1. Scope
This Incident Response Plan applies to all incidents, accidents, near misses, and adverse events occurring within domiciliary care services provided by in England. It covers incidents affecting service users, staff, visitors, members of the public, and any person connected with the delivery or receipt of care services.
The plan applies to all settings where care is delivered, including service users’ own homes, communal areas in supported living environments, during transportation arranged by , and any location where care activities take place. It encompasses incidents occurring during planned care visits, emergency responses, medication administration, personal care provision, moving and handling activities, and any other aspect of service delivery.
This plan is mandatory for all workers engaged by , including employees, bank and agency staff, temporary workers, apprentices, volunteers, students on placement, consultants, contractors, and subcontractors. Immediate reporting of incidents is a condition of engagement. The Duty Manager is responsible for day-to-day incident management, ensuring immediate response, containment, and initial investigation. The Registered Manager () holds overall accountability for the effectiveness of incident response systems and compliance with statutory duties.
Categories of Incidents
The plan covers all categories of incidents including but not limited to:
Safeguarding incidents: Allegations or suspicions of abuse, neglect, exploitation, or harm to adults or children.
Clinical incidents: Medication errors, medication incidents, adverse reactions, pressure injuries, deterioration in health, choking, aspiration, infection control breaches, clinical equipment failure, and treatment-related complications.
Environmental and safety incidents: Falls, slips, trips, scalds, burns, exposure to hazards, fire, flooding, gas leaks, electrical faults, security breaches, and environmental contamination.
Service delivery incidents: Missed visits, late visits, incorrect or inadequate care provision, unauthorised absence of staff, failure of communication systems, breakdown of care equipment, loss of essential supplies, and breaches of care plans.
Behavioural incidents: Aggression or violence by service users, family members, or visitors toward staff; self-harm; absconding; or incidents involving challenging behaviour that places anyone at risk.
Workforce incidents: Staff injuries, occupational exposures to infection, sharps injuries, violence against staff, verbal abuse, road traffic incidents involving staff vehicles, and work-related stress or ill health.
Information governance incidents: Data breaches, loss or theft of confidential information, unauthorised disclosure, inappropriate access to records, and cyber security incidents.
Near misses: Events that could have resulted in harm but did not, including hazards identified before harm occurred, system failures detected before impact, and early warnings of potential serious incidents.
Interface with Other Policies
This plan interfaces with other policies and procedures. Safeguarding incidents are managed under safeguarding procedures and reported to the local authority safeguarding team in line with statutory thresholds. The Safeguarding Lead () oversees all safeguarding-related incidents. Incidents meeting the Duty of Candour threshold under Regulation 20 are managed with openness, apology, and ongoing communication with affected persons. Data breaches are managed by the Data Protection Officer () in line with GDPR and reported to the Information Commissioner’s Office where required. Health and safety incidents are reviewed by the Health and Safety Officer () and reported under RIDDOR where applicable.
This plan is grounded in Regulation 12 (Safe care and treatment), Regulation 13 (Safeguarding service users from abuse and improper treatment), Regulation 17 (Good governance), Regulation 18 (Staffing), and Regulation 20 (Duty of Candour) of the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014, alongside all relevant English legislation including the Care Act 2014, Mental Capacity Act 2005, Health and Safety at Work etc. Act 1974, Management of Health and Safety at Work Regulations 1999, Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013 (RIDDOR), Data Protection Act 2018 and UK GDPR, Equality Act 2010, Human Rights Act 1998, Children Act 1989 and 2004, and Safeguarding Vulnerable Groups Act 2006.
