Login

SL04-Good Governance

{{org_field_logo}}

{{org_field_name}}

Registration Number: {{org_field_registration_no}}

Good Governance: Organisational Structure Policy

1. Purpose and Scope

CQC assessment approach (Single Assessment Framework): We maintain governance systems that enable us to evidence compliance and good practice against CQC’s current assessment framework, including the quality statements under the 5 key questions (Safe, Effective, Caring, Responsive, Well-led). Governance information (risk, performance, quality outcomes, and people’s experience) is collected, analysed and used to drive improvement, and is kept inspection-ready for ongoing assurance and CQC engagement.

2. Governance Framework

Governance is the system of rules, practices, and processes that {{org_field_name}} uses to manage its operations effectively. It provides a structured approach to decision-making, risk management, compliance, and quality assurance.

A strong governance framework ensures that our Supported Living service is well-led, safe, and continuously improving in accordance with CQC Regulation 17 – Good Governance. It also ensures that we comply with legal, ethical, and regulatory obligations, including those set by the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014 and the Care Quality Commission (Registration) Regulations 2009. Our governance framework is built on three key pillars:

2.1 Strategic Leadership

Strategic leadership ensures that {{org_field_name}} operates with a clear mission, vision, and values that align with best practice standards and CQC requirements. Leadership responsibilities include:

Our leadership team includes: the Registered Provider, responsible for ensuring that the service meets all legal and regulatory requirements; the Nominated Individual, responsible for overseeing the management of regulated activities and acting as a key point of contact for CQC; and the Registered Manager, responsible for the daily operational management of the service. Together, they set the tone for a well-led organisation.

2.2 Oversight and Monitoring of Service Quality, Safety, and Compliance

Governance ensures that {{org_field_name}} has robust monitoring systems in place to oversee the quality, safety, and compliance of the services we provide. This includes:

Through data-driven decision-making, {{org_field_name}} identifies areas for improvement, implements corrective actions, and continuously enhances service quality. This systematic oversight helps us promptly detect and rectify any shortfalls, thereby maintaining safe and effective care.

2.3 Engagement with Stakeholders

Governance is also about building strong relationships with stakeholders who are directly or indirectly impacted by our services. We recognize that engaging with service users, staff, and external partners is essential for a well-led service. Key stakeholders include:

2.3.1 Service Users and Families

We actively seek input from service users and their families to shape and improve our services. Mechanisms for engagement include:

2.3.2 Staff and Workforce

Our employees are central to service quality, so we engage and support our workforce through:

2.3.3 Regulatory and External Bodies

We maintain proactive relationships with regulators and external agencies to ensure broad accountability and alignment with sector expectations:

Through effective governance, {{org_field_name}} fosters transparency, accountability, and continuous improvement. This stakeholder engagement ensures we remain responsive to feedback and changing needs, thereby maintaining a well-led, high-quality Supported Living service that prioritises the safety, dignity, and wellbeing of our service users.

3. Organisational Structure

Our organisational structure provides a clear framework for decision-making, accountability, and effective governance within {{org_field_name}}. It ensures that responsibilities are well-defined and that care services are delivered efficiently, safely, and in compliance with CQC regulations.

By establishing a structured hierarchy, we maintain high standards of leadership, operational efficiency, and care quality. Every role within the organisation has defined duties that contribute to our overall success. Below is a breakdown of key roles and responsibilities:

3.1 Board of Directors

The Board of Directors is responsible for the overall strategic direction, corporate governance, and financial oversight of the company. Board members (Directors) ensure that the organisation meets all statutory obligations and adheres to CQC requirements, the Health and Social Care Act, and the Care Act 2014. This includes setting the organisation’s vision and values, approving policies and budgets, and ensuring that all directors are and remain Fit and Proper Persons as required by CQC (Regulation 5). The Board provides support and scrutiny to the Registered Provider and senior management team, holding them accountable for delivering safe, high-quality services.

3.2 Registered Provider

Name: {{org_field_name}}
The Registered Provider is the legal entity (organisation) registered with CQC and responsible for the overall management, regulation, and compliance of the Supported Living service. This role includes:

(In our organisation, the Board of Directors and the Registered Provider work closely together to uphold these responsibilities, ensuring robust oversight from the highest level.)

3.3 Nominated Individual

Name: {{org_field_nominated_individual_first_name}} {{org_field_nominated_individual_last_name}}
The Nominated Individual is appointed to act on behalf of the Registered Provider (as required by CQC registration) and is accountable for supervising the management of the regulated activities. Their responsibilities include:

3.4 Registered Manager

Name: {{org_field_registered_manager_first_name}} {{org_field_registered_manager_last_name}}
The Registered Manager is responsible for the day-to-day running of the service, ensuring that high-quality care is provided in a safe and effective manner. This role is crucial for:

The Registered Manager is the CQC-registered responsible manager for the service and works with the Nominated Individual and Provider to uphold the governance and quality standards.

