General Election 2024

Read our analysis of the general election result and what it means for charities. Learn more

Keeping information safe

This page is free to all

As well as storing the list of DBS checks you’ve requested and certificates you’ve seen, you should also keep a record of everyone who has seen the certificates or the information in them.

It’s against the law to:

  • share information in a DBS certificate with anyone who isn’t involved in your organisation, unless a relevant legal exception applies
  • share information with anyone in your organisation unless it’s necessary for them to carry out their duties
  • knowingly make a false statement to obtain, or enable someone else to obtain, a certificate.

The DBS code of practice states that all registered bodies need a written policy on correctly handling and safely storing DBS certificates and certificate information.

Organisations must also comply with their obligations under the General Data Protection Regulation (GDPR), Data Protection Act 2018, and other relevant legislation on safely handling, retaining and disposing of certificate information.

This page was last reviewed for accuracy on 26 April 2023

Back to top

Sign up for emails

Get regular updates on NCVO's help, support and services