2. Legal and Regulatory Framework
| Term/Regulation | Description/Definition |
| Health and Social Care Act 2008 (Regulated Activities) Regulations 2014 | Establishes fundamental standards including Regulation 12 (safe care and treatment), Regulation 13 (safeguarding), Regulation 17 (good governance), and Regulation 20 (Duty of Candour). |
| Care Act 2014 | Provides the legal framework for adult safeguarding and defines duties of care providers to protect people from abuse and neglect. |
| Children Act 1989 and 2004 | Sets out duties for safeguarding and promoting the welfare of children and young people who may be affected by care services. |
| Mental Capacity Act 2005 | Provides a framework for acting and making decisions on behalf of individuals who lack capacity, including during incident response. |
| Health and Safety at Work etc. Act 1974 | Places duties on employers to ensure the health, safety, and welfare of employees and others affected by work activities. |
| Management of Health and Safety at Work Regulations 1999 | Requires risk assessments, appropriate control measures, and arrangements for managing health and safety including incident reporting. |
| Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013 (RIDDOR) | Requires reporting of specified workplace injuries, occupational diseases, and dangerous occurrences to the Health and Safety Executive. |
| Data Protection Act 2018 and UK GDPR | Governs lawful processing of personal data during incident recording, investigation, and reporting, including notification of data breaches. |
| Equality Act 2010 | Requires reasonable adjustments and protection from discrimination when responding to incidents involving people with protected characteristics. |
| Human Rights Act 1998 | Protects fundamental rights including the right to life, freedom from inhuman treatment, and respect for private and family life. |
| Safeguarding Vulnerable Groups Act 2006 | Establishes the Disclosure and Barring Service (DBS) scheme and requirements for barring individuals who pose risks to vulnerable groups. |
| Working Together to Safeguard Children Statutory Guidance 2018 | Sets out multi-agency responsibilities for safeguarding children, relevant where incidents involve children or young people. |
| CQC Fundamental Standards – Regulation 20 | The Duty of Candour requires providers to be open and transparent with service users when things go wrong, including providing apologies and explanations. |
3. Definitions of Key Terms
| Term | Description/Definition |
| Incident | Any unplanned or unintended event that causes or has the potential to cause harm, loss, damage, or disruption to service users, staff, or others. |
| Accident | An incident resulting in injury, illness, or damage to property. |
| Near Miss | An event that could have resulted in harm but did not, either by chance or through timely intervention. |
| Adverse Event | An incident that results in harm to a service user receiving care, which may or may not be preventable. |
| Serious Incident | An incident resulting in death, severe harm, permanent disability, safeguarding concerns, significant reputational damage, or regulatory breach. |
| Duty of Candour | The statutory requirement under Regulation 20 to be open and transparent with service users when incidents result in moderate harm or above. |
| Safeguarding | Protecting an adult or child’s right to live safely, free from abuse, neglect, or harm, and promoting their wellbeing. |
| RIDDOR | Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013, requiring specified incidents to be reported to the Health and Safety Executive. |
| Statutory Notification | The requirement to notify the Care Quality Commission of specified incidents including deaths, serious injuries, safeguarding incidents, and deprivation of liberty. |
| Root Cause Analysis | A systematic process of investigation to identify underlying causes of incidents rather than just immediate factors. |
| Lessons Learned | Insights and improvements identified through incident investigation that are implemented to prevent recurrence. |
| Immediate Action | Steps taken immediately following an incident to ensure safety, prevent further harm, and stabilise the situation. |
| Service User | Any individual receiving domiciliary care services from . |
| Duty Manager | The appointed person responsible for immediate incident response, coordination, and day-to-day oversight of incident management. |
4. Policy Statement
is committed to maintaining safe, high-quality, person-centred domiciliary care through effective incident prevention, prompt response, thorough investigation, and continuous learning. Incidents are viewed not as failures alone but as opportunities to understand risks, improve systems, and strengthen safeguards. This commitment is grounded in openness, accountability, and a culture where staff feel confident to report concerns without fear of blame.
This plan is founded on Regulation 12 (safe care and treatment), Regulation 13 (safeguarding), Regulation 17 (good governance), and Regulation 20 (Duty of Candour) of the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014. It aligns with fundamental standards including person-centred care (Regulation 9), dignity and respect (Regulation 10), staffing (Regulation 18), and fit and proper persons (Regulation 19). The plan reflects statutory duties under the Care Act 2014, Mental Capacity Act 2005, Health and Safety at Work etc. Act 1974, RIDDOR 2013, Data Protection Act 2018, Equality Act 2010, Human Rights Act 1998, and safeguarding legislation.
Key Commitments
will ensure that:
Incidents are reported immediately by all staff using clear reporting channels available 24 hours a day, seven days a week. Staff understand their duty to report and are supported to do so without fear of blame or reprisal.
Immediate action is taken to ensure safety, prevent further harm, preserve dignity, and stabilise situations. This includes providing first aid, contacting emergency services, securing environments, notifying appropriate persons, and implementing interim safeguards.