3.5 Care Coordinators

Care Coordinators play a key role in organising and managing service delivery on the ground. They:

3.6 Care Workers

Care Workers are the frontline staff delivering direct care and support to service users in their own homes or supported living settings. They:

3.7 Additional Support Roles

In addition to the above direct care roles, {{org_field_name}} employs support staff who ensure the service runs smoothly and meets all operational and compliance requirements:

(Note: In smaller organisations, some of these support functions may be combined or outsourced, but {{org_field_name}} ensures that all these responsibilities are assigned and carried out competently.)

4. Governance Responsibilities

Our governance responsibilities ensure that {{org_field_name}} operates in a well-led, safe, and compliant manner, meeting all regulatory and legal obligations. This section outlines how governance is embedded into our organisation through leadership, monitoring, quality assurance, and compliance processes. Our leaders promote a positive culture and work in partnership with commissioners, health partners and safeguarding systems to deliver care that is person-centred, sustainable and actively reduces inequalities in access, experience and outcomes.

4.1 Managing and Governing the Organisation

We maintain robust governance by implementing structured leadership, oversight mechanisms, and accountability frameworks that support our strategic direction and operational efficiency. Key governance practices include:

Regular Management Meetings – We have scheduled forums for oversight and decision-making at all levels: Monthly governance and performance meetings are held to review key performance indicators (KPIs), staffing levels, financial performance, and service user outcomes. Quarterly strategic review meetings allow senior leaders to address any operational challenges, evaluate progress on objectives, and plan improvements. Additionally, we conduct annual business planning sessions to set future objectives and ensure alignment with CQC standards and any updates in law or guidance.

Compliance with CQC regulations (Regulation 17 – Good governance): We maintain effective governance systems and a rolling programme of assurance and audit that assess, monitor and improve the quality and safety of our service, including people’s experience. Audits and checks are scheduled and responsive (for example: quarterly core audits plus thematic audits where risks/trends indicate), and are baselined against Regulations 4–20A of the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014. We use findings to create, implement and track corrective and preventive actions (CAPA). When requested, we will provide CQC with a written report describing how we assess, monitor and improve quality and safety, including the actions taken and the impact achieved.

Policy and Procedure Management – Our organisational policies and procedures are aligned with the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014, relevant CQC guidance, and best practices in the sector. We maintain an up-to-date library of policies covering all key areas (e.g. safeguarding, medication, health and safety, infection control, information governance, etc.). A formal schedule is in place to review each policy at least annually, or sooner if there are changes in legislation, emerging risks, or lessons learned from incidents. When policies are updated or new guidance emerges, we communicate these changes to staff and provide any necessary training to ensure everyone in the organisation understands and adheres to the current procedures.

4.1.1 CQC Single Assessment Framework – evidence and governance reporting
We maintain an evidence structure that links governance activity (audits, KPIs, risks, learning and improvement) directly to CQC’s quality statements under the 5 key questions. Our governance reporting includes:

4.2 Continuous Assessment and Improvement

We use a continuous improvement approach to monitor service performance and drive quality enhancements. Governance is not static; we actively seek to learn and improve. This is achieved through:

Internal Audits – We carry out regular internal audits (at least quarterly) across critical aspects of the service. These audits cover care quality (e.g. reviewing care records and observing practice), staff training compliance, safeguarding processes, medication management, infection control, and health & safety. We also conduct unannounced spot-checks, including visits to service users’ homes, to directly assess the quality of care being delivered. Audit findings are documented in reports which are reviewed by senior management. Any recommendations or issues identified are translated into actions for improvement.

Action Plans for Improvement – For any non-compliance or improvement area identified (whether through audits, incidents, or feedback), we develop Corrective and Preventive Action Plans (CAPAs). These plans detail the issue, the actions needed, responsible persons, and timelines. Progress on action plans is monitored in management meetings to ensure issues are effectively resolved. We also use supervision and staff performance reviews to address individual practice issues and ensure each team member meets care standards. Additionally, we engage in benchmarking against national or regional performance data where available, to measure our service effectiveness and identify areas where we can do better.

