This is a piece to raise awareness amongst fellow campaigners about the importance of personal data as a tool when dealing with institutions that are seemingly opaque and unaccountable. I use an example of a ‘Subject Access Request’ for personal data that I made to the Care Quality Commission. This revealed institutional collusion and hostility, close surveillance of my online activity and revealed the reason for some critical failures to respond to some of my protected disclosures. Disclosed documents showed that this inaction was due to a deliberate, covert protocol of treating me as a ‘frequent correspondent’.
CQC’s internal deliberations show a crazy ambivalence. The organisation will largely not engage meaningfully, preferring to demonise and denigrate, yet secretly monitors me like a stalker.
Other whistleblowers have made similar discoveries.
Anyone can request their personal data, under the Data Protection Act, by making a so-called ‘Subject Access Request’ Organisations now have a month to respond. Guidance on your rights and how to make a request can be found on the Information Commissioner’s website. You can not only ask for all your personal data held by an organisation, but also the following questions:
· What it is using your data for.
· Who it is sharing your data with.
· How long it will store your data, and how it made this decision.
· Information on your rights to challenge the accuracy of your data, to have it deleted, or to object to its use.
· Information on where your data came from.
· Whether your data is used for profiling or automated decision making and how it is doing this.
· If it has transferred your data to a third country or an international organisation, what security measures it took
When making a Subject Access Request it is useful to ask for the organisation’s correspondence about your request, as that too can be revealing.
The Care Quality Commission has a difficult reputation amongst patients, families and whistleblowers. In its troubled history, it has been repeatedly linked to cover ups and failures to be fully open with the public.
In regards to whistleblowers, CQC’s shortcomings include:
- refusal to investigate individual cases
- failure to follow up many whistleblowing disclosures (approximately half, according to its own statistics)
- failures to safeguard whistleblowers’ confidentiality
- failures to ensure that action is taken to remove unfit senior managers who victimise whistleblowers
- failures to deter gagging
- failures to sufficiently track and analyse data on whistleblowing events.
I asked the CQC for my personal data. The CQC exceeded the statutory time limit by over four months, pleading an excessive volume. This was undermined by the fact that I was aware CQC had processed a bigger request, for another whistleblower, in shorter time.
When the data eventually arrived in June 2017, in dribs and drabs, it was not in original format. Instead of scanning documents and redacting conventionally as CQC normally does, CQC had copied and pasted all the data into enormous documents. These had chunks deleted rather than blacked out. I suspect this was in some way a subterfuge.
Even from what was revealed, one could see why CQC might be a bit embarrassed. There is too much to report comprehensively, so I will cover a few highlights.
There is repeated evidence of ‘close’ CQC surveillance of my social media activity, including by ‘James’. This an email from David Behan CQC CEO’s office of 29 May 2015:
This internal CQC email made it sound as if I publicly tried to discuss Dr Kevin Beatt’s case with CQC by twitter.
This was a distortion. What I did was publicise CQC’s questionable handling:
But that is how one creates a monster, by greasing and sliding facts around to give a certain impression.
CQC officers repeatedly circulated links to my blogs and tweets amongst themselves.
David Behan himself, CQC’s CEO from 2012 until this July 2018, dog whistled the social media surveillance:
CQC’s internal documents showed that the regulator conducted a laughable assessment of the merits of one of the FPPR referrals that I made. This is despite CQC telling some other referrers that it had no remit to make any such judgments of the merits of referrals, and that only providers could make that determination. CQC’s determination of my FPPR referral included taking evidence from a CQC manager who had ceased to be involved in the matter long before certain index events occurred. And as all of this was done covertly by CQC and never disclosed to me at the material time, I had no right of reply.
There was a fair sprinkling of derogatory comments by CQC officers in the disclosed papers, mostly expressing resentment at the level of correspondence from me, with no evidence of any reflection by CQC that my persistence could be due to CQC’s failure to address issues. CQC portrays itself as reasonable and accommodating.
Andrea Sutcliffe a CQC Chief Inspector described me as a “trenchant and relentless” critic of the CQC and Eileen Milner Director of Customer and Corporate Services accused me of “wilful misrepresentation” over a dispute in 2015 about whether CQC was doing enough to track whistleblowing events. History is on my side as CQC has had to change its practices since then. In 2017, CQC started publishing data on whistleblowing events and outcomes.
The unpleasant comments by some CQC staff had the quality of Chinese whispers. Misinformation abounds. A good example is this peevish outburst by a CQC member of staff who implied that dealing with whistleblowers was not work, and was wont to believe that I was responsible for 250 items of correspondence:
Their colleague put them right on the over-inflated 250 figure:
It is clear from the internal correspondence that CQC treated me as if I was vexatious, applying a covert protocol coordinated by the CEO and Chair’s office. Again, Behan had a hand in this:
Behan strengthened the subsequent protocol designed by staff at his request by adding an instruction that there should be director oversight of my containment protocol:
As per the above Director of Legal Services’ email of 3 May 2016, CQC was not content to just denigrate me within its internal workings, but upon Behan’s instruction it explicitly sought to spread its view of me to other bodies and to coordinate approaches.