Incidents are investigated proportionately based on severity, impact, and learning potential. Investigations are fair, evidence-based, focused on systems and processes rather than individual blame, and completed within appropriate timescales.
Service users and their representatives are informed openly and promptly when incidents occur, in line with the Duty of Candour where applicable. This includes providing truthful explanations, sincere apologies, ongoing updates, and clear information about actions taken to prevent recurrence.
Safeguarding incidents are escalated immediately to the Safeguarding Lead () and reported to the local authority safeguarding team in line with statutory procedures.
Statutory notifications are submitted to the Care Quality Commission without delay for deaths, serious injuries, safeguarding incidents, deprivation of liberty, and other notifiable events.
RIDDOR reports are made to the Health and Safety Executive for workplace injuries, with oversight from the Health and Safety Officer ().
Data breaches are reported to the Information Commissioner’s Office within 72 hours where required, with the Data Protection Officer () ensuring compliance.
Learning from incidents is captured systematically through root cause analysis, themed reviews, and trend analysis. Lessons learned are translated into improvements in policies, procedures, risk assessments, care planning, training, supervision, and environmental safety measures.
5. Roles and Responsibilities
| Role | Responsibility |
| Registered Manager – () | Overall accountability for incident management systems, ensuring compliance with CQC Regulation 17 (good governance), Regulation 20 (Duty of Candour), and all statutory reporting requirements. Reviews all serious incidents and ensures lessons learned are embedded. |
| Duty Manager | Day-to-day oversight of incident response, ensuring immediate action is taken, investigations are coordinated, staff are supported, and timescales are met. Acts as first point of contact for incident escalation and coordinates communication with families, professionals, and regulators. |
| Safeguarding Lead – () | Ensures incidents with safeguarding implications are identified, escalated, and referred to the local authority safeguarding team. Oversees safeguarding investigations, supports staff with safeguarding concerns, and ensures compliance with statutory safeguarding duties. |
| Data Protection Officer – () | Ensures incident records comply with data protection legislation, manages data breach incidents, reports breaches to the Information Commissioner’s Office where required, and supports individuals affected by data security incidents. |
| Health and Safety Officer – () | Investigates health and safety incidents, ensures RIDDOR reporting to the Health and Safety Executive, conducts risk assessments following incidents, and implements control measures to prevent recurrence. |
| All Care Staff | Immediate reporting of incidents, taking prompt action to ensure safety and prevent further harm, preserving evidence, cooperating with investigations, and implementing learning from incidents into daily practice. |
| Senior Care Workers and Team Leaders | Supporting frontline staff in incident response, ensuring accurate incident recording, conducting initial assessments of severity, and escalating appropriately to the Duty Manager or on-call management. |
| Service Users and Representatives | Encouraged to report incidents, concerns, or near misses. Supported to participate in incident reviews where appropriate and to understand actions taken to improve safety. |
6. Procedures
The incident response procedures are designed to ensure swift, effective, and proportionate action following any incident, near miss, or adverse event. The approach prioritises safety, dignity, transparency, and learning.
6.1 Immediate Response
Any staff member who witnesses, discovers, or is informed of an incident must take immediate action to:
Ensure safety: Protect the service user, staff, and others from further harm. This may include moving people away from hazards, stopping unsafe activities, securing dangerous items, or evacuating areas if necessary.
Provide care: Administer first aid where trained and competent to do so. Comfort and reassure the service user. Preserve dignity by maintaining privacy and covering the person appropriately.
Summon help: Contact emergency services (999) if there is serious injury, medical emergency, fire, crime in progress, or immediate threat to life. Contact the Duty Manager or on-call manager immediately to report the incident and receive guidance.
Preserve evidence: Do not move items, clean areas, or dispose of materials unless necessary for safety. Take photographs if safe to do so. Secure equipment, medication, or substances involved in the incident.
Notify key persons: Inform the service user’s family or representative unless there are safeguarding reasons not to do so. Notify the GP, district nurse, or other health professionals where clinical advice or review is required.
Document: Record initial details of the incident as soon as it is safe to do so, noting time, location, people involved, witnesses, actions taken, and immediate outcomes.
