Start Free Trial
INTROSPECTUS

Right To Disconnect

Compliance Intelligence for the Modern Workplace

Right To Disconnect Overview

Manage Right to Disconnect obligations proactively before they become complaints.

Australia’s Right to Disconnect legislation now gives employees the legal ability to refuse work contact outside their working hours unless that contact is considered reasonable.

For organisations, this creates a new compliance challenge:
understanding when after-hours contact occurs, whether it is reasonable, and whether it exposes the organisation to legal risk.

Most organisations have no visibility into this activity until a complaint is lodged.

Introspectus Right to Disconnect provides continuous monitoring and early risk detection, giving HR leaders, executives, and managers the insight needed to identify after-hours contact patterns, intervene early, and demonstrate good-faith compliance.

By analysing communication activity across enterprise platforms including email, Microsoft Teams, phone, and messaging channels, Introspectus identifies potential breaches and provides the workflow tools needed to respond before issues escalate.

Executives, managers and HR teams gain the insights needed to:

Detects after‑hours contact early

Reduces Right to Disconnect risk

Monitors all communication channels

Proves proactive compliance efforts

What Right To Disconnect Enables

What Introspectus Right To Disconnect Helps You Achieve

Introspectus Right to Disconnect gives organisations the visibility and control needed to manage after‑hours contact responsibly and demonstrate genuine compliance.

This allows organisations to achieve:

Proactive compliance management

Detect potential breaches before an employee lodges a complaint.

Reduced legal exposure

Identify patterns of after-hours contact that could trigger Fair Work scrutiny.

Better workforce wellbeing
Encourage healthy boundaries between work and personal time.
Evidence for regulatory defence

Maintain clear audit records demonstrating active compliance.

Manager awareness and accountability

Provide leaders with visibility into after-hours communication patterns within their teams.

Automated After-Hours Monitoring & Risk Detection

Introspectus continuously detects communication activity occurring outside each employee’s individual working hours.

Unlike simple time-based rules, the platform calculates after-hours windows per employee, based on their actual working arrangements.

This ensures compliance monitoring accurately reflects modern workforce patterns such as:

  • part-time roles
  • compressed work weeks
  • job-share arrangements
  • flexible start and finish times

By combining communication activity with individual work patterns, Introspectus identifies when contact events may represent a potential Right to Disconnect risk.

Compliance Monitoring Capabilities

AFTER-HOURS COMMUNICATION DETECTION
CapabilityWhat it DoesBusiness Impact
After-Hours Contact MonitoringAutomatically detects contact events occurring outside employee working hours across email, Microsoft Teams, phone calls, SMS, and other channels.Provides organisations with visibility into potential Right to Disconnect breaches before complaints arise.
Per-Employee Work Pattern DetectionCalculates after-hours windows individually for each employee based on their work schedule and employment arrangement.Ensures accurate monitoring across flexible, part-time, and non-standard work patterns.
Risk ScoringEach employee receives a dynamic risk score (Low, Medium, High) based on frequency, timing, and channel of after-hours contact events.Helps managers quickly prioritise areas requiring attention.
Late-Night & Rest-Day TrackingSeparately identifies contact events occurring after 9pm or on rest days. Highlights the communication patterns most likely to attract regulatory scrutiny.
Channel BreakdownProvides insight into which communication channels are generating after-hours contact.Enables organisations to implement targeted policy controls such as delayed email delivery or restricted notifications.
Compensation VisibilityFlags after-hours contact events that are not matched with overtime payments or time-off-in-lieu.Reduces exposure to underpayment claims alongside Right to Disconnect obligations.

Compliance Reporting & Manager Workflows

Monitoring alone does not ensure compliance.

Introspectus includes a workflow and reporting layer that enables organisations to respond quickly when potential risks are detected.

Managers receive alerts, review activity records, communicate with employees, and document remediation actions all within a single platform and with a full audit trail.

CapabilityWhat it DoesBusiness Impact
Team Compliance ScorecardProvides a real-time compliance score across teams or departments.Enables executives and HR leaders to monitor organisational risk levels over time.
Manager Notification WorkflowAutomatically notifies managers when after-hours contact patterns exceed defined thresholds.Ensures risks are addressed early before they escalate.
Individual Employee RecordsDetailed activity logs showing after-hours events by date, channel, and timing.Supports HR investigations, performance conversations, and legal evidence gathering.
Weekly Trend ReportingTracks how after-hours communication volumes change over time.Helps identify emerging cultural issues or workload pressures.
Pattern AnalysisIdentifies recurring after-hours communication behaviours.Enables targeted coaching and policy intervention.
Executive Summary ReportingGenerates structured summaries of Right to Disconnect activity across the organisation.Provides leadership with clear insight into compliance performance.

