One of the features of the Care Quality Commission’s (CQC) new model of regulation (following Sir Robert Francis QC’s recommendations after the enquiry into Mid Staffordshire NHS Foundation Trust) was that the regulator should have proper ‘teeth’ to take enforcement action when required. In terms of criminal enforcement powers, a key component of this has been the removal of the need for CQC to serve a warning notice before bringing prosecutions for breaching certain ‘fundamental standards’. In terms of civil enforcement, the introduction of ‘special measures’ regimes for all sectors was intended to provide a structure around the use of CQC’s powers to close down services providing unacceptable standards of care.

The fundamental standards have been in place since 1 April 2015 and we are starting to see CQC flexing its muscle.

In terms of inspection findings, CQC’s ‘Quarter 1 performance report’, submitted to the board meeting in July shows that for the hospital sector, 72% of provider level ratings are either ‘inadequate’ or ‘requires improvement’.

In terms of key questions 13% of hospitals were rated ‘inadequate’ for ‘is it safe?’ and 16% for ‘well led’.

To date, these figures are based on inspection of NHS acute trusts (with the higher risk providers having been inspected first) and the outcome of the new style inspections of independent sector hospitals have not yet fed into these figures. However, the picture shows the inspection process to be tough. The independent sector is well placed to learn some of the initial lessons from the NHS sector in meeting the requirements of the new CQC inspection regime and the ‘well led’ requirements.

In June and July 2015 alone the CQC reported:

  • An eight month suspended prison sentence for an unregistered home care provider
  • A six month community order for a provider of a slimming clinic who failed to register
  • A £22,500 fine for a care home provider who failed to appoint registered managers in two care  homes.

In terms of exercising its civil powers, there have been cases of the CQC issuing a ‘notice of proposal’ to cancel the registration of a care home (which had previously been assessed as compliant with all outcomes on each ‘old style’ inspection) without moving through the special measures regime first. Whilst this is permitted by CQC’s enforcement policy, it is a sign that the regulator certainly means business in terms of its readiness to take enforcement action.

The simple message for providers is to beware, and be compliant. The fundamental standards (as a whole) were not meant to ‘raise the bar’ in terms of what is required of providers, albeit that the inspection of those standards is proving more rigorous. However, there are some new requirements in the regulations, and providers need the regulator to give clear guidance on what is expected in relation to these. CQC has issued guidance, most recently in March 2015, which provides an overview of the key requirements but as always, the devil is in the detail and this is what is missing. A CQC review for its Regulatory Governance Committee in April 2015 showed that the most recent data (admittedly Q2 2014-15) revealed a reduction of 10% (to 69%) of providers who found CQC’s standards and guidance helpful.

Two of the main initiatives of the new regime, the statutory ‘duty of candour’ and the ‘fit and proper person requirement’ (FPPR) have been much trumpeted. It is fair to say that many organisations who we are working with have been proactively reviewing their current procedures and processes and making changes where necessary in order to meet the new requirement and ensure that they get over the bar/line However, despite the attention on these requirements, the guidance of providers in this area remains unclear and potentially unnecessarily exposes providers in this market:

Duty of candour

The over-arching, duty under the regulations is to act in an open and transparent way with patients generally; no one would argue with that as a principle.


These prescribed steps are not required or all events, merely the more serious ones – labelled ‘notifiable safety incidents’.

For some providers, the name ‘notifiable safety incidents’ causes confusion – “notifiable to whom?”. However, it can also provide a useful key. For the independent sector, the intention is that it is (broadly) the types of patient safety incidents providers are already required to notify to CQC that require the prescribed candour process to be followed.

However, in terms of what precisely is a notifiable safety incident, there is much uncertainty.

Candour about what – is it limited to mistakes?

The duty of candour is a fundamental component of patient rights (Peter Walsh at AvMA has described it as potentially the biggest advance in patients’ rights and patient safety in history). From a provider point of view, one of the main benefits of the duty is a greater opportunity to learn when things go wrong. Sir Liam Donaldson, in his evidence in the Mid-Staffs inquiry commented: “I would far rather be treated by a doctor who at some stage in their career has made a mistake, owned up to it, learnt from the mistake and become a better doctor as a result.”

In their report for government ‘Building a culture of candour’ (March 2014), Sir David Dalton and Professor Norman Williams stated: "Medical treatment and care is not risk free. Errors will happen and nearly all of these will be due to failures in organisational systems or genuine human errors. A duty of candour on organisations, registered with the Care Quality Commission, means that they must ensure that patients, and where appropriate their families, are told openly and honestly when unanticipated errors happen which cause a patient harm above a predetermined threshold.”

When introducing the regulations in a debate before the Delegated Registration Committee in October 2014, Norman Lamb stated that the impact of the duty of candour on providers would mean that: “Where they have in effect overseen a cover-up of failures of care, they can be prosecuted...”

Much of the rhetoric, therefore, surrounding the duty of candour was about the need to be open about mistakes/errors, with the aim that this would prompt learning and prevention recurrence of avoidable harm.

However, in March this year, just prior to the introduction of the duty of candour for the independent sector, CQC issued an information document which included, in an appendix, illustrative examples of ‘notifiable safety incidents’ triggering the full duty of candour process. These included the following examples:

As can be seen, the CQC document suggests that providers need to follow the entire candour process whenever the patient’s outcome crosses the relevant harm threshold, even if the harm was a recognised (and consented) complication of the procedure.

Such a wider interpretation of what is a ‘notifiable safety incident’ raises important questions for providers in terms of when the full candour disclosure process is required: is this required for all post-partum haemorrhages; all post-operative pulmonary emboli; all unexpected returns to theatre?

