ICO guidance on sharing information to safeguard children

The ICO has issued guidance relating to sharing information to protect children in an effort to reassure people that data protection law does not prevent data sharing for this purpose.

  1. Be clear about how data protection law can help you share appropriately; get advice from your DPO/data protection team.
  2. Identify the purpose for sharing. Safeguarding is a compelling reason.
  3. Develop systems and policies to share data and train staff on these.
  4. Ensure there is transparency and ability to exercise individuals’ rights (unless this is inappropriate).
  5. Assess the risks and share as needed: do DPIAs for regular/routine data sharing, considering an overarching DPIA. It was acknowledged that a DPIA may not be appropriate for sharing on a one-off basis.
  6. Enter into data sharing agreements (again, this may not be appropriate for one-off sharing).
  7. Follow the data protection principles.
  8. Use an appropriate lawful basis (don’t assume consent is the correct basis).
  9. Share information where there is an emergency.
  10. Read the data sharing code.

The full guidance can be found here.


Don't just take our word for it