Understanding the legal framework behind DBS (Disclosure and Barring Service) checks is crucial for both organisations requesting checks and individuals undergoing them.
The DBS operates within a complex web of legislation designed to balance the need for safeguarding with individual rights.
This blog post will provide a general overview of the key laws and regulations that underpin the DBS checking process in the UK.
The Primary Legislation: The Police Act 1997
The foundation of the DBS system is the Police Act 1997.
This Act established the framework for criminal record checks and outlined the conditions under which such checks could be carried out.
Key provisions of the Act include :
- Establishment of the Criminal Records Bureau (CRB): Initially, the Act created the CRB, which was later merged into the DBS. The CRB was responsible for processing criminal record checks.
- Disclosure of Criminal Records: The Act outlines the types of information that can be disclosed on different levels of checks, including spent and unspent convictions, cautions, reprimands, and warnings.
- Regulation of Registered Bodies: The Act also regulates registered bodies which were initially allowed to apply for criminal record checks, but now registered bodies have a similar but different framework which they operate under.
The Safeguarding Vulnerable Groups Act 2006
The Safeguarding Vulnerable Groups Act 2006 introduced further measures aimed at protecting vulnerable adults and children.
Key provisions under this Act include :
- Establishment of the Independent Safeguarding Authority (ISA): This act created the ISA, designed to maintain lists of individuals deemed unsuitable to work with vulnerable groups. It has since been merged with the DBS.
- Barring Lists: The Act created the concept of barring lists, which are now maintained by the DBS. These lists contain the names of individuals barred from working with vulnerable groups.
- Mandatory Checks: The act stipulated which types of roles required a DBS check, depending on the level of contact with vulnerable groups, and the level of access to sensitive data.
The Protection of Freedoms Act 2012
The Protection of Freedoms Act 2012 introduced significant changes to the DBS system, including :
- Merger of the CRB and ISA: This Act merged the CRB and the ISA into the single entity, the DBS, creating a more streamlined process.
- Introduction of the Update Service: The Act introduced the DBS Update Service, allowing individuals to keep their DBS certificates up-to-date, which also reduced the amount of paperwork in the industry, as repeat checks were reduced.
- Changes to Disclosure Rules: The Act modified the rules regarding the disclosure of certain “spent” convictions and cautions and how long they would be disclosed, or not.
Specifics on Disclosure Rules
The rules governing what is disclosed on a DBS certificate vary depending on the level of check:
- Basic Check: A Basic check will disclose only unspent convictions and cautions.
- Standard Check: A Standard check will disclose both spent and unspent convictions, cautions, reprimands, and warnings held on the Police National Computer, subject to filtering rules.
- Enhanced Check: An Enhanced check will disclose the same information as a Standard check, and may include additional information held by local police forces, which is deemed relevant to the role. Certain roles will include a check of the Barred Lists.
- Filtering Rules: It’s also important to note the filtering rules that came about from the Protection of Freedoms Act 2012. These rules prevent certain old and minor convictions and cautions from being disclosed on Standard and Enhanced checks.
Sector-Specific Guidance
Various sectors have specific guidance and codes of practice that supplement the general legal framework.
These sectors include:
- Health and Social Care: The Care Quality Commission (CQC) sets standards for registered providers, and includes requirements around DBS checks for staff in regulated activities.
- Education: The Department for Education (DfE) provides guidance on safeguarding in schools, which includes advice around DBS checks for staff and volunteers.
- Childcare: Specific guidance is provided for those working in childcare, which includes additional requirements around staff ratios and supervision, as well as DBS requirements.
- Other Sectors: Many other sectors also have sector-specific guidance, all with the intention of keeping vulnerable groups safe.
-
You can find more information on these sectors in our other blogs, and we will continue to add more content in this area over time.
Check back regularly for additional updates.
Data Protection Details
Data protection legislation is crucial when processing DBS checks.
Organisations must comply with:
- UK General Data Protection Regulation (UK GDPR): The GDPR stipulates how personal data must be processed and kept secure. This includes the right of individuals to access their data, and be informed about how it will be used.
- Data Protection Act 2018: The Act outlines the UK’s implementation of GDPR, setting out the requirements for handling personal data and specifying the processing of sensitive data, which includes DBS check results.
- Data Security Measures: Organisations must implement appropriate security measures to protect personal data from loss, misuse, unauthorised access, disclosure, or alteration.
- Data Retention Periods: DBS data should only be held for as long as necessary, and it must be disposed of securely when it is no longer required. Organisations must have a clear policy for the retention and disposal of data.
- Transparency: Organisations must ensure that they are transparent with applicants and employees about how their DBS data will be used, processed, and stored.
Other Relevant Legislation
There are other relevant pieces of legislation that impact the DBS system, including guidance and codes of conduct related to specific sectors such as health, social care, and education.
Conclusion
The DBS operates within a robust legal framework aimed at safeguarding vulnerable groups while also respecting individual rights.
The Police Act 1997, the Safeguarding Vulnerable Groups Act 2006, and the Protection of Freedoms Act 2012 form the core of this framework, with data protection legislation also playing a vital role.
It is crucial that both employers and employees understand the legal obligations and guidelines surrounding the DBS checking process.
While every effort has been made to ensure the accuracy of the information in this blog post, it is intended for general guidance only and should not be taken as legal advice.
For specific legal advice relevant to your situation, please consult with a qualified legal professional.