3.1 Information Sharing

Sharing information is essential in working to protect children from significant harm. Professionals and agencies are required to share information about:

  • Children and their health, development and exposure to possible significant harm;
  • Parents who may not be able to care adequately and safely for children;
  • Individuals who may present a risk to children.

Often it is only when information from a number of sources is shared and put together, that it becomes clear that a child has suffered, or is likely to suffer, significant harm. However, when professionals share information at an early stage, this should reduce the risk of significant harm.

Where possible, share information with consent, and where possible, respect the wishes of those who do not consent to having their information shared. Under the GDPR and Data Protection Act 2018 you may share information without consent if, in your judgement, there is a lawful basis to do so, such as where safety may be at risk. You will need to base your judgement on the facts of the case. When you are sharing or requesting personal information from someone, be clear of the basis upon which you are doing so. Where you do not have consent, be mindful that an individual might not expect information to be shared.

 

Legislative Framework and Legal Basis for Sharing Information

The legal basis for sharing information is underpinned by the following legislation, statutory and policy guidance:

The Children and Social Work Act 2017, under which the local authority, Merseyside Police and Wirral Clinical Commissioning Group have an equal and shared duty to work together (in partnership with other relevant agencies) to make arrangements to safeguard and promote the welfare of all children in a local area

The Children Act 2004, sections 11 and 16E

The Data Protection Act 2018 and the UK General Data Protection Regulation

Crime and Disorder Act 1998, section 115

The Human Rights Act 1998

The Criminal Justice Act 2003, section 325

Domestic Violence, Crime and Victims Act 2004

Working Together to Safeguard Children statutory guidance (2023)

Information Sharing Advice to practitioners providing safeguarding services to children, young people, parents and carers July 2018

Caldicott Review of Information Governance 2013

 

13.2     Seven Golden Rules of Information Sharing (taken from Information Sharing: Guidance for Practitioners and Managers)

Effective sharing of information between professionals and local agencies is essential for effective identification, assessment and service provision.

Early sharing of information is the key to providing effective early help where there are emerging problems. At the other end of the continuum, sharing information can be essential to put in place effective child protection services. Local Child Safeguarding Practice Reviews (LCSPRs) have shown how poor information sharing has contributed to the deaths or serious injuries of children.

Fears about sharing information cannot be allowed to stand in the way of the need to promote the welfare and protect the safety of children.

  1. Remember that the UK General Data Protection Regulation (GDPR), Data Protection Act 2018 and human rights law are not barriers to justified information sharing, but provide a framework to ensure that personal information about living individuals is shared appropriately.
  2. Be open and honest with the individual (and/or their family where appropriate) from the outset about why, what, how and with whom information will, or could be shared, and seek their agreement, unless it is unsafe or inappropriate to do so.
  3. Seek advice from other practitioners, or your information governance lead, if you are in any doubt about sharing the information concerned, without disclosing the identity of the individual where possible.
  4. Where possible, share information with consent, and where possible, respect the wishes of those who do not consent to having their information shared. Under the UK GDPR and Data Protection Act 2018 you may share information without consent if, in your judgement, there is a lawful basis to do so, such as where safety may be at risk. You will need to base your judgement on the facts of the case. When you are sharing or requesting personal information from someone, be clear of the basis upon which you are doing so. Where you do not have consent, be mindful that an individual might not expect information to be shared.
  5. Consider safety and well-being: base your information sharing decisions on considerations of the safety and well-being of the individual and others who may be affected by their actions.
  6. Necessary, proportionate, relevant, adequate, accurate, timely and secure: ensure that the information you share is necessary for the purpose for which you are sharing it, is shared only with those individuals who need to have it, is accurate and up-to-date, is shared in a timely fashion, and is shared securely (see principles).
  7. Keep a record of your decision and the reasons for it – whether it is to share information or not. If you decide to share, then record what you have shared, with whom and for what purpose.

 For further guidance on information sharing, please see Department for Education's latest guidance, last updated May 2024. 

13.3     Further Information to Inform Decision Making

Practitioners who are asked or wish to share information, must use their professional judgment to decide whether to share or not and what information it is appropriate to share, unless there is a statutory duty or court order to share.

