Skip to content
Compliance

What we learned from 50 mock QAM scans of Ontario DS agencies

April 15, 2026 · 7 min read · Merakey Team

Over the past six months, we have run more than 50 mock QAM compliance scans across Ontario developmental services agencies. The data set is varied: small two-home operators, mid-size regionals, and a few of the larger multi-region agencies. Different software stacks, different staff sizes, different geography.

The variation matters less than you would expect. The gaps that surface in a mock scan look almost the same from one agency to the next. After 50 runs, four patterns are basically universal.

Pattern one: training expiry stacks up silently

Every agency has staff training requirements. CPR, first aid, medication administration, safe management, fire safety. Each has its own renewal interval. Each is tracked in a different system, sometimes in a binder, sometimes in a shared spreadsheet, sometimes in the HR module of an HRIS that nobody opens unless they have to.

Across the 50 scans, the median agency had between 8 and 14 staff members operating with at least one expired certification at the moment of the scan. Not deliberately. The renewal cycle had simply outrun the tracking system. In a manual review, these get caught only when an inspector asks.

Pattern two: incident reports without follow-up

Regulation 299/10 requires not just incident reporting, but documented review and action. The scans showed the report side is generally fine. The follow-up side is where things break. Open incidents from three to six months ago, sitting without a documented closure or remediation plan. These are not signs of unsafe care, just signs of paperwork that lags real life.

For an inspector, the absence of closure documentation is itself a finding. The agency may have done the right thing operationally and still take a hit on the compliance audit because the paper trail does not reflect it.

Pattern three: eMAR data that doesn't reconcile

Electronic medication administration records are supposed to be the cleanest part of the compliance picture. In practice, when we cross-check eMAR against pharmacy delivery, prescription orders, and medication count audits, the three rarely agree. Small discrepancies, mostly. A med given thirty minutes outside the window, a count off by one, a refill not yet logged. Individually trivial. In aggregate, exactly the pattern that triggers a deep audit.

Pattern four: policies that haven't been reviewed in years

Most agencies have a comprehensive policy binder. Most policy binders have not been formally reviewed in three to five years. Regulations change. Best practices evolve. The policy still says what it said in 2020. When an inspector asks for the most recent review date and signature, the answer is often "I'm not sure."

The gap between what an agency does in practice and what its policies say it does is the kind of finding that turns a routine audit into a focused investigation. It is also the easiest one to fix, because the work is administrative rather than operational.

The pattern across patterns

None of the four are signs of an agency doing care badly. They are signs of an agency doing care well while paperwork lags. Compliance is the rate at which the documentation tracks the reality. Meridian is built to close that gap, by scanning all four areas continuously and surfacing the gaps before an inspector does.

Ready to see Meridian in action?

See how Meridian scans the same four areas continuously and surfaces QAM gaps before an inspector does.

Book a Demo