--- title: "Using QR codes to streamline maintenance logging" source_url: https://legionella.io/articles/using-qr-codes-to-streamline-maintenance-logging/ canonical_url: https://legionella.io/articles/using-qr-codes-to-streamline-maintenance-logging/ pillar: "Digital Logbooks & Record Keeping" summary: "How to tie every Legionella check to the right outlet with QR codes: build the asset register, pick durable labels, and keep records that hold up at audit." primary_keyword: "QR code maintenance" date_published: 2025-07-28 date_reviewed: 2026-06-26 author: "Legionella.io editorial team (REMOTE TECH LTD)" reviewed_against: "HSE L8 and HSG274 guidance" region: "United Kingdom" license: "(c) REMOTE TECH LTD. Quote freely with attribution and a link to source_url." --- # Using QR codes to streamline maintenance logging Picture the moment an auditor points at a row in your monitoring records and asks a plain question: how do you know this 50°C reading came from that sentinel tap, on that date, taken by someone who was actually standing in front of it? With a paper logbook in a riser cupboard, the honest answer is often "we trust the technician's pen." A QR code closes that gap. Fix a coded label to the asset, scan it on arrival, and the record binds itself to the right outlet, the right time and the right person before anyone types a number. That is the whole appeal for Legionella record keeping. The bacteria don't care how you log a flush — but an inspector, an incoming contractor, or an incident investigator cares enormously whether your evidence is traceable. QR codes are a cheap way to make it so, provided you build the foundation underneath them first. ## Get the asset register right before you print a label A QR code is not a record. It is a pointer to a record. Scanning one just says "open the entry for asset X." If asset X is wrong, missing, or duplicated in your system, the code faithfully points at the mistake. So the prerequisite is an accurate asset register tied to your schematic — every monitored point given a unique ID: the cold water storage tank, the calorifier, each sentinel tap, the TMVs, the showers and spray taps, any cooling tower. HSG274 frames the asset register and schematic as the backbone of a control scheme [2], and codes only earn their keep when they sit on top of one. If your register is a spreadsheet nobody has reconciled with the building in two years, fix that first. Codes amplify whatever order or disorder they're attached to. Decide granularity early too. One code per monitored point gives you outlet-level evidence; one code per room or per riser saves labels but loses the precision that made QR worth doing. ## Standing it up, step by step Here is a sequence that gets a building from "paper in a cupboard" to scanned, traceable records without a chaotic switchover. Each step has a test for when it's actually finished. 1. **Reconcile the asset register against the building.** Walk the site, confirm every monitored point exists, has a unique ID, and matches the schematic. *Done when:* there are no assets on paper you can't find on the wall, and none on the wall missing from the register. 2. **Generate one code per asset and bind it to that record.** Each code must resolve to that specific asset's task list, not a generic "log a reading" form. *Done when:* scanning a calorifier's label opens the calorifier — with its tasks, limits and history — and nothing else. 3. **Choose durable labels and mount them sensibly.** Plant rooms are warm, damp and occasionally splashed; a paper sticker won't last. Use laminated or UV-stable labels, and fix them near the asset but not on a part that gets descaled, lagged over or swapped out. *Done when:* a label survives a wet plant room and is still readable and reachable. 4. **Pilot on one building or plant room.** Let a technician run a full round on a phone before you commit the estate. *Done when:* they can scan, record a reading, flag an out-of-range result and trigger an escalation without phoning the office. 5. **Set up offline capture.** Basements, risers and tank rooms rarely have a signal. The app must store a scan and reading locally and sync when it reconnects. *Done when:* a reading taken in a dead zone appears in the record, correctly timestamped, after the device is back online. 6. **Roll out and retire the paper deliberately.** Run digital alongside paper for one monitoring cycle, then stop the paper. *Done when:* a full cycle of records exists in the system and the old logbook is archived, not binned. ## Where QR logging quietly goes wrong The failure modes are predictable, and worth naming so you can design around them. A scan proves someone was at the label. It does not prove the reading is honest. A determined corner-cutter can photograph a code and scan it from the tea room. Treat the scan as evidence of presence, not proof of a correct measurement — and back it with sensible checks: occasional supervised rounds, the odd required photo, and readings that have to fall in a plausible range. Relabelling is the other classic. Swap a calorifier, renumber a riser, or reprint a faded sticker without updating the register, and you create orphan codes that point nowhere or, worse, at the wrong asset. Any physical change to a label has to be a change to the record. And beware the dashboard that flatters you. A system reporting "94% of tasks complete this month" can bury the six percent that matter — the low-use shower nobody flushed, the sentinel tap that's drifted warm. Make missed and out-of-range tasks loud, not averaged away. Good audit prep depends on seeing exactly that — see [Audit prep](https://legionella.io/articles/audit-prep-how-digital-records-simplify-compliance-checks/) on reading records the way an inspector will. ## Proving the audit trail actually holds Before you rely on it, test the audit trail the way an auditor would. Pick a random outlet, scan it, and confirm the record on screen matches the asset in front of you. Then reverse it: take a record from last month and trace it back to a physical asset. Run a deliberately failed task — an out-of-range temperature — through the whole chain and check that escalation and close-out are captured, not just the green tick. If both directions resolve cleanly and a failure leaves a visible trail, your evidence will survive the moment it's questioned. There's also a data side to scanning, logging and storing who-did-what: technician identities, timestamps and locations are personal data, and how you hold them matters. [Data security and privacy in digital logbooks](https://legionella.io/articles/data-security-and-privacy-in-digital-logbooks/) covers the retention and access side that sits alongside this. ## What a QR code can't do for you A coded label is a recording aid, not a control. Scanning a tap does nothing to the water inside it; temperature, movement and cleanliness still do all the real work of keeping Legionella in check. The legal duty to keep adequate records — and to keep them for the period the ACoP expects — stays with the duty holder whatever app sits underneath [1]. A tidy scan history is not automatically a compliant record if the control scheme behind it is wrong or the limits are guessed. And the cadence of monitoring and any sampling is set by your risk assessment, not by whatever default the software ships with [3]. Confirm the retention period and the monitoring intervals against the current HSE guidance, not the dashboard. ## A sensible next step Don't start by ordering a thousand labels. Open your asset register next to your schematic and your last quarter of monitoring records, and check they agree. Reconciling those three is the work that makes QR codes worth printing — and if they don't agree, you've just found something more urgent than the codes. ## FAQ ### Does scanning a QR code prove the task was actually done? It proves someone was at the labelled asset at that time, which is more than a handwritten row gives you — but it isn't proof the reading is accurate. Pair scans with in-range checks, the occasional required photo, and supervised spot rounds so presence and a credible result are recorded together. ### Do we need a mobile signal in the plant room for this to work? No, and you should assume you won't have one. Choose a system that captures the scan and reading offline and syncs when the device reconnects, with the original timestamp preserved. Test this in your worst dead zone before rollout. ### What happens to our records if labels get replaced or we change provider? The records live in the logbook, not on the sticker, so a reprinted label is fine as long as it's re-bound to the same asset ID. Before changing provider, confirm you can export the full history — readings, users, timestamps and escalations — in a format you can keep and read [1]. ## Related reading - [Water tank inspections: checking for Legionella risk](https://legionella.io/articles/water-tank-inspections-checking-for-legionella-risk/) - [Data security and privacy in digital logbooks](https://legionella.io/articles/data-security-and-privacy-in-digital-logbooks/) - [Audit prep: how digital records simplify compliance checks](https://legionella.io/articles/audit-prep-how-digital-records-simplify-compliance-checks/) ## Sources [1] HSE, "Legionnaires' disease. The control of legionella bacteria in water systems — Approved Code of Practice and guidance (L8)". https://www.hse.gov.uk/pubns/books/l8.htm [2] HSE, "Legionnaires' disease: Technical guidance (HSG274)". https://www.hse.gov.uk/pubns/books/hsg274.htm [3] HSE, "Testing and monitoring your water system for legionella". https://www.hse.gov.uk/legionnaires/testing-monitoring-water-system.htm