Martyn’s Law: UK Security Compliance and How DeskAlerts Can Help

Martyn’s Law will change how UK venues prepare for terrorist threats as it requires businesses to take proactive security measures to protect the public.

Public spaces can no longer be passive. They must actively assess risks, implement strong security measures, and prepare to respond to threats. This marks a new era of accountability in public safety.

Read on to learn more about how Martyn’s Law affects businesses, what you can do today to make sure your organization aligns with it, and how internal communication and notification tools can help.

Table of contents

1. What is Martyn’s Law, And Why Is It Important?

2. Key Requirements for Businesses Under Martyn’s Law

3. Security Compliance Challenges for Organizations

4. Best Practices for Improving Security Preparedness

5. How DeskAlerts Supports Security Compliance

6. Summing Up

What is Martyn’s Law and Why is it Important?

The Terrorism (Protection of Premises) Act 2025, known as Martyn's Law, will change security standards across the UK. This law arose from the 2017 Manchester Arena attack and requires businesses and venues to prepare for and reduce terrorist threats.

The law honors Martyn Hett, one of the 22 victims of the bombing. His mother, Figen Murray, advocated for legal obligations on venues to improve security and prevent tragedies.

Martyn’s Law requires public venues and large events to evaluate their vulnerabilities to terrorism and adopt stronger protective measures. While all qualifying venues must consider their emergency response plans, larger sites, especially those hosting over 800 people, will face stricter requirements, including enhanced security protocols.

To understand if your business falls under this law, here are some of the places covered by it:

• Retail and hospitality – Supermarkets, shopping centers, pubs, restaurants
• Entertainment and leisure – Theaters, sports stadiums, hotels
• Public services – Schools, hospitals, transport hubs, places of worship
• Outdoor event spaces – Beer gardens, event grounds, and associated land

Anyone in control of these spaces, including landlords, tenants, and event organizers, is responsible for compliance. If multiple parties share control, they must work together to meet standards.

To support enforcement and provide practical assistance, a new regulator under the Security Industry Authority (SIA) will oversee implementation. They will also offer guidance to businesses, so companies won't have to hire expensive consultants.

Ultimately, Martyn’s Law is not just about compliance; it’s about saving lives. By integrating security awareness into daily operations, the UK aims to create a stronger defense against terrorism.

Key Requirements for Businesses Under Martyn’s Law

Businesses affected by the law must follow specific requirements based on their size and type.

1. Standard Tier (Capacity of 200–799 people)

If your business holds 200-799 people, like restaurants, pubs, shops, or event spaces, you must meet the following requirements under Martyn's Law:

1. Develop a comprehensive security and emergency response plan
2. Train staff on threat detection and emergency protocols
3. Conduct regular emergency drills and preparedness exercises
4. Clearly define evacuation routes and maintain accessible exits
5. Implement a clear communication strategy
6. Provide visible access to emergency contact details

The good news is that the government will provide free resources to make implementation more accessible. Also, these requirements are grounded in common-sense safety practices, so you may already have them in place.

2. Enhanced Tier (Capacity of 800+ people)

For larger venues with over 800 people, like stadiums or shopping malls, Martyn’s Law adds extra safety requirements:

• Deep-dive security check. Analyze your venue's weak spots. Think like a security expert: Where could an attack happen? How can we stop it?
• Upgrade your security gear. Install better CCTV systems, controlled entry points, and stronger perimeter protections.
• Create a plan. Write a playbook for monitoring threats, contacting police/security, and emergency backup plans.
• Run regular security drills. Test your team's response to various scenarios, just like fire drills.
• Keep good records. Document all safety work, including risk assessments, staff training, and incidents. The security regulator may review these.

Overall, bigger crowds bring bigger responsibilities. These steps help safeguard your venue and ensure everyone gets home safe. The good news? The government will support you — you're not alone in this.

Learn more about emergency notification software for businesses.

Security Compliance Challenges for Organizations

Everyone agrees that protecting people from terrorism is crucial. However, implementing Martyn’s Law poses challenges for business owners. Here’s what they say:

1. “This Costs More Than We Expected”

Even with “proportionate” rules, costs are rising.

• Small businesses worry about training costs, security upgrades, and lost time.
• Larger venues face hefty bills for assessments, drills, and tech.

2. “We’re Not Security Experts”

• Most pub and shop owners lack counterterrorism training.
• Figuring out what “good security” means feels like guesswork.
• Free government resources exist, but many don’t know how to find or use them.

