Book cover

Complying with the GDPR and DPA 2018

A good practice guide for fostering services in England


Buy now

The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 require services, including fostering services, to ensure that they hold and process personal information safely and securely. But for both local authorities and independent fostering providers, there are difficult questions about how to manage their responsibilities to social workers, foster carers and the children who are placed with them.

  • What are the legal requirements for fostering services and what do they mean for their day-to-day work?
  • How can they support their staff and foster carers to ensure that data protection principles are upheld?
  • What is a privacy notice and who needs one?
  • What is the difference between a data controller and a data processor?

Who is this book for?

An ideal resource for all fostering social workers and managers, this practice guide will give local authorities and independent fostering services in England confidence about how best to comply with the requirements around data protection.

What you will find in this book

This authoritative guide will help fostering services, at all different stages of establishing data protection policies and practices, to ensure that they comply with legal requirements. In straightforward language, it sets out technical advice on data security practice and policies, whilst also being complex enough to have a real use for agencies that need to address particular issues. It provides clarity about the role of both foster carers and staff with regard to GDPR, and also identifies data security risk areas that are particular to fostering, and how best to address these. The guide includes information on:

  • The data protection legal framework and terminology
  • The implications of this for fostering services and foster carers
  • Technical and IT considerations
  • Considerations regarding foster carers’ data
  • Considerations regarding children’s and young people’s data
  • Identifying and responding to a data breach

A range of useful appendices include a checklist for fostering services, and example privacy notices for foster carers, household members, and children and young people in foster care.


Paul Adams is CoramBAAF’s Fostering Development Consultant. He is an experienced Chair of fostering and adoption panels, interim manager, consultant, trainer, and an adopter. He has authored CoramBAAF practice guides on Parent and Child Fostering, Contact in Permanent Placements, Social Work with Gypsy, Roma and Traveller Children, Dogs and Pets in Fostering and Adoption, and Undertaking Checks and References in Fostering and Adoption Assessments.

Leonie Jordan is a lawyer who has practised in local authorities, private practice and the voluntary sector. She has recently worked with CoramBAAF colleagues to assist with legal policy proposals, research and advice. She has also developed and delivered training for child welfare professionals. She also co-authored the CoramBAAF practice guide, Access to Information for Adult Care Leavers.


A 10% bulk order discount will be applied at the checkout for orders of 5 copies or more


A clear, readable guide written by authors who understand how fostering services and foster carers work, the day-to-day operating issues, pressures and dilemmas they face, and therefore what actions and practices are possible and practical for services to implement to comply with the GDPR and DPA 2018. Invaluable for fostering services at the outset of establishing their policies and practices, but also for those who wish to review their progress thus far and adjust and improve on what they already have in place.

Fiona Darlington-Black, Head of Service, Cornerways Fostering Services

I have been reading your book on Complying with GDPR which I found really helpful and so much easier to understand than anything I have read before. Thank you.

Beverley Edmonds, Panel Administrator, The Homefinding & Fostering Agency