident management, consultation, legislation updates, and board reporting. An engagement survey tool covers one step of a multi-step regulatory obligation.
ReFresh can sit alongside your engagement survey tool. They serve different jobs.
Do we need ReFresh if we already have an EAP?
Yes. An EAP and ReFresh serve fundamentally different functions:
EAPs provide reactive, individual-level support when an employee is experiencing personal or workplace difficulties.
ReFresh addresses the organisational compliance obligation: identifying hazards, assessing risks, implementing controls, and producing governance-ready evidence.
Having an EAP does not demonstrate that you have identified and managed psychosocial hazards in the workplace. Regulators assess whether you have a systematic approach to hazard identification and control, which is what ReFresh provides. Think of it this way: your EAP supports individuals after harm occurs; ReFresh helps you prevent the conditions that cause harm in the first place.
How fast can we get set up?
Most organisations move through setup quickly:
Week 1: configure your organisational structure, activate compliance frameworks, and import existing documentation.
Weeks 2–4: full compliance mapping including risk scenarios, first survey, and control setup.
Ongoing: continuous monitoring, automated legislation updates, and board reporting from day one.
We also offer a hands-on onboarding service where the ReFresh team comes in (online or in person) and sets everything up with you, including HRIS integrations.
Helping businesses build safer workplaces
Manage psychosocial risk end to end, from detection and assessment through to controls, oversight, and governance.
Helping businesses build safer workplaces
Manage psychosocial risk end to end, from detection and assessment through to controls, oversight, and governance.
Helping businesses build safer workplaces
Manage psychosocial risk end to end, from detection and assessment through to controls, oversight, and governance.