To inform your decision-making this section sets out further information illustrating the key principles underlying information sharing. This section explains these through seven key questions. They are:

  1. Is there a legitimate purpose for you or your agency to share the information?
  2. Does the information enable a person to be identified?
  3. Is the information confidential?
  4. If the information is confidential, do you have consent to share?
  5. If consent is refused, or there are good reasons not to seek consent to share confidential information, is there a sufficient public interest to share information?
  6. If the decision is to share, are you sharing the right information in the right way?
  7. Have you properly recorded your information sharing decision?

 

  1. Is there a legitimate purpose for you or your agency to share the information?

If you are asked to or wish to share information about a child, you need to have a good reason or legitimate purpose to share information. This will be relevant to whether the sharing is lawful in a number of ways.

If you work for a statutory service such as education, social care, health or youth justice, or if you work in the private or voluntary sector and are contracted by one of the statutory agencies to provide services on their behalf, the sharing of information must be within the functions or powers of that statutory body. It is likely that this will be the case if you are sharing the information as a normal part of the job you do for that agency.

Whether you work for a statutory service or within the private or voluntary sector, any sharing of information must comply with the law relating to confidentiality, data protection and human rights.  Establishing a legitimate purpose for sharing information is an important part of meeting those requirements. There is more information about the legal framework for sharing information in the document 'Information Sharing: Further Guidance on Legal Issues'

Different agencies may have different standards for sharing information. You will need to be guided by your agency's policies and procedures, any local information sharing protocols, and - where applicable - by your professional code.

Where you have a statutory duty or a court order to share information-

In some situations you are required by law to share information, for example, in the NHS where a person has a specific disease about which environmental health services must be notified. There will also be times when a court will make an order for certain information or case files to be brought before the court.

These situations are relatively unusual and where they apply you will know or be told about them. In such situations you must share the information, even if it is confidential and consent has not been given, unless in the case of a court order your organisation is prepared to challenge it and is likely to receive legal advice. Consent from the individual is not required in these situations and should not be sought because of the potential consequences of refusal. Wherever possible, subject to the considerations set out in 3.2, you should inform the individual concerned that you are sharing the information, why, and with whom.

  1. Does the information enable a person to be identified?

In most cases the information covered by this guidance will be about an identified living individual. It may also identify others, such as a child, parent or carer. If the information is anonymised, it can lawfully be shared as long as the purpose is legitimate. If, however, the information does allow a person to be identified, it is personal information and is subject to data protection and other laws. Wherever possible, you must be open about what information you might need to share and why. In some situations it may not be appropriate to inform a person that information is being shared or seek consent to this sharing, for example if it is likely to hamper the prevention or investigation of a serious crime (i.e. a crime causing significant harm to a child or serious harm to an adult) or put a child in a situation of suffering or likely to suffer significant harm, or an adult at risk of serious harm

 

  1. Is the information confidential?

Confidential information is:

  • Personal information of a private or sensitive nature; and
  • Information that is not already lawfully in the public domain or readily available from another public source; and
  • Information that has been shared in circumstances where the person giving information could reasonably expect that it would not be shared with others.

This is a complex area and you should seek advice if you are unsure.

There are different types of circumstances that are relevant to confidentiality. One is where a formal confidential relationship exists, as between a doctor and patient, or between a social worker, counsellor or lawyer and their client. Here, it is generally accepted that information is provided in confidence. In these circumstances, all information provided by the individual needs to be treated as confidential. This is regardless of whether or not the information is directly relevant to the medical, social care or personal matter that is the main reason for the relationship.

Another circumstance is, for example, an informal conversation, where a pupil may tell a teacher a whole range of information but only asks the teacher to treat some specific information as confidential. In this circumstance, only the information specific to the pupil's request would be considered to be confidential.

There are also circumstances where information not generally regarded as confidential (such as name and address) may be provided in the expectation of confidentiality and therefore should be considered to be confidential information.

Sometimes people may not specifically ask you to keep information confidential when they discuss their own issues or pass on information about others but may assume that personal information will be treated as confidential. In these situations you should check with the individual whether the information is or is not confidential, the limits around confidentiality and under what circumstances information may or may not be shared with others.

Confidence is only breached where the sharing of confidential information is not authorised by the person who provided it or, if about another person, by the person to whom it relates. If the information was provided on the understanding that it would be shared with a limited range of people or for limited purposes, then sharing in accordance with that understanding will not be a breach of confidence. Similarly, there will not be a breach of confidence where there is explicit consent to the sharing.