3. “Our Staff Changes Every Week”

• High-turnover sectors like hospitality face constant training needs.
• Seasonal and part-time staff often miss briefings.
• Keeping training current feels like chasing a moving target.

4. “Will Security Scare Our Customers?”

• Emergency drills can disrupt service and confuse patrons.
• No one wants a cozy venue to feel like an airport checkpoint.
• Balancing safety and customer experience is tricky.

5. “The Rules Aren’t Always Clear”

• Does a pop-up market count? What about shared venues?
• The tier system helps, but grey areas persist.
• Uncertainty causes hesitation – and sometimes overcorrection.

6. “Our Building Wasn’t Designed for This”

• Historic venues can’t easily add scanners and panic rooms.
• Rural venues often lack infrastructure for CCTV or access control.
• Retrofitting is often impractical and expensive.

7. “The Fines Terrify Us”

• Potential fines of up to £18 million are daunting.
• Some venues overspend to avoid penalties.
• Others fear punishment despite their best efforts.

In summary, Martyn’s Law is based on strong values, but its success depends on practical, affordable implementation. See below what you can do as a company to prepare for the changes. See below what you can do as a company to prepare for the changes with emergency communication systems like DeskAlerts.

Best Practices for Improving Security Preparedness

Take practical steps to keep your people and property safe while aligning with Martyn’s Law. Here’s how:

1. Train Your Team

Teach everyone to spot red flags: unattended bags, strangers asking odd questions. Run "Run, Hide, Fight" drills for shooter situations. Train key staff in first aid, especially for bleeding. Make cybersecurity basics mandatory — no more clicking suspicious links!

2. Practice Makes Prepared

Conduct surprise drills for security threats. Test responses to emergencies like bomb threats and cyberattacks. After each drill, ask: "What worked? What failed?" Then take steps to improve.

3. Smart Tech = Smart Security

Use AI cameras that alert you to suspicious behavior. Install systems that lock doors during threats. Set up emergency alerts that reach everyone instantly via texts, alarms, or screens. Protect your security tech from hackers, too.

4. Team Up for Safety

Work with local police and fire departments. Share security tips with nearby businesses. Make safety everyone's job, not just the security team.

Remember: security isn’t about fear; it’s about being ready. Start small, focus on your biggest risks, and build from there. The most important step? Get started today.

Learn how notification systems help businesses in emergencies like active shootings.

Best Practices for Emergency Communication

In a crisis — whether it’s a terror threat, fire, or natural disaster — how you communicate matters. Clear and fast messaging keeps staff and customers safe, cuts through confusion, and ensures everyone’s on the same page. That’s why emergency communication is essential.

For businesses under Martyn’s Law, a reliable, well-practiced communication plan is crucial. When pressure mounts, there’s no time to figure things out on the fly.

Here are some best practices for emergency communication:

1. Develop a Clear Communication Plan

Every business needs a written plan for distributing messages during an emergency. It should cover:

• Who says what. Decide in advance who will send which type of message. The site manager may handle operational updates, while the head of security handles emergency alerts.
• How messages get sent. Will it be text alerts, loudspeakers, email, or something else?
• What gets said. Prepare clear messages for different situations, like evacuation or lockdown.
• Who approves it. Set up a chain of command so messages are approved quickly without confusion.

Tailor your communication plan to fit different emergencies. The clearer the plan, the faster and safer the response.

2. Use multiple communication channels

Relying on just one way of communication in an emergency is risky. A multi-channel approach makes sure messages reach more people, even if one system fails.

• Public address systems for announcements.
• SMS alerts or mobile notification apps.
• Email, instant messaging, or intranet platforms for staff.
• Printed signage or digital boards for on-site updates.
• Social media for reaching external audiences when appropriate.

3. Ensure your messages are clear and consistent

Emergency messages should be short and straightforward. Avoid the jargon. When people are stressed, they need clear instructions. These should be easy to grasp and act on right away.

• Use plain language and short sentences.
• Include essential details: what’s happening, what to do, and where to go.
• Avoid conflicting messages - ensure all channels communicate the same information.

Download your free 10 Most Useful Emergency Message Templates

4. Train and prepare staff

All employees should be trained in the organization’s emergency communication protocols. This includes knowing how to receive, act on, and share emergency messages if necessary.

• Conduct regular training sessions and drills.
• Provide quick-reference guides or cards with emergency contact numbers and message protocols.
• Include temporary or part-time staff in training sessions.

5. Establish redundancy and backup measures

Technology can fail in emergencies. So, make sure you have backup systems and procedures for sending and receiving critical communications.

