Why Patients Can't Track Their NHS Referrals — And What Would Have to Change

The Royal College of General Practitioners and the Patients Association published their joint report this week — “It Shouldn't Be This Hard: Solving the NHS maze for patients and GPs.” It deserves serious attention.

The data confirms what most patients and GPs already know from lived experience. 64% of people who used the NHS in the last year experienced at least one administrative or communication problem. 54% of GPs say their IT systems can't properly exchange information with secondary care. 26% of patients have had to chase their own referrals. 17% didn't even know whether their referral had been lost. 57% of RCGP members say they don't have enough time during appointments to build the relationships that matter. GPs are spending roughly a quarter of their working time on administrative tasks that don't improve patient care.

Professor Victoria Tzortziou Brown, Chair of the RCGP, summarised it precisely. Patients left in the dark find the uncertainty far harder to deal with than the wait itself. GPs share the frustration, spending hours chasing letters and following up referrals rather than delivering care.

The report's three priorities are exactly right: make the NHS easier to navigate, ensure patients can see their GP when they need to, and let patients access their information and track referrals via user-friendly systems.

But the third priority, the one about tracking referrals, deserves a much deeper examination. It reveals the structural reason these problems persist, and why solving them requires infrastructure that doesn't yet exist.

Why the NHS App & Patient Portals Fail

When the RCGP calls for patients to track referrals, the instinctive response is: build a portal. Build an app. Give the patient a login and let them see where they are.

This is the approach that has been tried repeatedly. The NHS App exists. Patient-facing portals exist. e-Referral Service has a “Manage Your Referral” patient-facing component. And yet 26% of patients are still chasing referrals manually, and 17% don't know whether their referral exists at all.

The reason isn't that the portals are poorly designed. It's that portals can only display what the underlying systems actually record. And the underlying systems don't record the thing patients most need to see: who is responsible for my care right now, and what is supposed to happen next?

e-Referral Service is a booking and routing system. It records that a referral was made, that an appointment was offered, that a patient was seen or didn't attend. It does not record the governed state of the clinical protocol the patient is moving through. It was never designed to.

But there's a more fundamental limitation. e-RS was designed to function inside the NHS, specifically for GP-to-acute referrals within the NHS Standard Contract. It covers consultant-led first outpatient appointments. That's its scope.

The moment a patient's pathway extends beyond NHS-to-NHS acute referrals, e-RS doesn't reach. A referral to a community physiotherapy service run by a social enterprise: no e-RS. A falls prevention assessment by a local authority team: no e-RS. A wellbeing referral to a VCSE befriending service: no e-RS. A diagnostic ordered from a private provider: no e-RS. A social prescriber connecting a patient to a community weight management programme: no e-RS.

There is no referral tracking infrastructure at all across these boundaries. Not limited infrastructure. None.

This matters because it's exactly the direction the NHS is heading. The neighbourhood health strategy, the centrepiece of the NHS Ten Year Plan, is built on the premise that care wraps around people through multiple organisations, sectors, and service types. More atomised. More distributed. More organisations involved in each patient's pathway, many of them outside the NHS. Every new service that wraps around a patient creates another boundary crossing. Another handover. Another point where responsibility can dissolve, and where no existing infrastructure records what happened.

The RCGP's data captures the problems that already exist within the NHS-to-NHS referral pathway, where at least some infrastructure exists. As neighbourhood health scales, as hybrid models grow, as care delivery becomes more distributed across NHS, local authority, VCSE, and private providers, the governance gap doesn't narrow. It widens. Dramatically.

When a GP refers a patient to a cardiologist, the patient doesn't just need to know “referral sent.” They need to know: has the receiving organisation acknowledged responsibility? Has triage happened? Am I waiting for a diagnostic, a consultation, or a procedure? Has anyone actually looked at my case? What should happen next, and when? If something is overdue, does anyone know?

And when their pathway involves a community service, a local authority team, a VCSE organisation, or a private provider, they need to know exactly the same things. Across boundaries where even the limited tracking that e-RS provides simply doesn't exist.

None of this is visible to the patient. Most of it isn't visible to the GP either. GPs spend their administrative time chasing because they're doing manually what infrastructure should do automatically. And as pathways become more distributed, the volume of manual chasing can only increase.

The Missing Layer in NHS e-Referrals: Protocol State

The NHS has invested heavily in moving data. It has not invested in governing responsibility.

A clinical protocol defines what should happen, in what order, under what conditions, with what timeframes. A cardiology referral: GP refers, triage within X days, diagnostic within Y days, consultant review, treatment decision, discharge or ongoing management. A neighbourhood health pathway: GP identifies need, community assessment, social prescriber referral, local authority housing team, VCSE wellbeing support, clinical review. Every pathway has a protocol, whether explicit or implicit. Most now cross boundaries that e-RS was never designed to reach.

The problem is that protocols exist in documentation, guidelines, and clinicians' heads. Not in infrastructure. There is no machine-readable, governed representation of “where this patient is in their protocol” that persists across organisations.

When a referral crosses from Organisation A to Organisation B, the protocol state doesn't travel with it. Organisation B receives clinical information: a referral letter, some test results, demographic data. It does not receive the governed context: what step in the protocol this patient has reached, what should happen next, what the timeframes are, and who is now responsible for ensuring the next step occurs.

This is why referrals “disappear.” They don't literally vanish. They arrive at receiving organisations and enter local workflows. But the protocol state that would make them trackable across the boundary doesn't exist in infrastructure. The referral becomes invisible to everyone except the team that received it. Even they may not have visibility of the expected protocol sequence.

Two Levels of Protocol: National Guidelines and Local Reality

This problem has two dimensions, and solving it requires infrastructure that works at both.

At the national level, NICE guidelines define what should happen clinically. Evidence-based pathways covering everything from cancer two-week-waits to musculoskeletal referrals to chronic disease management. But NICE guidelines are documents. They describe what should happen. They do not describe who is responsible for making it happen, across which organisations, under which legal frameworks, with what timeframes, and with what escalation logic when steps are missed.

At the local level, the reality is far more complex. Care doesn't just cross between NHS organisations. Neighbourhood health wraps multiple services around patients and families: GPs, community services, acute trusts, mental health services, private providers, VCSE organisations, local authorities, social prescribers, pharmacists, and more.

Each operates under a different legal constitution. A GP's duty of care is shaped by GMC standards and the NHS Act 2006. A social worker's safeguarding responsibilities sit within the Care Act 2014 and local authority protocols. A pharmacist's obligations are governed by the GPhC. A VCSE organisation may not be a regulated healthcare provider at all, yet occupies a critical position in the patient's pathway. A private provider operates under CQC regulation and contractual obligations to insurers.

When care crosses these constitutional boundaries, governance doesn't just become complex. It changes character entirely. The NHS Act 2006 and the Care Act 2014 create fundamentally different accountability structures. Responsibility doesn't simply “transfer” from a GP to a social worker the way it transfers from one NHS trust to another. It shifts between legal regimes with different duties, different regulatory oversight, different definitions of accountability.

I experienced this first-hand in November, when I participated in the PPL national neighbourhood health simulation alongside 100 participants from across health and care. I played a resident: a Colombian man with respiratory problems and a vulnerable 13-year-old daughter. I watched multiple services wrap around our family with skill and genuine care. Every individual interaction was competent. GPs addressed my health issues. Social workers assessed my daughter's welfare. Social prescribers connected us to community support.

But context fragmented across services. My daughter's growing vulnerability to an older man she'd met online was a safeguarding concern visible to us playing the roles, and one we made increasingly obvious. It was not discovered. Not because professionals lacked skill or intent, but because the information needed to join the dots was scattered across different services operating under different regulatory frameworks, with no infrastructure to hold the whole picture.

This is the local reality that national NICE guidelines don't address. The protocol isn't just “refer to cardiology.” It's “coordinate across a GP practice, a community physiotherapy service run by a social enterprise, a local authority falls prevention team, an acute trust's outpatient clinic, and a VCSE befriending service, and ensure that responsibility is explicit, context is shared, and nothing falls between the seams.”

Protocol Studio: From Guidelines to Governed Local Protocols

At Inference Clinical, this is the specific problem Protocol Studio is designed to solve. It operates at both levels. The gap between them is where patient safety lives.

At the macro level, Protocol Studio takes national guidelines (NICE pathways, GIRFT standards, clinical network protocols) and represents them as machine-readable, governed protocol definitions. The clinical sequence, decision points, timeframes, and quality standards become structured and queryable, not buried in PDF documents that clinicians consult from memory.