Information about an individual or family is confidential to the agency as a whole, and not to individual practitioners. However, individual practitioners do have a responsibility to maintain the confidentiality of the information. They should only share confidential information with other practitioners in the same agency or team for genuine purposes, for example, to seek advice on a particular case or ensure cover for work while on leave. This should be explained clearly to the individual or family at the start of the involvement.

Public bodies that hold information of a private or sensitive nature about individuals for the purposes of carrying out their functions (for example Children's Social Care, Children's Health Services or adult mental health services) may also owe a duty of confidentiality, as people have provided information on the understanding that it will be used for those purposes. In some cases the agency may have a statutory obligation to maintain confidentiality, for example in relation to the case files of Looked After children.

 

  1. If the information is confidential, do you have consent to share?

Consent issues can be complex, and lack of clarity about them can sometimes lead practitioners to incorrect assumptions that no information can be shared. This section gives further information to help you understand and address the issues. It covers:

  1. What constitutes consent;
  2. Whose consent should be sought;
  3. When consent should not be sought.

1. What constitutes consent?

Consent is defined in Article 4(11) of the UK GDPR as:

any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her’.


This means that the person giving consent needs to understand why information needs to be shared, what will be shared, who will see their information, the purpose to which it will be put and the implications of sharing that information.

Guidance from the Information Commissioner’s Office states:


‘Consent means giving people genuine choice and control over how you use their data. If the individual has no real choice - consent is not freely given and it will be invalid. This means people must be able to refuse consent without detriment, and must be able to withdraw consent easily at any time’.


Consent can be 'explicit' or 'implicit'. Obtaining explicit consent for information sharing is best practice and ideally should be obtained at the start of the involvement, when working with the individual or family to agree what support is required. It can be expressed either verbally or in writing, although written consent is preferable since that reduces the scope for subsequent dispute. Implicit consent can also be valid in many circumstances. Consent can legitimately be implied if the context is such that information sharing is intrinsic to the activity or service, and especially if that has been explained or agreed at the outset, for example when conducting an Early Help Assessment.


An example of implicit consent is where a GP refers a patient to a hospital specialist and the patient agrees to the referral; in this situation the GP can assume the patient has given implicit consent to share information with the hospital specialist. However, explicit consent would be required to share information outside the bounds of the original service or setting, for example, for a different type of referral.

In a multi-agency service, explicit consent for information sharing is usually obtained at the start of the involvement of the service and covers all the agencies within the service. This would provide implicit consent to share information within the multi-agency service but there would be a need to seek additional explicit consent for sharing with practitioners and agencies outside the service.

It is best practice to set out clearly your agency's policy on sharing information when the service is first accessed. You must provide privacy information to individuals at the time you first collect personal data from them. The approach to securing consent should be transparent and respect the individual.  For example, it is good practice to set out clearly your agency's policy on sharing information to children and families, when they first access the service.  Consent must not be secured through coercion, or inferred from a lack of response to a request for consent. If there is a significant change in the use to which the information will be put compared to that which has previously been explained, or a change in the relationship between the agency and the individual, consent should be sought again. Individuals have the right to withdraw consent at any time.

2. Whose consent should be sought?

You may also need to consider whose consent should be sought. Where there is a duty of confidence it is owed to a person who has provided the information on the understanding it is to be kept confidential. It is also owed to the person to whom the information relates, if different from the information provider. A child or young person who has the capacity to understand and make their own decisions may give (or refuse) consent to sharing.

Children have the same rights as adults over their personal data. These are set out in Chapter III and VIII of the UK GDPR.

Guidance from the Information Commissioner’s Office states:

A child may exercise the above rights on their own behalf as long as they are competent to do so. In Scotland, a person aged 12 or over is presumed to be of sufficient age and maturity to be able to exercise their data protection rights, unless the contrary is shown. This presumption does not apply in England and Wales or in Northern Ireland, where competence is assessed depending upon the level of understanding of the child, but it does indicate an approach that will be reasonable in many cases. A child should not be considered to be competent if it is evident that he or she is acting against their own best interests’.

