Civil Society Covenant

A new agreement to improve the relationship between civil society and government. Learn more and share your views

Keeping information safe

This page is free to all

As well as storing the list of DBS checks you’ve requested and certificates you’ve seen, you should also keep a record of everyone who has seen the certificates or the information in them.

It’s against the law to:

  • share information in a DBS certificate with anyone who isn’t involved in your organisation, unless a relevant legal exception applies
  • share information with anyone in your organisation unless it’s necessary for them to carry out their duties
  • knowingly make a false statement to obtain, or enable someone else to obtain, a certificate.

The DBS code of practice states that all registered bodies need a written policy on correctly handling and safely storing DBS certificates and certificate information.

Organisations must also comply with their obligations under the General Data Protection Regulation (GDPR), Data Protection Act 2018, and other relevant legislation on safely handling, retaining and disposing of certificate information.

Woman with computer tablet

Need information and guidance? We're here to help.

Contact our small charity helpdesk

Last reviewed: 26 April 2023

Help us improve this content

Getting started with DBS checks

  1. Overview
  2. Plan for specific roles
  3. Asking about someone's criminal history
  4. Types of DBS check
  5. Deciding which checks to carry out
  6. Help and support with requesting DBS checks
  7. Checks for people working overseas
  8. Checks for trustees
  9. Keeping information safe
  10. When someone has a criminal record
Checks for trustees When someone has a criminal record

This page was last reviewed for accuracy on 26 April 2023

Back to top

Learn more

Sign up for emails

Get regular updates on NCVO's help, support and services