{{org_field_logo}}

{{org_field_name}}

Registration Number: {{org_field_registration_no}}

---

Technology-Enabled Care and Telecare Policy

1. Purpose

The purpose of this policy is to establish clear guidelines for the use, management, and implementation of Technology-Enabled Care (TEC) and Telecare Services within {{org_field_name}}. The integration of digital technology in care services enhances safety, promotes independence, and improves service delivery efficiency. {{org_field_name}} is committed to adopting innovative solutions while ensuring compliance with regulatory requirements and best practice standards.

This policy outlines our approach to selecting, implementing, and managing TEC solutions to benefit service users while maintaining the highest levels of data protection, staff training, and ethical considerations.

{{org_field_name}} recognises that technology-enabled care must enhance, and not diminish, person-centred care, human contact, dignity, privacy, safety and accountability. TEC will not be used as a substitute for necessary care delivery, professional judgement or safeguarding oversight.

2. Scope

This policy applies to:

• All staff, including care workers, managers, and administrative personnel involved in TEC implementation.
• Service users and their families, who benefit from technology-assisted care solutions.
• Technology suppliers and third-party service providers, ensuring secure and compliant technology integration.
• External healthcare professionals, including NHS services and local authorities working in partnership.

It covers:

• The role of TEC and telecare in domiciliary care.
• The selection, deployment, and management of TEC solutions.
• Ensuring accessibility, inclusivity, and safeguarding service users.
• Data security, GDPR compliance, and ethical considerations.
• Monitoring, staff training, and policy review mechanisms.

This policy applies to all forms of TEC used by the service, including telecare alarms, falls sensors, door sensors, medication prompts, GPS/location devices, remote monitoring, video consultation tools, digital care records, mobile care apps, smart home devices used in care delivery, and any surveillance or recording technology used or encountered in connection with care.

3. Legal and Regulatory Framework

This policy shall be read alongside, and implemented in accordance with, the current legal and regulatory framework applicable to domiciliary care services in England, including but not limited to:

• Health and Social Care Act 2008 and the Health and Social Care Act 2008 (Regulated Activities) Regulations 2014, in particular:
  • Regulation 9 – Person-centred care
  • Regulation 10 – Dignity and respect
  • Regulation 11 – Need for consent
  • Regulation 12 – Safe care and treatment
  • Regulation 13 – Safeguarding service users from abuse and improper treatment
  • Regulation 16 – Receiving and acting on complaints
  • Regulation 17 – Good governance
  • Regulation 18 – Staffing
  • Regulation 20 – Duty of candour
• Care Quality Commission (Registration) Regulations 2009, including:
  • Regulation 12 – Statement of purpose
  • Regulation 15 – Notice of changes
  • Regulation 18 – Notification of other incidents
• Care Act 2014, including duties relating to wellbeing, prevention, safeguarding, integration and person-centred support.
• Mental Capacity Act 2005 and associated Code of Practice, including the principles of capacity assessment, support to make decisions, best-interest decision-making, and the least restrictive option.
• UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, including lawful processing, confidentiality, security, transparency, data minimisation, retention, subject rights, special category data protections and breach management.
• Equality Act 2010, to ensure TEC and telecare are accessible, non-discriminatory and reasonably adjusted to meet individual communication, sensory, cultural, cognitive and disability-related needs.
• Relevant CQC guidance on digital records, consent to technology, surveillance and the use of technology-enabled care, together with applicable NHS England and Information Commissioner’s Office guidance on digital working, cyber security and safe information handling.

{{org_field_name}} recognises that technology-enabled care does not sit outside existing care regulation. The use of TEC, telecare, digital records, remote monitoring, video communication, falls technology, medication prompts, GPS/location technology, environmental sensors and other digital tools must always support compliance with the same legal duties that apply to all regulated care: safe care, lawful consent, dignity, privacy, safeguarding, good governance, accurate record keeping and openness when things go wrong.

4. Role of Technology-Enabled Care and Telecare in Domiciliary Care

TEC and telecare solutions offer multiple benefits, including:

• Enhanced safety and security – Real-time monitoring devices for fall detection, emergency alerts, and door sensors.
• Improved medication adherence – Automated reminders and electronic medication management systems.
• Remote health monitoring – Smart wearable devices tracking vital signs such as blood pressure and oxygen levels.
• Increased independence and confidence – Assistive technology such as smart speakers, video calls, and voice-controlled appliances.
• Efficient care delivery – Digital care records, mobile care planning apps, and virtual consultations.