When assessing a child's understanding you should explain the issues to the child in a way that is suitable for their age, language and likely understanding. Where applicable, you should use their preferred mode of communication.

The following criteria should be considered in assessing whether a particular child on a particular occasion has sufficient understanding to consent, or refuse consent, to sharing of information about them:

  • Can the child understand the question being asked of them?
  • Does the child have a reasonable understanding of:
  • What information might be shared?
  • The main reason or reasons for sharing the information?
  • The implications of sharing that information, and of not sharing it?
  • Can the child:
    • Appreciate and consider the alternative courses of action open to them?
    • Weigh up one aspect of the situation against another?
    • Express a clear personal view on the matter, as distinct from repeating what someone else thinks they should do?
    • Be reasonably consistent in their view on the matter, or are they constantly changing their mind?

In most cases, where a child cannot consent or where you have judged that they are not competent to consent, a person with Parental Responsibility should be asked to consent on behalf of the child. If a child is judged not to have the capacity to make decisions, their views should still be sought as far as possible.

Where parental consent is required, the consent of one such person is sufficient. In situations where family members are in conflict you will need to consider carefully whose consent should be sought. If the parents are separated, the consent of the parent with whom the child resides would usually be sought. If the child is subject to a Care Order, practitioners should liaise with the relevant local authority about questions of consent.

If you judge a child to be competent to give consent, then their consent or refusal to consent is the one to consider even if a parent or carer disagrees. Where parental consent is not required, you should encourage the young person to discuss the issue with their parents. However you should not withhold the service on condition that they do so.

These issues can raise difficult dilemmas. Wherever appropriate, you should try to work with all involved to reach an agreement or understanding of the information to be shared. You must always act in accordance with your professional code of practice where there is one and consider the safety and well-being of the child, even where that means overriding refusal to consent. You should seek advice from you manager or nominated safeguarding adviser if unsure.

3. When not to seek consent

There will be some circumstances where you should not seek consent from the individual or their family, or inform them that the information will be shared, for example where to do so would:

  • Place a child at increased risk of significant harm; or
  • Place an adult at risk of serious harm; or
  • Prejudice the prevention, detection or prosecution of a serious crime (i.e. a crime involving Significant Harm to a child or serious harm to an adult); or
  • Lead to unjustified delay in making enquiries about allegations of Significant Harm to a child or serious harm to an adult.

You should not seek consent where you are required by law to share information through a statutory duty or court order. In these situations, subject to the considerations set out in 13.2, you should inform the individual concerned that you are sharing the information, why, and with whom.

  1. If consent is refused, or there are good reasons not to seek consent to share confidential information, is there a sufficient public interest to share information?

Eliciting the views of children and parents is important and represents good practice. However, even if consent is refused, that does not automatically preclude you from sharing confidential information.

A public interest can arise in a wide range of circumstances, for example to protect children from significant harm, protect adults from serious harm, promote the welfare of children or prevent crime and disorder. There are also public interests, which in some circumstances may weigh against sharing, including the public interest in maintaining public confidence in the confidentiality of certain services.

The key factors in deciding whether or not to share confidential information are necessity and proportionality, i.e. whether the proposed sharing is likely to make an effective contribution to preventing the risk and whether the public interest in sharing information overrides the interest in maintaining confidentiality. 

It is not possible to give guidance to cover every circumstance in which sharing of confidential information without consent will be justified.  It is possible however to identify some circumstances in which sharing confidential information without consent will normally be justified in the public interest.

These are:

  • When there is evidence that the child is suffering or is at risk of suffering significant harm; or
  • Where there is reasonable cause to believe that a child may be suffering or at risk of significant harm; or
  • To prevent significant harm arising to children or serious harm to adults, including through the prevention, detection and prosecution of serious crime, i.e. any crime which causes or is likely to cause significant harm to a child or serious harm to an adult.

Where there is a clear risk of significant harm to a child, the public interest test will almost certainly be satisfied.

There will be cases where sharing limited information without consent is justified to enable practitioners to reach an informed decision about whether further information should be shared or action should be taken. The information shared should be necessary for the purpose and proportionate.

