The CQC’s first prosecution of an independent provider
All health and social care providers and managers have a statutory duty of candour in accordance with Regulation 20 of the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014. This is a duty to act in an open and transparent way with people they are providing care or treatment to.
It requires health and social care providers and managers, who are registered with the Care Quality Commission (CQC), to take a number of steps ‘as soon as reasonably practicable’ where a ‘notifiable safety incident’ has occurred.
A ‘notifiable safety incident’ is defined as an ‘unintended or unexpected incident’ that occurred during the provision of an activity regulated by the CQC, and in the reasonable opinion of a healthcare professional, could or already has resulted in death, or severe or moderate harm to the person receiving care. This latter part of the definition varies depending on the type of registered provider.
The duty of candour requires a registered provider to notify the relevant person that the incident has occurred in person, and subsequently follow this up in writing. The notification should include all of the facts about the incident that are known at the time of the notification, as well as any further enquiries that are being made and an apology. A written record must also be made of this notification. In the event that the person cannot be contacted or refuses to speak to the registered provider, a written record of any attempts to contact the person must be kept.
The first reported prosecution by the CQC for a breach of the duty of candour, contrary to Regulation 20, was in September 2020 against an NHS Trust. Prior to this, the CQC had only taken action to issue Fixed Penalty Notices for these breaches. However, it was recently reported that the CQC prosecuted an independent hospital for this offence, which was reportedly the first of its kind against an independent provider.
It is reported that the independent hospital was fined £5,000 at Leeds Magistrates Court on 29 April 201, plus a victim surcharge of £120 and was ordered to pay the CQC’s costs of £14,984.36. This was a total to pay of £20,104.36.
In a press release published by the CQC on 30 April 2021, it is confirmed that the CQC brought the prosecution after it emerged that the provider failed to share details in a timely manner of what happened to four patients who were being treated by an upper limb orthopaedic consultant who worked at the hospital, in line with their duty of candour responsibilities.
The CQC’s Head of Hospital Inspection, Sarah Dronsfield, commented in the press release as follows:
“All care providers have a duty to be open and transparent with patients and their loved ones, particularly when something goes wrong, and this case sends a clear message that we will not hesitate to take action when that does not happen.
“This is the first time that CQC has prosecuted an independent healthcare provider for failure to comply with the regulation concerning duty of candour, and we welcome the outcome of today’s hearing.”
One of the most common downfalls of registered providers who fall foul of this duty is the delay in notifying a person of a notifiable safety incident, or failing to include all relevant facts in the notification.
It is a defence for a registered provider to prove that they took all reasonable steps and exercised all due diligence to prevent the breach. It is therefore advisable that detailed records of any attempts to contact the relevant person, or their refusal to speak with the registered provider, are kept and that all of the facts of the incident are notified in full, both in person and in writing.
The maximum fine that can be imposed in a prosecution for this offence is £2,500 per breach, and although this is small, a prosecution of this nature can arguably cause more reputational damage to a health and social care provider. It is therefore important that health and social care providers ensure strict compliance with their statutory duty under Regulation 20 and that prompt action is taken to remediate any breaches as quickly as possible in order to mitigate the risk of any prosecution.