5. Selection, Deployment, and Management of TEC Solutions

{{org_field_name}} will only introduce or continue to use Technology-Enabled Care where it is demonstrably safe, appropriate, proportionate, person-centred and likely to improve or support outcomes for the individual.

Before any TEC solution is introduced, the service will complete and record an assessment covering:

• the person’s identified needs, desired outcomes, risks and preferences;
• the purpose of the technology and what problem it is intended to address;
• whether the technology is the least restrictive and most appropriate option;
• any risks to safety, privacy, dignity, liberty, autonomy, communication or family relationships;
• the person’s digital confidence, ability to use the equipment, and need for support or reasonable adjustment;
• compatibility with the care plan, medicines arrangements, moving and handling risks, falls risks, environmental risks and emergency response arrangements;
• the reliability of electricity supply, mobile signal, Wi-Fi, battery life and escalation routes where connectivity may fail;
• responsibilities for installation, testing, monitoring, maintenance, calibration, troubleshooting, replacement and decommissioning;
• who receives alerts, how quickly alerts must be reviewed, and what action must follow.

TEC must not be used as a blanket replacement for direct human contact, professional judgement, observation, safeguarding vigilance, or planned care delivery. Technology must support care, not become a substitute for necessary care visits, welfare checks, escalation or professional review.

Each TEC intervention must be reflected in the individual’s care plan and risk assessment, including:

• the agreed purpose of the technology;
• the consent and capacity position;
• the monitoring arrangements;
• the response times and escalation process;
• any limits of the system;
• actions required during equipment failure or outage;
• review date and discontinuation criteria.

All devices and systems must be subject to pre-use checks, ongoing maintenance, software/security updates where relevant, and periodic review to confirm continuing suitability, accuracy and effectiveness. Where a device is supplied or maintained by a third party, contractual and governance arrangements must clearly set out responsibilities for information security, support, maintenance, incident reporting and business continuity.

6. Consent, Capacity and Best-Interest Decision-Making

Consent to care or treatment must be obtained lawfully before TEC is introduced, where consent is required. This includes technology used as part of care delivery, remote monitoring, environmental sensors, video communication, medication prompts, door sensors, location-based technology, or any device that collects, generates or transmits personal information in connection with care.

Before introducing TEC, staff must explain in a way the person can understand:

• what the technology does and does not do;
• what information it collects, records, transmits or stores;
• the expected benefits, possible risks and limitations;
• who will receive alerts or information;
• what action will be taken in response to alerts;
• any impact on privacy, dignity or family life;
• alternatives available, including care without that technology where appropriate.

Where there is doubt about a person’s capacity to consent to the proposed TEC, capacity must be assessed in accordance with the Mental Capacity Act 2005 in relation to the specific decision. A person must be supported to make their own decision wherever possible. A decision must not be treated as lacking capacity merely because it is unwise.

Where a person lacks capacity to consent to the TEC arrangement, any decision to proceed must be made in the person’s best interests, must be clearly recorded, and must evidence that the option chosen is necessary, proportionate and the least restrictive available. Those lawfully involved in the person’s care and decision-making should be consulted as appropriate.

Consent and capacity are not one-off considerations. They must be reviewed whenever the technology changes, the person’s condition or wishes change, concerns arise about distress or intrusiveness, or there is a complaint or safeguarding concern.

7. Accessibility, Inclusivity, Dignity and Safeguarding

{{org_field_name}} will ensure that TEC is used in a way that promotes safety, independence, dignity, privacy and inclusion.

When selecting or reviewing TEC, the service must consider:

• language, literacy, hearing, sight, dexterity and cognitive needs;
• the person’s cultural, religious and communication preferences;
• whether the technology may increase anxiety, distress, confusion or social isolation;
• whether the technology could unintentionally restrict liberty or choice;
• whether carers, relatives or staff could misuse the technology, data or alerts;
• whether the individual is at risk of coercion, domestic abuse, financial abuse, neglect or unlawful surveillance.

Technology must not be used in a way that is degrading, punitive, overly intrusive, discriminatory, or inconsistent with the person’s rights and dignity. Where a TEC arrangement may affect a person’s privacy or freedom in a significant way, the provider must be satisfied that the arrangement is necessary, proportionate, justified by the care need, and kept under regular review.

