Lifecycle
Safeguarding concern recording and referral tracking
Safeguarding sits across two statutes (the Care Act 2014 for adults at risk and the Children Acts 1989 and 2004 for children) and one regulation (Regulation 13 of the Regulated Activities Regulations 2014). The lifecycle the team runs is the same regardless: a concern surfaces, the team makes the safeguarding-versus-clinical-incident decision, a referral may go to the local authority and sometimes the police and sometimes CQC, and an enquiry outcome closes the loop. Verivius runs the lifecycle end-to-end so referral records, outcome letters, and the provider-level governance picture all live against the source concern.
What the regulation expects
The provider-side duty is Regulation 13 of the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014: service users must be protected from abuse and improper treatment. Reg 13 is broad. It covers the systems and processes a provider operates to prevent, recognise, refer and respond to safeguarding concerns; the training the team receives; and the culture of speaking up safely.
The local-authority duty for adults at risk is Section 42 of the Care Act 2014: where a local authority has reasonable cause to suspect an adult in its area has needs for care and support, is experiencing or at risk of abuse or neglect, and is unable to protect themselves because of those needs, the authority must make whatever enquiries it thinks necessary. The provider's job is to refer concerns that may meet the s42 threshold; the authority decides whether the threshold is met and whether a s42 enquiry follows.
For children, the framework is Working Together to Safeguard Children (the statutory guidance issued under the Children Act 2004) and the local Multi-Agency Safeguarding Hub (MASH) processes. The referral routes differ by area but the provider duty under Reg 13 is the same: surface the concern, make the referral, record the outcome, share learning.
Allegations against staff sit on a different process again: the Local Authority Designated Officer (LADO) for children and the Designated Adult Safeguarding Manager (DASM) or equivalent route for adults. The provider must distinguish between a safeguarding concern about a service user and an allegation against a member of staff at the earliest possible point because the response processes are different.
What providers most often miss
Across the inspection portfolio Klaudiusz worked over thirteen years inside CQC, three safeguarding gaps showed up more than any others.
One: the threshold conversation never gets recorded.The team has the conversation (“is this a safeguarding referral or do we manage it as a clinical incident?”) but the conversation does not appear in the record. Either route may be defensible. The absence of the threshold reasoning is not. When the inspector reads the record and sees only the chosen route, they ask why the other route was not considered, and the team has to reconstruct from memory.
Two: the referral goes in but the outcome never comes back into the system.The local authority confirms receipt, runs its enquiry, and writes back with an outcome (substantiated, partially substantiated, not substantiated, inconclusive, or not progressed). The outcome letter goes to the registered manager's email and never gets attached to the source concern. Six months later the inspector asks what the local authority decided and the answer is “we think it was closed”.
Three: the staff-allegation track gets confused with the service-user-concern track. A concern about a service user that involves a staff member needs to fork: there is a safeguarding concern about the service user (which goes to the local authority) and potentially an allegation about staff conduct (which goes to LADO for children or the equivalent adult route). Providers often refer one and not the other, or wait for the local authority enquiry to clarify what kind of referral they should have made. The two referral lines are independent; both need to fire from the same source if the case involves both elements.
None of these gaps come from intent. They come from the team carrying the safeguarding decision tree in their head at a moment when the priority is the immediate response, not the record-keeping shape.
What an inspector looks for in the safeguarding trail
The standard CQC sample on safeguarding is the provider's internal safeguarding log over the last twelve months cross-referenced with the local-authority safeguarding data the inspector has access to. The reading test is whether the two match: does every concern the provider recorded as “referred to the local authority” appear on the local authority's receiving list, and does every local authority Section 42 enquiry involving the provider appear on the provider's own log.
Significant gaps in either direction are a Reg 13 concern. Concerns logged as referred that the local authority did not receive suggest the referral never went or the referral form went somewhere that does not reach the safeguarding team. Concerns the local authority is investigating that the provider has no record of suggest a culture finding: staff are raising concerns externally because they do not trust the internal route.
On individual records, the inspector typically reads three things: the initial concern (what was seen or heard), the threshold reasoning (why the team made the decision they made), and the outcome (what the local authority or LADO concluded and what changed inside the provider as a result). Records that have all three read as evidence of working systems. Records that have only the first two read as referrals into a black box, which is a Reg 13 and Reg 17 finding combined.
Allegations against staff get an extra layer. The inspector looks for the disciplinary trail running alongside the safeguarding trail without contaminating it. The two processes need to be visible as separate lines that converged where the facts overlap; merging them prematurely is unsafe for the alleged staff member and merging them too late is unsafe for the service user.
How Verivius handles the safeguarding lifecycle
Verivius runs safeguarding as a closed lifecycle. The threshold reasoning is prompted at log-time so the decision tree gets captured in the record, not in the team's head. The referral record sits against the source concern with its own outcome field, so when the local-authority letter arrives it attaches to one place. Staff-allegation cases fork to a parallel track so the two response processes stay visible without contaminating each other. Aggregate views show the quarterly safeguarding pattern (referral count, outcome mix, theme tagging) so the well-led question (what is the provider doing about the pattern, not the individual case) has a visible answer. For the full feature walk-through see what Verivius actually does.
Short answer: “How does Verivius help with safeguarding referrals?” on the FAQ.
Common questions on safeguarding reporting
When does a clinical incident also become a safeguarding concern?
When the harm or risk of harm involves abuse, neglect, or exploitation, and the person affected meets the Care Act criteria for adults at risk (or is a child). The trigger is the abuse-or-neglect element, not the clinical severity. A patient fall is a clinical incident; a patient fall with credible concern that staff did not respond appropriately to a request for help becomes a safeguarding concern as well. The threshold reasoning belongs in the record at the moment the team makes the call.
What happens when a concern also involves a staff member?
The two response tracks run in parallel: a safeguarding concern about the service user (referred to the local authority where the threshold may be met) and an allegation about staff conduct (routed to LADO for children, to the relevant adult-allegation process otherwise). The two should not be merged into a single referral; the response processes, evidence standards, and timelines differ. Verivius opens the staff-allegation record as a forked track from the safeguarding concern so both run end-to-end without contaminating each other.
Related sample policies
Verivius-authored templates that pair with this page. Verbatim statutory text plus plain-British summary and adoption sections; for adaptation, not adoption unchanged.
- Safeguarding adults policy template · Reg 13
- Safeguarding adults policy (adult social care) · Adult social care
- Safeguarding policy (dental) · Dental
- Safeguarding policy (primary care) (gp) · GP
- Under-18s and safeguarding policy (sexual health) · Sexual health
- Positive behaviour support policy template · Positive behaviour support
See how the safeguarding lifecycle works inside Verivius
A 20-minute conversation walks through your service shape, your current safeguarding trail, and the Reg 13 patterns inspectors are most likely to sample in your sector. No demo deck. The founder logs into a demo workspace, walks through it, answers what you actually want answered.
Worth reading alongside: the incident-reporting page for how the safeguarding lifecycle interlocks with incident closure, and our commitment to safeguarding for how Verivius operates as a processor when records-review work surfaces safeguarding concerns.
Related sample policy template: Safeguarding from abuse (Reg 13).
Free to start, no card. A 14-day trial when you subscribe.
Last reviewed 30 May 2026