A temperature reading typed into a phone at the sentinel outlet, the second the probe settles, is worth more than the same number copied into a logbook back in the office that evening. Real-time logging closes the gap between doing the task and recording it. That gap is exactly where audits unravel.

But “put it on a phone” is not a plan. Mobile logging stretches from a free notes app to a managed platform with Bluetooth probes and a dashboard, and most of the difference that matters to a compliance manager never shows up in a sales demo. Before you sign anything, get clear on what the tool actually has to achieve.

What you are really buying

Records are not paperwork bolted onto the real job. They are the evidence that your control scheme runs at all. L8 expects the duty holder to keep records of the precautions taken, the monitoring carried out, and the management arrangements behind them [1]. A mobile logging tool earns its place only if its output would let an inspector, an insurer or an incident investigator reconstruct what happened without you standing there to narrate it.

In practice, every entry has to answer six things: who did this, when, on which asset, what was the result, was it inside the limit your risk assessment set, and — if not — what was done next. Paper can hold all six. So can a phone. The real question is which one keeps the record honest with less effort.

Real time is the point because the alternative is reconstruction. When readings go on a clipboard and get typed up later, the timestamps become guesses, the “all in range” tick gets carried forward, and the single outlet that ran lukewarm quietly disappears into the average. Logging at the moment of work — the reading stamped as the probe is read, against the outlet that was just scanned — removes that drift. A contemporaneous record is simply harder to argue with.

Five tests to put any tool through before you buy

This is the framework I would take into every vendor conversation. Score the product, the app or the managed service against all five. Each comes with the question to ask out loud and the answer that should worry you.

  1. Integrity of the record. Every entry should be stamped with user, time, asset and location, and any later correction should be tracked rather than overwritten. Ask the vendor: “Show me the audit trail for a reading that was corrected after the event.” Red flag: history you can edit with no trace, or a one-tap “mark all compliant” button that lets a round be faked in seconds.

  2. It works where the work happens. Most plant rooms sit behind thick walls below ground, and the mobile signal dies at the door. Ask the vendor: “Does it capture fully offline, and which timestamp does a reading carry — the moment I took it, or the moment it synced?” Red flag: an app that needs a live connection to save a reading, or one that silently stamps entries with the sync time and makes your record look like it happened hours later.

  3. It bends to your system, not the other way round. Your asset register, your outlets, your risk-assessed frequencies. Ask the vendor: “Can it mirror our risk assessment’s outlet list and intervals, or do we reshape our scheme to fit your template?” Red flag: a fixed schedule you cannot change. HSG274 and your own risk assessment set the detail and frequency of monitoring, not a software default [2].

  4. Exceptions that cannot be shrugged off. An out-of-range reading should drive an action, not just turn a cell red. Ask the vendor: “When a temperature fails on screen, does the app force an action or an escalation, or can the operative save it and walk away?” Red flag: a dashboard that beams reassuring green averages while individual failures sit open and unread underneath.

  5. Your data stays yours. Ask the vendor: “Can we export every record, in an open and readable format, at any time — including after we leave — and where is the data actually held?” Red flag: a proprietary-only export, a fee to retrieve your own history, or a shrug when you ask who owns it. Ownership, hosting and retention deserve their own scrutiny; Data security and privacy in digital logbooks goes into the security side properly.

If a supplier cannot give a straight answer to all five, you are not buying control. You are buying admin with a logo on it.

Where the trade-offs actually bite

The demo never shows these, so press on them yourself.

Pricing models shape behaviour. Per-user or per-reading charging quietly punishes thoroughness — the more diligently your team logs, the bigger the bill, which is exactly the wrong incentive. Flat-rate or per-site pricing keeps the cost predictable as your logging gets better.

Hardware adds upkeep. Bluetooth probes that push a reading straight into the app remove transcription error, but they are one more thing to charge, calibrate and lose down the back of a calorifier. For a small estate, staff phones plus one calibrated handheld may capture everything you need without a fleet of devices.

Adoption beats features. The best system is the one a technician will actually use at seven in the morning, in a cold plant room, with gloves on. A tool that needs ten taps per outlet gets gamed before the second week is out. Watch a real operative use it on a real round before you commit.

When mobile logging is the wrong purchase

Be honest about when not to buy. If your risk assessment is stale or your written scheme is thin, software just digitises the gaps faster and prints them more neatly. Fix the scheme first. And on a genuinely small site — one building, a handful of outlets — a paper logbook that is reviewed on a real schedule can be entirely sufficient; do not buy a platform to solve what is really a discipline problem. If you are weighing the switch at all, Paper vs digital logbooks: making the switch walks through when the move is worth making.

One thing the purchase never changes: accountability. Handing your logging to an app or a managed service does not move the legal duty off the duty holder [3]. If you do bring in a service provider, check they work to a recognised standard — the Legionella Control Association publishes a code of conduct for service providers that is worth holding any supplier to [4].

A word on numbers and what counts as proof

No app makes a system compliant, and a screen full of green is not the same thing as a controlled water system. The figures that decide whether a reading passes — the temperatures, the flush durations, how often each outlet is checked — come from your site-specific risk assessment and a competent person, not from a supplier’s default settings. Treat any threshold quoted in a demo as a starting point to confirm against your own assessment, never a standard to adopt because the software arrived with it.

FAQ

Do temperature checks logged on a phone count as valid compliance records?

Yes. UK guidance is about the content and integrity of the record, not whether it lives on paper or a screen. L8 expects records of the precautions and monitoring you carry out [1]. A phone entry that captures who, when, which outlet and the result, backed by a tamper-evident trail, is generally stronger evidence than a clipboard, not weaker.

What happens to our records if we switch supplier or the provider goes under?

This is why export is non-negotiable. Before committing, confirm you can pull every record out in an open, readable format at any time, and ask how long the supplier retains your data. Your duty to keep evidence of control does not pause because a contract ended or a vendor folded.

Do field staff need a phone signal to log readings in the plant room?

Not if you choose well. A capable tool captures fully offline and syncs later, stamping each reading with the time it was actually taken rather than the time it reconnected. Test that behaviour during a trial in your worst-signal location before you roll anything out across the estate.

Sources

[1] HSE, “Legionnaires’ disease. The control of legionella bacteria in water systems — Approved Code of Practice and guidance (L8)”. https://www.hse.gov.uk/pubns/books/l8.htm [2] HSE, “Legionnaires’ disease: Technical guidance (HSG274)”. https://www.hse.gov.uk/pubns/books/hsg274.htm [3] HSE, “Legionnaires’ disease — what you must do”. https://www.hse.gov.uk/legionnaires/what-you-must-do/index.htm [4] Legionella Control Association, “Code of Conduct for Service Providers”. https://www.legionellacontrol.org.uk/