Psychosocial Risks in Spain: A Practical HR Guide to Law 31/1995

Why psychosocial risk is a legal issue in Spain

In Spain, mental health at work is not just "nice to have" — it is a legal obligation. The Ley 31/1995 de Prevención de Riesgos Laborales (Law on the Prevention of Occupational Risks, published in the BOE on 10 November 1995) requires employers to identify, assess and prevent all risks to workers' health, including psychosocial risks: workload, lack of autonomy, role conflict, harassment, and any organisational factors that can damage mental health.

In practice, this means HR and occupational health services cannot treat burnout, chronic stress or toxic working conditions as private matters. They are part of the company's legal duty of care.

What the law actually says

Three articles of Law 31/1995 are particularly relevant for HR teams:

• -Article 14 — establishes workers' right to effective protection of their health and safety, and the employer's corresponding duty.
• -Article 15 — defines the general principles of prevention, including "adapting work to the person" and combating risks at source.
• -Article 16 — requires a written evaluación de riesgos (risk assessment) and a plan de prevención that must be kept up to date.

The Instituto Nacional de Seguridad y Salud en el Trabajo (INSST) has published multiple Notas Técnicas de Prevención (NTP) on psychosocial risk assessment — notably NTP 443, 603 and 926 — which are widely used as reference standards by labour inspectors.

What this means in day-to-day HR

A compliant psychosocial risk programme generally involves four elements:

1. A formal risk assessment

You need a documented assessment of psychosocial risks, not just a generic engagement survey. INSST recommends validated instruments such as:

• -FPSICO (published by INSST itself)
• -CoPsoQ-istas21 (the Spanish adaptation of the Copenhagen Psychosocial Questionnaire)

These tools measure dimensions like workload, control, social support, role clarity and emotional demands — the same factors identified by decades of occupational psychology research (Karasek, Siegrist, Maslach).

2. A preventive action plan

Identified risks must lead to concrete preventive measures: workload redesign, manager training, clearer role definitions, anti-harassment protocols, and so on. A dashboard without action is not compliance.

3. Worker participation

Workers — or their legal representatives — must be consulted on the assessment methodology and the preventive measures. This is not optional.

4. Regular review

Risk assessments must be updated whenever working conditions change significantly, or at a frequency agreed with the prevention service. "Once and forget" does not meet the law.

Common HR mistakes

Based on public inspection reports and INSST guidance, the most common failures are:

• -Treating engagement surveys as psychosocial assessments (they are not).
• -Assessing risks but never implementing the preventive actions.
• -Not involving workers' representatives.
• -Ignoring remote and hybrid workers in the assessment scope.
• -Failing to re-evaluate after reorganisations, layoffs, or major workload changes.

Any of these can trigger sanctions from the Inspección de Trabajo y Seguridad Social, ranging from warnings to substantial fines under the LISOS (Ley de Infracciones y Sanciones en el Orden Social).

A practical checklist for HR teams

1. -Confirm who is legally responsible for psychosocial risk in your company (usually the Servicio de Prevención, either internal or contracted).
2. -Review the last psychosocial risk assessment. How old is it? Did it use a validated instrument?
3. -Check whether the preventive measures from that assessment were actually implemented.
4. -Make sure remote and hybrid workers are included in the scope.
5. -Document worker consultation properly.
6. -Establish a regular review cadence — annually is a sensible default.

Where technology helps (and where it doesn't)

Digital check-in platforms and analytics can make continuous monitoring feasible, reducing the gap between formal assessments. They can surface early warning signs, identify high-risk teams, and help managers act before problems become crises.

But technology does not replace the legal assessment itself. A proper FPSICO or CoPsoQ study, worker consultation, and a preventive plan remain the backbone of compliance. Think of continuous digital check-ins as complementary early-warning infrastructure, not as a substitute for the formal instruments the law expects.

---

Harmony is building a privacy-first platform that supports continuous psychosocial monitoring alongside the formal assessments Spanish law requires. Join our waiting list to learn more.

Disclaimer: This article is informational and does not constitute legal advice. For specific obligations, consult your Servicio de Prevención de Riesgos Laborales or a specialised labour lawyer.