Responsible person vs competent person

Written by the BlueWave team · Published 10 June 2026

General information, not legal or regulatory advice — your duties need your own competent advice.

Two roles carry most of the weight in a Legionella control programme, and they get conflated on sites every day — usually in the sentence "our contractor handles all that." Here's the actual division of labour, and the trap waiting in small organisations.

The two roles, and where each comes from

The duty-holder — the employer or person in control of the premises — appoints a responsible person to take managerial responsibility for the control scheme. The responsible person, in turn, usually engages competent help: people with the specialist skill to assess risk, design controls and do the monitoring — typically a water-treatment contractor or consultant. Three layers: the duty stays at the top, the management sits in the middle, the expertise is bought in.

The responsible person

The defining tests are authority and competence. Authority: enough standing to make controls happen — spend money, direct people, stop something unsafe today rather than after the next management meeting. Competence: trained for the role and knowledgeable about this installation, not installations in general. The appointment should be in writing, deputies named and trained, and the training records kept in the logbook. A name on an org chart with no budget and no training satisfies nobody, least of all an inspector.

Competent help — what contractors can and can't take on

A good contractor can assess risk, write the written scheme, run the monitoring regime, take the samples, keep beautiful records. What no contractor can do is absorb the duty. If the programme fails, enforcement lands on the duty-holder — "we paid someone" is evidence of intent, not of compliance. The practical consequence: duty-holders should be able to see their contractor's work — schedules met, records current, remedials closed — not just receive an invoice that implies it.

The both-hats trap

In small organisations one person often ends up as responsible person and the hands doing the monitoring. It's legal and sometimes unavoidable — but it quietly removes a control layer: the person verifying the work is the person who did it. If that's your reality, write the conflict down and compensate for it — independent periodic audit, laboratory QA, a second signature on out-of-range actions. The both-hats failure mode isn't dishonesty; it's that nobody marks their own homework wrong on a busy Friday.

The appointment checklist

  1. Responsible person appointed in writing by the duty-holder
  2. Authority real: budget, access, standing to act today
  3. Role-specific training done, refreshers scheduled, records kept
  4. Deputies named, trained, and tested by actual absence
  5. Competent help engaged with written scope — and its limits understood
  6. Verification wired in: the duty-holder can see the programme running, not just its invoices

Questions this guide gets asked

Can our water-treatment contractor be our responsible person?
Treat that with suspicion. The responsible person needs day-to-day authority over the site and its people — budgets, access, the standing to stop something unsafe. A contractor visiting monthly rarely has any of that. Contractors make excellent competent help; outsourcing the responsible-person role itself usually means the duty-holder has misunderstood what they're keeping.
Does the responsible person need a specific qualification?
L8 asks for competence — sufficient authority, training and knowledge of the installation — rather than a named certificate. In practice that means recognised Legionella responsible-person training, knowledge of the actual systems on site, and refreshers as guidance moves. The training record belongs in the logbook.
What happens when the responsible person is on leave?
The same things that happen every other week — which is the point. L8 expects deputies: named, trained, and actually able to act. A control scheme that pauses for annual leave isn't a control scheme. Auditors increasingly ask for the deputy by name and check their training record too.
We're a five-person company — can one person wear both hats?
Sometimes it's unavoidable, and it isn't prohibited. But name the conflict in writing: the person checking the work is the person doing the work, so build in external verification — periodic independent audit, lab QA, a second pair of eyes on out-of-range actions. The failure mode of both-hats isn't malice; it's nobody ever marking their own homework wrong.

Make the contractor's work visible

BlueWave gives duty-holders and responsible persons the view the roles actually need: schedules met, records current, remedials closed — evidence, not invoices.