1. What the regulation says
The primary legal duty for lone working sits in the Health and Safety at Work etc. Act 1974 and the Management of Health and Safety at Work Regulations 1999, which require employers to assess and control the risks to staff who work alone. Within CQC-regulated activity, the same lone-working risks are captured by Regulation 12 (safe care and treatment), which is reproduced verbatim below:
Care and treatment must be provided in a safe way for service users. (Reg 12(1) (the headline duty))
assessing the risks to the health and safety of service users of receiving the care or treatment, (Reg 12(2)(a) (risk assessment))
doing all that is reasonably practicable to mitigate any such risks, (Reg 12(2)(b) (risk mitigation))
ensuring that persons providing care or treatment to service users have the qualifications, competence, skills and experience to do so safely, (Reg 12(2)(c) (staff competence))
ensuring that the premises used by the service provider are safe to use for their intended purpose and are used in a safe way, (Reg 12(2)(d) (premises safety))
The full text of the regulation is at https://www.legislation.gov.uk/uksi/2014/2936/regulation/12. Where this policy and the regulation diverge, the regulation wins.
2. Plain-English summary
Care and treatment must be provided in a safe way. The regulation lists the areas a provider must address, including risk assessment, risk mitigation, staff competence, safe premises, safe equipment, sufficient equipment and medicines, medicines safety, infection prevention and shared-care planning. For lone working, the underlying duty comes from the Health and Safety at Work etc. Act 1974 and the Management of Health and Safety at Work Regulations 1999: the employer must assess the risks faced by people who work alone or without close supervision and put proportionate controls in place before the work happens.
3. Purpose
The purpose of this policy is to make sure that [Service Name] identifies, assesses and manages risks to staff and others who work alone or without close or direct supervision.
Lone working is not limited to domiciliary care. It may occur in clinics, reception areas, treatment rooms, diagnostic services, private consulting rooms, patient transport, mobile services, out-of-hours work, home visits, remote administration, premises opening and closing, and situations where a staff member is physically present but cannot easily get help.
This policy supports safe care and treatment, good governance, staff safety, safeguarding, health and safety duties and effective service continuity.
4. Policy warning
No person must be expected to work alone in a situation where the risk has not been assessed and controlled.
Where lone working creates a foreseeable risk of violence, abuse, medical emergency, unsafe premises, distress, lone clinical decision-making, manual handling, driving, community visit risk or inability to summon help, the manager must put proportionate controls in place before the work happens.
Some tasks may be unsuitable for lone working. If a task cannot be made safe, it must not be carried out by a lone worker.
5. Scope
This policy applies to lone working in:
- clinics and treatment rooms
- reception or front-of-house areas
- diagnostic services
- private consulting rooms
- mobile or outreach services
- patient transport
- home visits
- community visits
- out-of-hours opening or closing
- lone premises checks
- lone medicines or stock handling
- remote or home working
- driving between appointments
- administrative work involving confidential records
- any situation where staff cannot easily obtain immediate support
It applies whether the person is employed, self-employed, contracted, agency, volunteer or working on behalf of the provider.
6. Definition
A lone worker is someone who works by themselves without close or direct supervision, or who may not be seen or heard by another person for a period of time while carrying out work for the service.
A person may be a lone worker even inside a building where other people are present if they cannot easily call for help or are working in isolation.
7. Principles
The service will:
- identify lone-working situations
- assess risks before lone working starts
- set limits on what can be done alone
- provide training and information
- maintain contact with lone workers
- provide a way to summon help
- respond promptly where contact is missed
- investigate incidents and near misses
- support staff after violence, abuse or distressing events
- review controls when risk changes
8. Responsibilities
The provider is responsible for ensuring that safe lone-working arrangements and resources are in place.
The Registered Manager is responsible for implementing this policy, ensuring risk assessments are completed, and reviewing incidents, missed contacts and concerns.
Managers and supervisors are responsible for agreeing lone-working arrangements, monitoring staff and escalating risks.