• Have battery-powered radios or phones as backups.
• Maintain paper copies of emergency contacts and procedures.
• Ensure key staff know manual communication methods (e.g., runners or hand signals for fire drills).

6. Coordinate with emergency services

Communication with police, fire, ambulance, and local authorities must be seamless. Know who to contact, how to reach them, and what information they need.

• Build relationships with local emergency services in advance.
• Share your venue’s emergency plans with responders.
• Have a designated liaison person for first responders during an incident.

Learn more about emergency communication systems for business.

How DeskAlerts Supports Security Compliance

DeskAlerts is a powerful internal communication tool. It sends urgent messages straight to employees’ screens. When it comes to security compliance, especially with laws like Martyn’s Law, DeskAlerts has features that help organizations prepare, respond, and train employees.

By ensuring fast communication during emergencies, DeskAlerts helps create a safer environment for both staff and the public.

Though DeskAlerts doesn’t meet all Martyn’s Law requirements, it is still useful for security awareness and crisis communication.  It is highly customizable to the company’s needs and integrates with other systems, enhancing their effectiveness during crises.

Here’s how DeskAlerts can support security compliance:

1. Instant delivery of emergency alerts

In a crisis like a terrorist threat, fire, or lockdown, speed is crucial. People need timely information to stay safe.

DeskAlerts lets you send emergency messages straight to employees' desktops and mobile devices. This method bypasses slow email systems that may fail during a crisis.

You can also transform any screen in your organization into a digital billboard. This boosts the visibility of your messages.

• Messages appear as pop-ups, ensuring they are seen immediately.
• Alerts can include text, images, or links to emergency procedures.
• Priority messages can override other activities on the user’s screen to grab attention.
• Emergency alerts can’t be skipped or ignored. They appear on top of everything else on an employee’s screen.

This is essential for meeting requirements for real-time communication during emergencies.

Here’s what one of the clients said after using DeskAlerts:

“With a solution like DeskAlerts that we use in the hospital, it is possible to quickly send messages to selected recipients.” – CHU Saint-Pierre, Belgium

Learn how CHU Saint-Pierre used DeskAlert for emergency communication during a terrorist attack.

2. Multi-channel communication

DeskAlerts messages come in different formats. These include SMS, desktop alerts, mobile notifications, digital screens, and corporate screensavers. This multi-channel approach helps all staff get the same message. Whether they work on-site, remotely, or in hybrid roles, everyone stays informed. This reduces confusion and miscommunication.

This aligns with Martyn’s Law, which highlights clear and timely communication in emergencies.

Here’s what one of the clients said after using DeskAlerts:

“Prior to using DeskAlert, it was difficult to ensure information was delivered to all staff working in satellite offices.” – Companies House, United Kingdom

Learn how Companies House used DeskAlert multi-channel notifications to decrease the load on tech support.

3. Scheduled training and awareness campaigns

Security compliance means preparation, not just reaction. DeskAlerts helps schedule and automate training reminders. It can also send awareness campaigns and educational messages about security procedures, risk mitigation, and emergency planning.

• Regular messages reinforce key safety protocols.
• Quizzes and surveys can test staff’s understanding of procedures.
• Awareness campaigns can be tracked for participation and completion.

This meets Martyn’s Law requirements to provide ongoing emergency staff training and preparedness.

4. Targeted messaging for specific audiences

A key feature of DeskAlerts is its ability to segment audiences. During an incident, not all employees require the same message. DeskAlerts allows administrators to send specific instructions based on department, location, or job role.

For example, front-of-house staff might get evacuation orders, while back-office staff are told to stay in lockdown.

This supports the requirement for tiered response planning under Martyn’s Law.

Download your 10 Most Useful Emergency Message Templates

5. Audit trails and reporting

Security compliance often requires documentation of communications and actions taken. DeskAlerts maintains logs of all messages sent, who received them, and when they were acknowledged.

• Supports incident reviews and compliance audits.
• Provides evidence of staff training and engagement.
• Helps refine future communication strategies based on real data.

Integrating DeskAlerts into your emergency preparedness plan helps protect staff, meet regulations, and build a culture of security awareness.

Summing up

Martyn’s Law marks a major change in UK security standards. It requires businesses and venues to prepare for and reduce terrorist threats. While this law brings challenges like costs and implementation issues, it focuses on public safety and aims to strengthen our defense against terrorism.

Effective emergency communication is key to meeting Martyn’s Law requirements, and internal communication tools like DeskAlerts are essential for quickly sharing information during critical incidents.