The wider interpretation could have significant resource implications for providers. However, despite reference to these examples in the appendix to its information document, CQC has not issued any guidance expressly stating that the full duty should be triggered whenever the requisite level of harm occurs, even if this is a recognised, and consented, complication of the procedure.

Extension to harm could be caused

Further confusion for independent sector providers could be in store. Whereas, for the independent sector, ‘notifiable safety incidents’ only arise where the requisite level of harm has actually occurred, for NHS providers, they also include incidents which “could result in” such harm.

According to recent reports, pressure by AvMA might result in a government consultation on extending the duty for independent sector providers to match the NHS duty.

Interaction with professional duty

The General Medical Council (GMC) and the Nusing & Midwifery Council (NMC) have recently issued joint statutory guidance for their members on how to comply with their professional duties of candour. Alongside this, the GMC issued a case study concerning a GP who failed to diagnose jaundice in a newly born baby who subsequently required admission to an acute hospital for phototherapy and blood transfusion.

The GMC’s case study suggests that, in such a situation, the professional duty of candour is satisfied if either the GP or the paediatricians explain and apologise. It is not clear, however, how this sits with CQC’s statutory duty which appears to require the GP, as a registered provider, to apologise.

Fit and proper person requirement

The FPPR is now 4 months old for the independent sector but came into force in November 2014 for NHS providers. Whilst it is still early days in embedding the new requirements, gaps in the guidance and a number of CQC inspections under the new regime means we are starting to see some key themes emerging.

Not a ‘tick box’ exercise

Implementing practical steps to meet the test requires more than writing a policy. The CQC wants to see clear evidence of a real understanding of what the
obligations entail and the steps taken to meet the test.

In practice, this includes:

  • A thorough due diligence exercise and evidence of the steps taken
  • A look back exercise by way of an audit of the appointment and recruitment checks for existing  directors
  • Ongoing review of fitness via appraisals
  • Processes for robust investigation of concerns regarding directors’ fitness 

DBS checks

There has been a lot of confusion over DBS checks; in particular, what level of checks should be made, especially for Directors who are not undertaking direct clinical care?

As part of any looking back exercise, organisations should be looking at whether appropriate levels of DBS checks were undertaken as part of existing directors’ appointment. CQC’s guidance states that it expects providers “to undertake an enhanced DBS check for directors to check that they are on the children’s and / or [adults] safeguarding barred list where they meet the eligibility criteria”. However, the law surrounding eligibility criteria is rather restrictive. Whereas it seems that a clinical director is likely to fall within the scope for an enhanced DBS check with barred lists information, there is a question mark over whether a director of operations would as well (the director of operations being likely to have access to patients, for example, but not providing direct care). The CQC guidance for providers on this is not particularly clear.

Where DBS checks have been done and a current director has a spent conviction for example, the organisation (and in particular, the chair) will need to think about the impact of that spent conviction on the director’s good character. Having a spent conviction is not an absolute bar and therefore, where organisations decide that a director who has a spent conviction still fulfils the good character requirement, they should be able to evidence their reasoning around this decision when CQC inspection time comes around.

“Serious mismanagement”

Based on current guidance and information available, there remains a lack of clarity as to what acts or omissions by Directors in previous roles might amount to having “been responsible for, been privy to, contributed to or facilitated any serious misconduct or mismanagement (whether unlawful or not) in the course of carrying on a regulated activity or providing a service elsewhere which, if provided in England, would be a regulated activity”.

Providers are concerned about how detailed enquiries need to be and how far back they need to go in respect of both their current directors and new appointments in satisfying themselves that there are no skeletons in the closet which would cause them to fall foul of this element of the requirement. CQC’s guidance does not differentiate between existing director and new appointments on this, but some degree of pragmatism must prevail.

Robust investigations when concerns come to light

The HSJ recently reported that a total of 65 NHS chief executives and senior board directors have been subject to complaints under the FPPR. Twelve of the complaints, involving 44 people, have been considered and closed. Five of the closed cases, covering 14 people, related to concerns that whistleblowers had been suppressed.

It is essential that organisations take all complaints seriously and have in place clear processes for investigating matters in a timely manner. There is however some concern that this requirement could be used by individuals as a personal vendetta against previous or existing colleagues or managers. Directors of nursing have been identified as being potentially in the firing line for such vexatious complaints.


These issues regarding lack of clarity in the guidance and consistency with other regimes (whether around professional duties of candour or eligibility for DBS checks) lead to uncertainties for providers in what they need to do to meet the new obligations.  The stakes are high for providers: improper systems and processes could result in poor quality ratings, civil enforcement action and, in the case of candour, potential prosecution. Given this, and CQC’s seemingly increased appetite for taking enforcement action, it is hoped further guidance will be issued to bring clarity sooner rather than later.

In the interim, providers will need to ensure they have robust systems and processes in place around these measures to ensure their services fare well on CQC inspection, particularly in terms of being Safe and Well led.

Our use of cookies

We use necessary cookies to make our site work. We'd also like to set optional analytics cookies to help us improve it. We won't set optional cookies unless you enable them. Using this tool will set a cookie on your device to remember your preferences. For more detailed information about the cookies we use, see our Cookies page.

Necessary cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the website functions.

Analytics cookies

We'd like to set Google Analytics cookies to help us to improve our website by collection and reporting information on how you use it. The cookies collect information in a way that does not directly identify anyone.
For more information on how these cookies work, please see our Cookies page.