Corporate report

Addendum to the DWP Clinical Governance Annual Report 2024 to 2025

Updated 1 June 2026

This addendum was published on 1 June 2026.

Introduction

This addendum outlines the Clinically Significant Event Analysis (CSEA) reporting for the Functional Assessment Service (FAS) contract at the Department for Work and Pensions (DWP) and across the DWP clinical team.

Within CSEA, an “incident” is any event or circumstance that has resulted in, or had the potential to result in, harm, loss, or a deviation from expected standards of policy, procedure, or professional practice. This definition includes actual events, near misses, and identified risks. Importantly, incidents may also highlight that nothing went wrong in practice but nevertheless provide an opportunity to examine systems and processes for resilience and improvement.

The occurrence of an incident, irrespective of its risk level, does not in itself indicate neglect, carelessness, or dereliction of duty. Reporting should not be interpreted as evidence of failure, but rather as an indicator of a culture of vigilance, transparency, and learning. The DWP recognises that a positive trend in incident reporting is evidence of a mature and effective governance system.

Reporting period

The clinical incident data covers the period from the commencement of the FAS contract, September 2024 to March 2025. This reporting period aligns with the reporting period in the Clinical Governance Annual Report 2025.

Subsequent Clinical Governance reports will aim to present 12 months of data from each of the four providers and from DWP teams, supporting improved comparability over time.

Implementation of clinical governance changes

In 2024 the DWP implemented a strengthened approach to clinical governance standards, requiring updates to pre‑existing agreed FAS contractual arrangements.

Each of the four providers, all of whom had their own established clinical governance approaches in place, progressed through the required contractual change at differing speeds, signing up to the changes at slightly different times.

As anticipated, an initial calibration period followed, meaning that the volume and distribution of incident data across providers during this early reporting phase are not directly comparable.

Subsequent Clinical Governance reports will aim to include data covering 12 months of standardised reporting.

Thresholds in reporting

The DWP provides overarching clinical governance guidance to FAS providers; however, each provider is an independent organisation and operates under its own internal policies and reporting processes.

Whilst all incidents are investigated within the providers there were initial variations in the risk thresholds applied when determining whether an incident should be escalated and reported to the DWP. These thresholds ranged from the reporting of all incidents, regardless of benignity, to higher thresholds limiting escalation to those assessed as more serious. Consequently, incident volumes between providers in this report are not directly comparable.

Future Clinical Governance reports will aim to present 12 months of comparable data aligned to an agreed and standardised risk reporting threshold across all organisations.

Clinical Governance aims

The DWP Clinical Governance team has worked closely with the four providers and DWP clinical teams to embed the highest standards of clinical governance and align risk grading thresholds across all areas. This will ensure that data is directly comparable from contract year two onwards.

Drawing on safety models from high-reliability sectors such as aviation and the NHS, and building on human factors principles, the department is fostering a culture of learning and safety, rather than blame. Evidence from these sectors is clear that an open culture – where incident reporting is encouraged, investigations are thorough, and learning is systematically applied – leads to continuous improvements for the people we serve with improved safety. It is therefore critical that our healthcare professionals (HPs) are encouraged to report incidents freely and openly, within a safe learning environment. All HPs are highly trained and work in accordance with their professional regulatory body standards.

In line with this approach to clinical governance, and as evidenced in other sectors, higher levels of incident reporting are expected and may be indicative of a transparent and open reporting culture. Increased incident reporting enables learning, retraining, support, supervision and where necessary amendments to policies and processes, supporting the continuous improvement of clinical services.

Types of incidents in the 2024 to 2025 report

Incidents are categorised under four headings – (See Annex 1 for case examples):

1. Information governance: Examples include missing data, incorrect data recorded against the record, and use of company IT outside of the IT policy. Data breaches recorded may be because external agencies such as the NHS have sent incorrect information or due to issues within the reporting organisation. It is important that we record these incidents to ensure we can learn from them. Incidents or data breaches involving personal data are investigated and escalated to the Data Protection Officer (DPO) and the Information Commissioner’s Office (ICO), where appropriate, in accordance with the DWP Data Protection Policy.

2. Clinician complaints and compliance: Examples include any complaint relating to the healthcare professional undertaking an assessment that was upheld and any concerns relating to the professional regulatory standards of healthcare professionals (as determined by their employer or regulatory body). These incidents may relate to process errors rather than a healthcare professional specific issue.

3. Safeguarding: Examples include safeguarding incidents that were appropriately managed in line with policy, as well as incidents where learning was identified that could improve future outcomes for individuals.

4. Other: This includes operational hazards, environmental issues, equipment failures, and process failures.

Absolute Data

Due to differing implementation timelines and reporting thresholds, the data presented is not directly comparable across organisations.