At the local level, Protocol Studio enables those national guidelines to be instantiated as governed, trans-organisational protocols adapted to local reality. A NICE guideline might define a heart failure pathway. But the local protocol must define: which GP practice initiates, which community heart failure service provides monitoring, which acute trust provides specialist review, which social prescriber provides wellbeing support, which local authority team assesses housing. And critically, what the governed handover looks like at every boundary crossing between them.

These local protocols are not simplified versions of NICE guidelines. They are operational governance instruments that define:

• The sequence of steps across all participating organisations
• Which organisation is responsible at each stage, regardless of legal constitution
• The conditions under which responsibility transfers between organisations under different regulatory frameworks
• The timeframes within which each step should complete
• The escalation logic when steps are overdue, unacknowledged, or blocked
• What context must travel with the patient at each crossing

This is what makes Protocol Studio fundamentally different from a pathway design tool. It doesn't just define what should happen clinically. It defines the governance of who is responsible for making it happen, across NHS, local authority, VCSE, and private organisations, and holds all of them in a single, governed protocol instance.

When a patient enters a pathway, Protocol Studio creates that instance: a living, governed record of that specific patient's journey. As the patient moves through care, the protocol instance tracks actual progress against expected progress across every organisation in the pathway.

But protocol state is only as trustworthy as the responsibility transfers underneath it. A protocol instance that says “the community falls prevention team has received this referral” is meaningless if that team hasn't actually acknowledged that they are now responsible. A status that says “on track” is fiction if nobody has confirmed they're acting.

Which is why the core of what we've built isn't Protocol Studio. It's SafeMesh. SafeMesh is the infrastructure layer that governs what happens at the moment responsibility crosses any organisational boundary.

SafeMesh: What Actually Happens at the Boundary

Every problem in the RCGP report traces back to a single structural deficiency. The lost referrals, the patients in the dark, the GPs chasing letters, the 64% experiencing administrative failures. All of it. Responsibility transfers between organisations are unilateral and unacknowledged.

When a GP makes a referral today, what actually happens is a one-way transmission. Information is sent from Organisation A to Organisation B. Organisation A assumes Organisation B has received it and will act. Organisation B may or may not have received it, may or may not have triaged it, may or may not have accepted that they are now responsible for this patient's next step.

There is no bilateral acknowledgement. No governed moment at which Organisation B explicitly confirms: we have received this, we accept responsibility, here is who is responsible, here is what we will do, here is the timeframe.

This problem compounds when care crosses constitutional boundaries. When an NHS trust refers to a local authority adult social care team, the transfer crosses from one legal framework to another. Neither framework explicitly governs the handover between them. The patient sits in the gap.

When an NHS pathway involves a VCSE organisation, a community wellbeing service, a carers' support charity, or a social prescribing link worker, the gap widens further. These organisations may have no statutory clinical governance obligations at all, yet they hold a critical position in the patient's pathway. A referral to a VCSE service may be the step that prevents a hospital admission. But if that referral is unacknowledged, the patient is unowned across a boundary that no existing governance framework addresses.

In aviation, this would be unthinkable. When air traffic control transfers responsibility for an aircraft from one sector to another, the transfer does not complete until the receiving controller electronically verifies and accepts the handover. The infrastructure makes it structurally impossible for an aircraft to be unowned. At every moment, exactly one controller is accountable, and the system proves it.

In healthcare, patients are routinely unowned. Discharged from one organisation, not yet received by another. Clinical responsibility assumed by everyone and owned by nobody. The RCGP's 17%, the patients who don't know if their referral has been lost, are patients sitting in exactly this gap.

SafeMesh eliminates this gap. It implements what we call Minimum Viable Responsibility Transfer, or MVRT. This is the minimum set of structural conditions that must hold before clinical responsibility can safely cross any organisational boundary, regardless of the legal framework on either side.

Minimum Viable Responsibility Transfer

MVRT is not a policy. It's not a guideline. It's not training. It's an engineering control. A structural constraint built into the infrastructure that makes it impossible for responsibility to dissolve at a boundary.

Every time care, data, or clinical responsibility crosses an organisational boundary through SafeMesh, five questions must be answered explicitly. This applies whether the crossing is between two NHS trusts, between an NHS service and a local authority, between a GP practice and a VCSE organisation, or between the NHS and a private provider.