Because CQC redacted some third party information, I have no idea who some of these people are.
But I do know that when CQC consulted with NHS Improvement as a third party over releasing personal data to me, it unsubtly flagged its reluctance to disclose by writing this warning to NHSI:
Interestingly, I also discovered that Rosie Cooper MP forwarded one of my letter to the Health Committee to CQC, with no explanation of her purpose in doing so:
Behan wrote to all CQC Board members about my pariah status, the letter having been crafted by various managers including the head of legal services:
The ‘she identifies herself as a whistleblower’ is a nice piece of Goebbelism. I made numerous very serious patient safety disclosures to CQC which were vindicated and led to regulatory action. I have repeated correspondence from CQC recording this fact. Behan himself acknowledged in a letter of 25 May 2013 and on subsequent occasions that I made entirely valid disclosures to the regulator:
What a difference three years makes. From ‘valuable’ to ‘vexatious’.
But re-defining the fact of my whistleblowing to a matter of subjective preference was all part of the de-legitimisation game.
CQC never did openly declare me vexatious, but it became very obvious that all my mail was controlled by Behan’s office.
When I questioned Mike Richards CQC Chief Inspector of Hospitals about the fact that he made a factually inaccurate claim to The Times that NHS gagging had ceased, Behan’s office reassuringly took it off his hands and reaffirmed that all my correspondence was centrally controlled:
In February 2016 I had a meeting with the first National Guardian, Eileen Sills. I later found out from the Subject Access Request that she asked for a ‘briefing’ on me beforehand from the CQC:
The final version of the briefing was not in the bundle, and there is an implication that it was given orally. However, the trail shows an initial draft by Behan’s office was a lengthy rant, and was rejected by another manager as inappropriate in its content. I can only guess what might have been said instead of written. But so much for the mythical independence of the National Guardian’s Office, which is no more than a sub committee of the CQC. There were other examples of collusion and poor boundaries between the CQC and the National Guardian’s Office. Such as this huddle over the contents of my blog:
This was around the time that another whistleblower says they were approached by one of the National Guardian’s spin doctors at a public forum, who started berating me in a staged manner.
Ironically the person hired by CQC to improve customer services, including whistleblower engagement, the ‘Customer Experience Lead’, was amongst the most derogatory:
Fawcett added to the heap of Chinese whispers by claiming that I wrongly stated that I had been promised terms of reference for the project on improving CQC’s response to whistleblowers:
Contrary to Fawcett’s account, this is the written promise by her colleague to provide me with ToR, which Fawcett falsely claimed was never made:
The significance of this is that CQC invited me to take part in the improvement exercise, but I declined to do so unless give sight of the ToR. It then became false CQC orthodoxy that I just refused to take part and that I made up the story about being promised ToR. Monster Myth 101.
And my crime from Fawcetts’s point of view? Asking CQC to do some basic governance work on supporting and protecting whistleblowers which it had already been asked to do by Robert Francis and since by others. That is, ensuring tracking and analysis of whistleblowing data, better inspection methodology of whistleblowing governance and better application of Regulation 5 Fit and Proper Persons. The CQC is in retreat on all of these areas, and I anticipate that it will be forced to concede more ground as its failures are increasingly exposed.
An extraordinary doublethink runs through some of the internal CQC correspondence. For example, the Information Rights Manager claimed on 3 January 2017 that I had just looked for evidence of CQC failure:
CQC seems to find it hard to ask questions such as ‘Is this a fair challenge? Should we have thought of this before? Should this have been part of our regular governance? What can we learn?’ Instead, CQC’s repeated stance is ‘How dare you’.
In the same email, which is mostly taken up with complaining about dealing with me, the Information Rights Manager conceded that I was correct about fundamental CQC failures of whistleblowing governance:
CQC’s hypocrisy is reflected in its awareness that it ought to engage with its critics’ concerns, but the fact that it mostly only does so if there is any prospect of public exposure.
Behan sent out this ‘urgent’ request to his team for help just prior to an accountability hearing with the Health Select Committee, which includes a request to be updated about any outstanding matters in my case:
Readers will note that I was not the only person on Behan’s list.
Likewise, in November 2016 CQC initially deliberately did not engage with evidence that I collated about CQC’s failure to adequately regulate the use of restraint in mental health. I had by now stopped writing much to CQC as there was little point given its attitude.
After Behan was publicly quizzed by the Health Select Committee about my evidence in December 2016, there were internal CQC emails identifying me as the person responsible for alerting Health Committee:
The focus, one way or another, was more on projecting blame onto me and less on dealing with CQC’s serious failure to protect patients from huge variations in use of physical restraint.
In the same vein, Behan sent this internal email requesting that some correspondence be expedited because I had been tweeting at the weekend at about it:
The disclosed papers afforded some comic moments. Here is an occasion when the regulator picked up an undercover media report of care home abuse as a result of snooping on me:
Robert Francis joined in with some of the ‘she’s a pest who writes too much’ chorus, and agreed with the containment protocol that Behan wanted to apply in my case. But interestingly, he was repeatedly a lone voice pointing out that I had a point. For example on:
- The need to acknowledge the National Guardian’s status and responsibilities as a Prescribed Person under the Public Interest Disclosure Act
- CQC’s application of FPPR
- Some NHS trust’s continuing, heavy use of gagging clauses
Francis opined at one point that CQC needed to either ‘rebut or acknowledge’ points which I had raised.
Lastly, the most serious revelation was a little email which must have slipped past the CQC cull of documents to be concealed.
As above, Behan’s office informed Mike Mire NED that CQC had been treating me as a ‘frequent correspondent’ since 2012. The date is very significant.
The internal CQC correspondence from 2012 about how this decision was made, to manage me as a ‘frequent correspondent’, was absent from the disclosed documents.
That is unsurprising as CQC could hardly have justified any decision to treat me as ‘frequent correspondent’ on the basis of my evidenced, measured, stepped disclosure correspondence. Nor could it have explained how a witness it had treated as wholly reliable for two years had suddenly morphed into a purported green ink case.
2012 was the year in which CQC started inexplicably ignoring my continuing, very serious disclosures. Prior to that, whilst the CQC response had not always been ideal, there had at least been a response and action, which had culminated in major leadership changes at an NHS trust.
In 2012 CQC had deemed that through the magical touch of regulation, all was improving. My continued disclosures about persisting safety issues were therefore not welcome. And now I know that CQC simply pressed the mute button.
As a result of CQC repeatedly ignoring my very serious disclosures, I had to escalate to David Behan himself at the end of 2012. The disclosures concerned matters such as deaths in custody and a patient’s complaint about Winterbourne View type abuse against patients on a locked ward and serious staff reprisal against him for speaking up. But as CQC had already declared me persona non grata, Behan ignored me too.
CQC must have eventually realised that they had screwed up. But, instead of taking immediate action to follow up on my patient safety concerns and to ensure that the patient who had complained about abuse was protected from reprisal, Behan knee-jerked by bizarrely launching a complaint investigation which I had not asked for.
Needless to say CQC’s complaint ‘investigation’ exonerated CQC, apart from a small slap on the wrist for inadvertent delay and not answering questions straightforwardly enough. The investigation reported nothing about CQC deliberately not responding to whistleblowing disclosures as a matter of protocol. The investigator indulged in a factual inaccuracy for good measure, by claiming that a complaints manager tried to telephone me several times but could not get through.
“Ms ******* has not been in touch; I know that she has tried to reach you by telephone on a number of occasions.”
I in fact received an email from the same individual stating they did not have my telephone number:
“I apologise I have not been able to speak with you but I have not got a contact number for you.”
And what is the investigator picked by Behan to investigate his conduct towards me doing now? She is CQC’s very own Freedom To Speak Up Guardian.
Other whistleblowers have made similar discoveries through Subject Access Requests. For example, Pam Linton senior midwife who whistleblew to CQC about Homerton maternity services established that CQC failed to act upon her concerns. Another whistleblower found that CQC even has a flow chart for them, as part of a containment protocol. There are others.
So, fellow travellers, be not daunted by overbearing and porkie prone officialdom. Its arrogance is often its weakness. If you feel you are being pushed around or given the runaround, make full use of your rights under the Data Protection Act.
This is a CQC policy which includes procedures for containing members of the public whom it considers troublesome:
The use by NHS bodies such as the CQC of covert protocols to denigrate and discriminate against patients, families and whistleblowers who are treated as if they are ‘vexatious’ is an unpleasant infringement of rights. Its secret nature means that unfairness and misinformation cannot be challenged, and that name calling becomes a self-perpetuating exercise.
I have asked NHS England in the first instance to coordinate a system-wide response on these issues of rights abuse:
- CQC – please file as appropriate
- Jed Mercurio – feel free to adapt as a comedy thriller
- NB. CQC’s mis-named system of ‘intelligent monitoring’ has been binned. May it rest in pieces.
UPDATE 19 SEPTEMBER 2018:
Alarmingly, CQC’s papers for its board meeting today show that the proportion of whistleblowing concerns for which CQC takes no follow up action has jumped from approximately 50% to 70%.
CQC was given a chance to apologise for its above behaviour and to put better systems in place, so that in future it would not unfairly stigmatise patients, families and whistleblowers.
I received a very unfortunate reply from Ian Trenholm, CQC’s new CEO, to which I will return another time.
In the meantime, in consultation with NHS England and NHS Improvement, the Department of Health and Social Care has agreed to review central guidance about how NHS organisations should handle situations in which they think members of the public are unreasonable or inappropriately persistent. This is the relevant correspondence from NHS England:
Anyone who would like to make suggestions for fairer processes and safeguards can direct them to Chris Bostock, Head of Complaints at the Department of Health and Social Care.
NHS England has advised that suggestions for some form of independent review are welcome: