Complying with the GDPR and DPA 2018

Complying with the GDPR and DPA 2018

A good practice guide for fostering services in England

Paul Adams, Leonie Jordan


  • Description
  • Author
  • Info
  • Reviews


The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 require services, including fostering services, to ensure that they hold and process personal information safely and securely. But for both local authorities and independent fostering providers, there are difficult questions about how to manage their responsibilities to social workers, foster carers and the children who are placed with them.

  • What are the legal requirements for fostering services and what do they mean for their day-to-day work?
  • How can they support their staff and foster carers to ensure that data protection principles are upheld?
  • What is a privacy notice and who needs one?
  • What is the difference between a data controller and a data processor?

Who is this book for?

An ideal resource for all fostering social workers and managers, this practice guide will give local authorities and independent fostering services in England confidence about how best to comply with the requirements around data protection.

What you will find in this book

This authoritative guide will help fostering services, at all different stages of establishing data protection policies and practices, to ensure that they comply with legal requirements. In straightforward language, it sets out technical advice on data security practice and policies, whilst also being complex enough to have a real use for agencies that need to address particular issues. It provides clarity about the role of both foster carers and staff with regard to GDPR, and also identifies data security risk areas that are particular to fostering, and how best to address these. The guide includes information on:

  • The data protection legal framework and terminology
  • The implications of this for fostering services and foster carers
  • Technical and IT considerations
  • Considerations regarding foster carers’ data
  • Considerations regarding children’s and young people’s data
  • Identifying and responding to a data breach

A range of useful appendices include a checklist for fostering services, and example privacy notices for foster carers, household members, and children and young people in foster care.


Paul Adams:

Paul Adams is CoramBAAF’s Fostering Development Consultant. He is an experienced Chair of fostering and adoption panels, interim manager, consultant, trainer, and an adopter. He has authored CoramBAAF practice guides on Parent and Child Fostering, Contact in Permanent Placements, Social Work with Gypsy, Roma and Traveller Children, Dogs and Pets in Fostering and Adoption, and Undertaking Checks and References in Fostering and Adoption Assessments.

Leonie Jordan is a lawyer who has practised in local authorities, private practice and the voluntary sector. She has recently worked with CoramBAAF colleagues to assist with legal policy proposals, research and advice. She has also developed and delivered training for child welfare professionals. She also co-authored the CoramBAAF practice guide, Access to Information for Adult Care Leavers.