6.2 Reporting Incidents
All incidents must be reported immediately using the Incident Report Form or electronic incident recording system. Reporting must occur:
Immediately for serious incidents, safeguarding concerns, major injuries, deaths, or events requiring emergency services.
Within one hour for incidents causing harm, medication errors, falls with injury, challenging behaviour incidents, or missed visits.
Within 24 hours for near misses, minor injuries, equipment faults, or concerns about care quality.
Required Information
The incident report must include:
• Date, time, and location of the incident
• Names of all individuals involved, including the service user, staff, witnesses, and any others present
• Detailed description of what happened, in chronological order, using factual and objective language
• Immediate actions taken, including first aid, emergency service attendance, notifications made, and interim safety measures
• Actual or potential harm caused or avoided
• Contributing factors such as environmental conditions, staffing levels, equipment status, or care plan adherence
6.3 Severity Assessment
The Duty Manager will categorise incidents based on impact and risk using the following framework:
| Level | Severity | Description and Examples |
| Level 1 | Minor | No harm or minimal harm requiring no treatment beyond basic first aid. Examples: minor bruises, brief emotional distress, equipment malfunctions resolved immediately. |
| Level 2 | Moderate | Harm requiring professional healthcare intervention such as GP review, nurse visit, or additional monitoring. Examples: falls with soft tissue injury, medication errors requiring medical review, missed visits. |
| Level 3 | Severe | Significant harm requiring hospital attendance, admission, or resulting in prolonged pain, distress, or temporary loss of function. Examples: fractures, head injuries, serious medication errors, safeguarding incidents requiring statutory investigation. |
| Level 4 | Critical | Death, permanent harm, life-threatening situations, or serious safeguarding incidents. Examples: unexpected death, major trauma, abuse resulting in serious injury, events triggering criminal investigation. |
| Near Miss | Potential | Events that could have caused harm but did not, assessed based on the potential severity had harm occurred. |
6.4 Investigation
All incidents will be investigated proportionately:
Level 1 incidents: Reviewed by the Duty Manager or Team Leader with brief fact-finding and immediate corrective actions documented.
Level 2 incidents: Investigated by the Duty Manager with interviews, record review, and written findings within 10 working days.
Level 3 and 4 incidents: Investigated by the Registered Manager () or designated senior manager using root cause analysis, multi-disciplinary input, and comprehensive written report within 20 working days.
Investigation Process
Investigations will:
• Gather evidence including witness statements, care records, medication administration records, risk assessments, care plans, training records, and environmental assessments
• Interview staff, service users (where capacity and wellbeing permit), and witnesses separately and confidentially
• Review policies, procedures, and previous risk assessments to identify gaps or non-compliance
• Analyse contributory factors including human factors, system issues, environmental conditions, training adequacy, and communication failures
• Identify root causes using recognised methodologies such as the Five Whys, fishbone diagrams, or structured root cause analysis frameworks
• Determine whether the incident was preventable and, if so, what actions could have avoided it
• Develop recommendations for immediate, short-term, and long-term actions to prevent recurrence
6.5 Duty of Candour
Where an incident results in moderate harm or above (Level 2, 3, or 4), the Duty of Candour applies. The Registered Manager or Duty Manager will notify the service user or their representative as soon as reasonably practicable, normally within 24 hours, provide a verbal explanation, offer a sincere apology, and follow up in writing within 10 working days.
6.6 Statutory Notifications
The Registered Manager or Duty Manager will ensure statutory notifications are submitted without delay to the CQC for deaths, serious injuries, safeguarding incidents, and deprivation of liberty. RIDDOR reports will be made by the Health and Safety Officer () for workplace incidents. Safeguarding referrals will be made by the Safeguarding Lead () to the local authority. Data breach notifications will be made by the Data Protection Officer () to the ICO within 72 hours where required.
6.7 Communication with Families
Following any incident, the Duty Manager will ensure that families or representatives are contacted as soon as it is safe and appropriate, normally within two hours. Information will be communicated sensitively, clearly, and honestly, with regular updates provided throughout the investigation.
6.8 Staff Support
Staff involved in incidents will be supported through immediate debriefing, access to occupational health services, reflective supervision, and protection from blame culture, with emphasis on system improvements.
6.9 Record-Keeping
All incidents are recorded in the Incident Register maintained securely by the Duty Manager. Records include incident reports, investigation findings, communication logs, Duty of Candour correspondence, action plans, and follow-up reviews. Records are retained securely for a minimum of three years.
