Evidence check · July 2026Current rules and proposals, kept separate. View sources
WellDash.ai

Build for the direction of care. Label the law precisely.

Care records are expected to be accurate, complete, up to date and useful. Information standards now reach care IT suppliers. CQC’s AI position keeps human decision-making and oversight central. None of that turns a proposal into a current duty.

In forceCurrent guidanceStandard deadlineProposal
In forceCQC source

Regulation 17: good governance and good records

CQC says Regulation 17 sets minimum record requirements for each person, staff employment and overall management of the regulated activity. The requirement applies to paper and digital records.

  • Records must be accurate, complete and up to date.
  • CQC looks at the information, how it is used and how it is stored and shared securely.
  • CQC does not endorse a specific digital social care record product; the provider must assure itself that its system supports people’s needs and regulatory compliance.
In forceCQC source

Registration Regulation 18: specified incidents

The current regulation requires the registered person to notify CQC “without delay” of the specified incidents that occur while a regulated activity is being provided or as a consequence of it.

  • The regulation lists defined injuries, abuse or allegations of abuse, police involvement and events threatening safe continuity, among other incidents.
  • Whether a notification is required remains a provider decision against the law and CQC guidance.
  • WellDash can flag a possible notification and assemble source evidence for authorised review; the provider retains the legal determination and submission responsibility.
Active standardNHS standard

Adult Social Care Minimum Operational Data Standard

MODS is an active information standard designed to create a consistent baseline for recording direct-care data by CQC-registered adult social care providers.

  • The published scope includes all CQC-registered adult social care providers and the suppliers of their Digital Social Care Record systems.
  • The Information Standards Notice gives a full-conformance date of 31 August 2025.
  • Implementation is also a contractual requirement for NHS England DSCR Assured Solution Suppliers under the separate assurance arrangements described by the Standards Directory.
In force · 5 February 2026Legislation

Data (Use and Access) Act 2025: standards reach IT suppliers

Schedule 15 extends the health and adult social care information-standard framework to relevant IT providers. Its relevant provisions came into force on 5 February 2026.

  • A relevant IT provider includes a person making technology, an IT service or technology-enabled information processing available for health or adult social care in England.
  • The Secretary of State can request compliance and evidence, specify steps and publish a statement of suspected non-compliance, subject to the statutory process.
  • The direction is structural: care suppliers need standards-aware data models, interoperability and evidence of compliance—not just exportable documents.
Standard deadline · 31 December 2026NHS standard

Identity verification and authentication

The current Information Standards Notice sets a full-conformance date of 31 December 2026 for the amended identity verification and authentication standard.

  • The published scope includes NHS and non-NHS organisations providing individuals with access to digital, data, analytics and technologies for health or care services.
  • For WellDash, provider identity, organisation, site, role, relationship, consent scope and assurance level are part of the product boundary, not an afterthought at login.
Current CQC guidanceCQC source

AI should support, not replace, human decision-making

CQC encourages AI where it benefits people and supports high-quality, equitable care, but sets out principles providers should follow when using it in regulated care.

  • Human oversight, transparency and choice, safety and reliability, security, fairness, training and effective governance.
  • DPIAs, accountability mechanisms and procurement aligned with regulatory standards.
  • Continuous monitoring and routes to recognise, report, investigate and learn when something goes wrong.

That maps directly to WellDash’s approval boundaries: AI helps structure and propose; workers confirm observations; authorised practitioners approve plan changes.

Supreme Court judgment · 2 June 2026GOV.UK summary

Deprivation of liberty is now assessed multifactorially

The Supreme Court’s 2 June 2026 judgment replaced reliance on the single Cheshire West “acid test” with a multifactorial assessment. The change applies immediately across the UK.

  • Assessment starts with the specific situation: type, duration, effects and manner of implementing restrictions, with no single determinative factor.
  • The person’s wishes, feelings and possible valid consent carry significant weight.
  • DHSC says current authorisations likely to fall outside the revised scope should be reviewed as soon as practicable and clear decision-making should be recorded.

For a care system, this strengthens the need to record person-specific restrictions, implementation, effects, objection or acceptance, purpose, review and the authorised rationale—without pretending software makes the legal decision.

Proposal · not current dutyGovernment response

The proposed 72-hour restrictive-practice notification

The proposal would require CQC-regulated mental-health hospitals to notify CQC within 72 hours, as far as reasonably practicable, after restraint, seclusion or segregation.

Scope correction: this is not a general 72-hour CQC rule for adult social care. The government response says further policy and operational development is required before the requirement can be introduced.
  • The consultation response identified demand for a robust, user-friendly, preferably electronic system that reduces duplicate reporting.
  • It also recorded concerns about workforce burden, data security, clarity and CQC’s use of the resulting data.
  • WellDash can preserve event-level source data and support future reporting workflows without presenting the proposal as current law.

Evidence informs policy. Policy informs plans. Plans inform the moment.

Authority should narrow as information moves toward direct care—not become more speculative.

01 · Evidence

Source and assess

Research, guidance, clinical assessment, lived experience and provider learning retain provenance.

02 · Governance

Set clear local guidance

Providers turn evidence into clear policy, roles, thresholds and decisions.

03 · Plan

Author for the person

Approved baselines, steps, contingencies, restrictions and responses become versioned instructions.

04 · Moment

See, act, confirm

The worker sees approved support, acts and confirms what happened next.

Useful care software should make the next step clearer.

The product should help people act with confidence while keeping decisions, uncertainty and responsibility visible.

For care workers
See the right support without another form.

Speak or type what happened, check the current approved guidance and confirm that the draft holds what you meant.

For practitioners
Review what happened against the plan.

See observations, actions and outcomes together without turning a pattern into a conclusion before human review.

For providers
Build evidence as care happens.

Use the same source record for handover, review, actions and assurance without presenting a demonstration as a deployment.

For people and families
Keep the person’s choices in view.

Share relevant context with the right people, with privacy and consent shaping every view.

Keep governance visible in the product.

See how the current role-based model keeps proposals, approvals and appropriate views distinct.