Legionella Risk Management in the Workplace: Legal Duties and Best Practice

Legionella bacteria present a significant health risk in a wide range of workplace environments, particularly where water systems can support their growth and transmission. It is essential to understand both the practical control measures and the legal framework governing Legionella risk management in the UK.

This article outlines key responsibilities and guidance based on advice from the Health and Safety Executive (HSE), alongside the requirements of the:

• Health and Safety at Work etc. Act 1974
• Control of Substances Hazardous to Health Regulations 2002 (COSHH)
• Management of Health and Safety at Work Regulations 1999
• HSE Approved Code of Practice L8 and guidance HSG274

What is Legionella?

Legionella is a type of bacteria commonly found in natural water sources such as rivers and lakes. However, it becomes a serious health hazard when it proliferates in engineered water systems, including:

• Cooling towers
• Hot and cold-water systems
• Spa pools and hot tubs
• Showers, taps and infrequently used water outlets

Infection occurs through inhalation of contaminated water droplets (aerosols), potentially leading to Legionnaires’ disease, a severe form of pneumonia.

Crucially, Legionnaires’ disease does not spread person-to-person.

Legal Framework for Legionella Risk Management

Health and Safety at Work etc. Act 1974

Under this Act, employers have a general duty to ensure, so far as is reasonably practicable, the health, safety, and welfare of employees and others who may be affected by their activities. This includes managing risks associated with Legionella in workplace water systems.

Key duties include:

• Providing safe systems of work
• Maintaining plant and equipment in a safe condition
• Ensuring adequate information, instruction, training, and supervision

Management of Health and Safety at Work Regulations 1999

These regulations require employers to carry out suitable and sufficient risk assessments and implement appropriate preventive and protective measures.

In relation to Legionella, this means:

• Identifying potential sources of Legionella growth
• Assessing who may be at risk (employees, visitors, contractors)
• Implementing control measures
• Appointing a competent person to manage risks
• Reviewing assessments regularly

Control of Substances Hazardous to Health Regulations 2002 (COSHH)

Legionella bacteria fall under COSHH as a biological hazard. Employers must prevent or adequately control exposure to hazardous substances.

Under COSHH, employers must:

• Assess risks from Legionella exposure
• Prevent exposure where possible, or control it where prevention is not reasonably practicable
• Maintain and monitor control measures
• Provide health surveillance if necessary
• Prepare procedures for dealing with incidents or emergencies

HSE Guidance on Legionella (L8 and HSG274)

The HSE provides comprehensive guidance through:

• Approved Code of Practice (ACoP) L8: Legionnaires’ disease: The control of Legionella bacteria in water systems
• HSG274: Technical guidance documents supporting L8

Together, these two areas of guidance from HSE set out what employers should do and how to do it.

Legionella Risk Assessment

A Legionella risk assessment must identify:

• Conditions that encourage bacterial growth (e.g., water temperatures between 20–45°C)
• Potential for aerosol generation
• Susceptible individuals

Risk assessments must be reviewed regularly, particularly following changes to the premises, water systems or occupancy.

Legionella Control Measures

Effective control strategies include:

• Maintaining water temperatures outside the Legionella growth range
• Avoiding water stagnation
• Regular cleaning and disinfection of systems
• Use of biocides where appropriate
• System design to minimise risk

Control measures should always be proportionate to the level of risk.

Written Scheme of Control

Where a risk is identified, a written scheme must be implemented. This should detail:

• Control measures
• Monitoring procedures
• Maintenance requirements
• Responsibilities of personnel

Monitoring and Record Keeping

Regular monitoring is essential to ensure control measures remain effective. Records should include:

• Temperature checks
• Inspection reports
• Cleaning and maintenance activities
• Risk assessment reviews

Good record keeping supports legal compliance and provides evidence should enforcement action arise.

Roles and Responsibilities

Duty Holder

The duty holder is typically the employer, building owner, or person in control of premises. They are legally responsible for managing Legionella risks.

Responsible Person

A competent individual should be appointed to oversee Legionella control measures. This person must have sufficient knowledge, experience, and authority.

Consequences of Non-Compliance

Failure to manage Legionella risks can result in:

• Serious illness or fatalities
• Legal enforcement action, including fines and prosecution
• Reputational damage

The HSE actively enforces compliance, and breaches of legislation can carry significant penalties.

Conclusion

Legionella risk management is a critical aspect of workplace health and safety. By following HSE guidance and complying with the Health and Safety at Work etc. Act 1974, COSHH 2002, and the Management Regulations 1999, organisations can effectively control risks and protect both employees and the public.

A proactive approach—combining thorough risk assessment, robust control measures, and ongoing monitoring—is essential to ensuring compliance and safeguarding health.

Get in touch today via our form to speak with a H&S specialist about our Legionella services or wider H&S support, from ad-hoc projects to training to comprehensive retainer packages.

FAQs