Executive Insight

Compliance Before Complaints.

The most common Right to Disconnect issues are not deliberate policy breaches.

They typically arise because managers are unaware of how often after-hours contact occurs within their teams.

Introspectus surfaces these patterns early enabling organisations to intervene, educate managers, and correct behaviour before employees escalate concerns to the Fair Work Commission.

Read what Our Customers Say

Why Introspectus Right to Disconnect?

Right to Disconnect compliance cannot be managed through occasional audits or annual reviews.

It requires continuous monitoring, proactive management, and documented evidence of action.

Introspectus delivers exactly that.

Key Advantages:

Individual pattern awareness

After-hours thresholds are calculated per employee, ensuring flexible and part-time workers are correctly treated.

Channel-level communication insight

Understand not just that contact occurred, but through which channel and when.

Proactive risk management

Risk scoring and trend alerts allow managers to intervene early.

Audit-ready compliance documentation

Every event, notification, and action is logged to provide a defensible record.

Compensation risk oversight

Uncompensated after-hours work is automatically flagged, helping organisations avoid underpayment claims.

Manage from a clear and visible position

Understand what’s possible when after‑hours activity is no longer hidden.

Without Introspectus

No visibility of after-hours contact
Compliance discovered only after complaints
Limited evidence for defence

With Introspectus

Continuous monitoring
Early detection of risks
Clear compliance documentation

How Introspectus Helps

Each agent compares the current patch list against what is actually installed on its device. Any gap between what has been released and what is deployed is immediately surfaced. Critically, Introspectus pays particular attention to the timing of patch deployment not just whether a patch is present, but when it was applied.

This temporal dimension is central to Essential Eight compliance, where the difference between a patch applied on day two versus day thirty can mean the difference between maturity levels, and between an environment that was protected and one that was exposed.

This combination of daily patch intelligence, severity-based filtering, agent-level validation, and deployment timing analysis gives organisations a real-time, evidence-based view of their operating system patch posture mapped directly to the ISM controls applicable to the Essential Eight patch operating systems strategy.

The Challenge with Patch Operating Systems

The visibility gap here is particularly consequential. A patch may be approved and scheduled, yet never successfully applied due to a failed deployment, a device that was offline during the maintenance window, a reboot that was deferred, or a system that exists outside managed channels entirely.

Organisations that rely solely on deployment tooling to confirm patch status are measuring intent, not reality. The ACSC is explicit on this point: organisations need to confirm patches have been applied successfully, not merely that they were dispatched.

Patch Operating Systems Overview

Within the Essential Eight framework, patching operating systems is a core and non-negotiable control. The ACSC sets clear expectations: patches for internet-facing infrastructure must be applied within 48 hours when identified as critical or where working exploits exist, and within two weeks for standard releases.

Patches for workstations, servers, and network devices must be applied within one month, with tighter timeframes applying in high-threat environments. Critically, the ACSC also mandates that vulnerability scanning occurs at least daily for internet-facing systems and at least fortnightly for workstations and non-internet-facing infrastructure not to replace patching, but to confirm it has actually occurred.

How Introspectus Works

From this inventory, Introspectus performs targeted web intelligence gathering. For each application identified, the platform locates the top five authoritative sources of patch and release information vendor security advisories, release notes, and vulnerability databases and retrieves that content into a central repository.

Aletheia, Introspectus’s AI analysis agent, then reads and analyses this content to extract the intelligence that matters for application patching: the latest available version, whether a release addresses a security vulnerability, the severity of that vulnerability, and all information relevant to the Essential Eight application patching requirements. This structured intelligence is mapped directly to the applicable ISM controls, producing defensible, audit-ready evidence of an organisation’s application patch compliance posture.

The Challenge with Patch Applications

A critical and frequently overlooked problem is the visibility gap. Organisations may believe their applications are current when, in reality, patches have silently failed, devices have missed deployment windows, or software has been installed outside of managed channels entirely.

Without continuous inspection at the endpoint level, these gaps go undetected until an audit or, worse, a breach.

Patch Applications Overview

Within the Essential Eight standard, patching applications is a dedicated and non-negotiable control. The ACSC specifies clear timeframes: critical vulnerabilities in internet-facing services must be addressed within 48 hours, commonly used applications such as office productivity suites, web browsers, email clients and PDF software must be patched within two weeks of release, and all other applications within one month.

For organisations in high-threat environments, the bar is higher still. Meeting these requirements consistently across hundreds of distinct applications deployed across thousands of endpoints is not achievable through manual effort alone.