Staff Training and Development – We invest in our workforce to drive improvement. All staff receive mandatory induction and ongoing professional development training relevant to their roles (including mental health awareness and de-escalation techniques, given our service user group). Staff competencies are regularly evaluated, and we conduct formal supervisions and appraisals at least every six months. These one-to-one meetings help to monitor performance, set goals, and identify any training needs or support required. We also perform workforce planning to anticipate future needs and address any skills gaps – for example, arranging additional training or hiring specialists if needed to enhance the quality of care.

Through these continuous assessment and improvement activities, we create a learning culture that adapts and strives for excellence, rather than waiting for external inspections to drive change.

4.3 Seeking and Acting on Feedback

We foster a culture of openness and continuous improvement by actively engaging with service users, families, staff, and external stakeholders. Feedback is a vital part of our governance and we have systems to seek it out and act upon it, in line with CQC’s expectations that providers continually evaluate their services with input from others.

Service User Engagement – We conduct service user satisfaction surveys at least annually (with informal mini-surveys or check-ins more frequently, e.g. quarterly) to gather direct feedback on the care and support we provide. We also hold regular reviews for each service user (at least every six months, or more often as needed) where the service user and their family/representatives can discuss what is working well and what could be improved. All feedback and survey results are analyzed, and findings are used to inform our service development plans. Where issues are raised – whether it’s about staff punctuality, care quality, or any other concern – we address them promptly and inform service users of any changes or improvements made as a result of their feedback.

Staff Consultations and Engagement – We value our staff’s insights into service performance. We hold monthly staff meetings and forums where team members can openly discuss challenges, successes, and suggestions for improvement. We keep staff informed of policy updates, CQC news, and encourage discussion on how we can improve practices. Through our whistleblowing policy and an open-door management approach, we ensure staff can raise concerns or ideas directly with management at any time. Any concerns raised by staff (anonymously or openly) are taken seriously and investigated. By engaging staff in decision-making and quality initiatives, we build a committed team that feels responsible for the service’s success.

Complaints Handling – We have a clear and accessible complaints procedure (aligned with CQC Regulation 16 on handling complaints). Service users and others can make complaints or raise issues without fear, and we handle these in a timely, fair, and transparent manner. Each complaint is logged and formally investigated, often by someone not directly involved in the matter to ensure impartiality. We uphold a duty of candour in our responses, apologizing and explaining what went wrong if a complaint identifies an error on our part. All complaints and their outcomes are reviewed by management and also analysed for trends – if multiple complaints highlight a similar issue, this signals a systemic problem that we address through changes in practice or additional training. Learning from complaints is shared with the team so that we prevent recurrence and continuously improve our service.

4.4 Assessing, Monitoring, and Improving Quality & Safety

Ensuring high standards of care, safety, and compliance is at the core of our governance framework. We have specific processes to manage risk, learn from incidents, and safeguard our service users:

Risk Management and Health & Safety – We conduct regular risk assessments to identify and mitigate potential hazards in service users’ homes and in our staff’s work activities. This includes assessing environmental risks (e.g. home safety, trip hazards, fire safety) and clinical or psychosocial risks related to individuals’ mental health (for example, risks of self-harm, neglect, or crisis situations). For each identified risk, we implement measures to reduce the likelihood of harm – such as providing adaptive equipment, developing positive behavior support plans, or ensuring two staff assist where needed. We maintain up-to-date risk management plans for each service user as part of their care plan. Additionally, we have robust health and safety policies (e.g. infection control, medication safety, lone worker safety) and emergency procedures to protect both service users and staff. We ensure that lone workers (staff supporting service users one-to-one in the community) follow safety protocols and can quickly get assistance in an emergency. All significant risks are logged and reviewed regularly, and our aim is proactive prevention of incidents.

Incident Reporting and Learning Culture – We have a mandatory incident reporting system that all staff are trained to use. Any accidents, incidents, errors (such as medication errors), safeguarding concerns, or near-misses must be reported immediately to management. Each incident report is reviewed and investigated to determine root causes and identify any changes needed. For serious incidents, we perform a formal Root Cause Analysis (RCA) to fully understand what happened and why. We foster a “no-blame” culture so that staff feel able to report issues honestly – focusing on learning rather than punitive responses. Lessons learned from incidents (and near-misses) are shared in team meetings or supervision, and policies or risk assessments are updated if needed to prevent recurrence. We also hold quarterly incident review meetings as part of governance, looking at all incidents and trends over the period to see if any systemic improvements are required. This continuous learning from our own (and others’) experiences helps us improve safety.