Staff are responsible for following lone-working procedures, using agreed check-in systems, reporting concerns and refusing unsafe lone-working tasks where immediate risk cannot be controlled.
9. Lone-working risk assessment
The manager must assess lone-working risk before lone working starts and whenever circumstances change.
The assessment must consider:
- type of work
- location
- time of day
- person's role and experience
- known risks from people using the service or visitors
- violence, aggression or harassment risk
- clinical or care risks
- manual handling risk
- medicines, equipment or controlled-drug risk
- travel and driving risk
- ability to summon help
- communication signal or phone access
- emergency response time
- personal health factors
- experience and competence of the worker
- need for supervision or second worker
- safeguarding or professional-boundary risk
- confidentiality and data security risk
The risk assessment must record controls, named owner and review date.
10. When lone working may not be suitable
The service must consider whether lone working should be prohibited or restricted where:
- there is known or likely violence or aggression
- a person has a history of threatening behaviour
- intimate care or examination creates safeguarding or boundary risk
- manual handling requires two people or equipment
- emergency response may be needed
- medicines or controlled drugs create security risk
- the worker is inexperienced or not yet competent
- the premises or visit location is unsafe
- communication cannot be maintained
- the worker has a health condition that may make lone working unsafe
- the task involves high-risk equipment or substances
- there is no reliable way to summon help
If controls cannot reduce risk to an acceptable level, the task must not proceed as lone work.
11. Controls
Controls may include:
- pre-visit or pre-task risk assessment
- two-person working
- manager approval before lone work
- check-in and check-out system
- scheduled welfare calls
- lone-worker device or alarm
- agreed code word
- safe exit route
- appointment screening
- refusing or rearranging unsafe appointments
- secure reception arrangements
- panic alarm
- CCTV where lawful and proportionate
- violence and conflict training
- restriction on carrying money or medicines
- parking and travel controls
- clear escalation route
- emergency contact list
- out-of-hours procedure
- staff supervision and debriefing
Controls must be practical and understood by the worker.
12. Check-in and monitoring
The service must maintain contact with lone workers at intervals proportionate to risk.
The procedure must state:
- when the worker checks in
- how the worker checks in
- who monitors the check-in
- what happens if a check-in is missed
- escalation timescales
- who contacts the worker
- when emergency contacts or police may be contacted
- how return to base or completion is confirmed
A check-in system is only safe if someone is responsible for responding when contact is missed.
13. Violence, abuse and harassment
Staff must not be expected to tolerate violence, threats, harassment, sexual comments, discriminatory abuse or intimidation as part of the role.
Where a worker feels unsafe, they may leave the situation if it is safe to do so and must contact the manager or emergency services as required.
The service must review incidents involving:
- verbal abuse
- threats
- physical assault
- sexual harassment
- stalking or unwanted contact
- discriminatory abuse
- aggressive relatives or visitors
- unsafe public or home environments
- intoxication or substance-related behaviour
- weapon concern
The manager must consider incident reporting, safeguarding, police contact, staff support, risk assessment update and whether future lone working is safe.
14. Home visits and community working
Where staff visit homes or community locations, the service must assess:
- address risk
- access and parking
- known people at the address
- pets or environmental risks
- infection risk
- manual handling
- medicines or equipment risk
- phone signal
- time of day
- exit route
- whether visit should be two-person
- whether the visit should be cancelled, delayed or moved to another setting
Staff must not enter or remain in an environment they reasonably believe is unsafe.
15. Clinics, treatment rooms and premises
Where staff work alone in premises, the manager must assess:
- building security
- opening and closing arrangements
- reception safety
- treatment-room layout
- ability to call for help
- emergency equipment access
- lone clinical decision-making
- chaperone requirements
- cash, medicines or controlled-drug security
- visitor behaviour
- lone worker visibility
- emergency evacuation
Staff must know what to do if someone refuses to leave, becomes aggressive or if they become unwell themselves.
16. Remote and home working
For remote or home working, the service must consider:
- workstation safety
- confidentiality
- secure access to records
- phone or video contact
- working hours
- stress and isolation
- escalation route
- handling distressing calls or safeguarding disclosures
- data protection
- incident reporting
Remote workers must still have access to supervision, support and emergency escalation.