In deciding whether the public interest justifies disclosing confidential information without consent, you should be able to seek advice from your line manager, a nominated individual whose role is to support you in these circumstances, and/or legal advice. If you are working in the NHS or Local Authority the Caldicott Guardian may be helpful (see Section 13.4, Caldicott Guardian). Advice can also be sought from professional bodies, for example the General Medical Council or the Royal College of Nursing.

If the concern is about possible abuse or neglect, all organisations working with children will have a named person who undertakes a lead role for safeguarding children, so consulting this person may also be helpful.

If you decide to share confidential information without consent, you should explain to the person that you intend to share the information and why, unless one of the points at 3.4 "when not to seek consent" is met.

  1. If the decision is to share, are you sharing the right information in the right way?

If your decision is to share, you should share information in a proper and timely way. This means:

  • Share only the information which is necessary for the purpose for which it is being shared;
  • Understand the limits of any consent given, especially if the information has been provided by a third party;
  • Distinguish clearly between fact and opinion;
  • Share the information only with the person or people who need to know;
  • Check that the information is accurate and up-to-date;
  • Share it in a secure way;
  • Establish with the recipient whether they intend to pass it on to other people, and ensure they understand the limits of any consent which has been given;
  • Inform the person to whom the information relates, and, if different, any other person who provided the information, if you have not already and it is safe to do so.
  1. Have you properly recorded your information sharing decision?

You should record your decision and the reasons for it whether or not you decide to share information. If the decision is to share, you should record what information was shared and with whom.

You should work within your agency's arrangements for recording information and within any local information sharing protocols in place.

 

13.4     Caldicott Guardian

Caldicott Guardians were introduced in 1997 following concerns about the use of patient identifiable information in health agencies. In particular, the government felt that despite the introduction of the Data Protection Act in 1984, patient information was not sufficiently secure. Caldicott Guardians have responsibility to ensure that patient identifiable information is safeguarded. Given the increasing partnership working between health and social care, the Caldicott Guardian arrangements were also implemented in local authorities with social care responsibilities, several years later.

A Caldicott Guardian is therefore appointed in each NHS or social care organisation and has specific responsibilities to oversee information sharing in the organisation in relation to patient and service user identifiable information - to ensure that it takes place in accordance with the data protection principles as set out in this chapter.

The eight Caldicott principles are:

Principle 1: Justify the purpose(s) for using confidential information

Principle 2: Use confidential information only when it is necessary

Principle 3: Use the minimum necessary confidential information

Principle 4: Access to confidential information should be on a strict need-to-know basis

Principle 5: Everyone with access to confidential information should be aware of their responsibilities

Principle 6: Comply with the law

Principle 7: The duty to share information for individual care is as important as the duty to protect patient confidentiality

Principle 8: Inform patients and service users about how their confidential information is used

The Caldicott Guardian is not there to prevent information sharing between health and social care organisations, but is there to make sure that this is done in a way which safeguards people's rights to privacy and confidentiality. The importance of the Caldicott Guardian acting as “the conscience of the organisation” remains central to trusting the impartiality and independence of their advice.

 

13.5     Child Protection - Information Sharing (CP-IS)

CP-IS is a nationwide system that enables child protection information to be shared securely between local authorities and NHS trusts across England.

Sharing information effectively across health and care settings is vital in protecting vulnerable children and young people and preventing further harm. CP-IS connects local authority children's social care systems with those used by NHS unscheduled care settings, such as accident and emergency, walk-in centres and maternity unit and ensures that health and care professionals are notified when a child or unborn baby with a child protection plan (CPP) or looked after child status (LAC) is treated at an unscheduled care setting. CP-IS is a secure system with clear rules governing access. Only authorised staff involved with the care of a child can access the information.

https://digital.nhs.uk/child-protection-information-sharing

 

13.6     Child Sex Offender Disclosure Scheme

The Child Sex Offender Review (CSOR) Disclosure Scheme (also sometimes known as Sarah’s Law) is designed to provide members of the public with a formal mechanism to ask for disclosure about people they are concerned about, who have unsupervised access to children and may therefore pose a risk. This scheme builds on existing, well established third-party disclosures that operate under the Multi-Agency Public Protection Arrangements (MAPPA).

Police will reveal details confidentially to the person most able to protect the child (usually parents, carers or guardians) if they think it is in the child’s interests.

The scheme has been operating in all 43 police areas in England and Wales since 2010. The scheme is managed by the Police and information can only be accessed through direct application to them.