Safeguarding Compliance – We adhere strictly to safeguarding policies and the requirements of Regulation 13 – Safeguarding service users from abuse and improper treatment. {{org_field_name}} has a named Designated Safeguarding Lead (DSL) (usually the Registered Manager or other senior person) who oversees our safeguarding practices. All staff receive safeguarding training annually (with refreshers covering how to recognise signs of abuse, including those specific to mental health vulnerabilities, and how to report them). When any safeguarding concern arises, we act immediately to protect the individual – this can include contacting emergency services or the local authority safeguarding team. We report all safeguarding incidents and allegations to the relevant authorities (such as the local Safeguarding Adults Board and CQC) as required. Internally, safeguarding incidents are reviewed to ensure appropriate actions were taken and to identify any lessons (for example, if a change in procedure could have prevented it). Our governance framework treats safeguarding as paramount: protecting people from harm is a core component of being a well-led service.

4.5 Record Keeping and Data Protection

We ensure accurate, secure, and confidential management of service user records, staff files, and all operational data. Proper record-keeping and information governance are integral to good governance and safe care (as poor records can lead to unsafe care). Our approach includes:

Accurate and Secure Record-Keeping – We maintain comprehensive records for both service users and staff, and protect them from loss or unauthorised access. Service user records include detailed care plans, risk assessments, needs assessments, medical histories, and consent forms, providing a complete picture to guide their care. Staff records include proof of identity and background checks (e.g. DBS disclosures), employment contracts, qualifications, training logs, and performance appraisals. All records (whether paper or digital) are kept up-to-date and stored securely. We utilize a secure digital record-keeping system with role-based access controls and encryption, ensuring that only authorized personnel can access sensitive information. The system tracks access and modifications, which adds accountability for any changes made.

Data Protection Compliance (UK GDPR and Data Protection Act 2018) – {{org_field_name}} processes personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We only collect information necessary to deliver safe, effective supported living services and to manage our workforce and operations. Our lawful bases for processing data include the provision of health and social care (duty of care), compliance with legal obligations, and performance of a contract; for any special category data (such as health information), we rely on substantial public interest and the provision of health or social care as per Schedule 1 of the DPA 2018. We are accountable for meeting the key data protection principles of lawfulness, fairness and transparency; purpose limitation; data minimisation; accuracy; storage limitation; and integrity and confidentiality. In practice, this means we provide clear privacy information to service users and staff about how their data is used, we limit use of data to the stated purposes, collect only what is needed, keep data accurate and up-to-date, retain data only for as long as necessary, and secure it against loss or unauthorized access.

To uphold these principles, we maintain records of our processing activities and conduct Data Protection Impact Assessments (DPIAs) for any high-risk data processing (for example, use of new technology or handling large volumes of sensitive health data). We also have written contracts or Data Processing Agreements in place with any third parties (processors) that handle personal data on our behalf (such as payroll services or IT providers), to ensure they also comply with GDPR standards. All staff sign confidentiality agreements as part of their employment and receive training on data protection and information security during induction and via annual refreshers. We respect individuals’ rights regarding their personal data – if a service user or staff member makes a request to access their records or to correct or erase information, for instance, we respond within statutory timescales and in accordance with our internal procedures. Personal data is retained and disposed of securely in line with our retention schedule and relevant health and social care guidance. In the event of any personal data breach, we have an incident response plan: we will promptly assess the risk and, where required, report the breach to the ICO (Information Commissioner’s Office) within 72 hours and inform affected individuals without undue delay, as mandated by the UK GDPR. {{org_field_name}} is registered with the ICO as a data controller; our registration details are available on request.

Data Audits and Monitoring – We carry out regular checks to ensure ongoing compliance with data protection standards and the accuracy of our records. This includes periodic spot checks on care and personnel records to verify they are complete, up-to-date, and filed correctly. We have data retention policies in place, which outline how long different types of records are kept and the processes for secure disposal – compliance with these policies is reviewed so that we do not retain information longer than needed. We also ensure robust access control measures: access to personal data (physical files or IT systems) is restricted to only those staff who need it for their role, and access rights are reviewed when staff roles change or staff leave. Furthermore, we conduct data security audits (at least quarterly) to identify any potential vulnerabilities in our IT systems or data handling practices. Findings from these audits are acted upon, for example, updating software, enhancing encryption, or providing extra staff training if any weaknesses are detected. By diligently monitoring our data practices, we safeguard individuals’ information and maintain their trust.

