Employer duty of care and mental health: the picture in India

Most Indian employers already accept that they owe their people a safe workplace. Guards on machinery, fire exits, clean drinking water, working hours that do not break a person: these obligations feel settled. The question that is shifting under everyone's feet is whether that same duty extends to the mind. The short answer, increasingly, is yes. The employer duty of care for mental health in India is no longer a soft idea borrowed from wellness brochures. It now sits at the intersection of statute, workplace safety law, data protection, and ordinary governance expectations that boards and investors have started to ask about directly.

This piece walks through where that duty actually comes from, what the law does and does not say, and why proactive support has quietly moved from a perk to something closer to a baseline. None of this is legal advice. It is a careful, general map for HR leaders, founders, and finance heads who want to understand the terrain before they are forced to.

Duty of care is an old common-law idea: if your decisions can foreseeably harm someone who depends on you, you are expected to take reasonable steps to prevent that harm. Indian courts and labour jurisprudence have long applied a version of this to employers through the employment relationship and through occupational health and safety obligations. Historically the harm in view was physical: injury, exposure, accident. The shift worth noting is that psychological harm is increasingly treated as foreseeable too, especially where the work itself creates it.

Think about the realities of the Indian workforce. Long shifts in IT and ITES, night rotations in healthcare and aviation, target pressure in sales and collections, gig and field roles with no fixed desk, and a manufacturing floor culture where stress is rarely spoken about. In each of these, the question a court, a regulator, or a board might one day ask is simple. Was the psychological risk reasonably foreseeable, and did the organisation take reasonable steps? Reasonable does not mean perfect. It means not ignoring a known problem.

The Mental Healthcare Act 2017 did something quietly significant: it reframed mental health as a right rather than a charity. It guarantees access to mental healthcare, prohibits discrimination on the basis of mental illness, and treats a person living with a mental health condition as a citizen with protected entitlements, not a liability to be managed out. The Act is primarily about the healthcare system and the rights of persons with mental illness, so it is important not to overstate it. It does not, by itself, impose a detailed compliance checklist on every employer.

But the reframing matters for workplaces in two concrete ways. First, discrimination. If an organisation treats an employee adversely because of a disclosed mental health condition, it is operating against the grain of a rights-based statute, and that exposure can compound with disability protections under the Rights of Persons with Disabilities Act 2016, which recognises mental illness among the disabilities it covers. Second, the cultural signal. Once the law calls something a right, the bar for what counts as reasonable employer behaviour tends to rise with it. An employer that punishes disclosure, or makes seeking help career-limiting, is increasingly out of step with both the statute and the direction of travel.

The Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act 2013, almost always called POSH, is the clearest existing example in Indian law of an employer being required to protect psychological wellbeing, not just physical safety. POSH obliges covered employers to constitute an Internal Committee, run awareness and training, provide a confidential complaint mechanism, and act within defined timelines. Harassment under POSH is understood to include conduct that creates a hostile or intimidating environment, which is a psychological harm by definition.

POSH is narrow in scope, it addresses sexual harassment specifically, but it is instructive because it sets the template. It shows that Indian law is comfortable requiring employers to build internal machinery, keep records, protect confidentiality, and respond to a category of psychological harm. Organisations that have already built a functioning POSH process have, in effect, shown they can run a confidential, accountable wellbeing mechanism. Extending that competence to mental health more broadly is less of a leap than it looks.

Mental health information is among the most sensitive data an organisation can touch, and India's Digital Personal Data Protection Act 2023 (DPDP) brings obligations around how personal data is collected, used, stored, and protected. The moment an employer starts gathering anything about an employee's psychological state, whether through a survey, a screening tool, an Employee Assistance Programme, or a counselling vendor, it has taken on a data-protection responsibility alongside the duty of care.

This is where good intentions can create new risk. Running a wellbeing survey and then letting managers see who answered what, or wiring a counselling programme so that usage is visible to HR by name, can convert a supportive initiative into a privacy problem and a trust problem at once. The defensible pattern is consistent: collect only what you need, keep individual responses anonymised or strictly access-controlled, report only at the aggregate level, and put a clear retention and consent posture in writing. Validated screens such as the PHQ-9 for depression and the GAD-7 for anxiety can be genuinely useful at the population level, but only when no individual's score is exposed to anyone who manages their pay or their promotion.

Even setting aside the legal frame, the economics and the governance pressure point the same way. WHO and ILO estimates put the cost of depression and anxiety to the global economy at roughly US$1 trillion a year in lost productivity, tied to an estimated 12 billion working days lost. A WHO-led return-on-investment study published in The Lancet Psychiatry suggested a return in the region of US$4 for every US$1 invested in scaling up treatment across a set of countries, which is best read as an illustrative figure from a specific model rather than a guaranteed line item. Deloitte's recurring work on the employer cost of poor mental health, focused largely on the UK, has consistently found that the cost of presenteeism, absence, and attrition can outweigh the cost of acting. Replacement costs alone, by SHRM and Gallup estimates, are commonly put at roughly half to two times a departing person's salary once you count hiring, onboarding, and lost momentum.

The clinical vocabulary has matured alongside the economics. The WHO's ICD-11 describes burnout as an occupational phenomenon with three features: feelings of exhaustion or energy depletion, increased mental distance or cynicism about one's job, and reduced professional efficacy. That framing locates the cause in the workplace, not in the individual's character, which is part of why it lands as an employer responsibility. And research on what makes teams function points in a complementary direction: Amy Edmondson's work on psychological safety, echoed by Google's Project Aristotle study of its own teams, identified whether people felt safe to speak up, admit error, and ask for help as the strongest of the factors associated with team effectiveness.

Pulling the threads together: the employer duty of care for mental health in India is assembled from several sources rather than one neat statute. The Mental Healthcare Act 2017 makes mental health a right and discrimination an exposure. POSH shows the law will require confidential internal machinery for a category of psychological harm. The Rights of Persons with Disabilities Act 2016 extends protection to mental illness. The DPDP Act 2023 governs how you handle the sensitive data that any wellbeing effort generates. Around all of it sits the older, broader expectation that an employer takes reasonable steps against foreseeable harm. None of these alone is a mandate to run a full mental health programme. Together they make ignoring the issue look less and less defensible.

The practical move is not to wait for a single law that spells out every requirement, because that is not how this area is developing. It is to build a posture you could explain calmly to a regulator, a board, or an employee's family: we knew the risks our work creates, we offered a confidential route to help, we protected people's data and their standing when they used it, and we measured at the level of the group rather than the individual. Platforms like AhaTherapy exist to make that posture operational, but the obligation sits with the organisation regardless of who it partners with.

The shift underway is modest in description and large in consequence. Mental health at work is moving from something an employer might offer to something a responsible employer is expected to address, with statute, data law, and governance norms all nudging in the same direction. The organisations that will look prudent in five years are not the ones with the glossiest wellbeing campaign. They are the ones that took reasonable, confidential, well-documented steps before anyone made them, treated their people's minds with the same seriousness they already give to physical safety, and can show their work.