If a disclosure is made, the information must be kept confidential and only used to keep the child in question safe. Legal action may be taken if confidentiality is breached. A disclosure is delivered in person (as opposed to in writing) with the following warning:

  • 'That the information must only be used for the purpose for which it has been shared i.e. in order to safeguard children;
  • The person to whom the disclosure is made will be asked to sign an undertaking that they agree that the information is confidential and they will not disclose this information further;
  • A warning should be given that legal proceedings could result if this confidentiality is breached. This should be explained to the person and they must sign the undertaking’ (Home Office, 2011, p16).

If the person is unwilling to sign the undertaking, the police must consider whether the disclosure should still take place.

Information about child sex offender disclosure scheme guidance also known as Sarah’s Law - Child sex offender disclosure scheme guidance - GOV.UK (www.gov.uk)

 

13.7     The Domestic Violence Disclosure Scheme

Clare’s Law or the Domestic Violence Disclosure Scheme (DVDS) commenced on 8 March 2014. The DVDS gives members of the public a formal mechanism to make enquires about an individual who they are in a relationship with, or who is in a relationship with someone they know, where there is a concern that the individual may be violent towards their partner. This scheme adds a further dimension to the information sharing about children where there are concerns that domestic violence and abuse is impacting on the care and welfare of the children in the family.

Members of the public can make an application for a disclosure, known as the ‘right to ask’. Anybody can make an enquiry, but information will only be given to someone at risk or a person in a position to safeguard the victim. The scheme is for anyone in an intimate relationship regardless of gender.

Partner agencies can also request disclosure is made of an offender’s past history where it is believed someone is at risk of harm. This is known as ‘right to know’.

If a potentially violent individual is identified as having convictions for violent offences, or information is held about their behaviour which reasonably leads the police and other agencies to believe they pose a risk of harm to their partner, a disclosure will be made.

Information about Domestic Violence Disclosure Scheme (DVDS) also known as Clare’s Law - Domestic Violence Disclosure Scheme factsheet - GOV.UK (www.gov.uk)

13.8     Data Breach

If any individual across the Partnership becomes aware of a security breach, or breach of confidence in relation to the information sharing which takes place across the LSCB and partner organisations, the individual with responsibility for the area of activity in which the breach occurred, shall:

  • immediately inform the relevant data controller for the information that a breach has occurred
  • immediately investigate the cause, effect and extent of the breach
  • report the results of the investigation to the other organisation/data controller without delay
  • use all reasonable efforts to rectify the cause of the breach.

Personal Data Breach

A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. This includes breaches that are the result of both accidental and deliberate causes. It also means that a breach is more than just about losing personal data.

A personal data breach will have occurred whenever any personal data is accidentally lost, destroyed, corrupted or incorrectly disclosed, or if someone accesses the data or passes it on without proper authorisation, or if the data is made unavailable and this unavailability has a significant negative effect on individuals.

The UK General Data Protection Regulation (GDPR) introduced a duty on all organisations to report certain personal data breaches to the relevant supervisory authority. They must do this within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, organisations must also inform those individuals without undue delay.

Organisations must have robust breach detection, investigation and internal reporting procedures in place. This will help facilitate decision-making about whether or there is a need to notify the relevant supervisory authority or the affected individuals, or both. These procedures should also include guidance to individuals who believe a personal data breach may have occurred. Organisations must take all reports of potential data breaches seriously and must keep a record of any personal data breaches, regardless of whether they are required to notify. The UK GDPR states that when a potential breach has been identified, organisations should quickly establish whether a personal data breach has occurred and, if so, promptly take steps to address it.

Reporting to the ICO

A data breach must be reported to the ICO if the breach poses a risk to the person’s rights and freedoms (i.e. will the breach cause them difficulty or potential harm). If a risk is likely, the organisation must notify the ICO. If a risk is unlikely, it doesn’t have to be reported. However, if an organisation decides they don’t need to report the breach, they may still be required to justify their decision, so should document it.

To report a breach:

Report a breach | ICO

Further Guidance—Personal Data Breaches for Organisations: Personal data breaches | ICO

This page is correct as printed on Saturday 21st of December 2024 06:08:53 PM please refer back to this website (http://seftonscp.procedures.org.uk) for updates.