4.6 Compliance with Statutory Requirements

We are committed to full compliance with all legal, ethical, and professional regulations governing Supported Living services. Good governance encompasses not only internal processes but also meeting external statutory requirements that apply to our service. Key areas of compliance include:

CQC Registration and Compliance – {{org_field_name}} ensures ongoing compliance with the conditions of our CQC registration and all applicable regulations. We adhere to both the CQC (Registration) Regulations 2009 and the fundamental standards set out in the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014. This means we maintain an accurate Statement of Purpose for our service and notify CQC of any significant changes to it or to our service as required by law. We also submit all necessary statutory notifications (e.g. for certain incidents, serious injuries, safeguarding alerts, changes in management) to CQC without delay, as part of our registration obligations. By keeping CQC informed and up-to-date, we demonstrate transparency and ensure we meet Regulation 17’s expectation to provide information on our governance when requested. In addition, we regularly review our compliance status through internal audits (as noted above) and use CQC’s guidance to prepare for inspections. Annual self-assessments and quality improvement plans are developed to drive our service forward and maintain high standards in line with the CQC’s inspection criteria.

Fit and Proper Persons (Regulation 5) – We fully comply with CQC Regulation 5: Fit and Proper Persons Requirements for directors and board members. {{org_field_name}} ensures that all individuals in director-level or equivalent leadership positions are suitable, of good character, and qualified for their roles. We have robust recruitment and vetting procedures for such positions, including Disclosure and Barring Service (DBS) checks, verification of qualifications and professional registrations, thorough reference checks, and review of any past misconduct or regulatory action. We also require directors and senior officers to sign annual declarations of their fitness, confirming that they continue to meet the criteria (e.g. no new convictions or insolvency issues). The fitness of directors is regularly reviewed to ensure they remain fit for their role – for example, if new information comes to light or if the role’s requirements change, we reassess. Should we identify that a person in a leadership role no longer meets the fit and proper criteria (for instance, due to a serious misconduct issue or loss of a required credential), we will take prompt and appropriate action to address this, which may include additional training, role adjustment, or removal of that individual from their post. By enforcing these standards, we uphold public trust and ensure that our organisation’s leadership is capable and responsible for delivering safe, high-quality care.

Mental Capacity Act 2005 and Care Act 2014 Compliance – We ensure that service users’ rights and wellbeing are at the forefront of our care, in line with key legislation. In adherence to the Mental Capacity Act 2005, our staff are trained to understand and uphold the principles of capacity and consent. This includes presuming adults have capacity unless assessed otherwise, enabling and supporting individuals to make their own decisions whenever possible, and if a person is assessed as lacking capacity, acting in their best interests and in the least restrictive way. We provide comprehensive staff training on conducting mental capacity assessments and the process for making Best Interest decisions when needed. Any decisions or care plans involving potential deprivation of liberty are managed with the appropriate legal authorisations. At present, where a deprivation of liberty arises in supported living, authorisation will normally be sought via the Court of Protection (and, where relevant in other settings such as hospitals/care homes, the applicable Deprivation of Liberty Safeguards process will be followed). We will keep practice under review in line with national changes, including government consultation and implementation plans for Liberty Protection Safeguards. In addition, we adhere to the Care Act 2014, which underpins our approach to person-centred care and safeguarding. We embrace the Care Act’s wellbeing principle by aiming to enhance our service users’ wellbeing in all aspects (e.g. personal dignity, physical and mental health, control over life, participation in the community). Our staff understand their safeguarding duties under the Care Act – to prevent and respond to abuse or neglect – and work jointly with local authorities in safeguarding inquiries. Care plans consider the whole needs of the individual (including eligible needs as defined by the Care Act) and we support people to access advocacy or additional support if they require it. By complying with the Mental Capacity Act and Care Act, we ensure our service users’ legal rights are respected and that our care is holistic and law-abiding.

Duty of Candour (Regulation 20) – We uphold the Duty of Candour as a fundamental part of our governance and culture. This means we are honest and transparent with service users (and their families or representatives) when things go wrong. If a notifiable safety incident occurs – one that has caused harm or had the potential for serious harm – we will notify the affected individual(s) promptly, in line with our open disclosure policy. We provide a truthful account of what happened, explain what we are doing to investigate and fix the issue, and offer a sincere apology. We also put our apologies and explanations in writing as required. All staff are trained on their responsibilities under the Duty of Candour, so they understand the importance of reporting incidents to management and of being truthful with service users. We foster a culture where admitting mistakes is seen as a positive step towards learning and improvement, not something to hide. Compliance with the Duty of Candour is monitored through incident reviews and feedback from service users. By being open and honest, we maintain trust with the people we support and fulfill our regulatory obligations.

Responsible Person: {{org_field_registered_manager_first_name}} {{org_field_registered_manager_last_name}}
Reviewed on: {{last_update_date}}
Next Review Date: {{next_review_date}}
Copyright © {{current_year}} – {{org_field_name}}. All rights reserved.

Leave a Reply

Your email address will not be published. Required fields are marked *