1. Introduction

This chapter summarises the Emerging Concerns Protocol which was developed to enable organisations and partners to act early and share information with regulators where there are concerns about risks to people using services, their carers, families or professionals.

Partners to the protocol share a common objective of making sure that health and social care professionals and systems across the UK serve to protect the public, whilst maintaining the health, safety and wellbeing of professionals, people using services and also their families and carers.

They expect providers and professionals to work together to provide the best possible care. The importance of sharing concerns at the right time is emphasised as this makes it easier to understand the links between pieces of information, which can indicate a problem is emerging. The aim of the protocol is to strengthen and encourage good practice by enabling the sharing of information about emerging quality concerns in a timely fashion.

Each of the organisations signed up to the protocol has a responsibility for responding to concerns about care provision and a role in ensuring that those who use services, their carers and families receive high-quality services from professional staff and registered health and social care organisations.

2. Purpose of the Protocol

The Protocol states:

‘The purpose of the protocol is to provide a clearly defined mechanism for organisations which have a role in the quality and safety of care provision, to share information that may indicate risks to people who use services, their carers, families or professionals. No piece of information is too small to invoke the protocol.

Information might include, but is not limited to:

  • situations that may not be seen as an emergency, but which may indicate future risks;
  • cultural issues within health and social care settings (including educational environments) that would not necessarily be raised through alternative formal systems.

The objective of the protocol is to be flexible and empowering, supporting regulators to understand how they can share information. This protocol is designed to work alongside protocols that already exist, however, it is specifically aimed at helping staff across the partner organisations to make decisions about when to escalate information of concern with one or more organisations. It is not intended to work against good working relationships and existing informal mechanisms that already exist, but to strengthen and encourage good practice. Nor is it intended to override the autonomy of existing organisations.’

One of the aims of the protocol is to provide guidelines on how to raise and escalate concerns that may seem small and not urgent, but which could point to a future risk. It intends to support a process of discussions taking place safely and without judgement, and decisions being made as to how relevant concerns can be addressed proactively rather than reactively. It does not replace existing responsibilities and arrangements for taking emergency action.

3. Principles

The following principles are laid down in the protocol:

  • organisations should have an open culture where staff can speak up about their concerns;
  • organisations should be transparent about how the protocol is used, whilst maintaining confidentiality;
  • organisations should be open about confidentiality agreements and limitations (including working with information shared by third parties);
  • organisations involved should maintain and respect the executive autonomy of each individual organisation;
  • the protocol must operate within the law, including any restrictions on sharing information;
  • it should be short and simple, with a focus on practicality;
  • it should be developed through a collaborative, partnership approach between the organisations involved;
  • no issue should be too small for an organisation to consider using the protocol.

4. The Process for Responding to Concerns

4.1 Categories of concern

Concerns may come into three categories:

  1. concerns about individual or groups of professionals;
  2. concerns about healthcare systems and the healthcare environment (including the learning environments of professionals);
  3. concerns that might have an impact on trust and confidence in professionals or the professions overall.

4.2 How to use the protocol

This is a summary of the process. See the Annexes at the bottom of this chapter for more detailed information about each stage.

4.2.1 Organisation A has a concern

  • Evaluate information and source;
  • Does the protocol need to be triggered?

REMEMBER: no piece of information is too small to invoke the protocol.

At this stage it may be decided that the Protocol does not need to be triggered and the information can be dealt with through other routes.

4.2.2 Consider the interests of partner organisations

At this stage it may be decided that the Protocol does not need to be triggered and the information can be dealt with through other routes.

4.2.3 Contact Organisations B, C & D to share (and request) information

  • All organisations store information in their own systems;
  • Organisation A responsible for formal recording of the use of the protocol.

See Section 6, Recording Requirements and Section 7, Sharing Personal Data

4.2.4 Hold regulatory review panel (RRP)

  • RRP convened, coordinated, chaired and minuted by Organisation A;
  • Use the template agenda for a regulatory review panel.

4.2.5 Share outcomes

  • RRP record shared with all partners and Health and Social Care Regulators Forum secretariat for monitoring and report at next Forum (including if there is no further action);
  • Use of protocol reviewed for learning every time.

5. Safeguarding

Any organisation may receive information that indicates that abuse, harm or neglect has taken place. Any form of abuse, avoidable harm or neglect is unacceptable. Each organisation will have procedures for managing these types of concerns and they must be followed. Each organisation remains responsible for ensuring they follow their own internal safeguarding procedures. Nobody should wait to activate the protocol instead of acting on safeguarding concerns – immediate action should always be taken where necessary (see Safeguarding Enquiries Process section).

6. Recording Requirements

See also Case Recording chapter

Each organisation involved in the use of the protocol should ensure records are made on their own system.

Each organisation should be able to report on:

  • the number of times they have initiated use of the protocol;
  • anonymised information about information shared;
  • RRPs convened;
  • RRPs attended;
  • actions as a result of the protocol.

The minimum information expected to be stored includes:

  • dates;
  • providers, professionals, others involved;
  • partners contacted;
  • actions agreed and taken;
  • decisions to call / not call RRP.

7. Sharing Personal Data

See also Annex C, Sharing of Personal Data and South Tyneside Multi Agency Information Sharing Agreement

When using the protocol, mostly there should not be a need to share personal data about individuals. Organisations convening an RRP must ensure however that only those who need to know the information should attend if personal information is to be shared in the panel.

Any processing of personal data is subject to the requirements of the Data Protection Act 2018 and the UK General Data Protection Regulation (see Data Protection Act chapter).


Annex A: Organisations Involved

Annex B: An Example of Protocol Use

Annex C: Sharing of Personal Data

Was this helpful?
Thanks for your feedback!