GDPR and information sharing – Scotland
Guidance to help practitioners and agencies better understand what they need to do to comply with data protection legislation
These resources are designed to help you ensure compliance with GDPR, while sharing the right information at the right time, to keep victims safe.
All agencies must have appropriate data protection policies to comply with GDPR (General Data Protection Regulations) and the Data Protection Act 2018. But the legislation is complex and can be confusing.
To help practitioners and agencies better understand the requirements, we have produced briefings about the safe sharing of information. These explore areas including:
- seven principles of data protection
- the lawful basis and legal grounds for sharing information
- consent
- legitimate interest
- special considerations – e.g. children and young people, health
- subject access requests (SARs)
- links to relevant legislative guidance.
We have also produced example record forms for practitioners to use in accordance with their organisation’s data protection policies and procedures.