Any safeguarding concern arising from the use, misuse, failure or non-response to TEC must be reported, investigated and escalated in line with the safeguarding policy, local authority safeguarding procedures and internal incident procedures.

8. Surveillance, Audio/Video Monitoring and Privacy Safeguards

Where TEC includes or may amount to surveillance, live video, audio monitoring, CCTV, image capture, recording functions, body-worn cameras, or any comparable monitoring technology, {{org_field_name}} will apply enhanced privacy safeguards.

Surveillance or recording technology must only be used where there is a clear, legitimate and proportionate justification linked to care, safety or safeguarding. Its use must never be routine by default, and it must not be introduced solely for staff convenience.

Before introducing surveillance-based technology, the service must:

• consider whether the care need can be met by a less intrusive measure;
• consult the person affected and others whose privacy may be impacted, where practical;
• complete and keep under review a documented privacy and proportionality assessment, including a Data Protection Impact Assessment where required;
• set out where the equipment is located, what it records, whether sound is captured, who can access recordings, how long recordings are kept, and when they will be deleted;
• avoid use in situations involving intimate care, personal hygiene, toileting, dressing, private prayer or other highly sensitive circumstances unless there is a compelling and clearly documented justification;
• ensure staff understand when devices must be turned off or paused to protect dignity and privacy.

If surveillance equipment is discovered to have been installed by a person using the service, family member or other third party, the service will put the interests, safety and rights of the person at the centre of its response, investigate any concerns raised, and manage the issue in line with CQC guidance, safeguarding duties, privacy law and contractual arrangements.

9. Information Governance, Data Protection, Cyber Security and Record Management

{{org_field_name}} recognises that TEC and telecare frequently involve the processing of personal data and, in many cases, special category health and care data. All such information must be handled lawfully, fairly, securely and transparently in accordance with UK GDPR, the Data Protection Act 2018, confidentiality requirements and relevant sector guidance.

The service will ensure that:

• there is a clear lawful basis for processing personal data, and where special category data is processed, an appropriate Article 9 condition is identified and documented;
• people are given clear privacy information explaining what data is collected, why it is collected, who it is shared with, how long it is kept, and their rights;
• only the minimum necessary information is collected, viewed, shared and retained;
• role-based access controls, strong passwords, appropriate authentication, device security, secure storage and secure transfer methods are used;
• staff only access TEC-related information where this is necessary for their role;
• data sharing with relatives, commissioners, local authorities, NHS partners, emergency responders or suppliers is lawful, necessary, proportionate and appropriately recorded;
• data breaches, cyber incidents, device compromise, loss of equipment, unauthorised access or accidental disclosure are reported immediately and managed under the data breach procedure;
• records generated through TEC are accurate, complete, contemporaneous, clearly attributable, up to date and incorporated into the person’s care record where relevant;
• retention and deletion arrangements are defined and followed in line with applicable legal and organisational requirements;
• the service completes and maintains the Data Security and Protection Toolkit (DSPT) annually, or an equivalent recognised assurance process where applicable.

Where surveillance or higher-risk data processing is proposed, a Data Protection Impact Assessment will be completed before implementation and reviewed thereafter when circumstances change.

TEC must never be used in a way that obscures accountability for decision-making. Records must show what alerts were received, who reviewed them, what action was taken, when escalation took place, and whether the outcome was satisfactory.

10. Staff Training, Competence and Responsibilities

All staff involved in assessing, installing, monitoring, responding to or recording TEC activity must receive training and competency assessment appropriate to their role.

Training must cover, as relevant:

• the purpose, benefits, limits and risks of TEC used by the service;
• operation of devices, dashboards, apps and alert systems;
• consent, capacity, best interests and least restrictive practice;
• privacy, confidentiality, data protection and cyber security;
• safeguarding implications of TEC, including misuse, coercion or neglect;
• recognising, responding to and escalating alerts, missed alerts, device faults and equipment failure;
• recording TEC-related actions clearly and contemporaneously;
• communication with service users and families about what the technology can and cannot do;
• duty of candour, complaints handling and incident reporting;
• emergency and contingency procedures during power failure, connectivity loss or platform outage.

Competence must not be assumed solely on the basis of attendance at training. Staff must be supervised and assessed in practice, with refresher training provided where systems change, incidents occur, competence concerns arise or new risks are identified.

Managers are responsible for ensuring that staffing levels, on-call arrangements and escalation pathways are sufficient to monitor and respond to TEC safely and in a timely manner. No system should be introduced unless the service has the staff capacity and competence to act on the information it generates.

11. Incident Management, Duty of Candour and CQC Notifications

Any TEC-related incident, near miss, missed alert, delayed response, equipment malfunction, incorrect data, battery failure, connectivity failure, privacy breach, cyber incident, unauthorised surveillance, misuse of a device, or failure to follow monitoring or escalation procedures must be reported promptly through the organisation’s incident reporting process.

Each incident must be reviewed to determine:

• whether any person has come to harm or was exposed to avoidable risk;
• whether care was delayed, omitted, inappropriate or based on inaccurate information;
• whether safeguarding procedures are required;
• whether the incident is notifiable to the Care Quality Commission or another authority;
• whether the statutory duty of candour applies;
• what immediate remedial action is necessary;
• what learning, audit, retraining, system redesign or supplier escalation is required.

Where a notifiable safety incident has occurred, the service will act in an open and transparent way with the person receiving care and/or the relevant person, in line with Regulation 20 Duty of Candour.

The provider and registered manager will also ensure that incidents are notified to CQC where required under the Care Quality Commission (Registration) Regulations 2009, including Regulation 18, and that records of notifications, investigations, actions and lessons learned are maintained.

12. Business Continuity, System Downtime and Failure Response

Because TEC and telecare may depend on power, batteries, charging, internet access, mobile signal, software availability, third-party platforms and staff response arrangements, {{org_field_name}} will maintain contingency procedures to ensure continuity of safe care when systems fail.

The service will identify, document and test contingency arrangements for:

• power cuts and charging failure;
• internet or mobile network outages;
• supplier system outages;
• software errors or failed updates;
• loss, theft or damage of equipment;
• alarm receiving centre failure or inability to contact responders;
• failure of staff to acknowledge or act upon alerts;
• inability to access digital care records in the field.

Care plans and risk assessments must specify the interim arrangements to be used during downtime, including manual welfare checks, alternative contact routes, emergency services escalation, family notification where appropriate, and paper or offline record processes where needed.

High-risk TEC users must be identified so that outages affecting them trigger urgent review and immediate safeguarding of continuity of care.

13. Monitoring, Compliance, and Continuous Improvement

{{org_field_name}} will maintain effective governance arrangements for TEC and telecare in accordance with Regulation 17 Good Governance.

Monitoring arrangements will include, as a minimum:

• audit of consent, capacity and best-interest records;
• audit of care plan documentation relating to TEC;
• review of alerts, missed alerts, response times and escalation outcomes;
• incident, complaint and safeguarding trend analysis;
• audit of data protection, access controls, cyber security and breach management;
• review of staff competence, refresher training and supervision;
• service user and family feedback on usefulness, dignity, privacy and confidence in the technology;
• review of supplier performance, maintenance compliance and recurring technical faults;
• annual completion and review of DSPT or equivalent digital assurance;
• periodic review against current CQC regulations, guidance and assessment expectations.

Audit findings must lead to clearly recorded actions, named responsibilities and timescales. Where learning identifies that a technology is unsafe, ineffective, too intrusive, unreliable or no longer in the person’s best interests, use of that technology must be reviewed without delay and amended or discontinued as appropriate.

References to external digital guidance should be updated to NHS England / the NHS Transformation Directorate rather than “NHS Digital”.

14. Policy Review and Updates

This policy will be reviewed at least annually and sooner where required by:

• changes to legislation, CQC regulations or official guidance;
• changes to the CQC assessment framework or provider expectations;
• significant incidents, safeguarding concerns, complaints or duty of candour events involving TEC;
• data breaches, cyber incidents, surveillance concerns or system failures;
• introduction of new TEC systems, major upgrades or changes in supplier arrangements;
• learning from audits, service-user feedback, inspections or enforcement activity.

Each review must consider whether the policy remains lawful, operationally effective, proportionate, person-centred and aligned to current practice in domiciliary care services in England. Any amendment must be communicated to staff promptly, with additional training provided where necessary.

---

Responsible Person: {{org_field_registered_manager_first_name}} {{org_field_registered_manager_last_name}}
Reviewed on: {{last_update_date}}
Next Review Date: {{next_review_date}}
Copyright © {{current_year}} – {{org_field_name}}. All rights reserved.