Across all contracted suppliers and DWP clinical teams, 767 incidents were reported between the commencement of the FAS contracts in September 2024 and 5 March 2025, arising from approximately 864,000 assessments undertaken during this period. The distribution by provider and incident category is summarised below.

• 301 incidents related to Information Governance, (39%)
• 238 incidents concerning Clinician Complaints and Compliance, (31%)
• 152 incidents involving Safeguarding, (20%)
• 76 incidents classified as Other, (10%)

Ingeus

Ingeus reported 507 incidents, the highest among all suppliers. This comprised 226 incidents related to Information Governance, 110 incidents concerning Clinician Complaints and Compliance, 115 incidents involving Safeguarding, and 56 incidents classified under Other. The elevated numbers are primarily due to Ingeus’ approach to transparency, reporting the majority of clinical escalation discussions as a clinically significant event. This comprehensive reporting approach ensures transparency but also inflates the incident figures relative to other providers.

Capita

Capita reported 121 incidents in total. The majority of these, 87 incidents, were related to Clinician Complaints and Compliance. The remaining incidents included 12 related to Information Governance, 12 involving Safeguarding, and 10 classified as Other.

Maximus

Maximus reported 81 incidents, with a relatively balanced distribution across categories. This included 30 incidents related to Information Governance, 33 concerning Clinician Complaints and Compliance, 12 involving Safeguarding, and 6 classified as Other.

Serco

Serco reported 49 incidents in total. This included 28 incidents related to Information Governance, 4 concerning Clinician Complaints and Compliance, 13 involving Safeguarding, and 4 classified as Other. The lower volume of incidents is consistent with only serious cases being escalated.

DWP Clinical Teams

The DWP clinical teams reported 9 incidents in total. Of these, 5 were related to Information Governance and 4 concerned Clinician Complaints and Compliance. No incidents were reported in the Safeguarding or Other categories. DWP teams reported every incident, including even minor incidents, to ensure full visibility. However, the numbers of assessments undertaken within DWP accounted for approximately 3,000, amounting to just 0.3% of the total number of assessments undertaken overall.

Outcomes

Information Governance (301 incidents)

100% were resolved with further training or policy updates and ongoing review of performance. Less than half of the information governance incidents were estimated to relate to personal data, and for those that did, none met the threshold for reporting to the Information Commissioner’s Office (ICO), and therefore no notifications were required.

Clinician Complaints and Compliance (238 incidents)

100% were closed with reflective learning or policy updates, further support/ training and ongoing review.

Safeguarding Incidents (152 incidents)

2.6% (four cases) required action due to procedural errors or the need for additional training or healthcare professional reflection. In three cases, child carer responsibilities were not initially explored as part of the assessment; however, these omissions were identified promptly and addressed appropriately, with no harm occurring. The remaining case, similarly, did not result in harm, but involved a single procedural error which has since been rectified.

Annex 1: Illustrative case examples

Information Governance

An email was sent that contained official attachments (not relating to personal data) to an external stakeholder. This was identified through the IT system in place. No sensitive data was released. The case was investigated and closed with additional leaning for the health care professional to ensure IT processes and polices were adhered to effectively. No further breach has been made. Encouraging all cases to be reported improves transparency and ensures we can provide specific training to individuals. It also allows us to pick up trends to direct appropriate learning to all health care professionals aiming over time to reduce the number of incidents. This does not meet the threshold for data security and ICO referral but can be used for learning and improvement purposes.

Safeguarding

An illustrative example of an appropriately managed safeguarding case within the reported figures

A clinician raised a safeguarding concern related to neglect, specifically involving self-neglect and a deterioration in the claimant’s mental health. A referral was made to the appropriate safeguarding authorities, prompting interagency collaboration to support the individual. The clinical safeguarding lead followed up with the local authority to monitor the case and ensure appropriate ongoing support. The GP was informed.

An illustrative example of a safeguarding case where improvements were required

During a routine audit of an assessment report, occurring within a few days of the original assessment, a safeguarding concern was identified. This was thought to be a process error as no safeguarding intervention had been made. A senior clinician, upon reaudit of the case identified the issue and reported it as a clinical incident, immediately involving the provider safeguarding lead. The assessing and auditing clinicians acknowledged the oversight and received additional safeguarding training with performance plans put in place. The safeguarding lead progressed the case following further review appropriately to support the claimant with no detrimental outcome to the person.

Whilst this case shows individual learning was required, it also demonstrates the robust processes in place within the provider organisations to pick up on missed safeguarding referrals.

Clinical complaint and compliance

An example of an upheld clinician complaint closed with learning support:

A complaint was received stating assessor was late and abrupt. The complaint was investigated and upheld. The healthcare professional undertook further training and reflection and their work was monitored.  No further issues have been identified.