17. Medical suitability
Managers must consider whether a person is medically suitable to work alone where there is a known health condition that may affect safety.
This must be handled sensitively and lawfully.
Where required, the service may seek occupational health advice and agree reasonable adjustments.
18. Training
Lone workers must receive training appropriate to their role.
Training may include:
- lone-working procedure
- check-in system
- personal safety
- dynamic risk assessment
- conflict de-escalation
- violence and aggression
- safeguarding escalation
- emergency response
- professional boundaries
- data security while mobile
- driving and travel safety
- when to stop work or leave
- incident reporting
Training must be recorded.
19. Incidents and missed contact
The following must be reported and reviewed:
- missed check-in
- failure of lone-worker device
- inability to contact worker
- threats or violence
- harassment
- unsafe visit or appointment
- staff member leaving due to safety concern
- injury or near miss
- road incident while working
- confidentiality incident during mobile work
- emergency-service contact
- any situation where lone-working controls failed
The Registered Manager must review whether controls need to change.
20. Records
The service must keep:
- lone-working risk assessments
- check-in procedure
- staff training records
- incident and near-miss records
- missed contact logs
- staff support records
- risk register entries where required
- action plans
- audit records
21. Audit
The Registered Manager must audit lone-working arrangements at least annually, or more often where risk is high.
The audit must check:
- risk assessments are current
- check-in systems are used
- missed contacts are acted on
- staff know escalation routes
- incidents are reviewed
- violence and harassment concerns are recorded
- controls remain suitable
- training is complete
- actions are completed
Findings must be added to the action plan or risk register where required.
22. Related policies
This policy should be read with:
- Health and Safety and COSHH Policy
- Risk Management and Risk Register Policy
- Incident Reporting, Investigation and Learning Policy
- Safeguarding Adults Policy
- Safeguarding Children Policy
- Professional Boundaries and Conduct Policy
- Chaperone Policy
- Staff Conduct and Disciplinary Policy
- Whistleblowing and Raising Concerns Policy
- Data Protection and Confidentiality Policy
- Business Continuity and Emergency Preparedness Policy
23. Review
This policy will be reviewed annually, or sooner following a lone-working incident, violence or harassment concern, missed check-in, safeguarding concern, CQC finding, change in service model or change in health and safety guidance.
24. Sources and further reading
This template is based on CQC's guidance for providers and managers, the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014, and other topic-specific legislation and guidance listed below. It is a starting point for adaptation, not a substitute for legal, clinical, HR, safeguarding or specialist professional advice.
- Health and Safety at Work etc. Act 1974 (https://www.legislation.gov.uk/ukpga/1974/37)
- Management of Health and Safety at Work Regulations 1999 (https://www.legislation.gov.uk/uksi/1999/3242)
- HSE lone-working guidance
- HSE violence and aggression at work guidance
- Local authority safeguarding procedures (where a concern involves abuse or neglect)
- CQC Regulation 12: Safe care and treatment
- CQC Regulation 17: Good governance
- CQC Regulation 18: Staffing
- Human Rights Act 1998 (https://www.legislation.gov.uk/ukpga/1998/42)
- Health and Social Care Act 2008 (Regulated Activities) Regulations 2014 (https://www.legislation.gov.uk/uksi/2014/2936/regulation/12)
25. When to seek further advice
Seek specialist advice where the issue involves serious harm, safeguarding, deprivation of liberty, restraint, children, professional misconduct, controlled drugs, radiation, termination of pregnancy, infection outbreak, water safety, employment dismissal, DBS barring referral, or regulatory enforcement.
26. Document control
| Version | Date | Author | Changes |
|---|---|---|---|
| v1 | 2026-06-10 | Verivius (sample) | Initial sample template, conformed to the Verivius policy standard. |
This sample policy template was issued by Verivius. It is a template, not a substitute for legal advice or the tenant's own policy-development process. Where this template and live law or regulator guidance diverge, the live source wins.