7. Safeguarding Incidents
Incidents involving suspected or alleged abuse, neglect, exploitation, or harm to adults or children are treated with the highest priority. recognises its statutory duties under the Care Act 2014, Children Act 1989 and 2004, and Safeguarding Vulnerable Groups Act 2006.
Recognition of Safeguarding Incidents
Safeguarding concerns may arise from physical abuse, emotional or psychological abuse, sexual abuse, neglect, financial abuse, discriminatory abuse, institutional abuse, domestic abuse, modern slavery, or self-neglect.
Immediate Response
Staff must ensure immediate safety, contact emergency services if necessary, report immediately to the Duty Manager and Safeguarding Lead (), preserve evidence, record everything observed, and maintain confidentiality.
Referral to Safeguarding Authorities
The Safeguarding Lead will make an immediate referral to the local authority safeguarding team by telephone, followed by written confirmation within 24 hours. Where the alleged abuser is a staff member, they will be suspended immediately and the Disclosure and Barring Service notified if dismissed for harm-related reasons.
8. Health and Safety Incidents
is committed to maintaining safe working environments in line with the Health and Safety at Work etc. Act 1974, Management of Health and Safety at Work Regulations 1999, and RIDDOR 2013. The Health and Safety Officer () oversees health and safety incident response.
RIDDOR Reporting
The Health and Safety Officer will ensure RIDDOR reports are submitted for deaths, specified injuries, over-seven-day injuries, dangerous occurrences, and occupational diseases. Reports must be submitted within statutory timescales.
9. Medication Incidents
Medication incidents include errors in administration, omissions, prescribing errors, dispensing errors, storage failures, and adverse drug reactions. Staff must stop and assess immediately, seek clinical advice, monitor the service user, report to the Duty Manager, and record the incident comprehensively.
10. Near Miss Reporting and Learning
Near misses are events that could have resulted in harm but did not. They provide invaluable opportunities for learning and prevention. actively encourages near miss reporting as part of a proactive safety culture.
11. Training and Competence
Effective incident response depends on staff having the knowledge, skills, and confidence to recognise, report, and respond to incidents appropriately. All staff must complete induction training covering incident recognition, reporting procedures, immediate response, safeguarding, Duty of Candour, medication safety, health and safety, confidentiality, and support systems.
12. Monitoring, Review, and Learning
Continuous monitoring and systematic review of incidents are essential to understanding risks, identifying trends, driving improvements, and ensuring compliance with regulatory standards. The Incident Register is reviewed daily by the Duty Manager, monthly by the Registered Manager (), with quarterly reports to governance meetings and annual review of the plan.
13. Communication and Transparency
Effective communication with service users, families, staff, regulators, and commissioners is fundamental to incident management. Transparency builds trust, demonstrates accountability, and ensures all stakeholders are informed and involved appropriately.
14. Data Protection and Confidentiality
Incident information includes sensitive personal data about service users, staff, and others. is committed to handling this information lawfully, securely, and transparently in line with the Data Protection Act 2018 and UK GDPR. The Data Protection Officer () provides oversight on data protection compliance.
15. Links to Other Policies
The Incident Response Plan is part of a comprehensive governance framework and must be read alongside: Safeguarding Policy, Health and Safety Policy, Medication Management Policy, Duty of Candour Policy, Complaints Policy, Data Protection and Confidentiality Policy, Risk Management Policy, Staff Disciplinary and Capability Policy, Whistleblowing Policy, Equality and Diversity Policy, and Business Continuity and Emergency Preparedness Policy.
16. Accessibility and Communication of the Plan
The Incident Response Plan is only effective if staff, service users, families, and stakeholders are aware of it and understand their roles. All staff receive training during induction with annual refreshers. The plan is available in the staff handbook, provided to service users in accessible formats, shared with commissioners and regulators, and published online where appropriate.
17. Assurance and Accountability
is accountable to service users, families, staff, regulators, and commissioners for the effectiveness of incident response. Assurance mechanisms include internal oversight by the Duty Manager and Registered Manager, specialist assurance from named officers, internal audits, CQC inspections, commissioner monitoring, safeguarding authority reviews, and external audits.