Buy the evidence chain, not the dashboard. An online platform for Legionella risk management — often sold as Legionella compliance software — is, underneath the charts and the colour-coded tiles, a system for proving that your control scheme actually happened: every temperature reading, every flush, every out-of-range result and what was done about it. A good one makes that proof almost effortless. A weak one gives you a tidy screen and the same gaps you already had on paper.

So the question to settle before you sign anything is not “which has the nicest interface?” It is “which one makes my exceptions impossible to lose?” Get that right and the platform repays itself the first time an enforcing officer, an insurer or an incoming estates manager asks you to show control. Get it wrong and you have bought expensive shelfware with a login.

What you’re actually buying

Strip away the marketing and a Legionella platform sits on top of the same management chain the law already expects: a site-specific risk assessment, a written scheme of control, named people who own it, routine monitoring, records, and review. L8 expects duty holders to keep records of the precautions taken, the monitoring carried out, and the management arrangements behind them [1]. HSG274 sets the monitoring itself — what to check and how often — from your risk assessment, not from a software default [2].

That tells you what the platform’s real job is. It should hold your written scheme, turn it into scheduled tasks against real assets, capture each result with who did it and when, judge it against the limit your assessment set, and chase the ones that fall outside. Everything else — the trend graphs, the QR labels, the email digests — is packaging around that core. Useful packaging, often. But packaging.

Be honest with yourself that most of this is record-keeping made faster, not a brand-new control. If your paper logbook is genuinely current and someone reads it, you already hold the evidence chain; software just makes it harder to lose and quicker to audit. Paper vs digital logbooks: making the switch walks through that switch in detail.

How to judge a platform before you buy

Score every shortlisted product against the same handful of questions. They sort the genuinely useful from the merely glossy.

Does it model your actual system? You should be able to build an asset register down to the things you control — each calorifier, cold water tank, TMV, sentinel and low-use outlet — not just “Building A”. If tasks attach to a vague location instead of a named asset, the records will be vague too.

Does it hold the scheme, not just the data? The platform should store the written control scheme and tie each task to its asset and its acceptable limit, so a reading is judged against something rather than logged blind.

What happens to an out-of-range result? This is the make-or-break test. A failed sentinel temperature or a missed flush should flag on capture, route to the responsible person, and stay open until someone records the remedial action and closes it. A platform that simply stores a red number has changed nothing about your risk.

Can you trust the record? Look for timestamps, named users, and an audit trail that shows whether an entry was edited after the event. A digital Legionella logbook you can quietly back-date is not evidence — it is a liability dressed up as one.

Does it fit your people and your contractor? Roles should map cleanly to the duty holder, responsible person and competent person, with sensible access for your water treatment contractor so their visits land in the same record rather than a separate PDF. Check that contractor holds to a recognised standard such as the Legionella Control Association’s code of conduct [4]; the platform is only ever as good as the data going into it.

Will it work where the plant is? Plenty of readings happen in basements and roof voids with no signal. Offline capture that syncs later is not a luxury in those spots — it is the difference between real readings and invented ones.

Can you get your data out? Ask exactly how you export the full history, in a usable format, if you ever leave the vendor. Your records are a legal asset and should never be hostage to a subscription.

Then put these to the vendor directly, and make them demonstrate rather than describe:

  • Show me one real out-of-range reading travelling from capture to closure.
  • Can a reading be edited after it is saved, and is that change logged and visible?
  • How does our contractor’s data get into the same record we keep?
  • Does the schedule come from our risk assessment, or do we configure it ourselves?
  • What precisely do we get back, and in what format, if we cancel?

The red flags are the mirror image of all that. Be wary of anything sold mainly on its dashboard with no exception workflow behind it; a pitch that frames sensors as a substitute for a competent person; an editable history with no audit trail; a closed export; and any product that promises to “make you compliant”, which no software on earth can do.

Where sensors fit, and where they don’t

Some platforms bolt on remote temperature monitoring through fixed sensors or data loggers, and on the right system they earn their keep: continuous readings on a hard-to-reach calorifier flow or an awkward sentinel outlet catch drift between manual visits. The conditions are narrow, though. A sensor only helps if it is calibrated, sited somewhere meaningful, reviewed by someone competent, and wired into the same escalation as everything else [2]. A sensor streaming numbers that nobody acts on is just a faster way to be unaware. Remote water temperature monitoring: benefits and setup covers the setup, and Wireless data loggers vs manual temperature readings weighs loggers against manual rounds.

When a platform is the wrong answer

A handful of outlets, one cylinder, and a single competent person who walks the building every week — that site may be far better served by a well-kept paper logbook than by a subscription it only half-uses. Software does not create diligence; it scales the diligence you already have. If nobody currently owns the exceptions, a platform will simply present the same neglect with smarter graphics and a monthly invoice. Fix the ownership first, then decide whether the software earns its place.

What software can’t do for you

A platform records and organises control; it does not perform it, and it does not shift the legal duty off the duty holder [3]. The green tiles describe what was entered, not what is happening inside the pipework — a forgotten outlet that nobody ever scheduled stays invisible no matter how polished the dashboard. Every limit, frequency and remedial action shown on screen should trace back to your own site-specific risk assessment, reviewed by a competent person, rather than to the vendor’s starter template. And the most complete audit trail in the world is no substitute for someone who still walks the plant room with their own eyes.

Common questions

Does using an online platform make us compliant?

No. It can make compliance easier to achieve and far easier to prove, but the duty stays with the duty holder and the physical controls, not the software [3]. A platform full of overdue, unactioned tasks is evidence of the opposite.

Generally yes, provided the records are complete, attributable to named people, timestamped and tamper-evident, and you can produce the full history on request. The format matters less than whether it honestly shows who did what, when, and what happened to the failures.

Your next step

Before you book a single demo, write down the three exceptions that currently slip through on your own site — a low-use shower that misses its flush, a calorifier reading that came back low, a contractor visit that left no usable record. Then make every vendor show you, live, exactly how their platform would catch and close each one. The product that handles your real failures wins. The product that can only show you a clean dashboard does not.

Sources

[1] HSE, “Legionnaires’ disease. The control of legionella bacteria in water systems - Approved Code of Practice and guidance (L8)”. https://www.hse.gov.uk/pubns/books/l8.htm [2] HSE, “Legionnaires’ disease: Technical guidance (HSG274)”. https://www.hse.gov.uk/pubns/books/hsg274.htm [3] HSE, “Legionnaires’ disease - what you must do”. https://www.hse.gov.uk/legionnaires/what-you-must-do/index.htm [4] Legionella Control Association, “Code of Conduct for Service Providers”. https://www.legionellacontrol.org.uk/