Legionella Compliance: Frequently Asked Questions
Legionella compliance is often treated as a set of separate responsibilities, processes, and requirements.
Define responsibility.
Implement systems.
Maintain controls.
But in practice, these are not separate issues.
They are tested together to establish compliance — through evidence.
To understand how this works in practice, this guide brings together the key elements of Legionella compliance. It answers the questions organisations most often ask and reflects what regulators assess during inspection.
While we have explored these areas individually across our recent articles on responsibility, compliance systems, and accreditation, in reality, regulators assess them together.
What is Legionella compliance?
Legionella compliance is the requirement to assess, monitor and control the risk of Legionella bacteria in water systems, in line with ACoP L8 and HSG274.
It must be demonstrated through:
- documented systems
- recorded monitoring
- implemented control measures
- completed actions
Compliance can be claimed.
It is only proven when it is independently evidenced and withstands scrutiny.
Who is responsible for Legionella compliance?
Responsibility is not a title.
It is not a role description.
And it is not something you formally accept.
Responsibility exists by default and is identified through:
- who has control of the premises
- who has authority to act
- who can ensure compliance is in place
It is not debated.
It is inferred from what exists.
How is responsibility actually determined?
Regulators do not assess intention.
They assess evidence.
They look for:
- what systems were in place
- what checks were completed
- what was recorded
- what actions were taken and closed
Responsibility is revealed through documentation — not assumption.
For a full breakdown of how responsibility is identified in practice, see:
Are You Responsible
What does “being in control” actually mean?
Control is not confidence.
It is demonstrability.
You are in control when:
What are the essential elements of Legionella compliance?
A compliant system must include:
- a written scheme of works
- an up-to-date Legionella risk assessment
- regular monitoring recorded accurately
- temperature control’s verified
- consistent flushing regimes
- inspection and sampling where required
- training delivered and evidenced
- non-conformities identified and closed
If any of these sit in the “probably” category, compliance is not secure.
So, what does this look like in practice?
Did You Do Enough Last Year?
Why does this matter?
Records are the only way to demonstrate that control measures exist and work effectively.
Without records:
- you cannot verify monitoring
- you cannot evidence actions
- you cannot prove compliance
From a regulatory perspective, if you cannot produce evidence, regulators treat control as unproven.
Does “no incidents” mean we are compliant?
No.
A lack of incidents does not confirm control.
It often indicates:
- risk has not yet been exposed
- failures have not yet been identified
No incidents does not equal safety.
It often means you were fortunate.
What role do accreditations play in compliance?
Accreditations provide independent assurance that:
- organisations document and follow systems
- staff are trained and competent
- records remain accurate and traceable
- external bodies assess compliance
They show that compliance is not assumed — it is verified.
Do accreditations guarantee compliance?
No.
Accreditations confirm that organisations have systems in place and that those systems undergo review.
They do not replace the need to:
- implement control measures
- maintain accurate records
- demonstrate ongoing compliance
Compliance is not a one-off event.
It is a continuous process requiring ongoing oversight.
To understand how accreditation supports compliance, see:
What It Takes to Be Accredited
Where does Legionella compliance typically fail?
Most failures are not dramatic.
They occur through everyday gaps:
- expired or generic risk assessments
- monitoring completed but not recorded
- incomplete or inconsistent records
- actions identified but not closed
- training assumed rather than evidenced
These are routine failures — and they are exactly what inspections uncover.
What is the real risk of poor compliance?
Legionella does not wait for:
- budgets
- staffing stability
- competing priorities
- good intentions
It develops in:
- unflushed outlets
- missing records
- unreviewed assessments
- unmanaged systems
You do not need to cause harm to be accountable.
You only need to fail to demonstrate prevention.
What is the real test of Legionella compliance?
One question determines it:
Can evidence of compliance be produced immediately?
Not reconstructed.
>Not explained.
>Not dependent on one individual.
If the answer is no, compliance is already unproven.
———————————————————————————————–
Legionella compliance does not depend on what organisations believe they have in place.
It depends on what they can demonstrate under scrutiny.
If they cannot evidence it, regulators treat it as unproven.
As a result, if your organisation cannot evidence Legionella compliance, the risk already exists.
Irrigonics delivers structured systems, monitoring, and compliance support aligned with ACoP L8 and HSG274—so you can document, defend, and prove your compliance under audit.
Request a Legionella risk assessment
Review your current compliance position
Ensure your records withstand scrutiny
Follow Us:
Share our article: