While the report criticises the CQC's failure to adequately prepare for and manage the transformation project, in our experience the sorts of issues identified in the report are not uncommon in transformation projects (which inevitably involve significant and complex changes to ways of working and the underlying IT) and those issues often feature in disputes that inevitably arise about responsibility for the failed implementation of the solution and claims for the recovery of wasted costs.

However, those issues can be avoided and the CQC's experience is a valuable lesson for any organisation embarking on a transformation project which involves significant change to its IT systems.

Background

The CQC had commissioned the report following an earlier review in 2024 by the Department of Health and Social Care which had identified poorly performing IT systems that were hampering the CQC's ability to roll out its new assessment framework and which was causing care providers and CQC staff to suffer significant lost time.

Among other things, the transformation project (which began back in 2019) involved rolling out a new regulatory platform (to help the CQC manage assessments, registrations and enforcement) which included a new provider portal (to enable care providers to better manage their registrations and to submit notifications of, for example, safeguarding concerns or an injury to a service user). This involved the replacement of the CQC's legacy Customer Relationship Management and Enterprise Resource Planning systems with a new bespoke cloud-based platform (based on Microsoft Dynamics 365).

Over five years on, the transformation is incomplete and the IT solution is still causing significant organisational disruption. Users reported slow speeds, poor design, missing functionality, repetitive and time consuming tasks and inputs that should be automated – all of which are (in our experience) common issues in a failed or delayed IT implementation or transition project.

Overview of the root causes

The overarching issue identified in the report was the CQC's failure to clearly and fully articulate its new organisation and business processes, which in turn significantly hampered its ability to complete the design, configuration and testing of the new IT solution which had been intended to underpin those new processes. This fundamental issue forms the basis of many of the major failings identified in the report which included:

A poorly defined business case

The report highlighted a number of issues which had manifested early on in the lifecycle of the project and which are likely to have contributed to the overall failure of the IT system transformation. Of particular note was the CQC's limited options appraisal engagement for the replacement solution, its failure to set specific and measurable strategic spending objectives for delivery of the regulatory platform, its failure to properly allocate or mange risks, and an overly ambitious project plan.

A lack of thorough project planning, as well as absent or underdeveloped strategic objectives, are all common hallmarks of early conduct which routinely translate into poor project outcomes. As is clear from the other root causes which were identified, fundamental failings at this early stage can be expected to trickle down to service design and transition.

A failure to align design requirements with user needs

The absence of a mature business process was compounded by the CQC's failure to have due regard to what users required of the platform and how the platform would operate alongside other existing CQC processes and systems. An overreliance on outsourced staff who lacked a firm grasp of user needs, coupled with executive-led design decisions, ultimately translated into a misalignment between what the platform was primarily designed to do and what it was hoped by users it would achieve in practice.

Even if the design of a new IT solution operates effectively, a failure to align design requirements with the way intended users work in practice will likely be viewed as a transformation project failure.

Inadequate testing

Whilst the platform was based on a Commercial Off-the-Shelf (COTS) product, the solution was configured to meet the CQC's specific requirements, making testing of the solution essential to an effective transition. In practice, the time constraints introduced by earlier errors meant that required controls were overlooked, and in some cases "Go decisions" were even taken before user acceptance testing had been completed.

As identified in the report, deliverables often fail to pass user acceptance testing the first time around, and a failure to appropriately account for this eventuality in the planning process can have disastrous repercussions on the adequacy of testing and ultimately therefore the deployment of the solution.

Coupled with those root causes, the report also identified a number of contextual and cultural issues, specific to the CQC, which are likely to have influenced the success of the transformation project, including the absence of a "data-first culture" approach to building the platform (despite the CQC being a "data business"), a lack of adherence to technological and management government standards, and a lack of clinical oversight in decision-making processes.

What can we learn from this?

As organisations increasingly look to embrace the latest innovations in technology and improve the operation of key IT systems, it is a common misconception of the transformation planning process that the main transformation risks lie in the adoption of the technology itself rather than the organisational framework for implementing the new systems. In this case, the technology behind the CQC's regulatory platform was a fit-for-purpose solution, however the solution required careful and planned implementation. Engaging stakeholders and users during the design phase is crucial, as well as ensuring strong governance and allocating sufficient time for thorough testing before the solution goes live.

Organisations should take care to avoid the common IT system transformation pitfalls revealed in this review which can have costly and reputationally damaging repercussions.

Wesley O'Brien is a Partner and Alexandra Philips is a Solicitor in DAC Beachcroft's Technology Disputes team. They regularly handle complex, multi-party technology contract disputes, including those involving delays to transition or implementation, and failed or partial service delivery.

You can read the full independent IT report published by the CQC here, and an executive summary here.