Who? Who is responsible now? Not a department, not a team inbox, not “the hospital.” A named, accountable party.

What? Responsible for what, specifically? Triage? Diagnostic? Treatment decision? Wellbeing assessment? Housing review? The scope is explicit, not assumed.

How long? For how long? Responsibility is time-bounded. Open-ended responsibility is unmanageable responsibility.

Conditions? Under what conditions does responsibility end or escalate? What triggers the next handover? What constitutes completion?

Evidence? What proves that the receiving party understood and accepted? Not that information was sent. That responsibility was acknowledged.

These five conditions are the minimum viable set. Without any one of them, the transfer is ungoverned. And an ungoverned transfer is exactly what produces the RCGP's statistics: the 26% chasing referrals, the 17% in the dark, the GPs spending a quarter of their time on administrative work that should be handled by infrastructure.

The critical engineering principle is this: the system does not progress until the receiving party confirms. A referral sent through SafeMesh is not recorded as “received” until the receiving organisation explicitly acknowledges it. This applies regardless of whether that organisation is an NHS trust, a local authority, a VCSE, or a private provider. Silence does not mean acceptance. Silence triggers escalation. If a referral is unacknowledged within the protocol timeframe, the system surfaces it to the referring clinician, to the care coordinator, and eventually to the patient.

This is the difference between an administrative control and an engineering control. An administrative control says “the receiving organisation should acknowledge referrals within 48 hours.” An engineering control makes it structurally impossible for an unacknowledged referral to sit silently in a queue without anyone knowing.

Why This Changes Everything About Patient Visibility

This is what connects SafeMesh and Protocol Studio to the RCGP's call for patients to track their referrals.

When responsibility transfer is governed (bilateral, explicit, time-bounded, and evidenced) then protocol state becomes trustworthy. And when protocol state is trustworthy, showing it to a patient on their phone stops being a governance problem and becomes a straightforward engineering one.

Consider what a patient's mobile application could show them when SafeMesh and Protocol Studio are working together across a neighbourhood health pathway:

“Your cardiology referral was received by Royal Hampshire County Hospital on 12 February. Responsibility was accepted by the cardiology triage team on 13 February. Triage was completed on 14 February. You have been placed on the diagnostic pathway. Your echocardiogram is expected within 4 weeks. Current status: on track.”

“Your wellbeing referral to Age UK Hampshire was acknowledged on 15 February. A home visit has been scheduled for 20 February. Your falls prevention referral to Hampshire County Council was received on 16 February and is being processed. Current status: both on track.”

Every statement is backed by a governed, auditable event. “Received” means the receiving organisation acknowledged receipt through MVRT, whether that organisation is an NHS trust, a charity, or a local authority. “Responsibility accepted” means a named party confirmed scope and timeframe. “On track” means the protocol engine has verified that no steps are overdue.

Now consider the alternative. The one that matters most:

“Your referral to the musculoskeletal service was sent on 3 January. It has not been acknowledged by the receiving organisation. This is overdue against the expected timeframe. Your GP practice has been notified automatically.”

This is the status the RCGP's 17% never see. Today, this patient would simply hear nothing. After weeks of silence, they might phone their GP to ask what happened, triggering the manual chasing that consumes 25% of GP administrative time. With SafeMesh, the infrastructure itself detects the gap and surfaces it before the patient has to chase.

This isn't a portal showing a static referral record. It's a live view into governed protocol state, across NHS, local authority, VCSE, and private providers, underwritten by bilateral responsibility transfer at every boundary. The patient sees where they actually are because the system actually knows.

The Seven Flows: What SafeMesh Governs at Every Crossing

MVRT is the core mechanism. The Seven Flows are the complete governance framework that must hold at every boundary crossing for protocol state to be trustworthy end-to-end.

Identity. Confident patient matching across systems that may not share a common patient identifier. An NHS number means nothing to a VCSE database. Identity must be resolved at every boundary.

Consent. The patient has authorised this specific sharing, for this specific purpose. Consent for NHS data sharing doesn't automatically extend to a local authority or a charity. Each crossing may require distinct consent evaluation.

Provenance. The protocol state can be trusted. Its source is traceable, its transformations documented. When a patient sees “triage completed” on their phone, provenance ensures that status came from a verified clinical system, not an unvalidated data feed.

Clinical Intent. The purpose of each step is explicit. Why is this referral being made? What clinical or wellbeing question does it answer? This is critical when care crosses from clinical services into social care or community support, where the boundary between clinical and non-clinical blurs.

Alert & Responsibility. This is where MVRT lives. When a protocol step creates a new responsibility, that responsibility is explicitly accepted by the receiving party. The system does not progress until acceptance is confirmed. Silence triggers escalation, not assumption.

Service Routing. Referrals and escalations reach the right service with complete context. The protocol instance travels with the referral, so the receiving service knows what step the patient is on, what's expected, and what the timeframes are.

Outcome. Episodes close deliberately. The protocol instance records what actually happened across every organisation in the pathway. A discharge from an NHS trust that triggers a social care assessment under the Care Act represents a crossing where outcome closure requires coordination across two entirely different legal regimes. Without governed outcome, safety loops never close.

The Practical Path

We're not proposing that the entire health and care system adopts new infrastructure overnight. The practical path looks like this:

Phase 1: Protocol definition. Clinical protocols that cross organisational boundaries are codified in Protocol Studio, starting with high-volume pathways. At the macro level, NICE guidelines are represented as machine-readable protocol definitions. At the local level, these are adapted to the specific organisations, legal frameworks, and handover points in each locality. This alone has value. It makes implicit protocols explicit and makes the boundaries visible rather than hidden.

Phase 2: Governed responsibility transfer. SafeMesh implements MVRT at every organisational boundary within those pathways, across NHS, local authority, VCSE, and private providers. Referrals become bilateral. Acknowledgement becomes structural. The 26% who currently chase referrals stop needing to, because the infrastructure tells them and their GP whether the receiving organisation has accepted responsibility. The 17% who don't know if their referral has been lost cease to exist as a category, because an unacknowledged referral is surfaced by the system rather than hidden by silence.

Phase 3: Clinical visibility. GPs and care coordinators gain real-time visibility into where their patients are across the entire pathway. Not just the NHS parts, but across every organisation in the patient's protocol. Overdue steps surface automatically. Unacknowledged referrals flag before patients have to chase them. The quarter of GP working time spent on administrative chasing begins to return to patient care.

Phase 4: Patient visibility. Once protocol state is governed and trustworthy, it's exposed to patients through their preferred channel: mobile app, NHS App integration, or simple notification. The patient sees where they are across every service involved in their care, whether it's on track, and what's next. Not because someone built a portal, but because the governance infrastructure underneath makes that portal trustworthy.

Each phase delivers value independently. But Phase 4, the patient-facing visibility that the RCGP is calling for, is only possible because Phase 2 exists. Without governed responsibility transfer, there is nothing trustworthy to show.

What the RCGP Report Really Reveals

The report calls its campaign “Solving the Maze.” The metaphor is apt, but the maze is more complex than it first appears. It extends across NHS trusts, local authorities, community providers, private healthcare, and VCSE organisations. Each operates under different legal duties, different regulatory frameworks, different accountability structures.

The maze exists because responsibility transfers between these organisations are ungoverned.

Every data point in the report traces back to this structural gap. The 64% experiencing administrative problems. The 54% whose IT systems can't exchange information with secondary care. The 26% chasing referrals. The 17% in the dark.

The NHS has invested heavily in moving data. It has not invested in governing responsibility. You can move a referral letter between NHS organisations in seconds. You cannot, today, execute a governed, bilateral, evidenced transfer of clinical responsibility. And across the boundaries where neighbourhood health actually operates, the referral tracking infrastructure that exists within the NHS simply isn't present. e-RS reaches the acute sector. The future of care delivery extends far beyond it.

SafeMesh closes that gap. Protocol Studio makes it visible, from national NICE guidelines to local trans-organisational protocols that work across every type of organisation involved in the patient's care. Together, they create the infrastructure layer that makes the RCGP's three priorities technically achievable. Not as aspirations, but as engineering.

We are currently finalising and testing the first phase of SafeMesh. The platform that makes governed responsibility transfer and protocol state tracking a reality across organisational and constitutional boundaries.

Julian Bradder

Founder & CEO, Inference Clinical

Julian is Founder and CEO of Inference Clinical, an infrastructure company that enables safe, fast, legal transfer of responsibility, clinical intent, and pathway history across clinical pathways, locations, organisations and constitutions. Full profile