There are specific situations when you are permitted to share personal data with others. If you do so, you must follow these rules.
See Group Handbook A6: Handling data
Safeguarding, emergencies and data protection
You must report all abuse or suspected abuse to the Safeguarding Responders Group, even if you have not been able to obtain permission.
If someone’s life is in immediate danger, data protection laws do not prevent you from acting immediately to share information with the emergency services, health professionals or other authorities.
However, if your group is approached by the Police or any other authority asking for information about a person in anything other than a life or death situation, you must always refer them to our Data Governance Team.
- Learn more about Safeguarding
Sharing data with service providers
If your group provides services and activities, you may need to share personal information about the people who use them with a service provider. We have two processes to support you to keep data safe when sharing it.
Service Level Agreements
If your group receives complementary therapies, exercise, physiotherapy and talking therapies from a service provider, whether this is an individual or organisation, we expect you to set up a Service Level Agreement (SLA) which sets out the expectations of everyone involved.
- See our guidance on setting up Service Level Agreements
An SLA requires your service provider to look after data appropriately. You must involve your Local Networks Officer if you plan to develop any service or activity that requires an SLA.
- Get contact details for your Local Networks Officer
Data Protection Undertakings
If your group regularly hires transport or a venue, your service provider must complete a Third Party Data Protection Undertaking Form. This outlines our confidentiality and record-keeping requirements when handling personal information we share.
Print two copies and ask your service provider to sign both. Give your service provider one copy for their reference and securely store the other copy until a year after you stop providing the service.
You don’t need to obtain a Data Protection Undertaking for one-off taxi, restaurant and hotel bookings.
- Download a Third Party Data Protection Undertaking Form
Need support?
Our Data Governance Team is here to make sure we all meet our personal data, information handling and record keeping obligations. Contact us for help with any data compliance questions you may have.
- Get contact details for our Data Governance Team
Back to Handling data
