When an allegation is made and handled by the Local Authority Designated Officer (LADO), it is natural to feel distressed and worried about who may have been told. Many people fear that sensitive information has been shared with individuals who have no role in safeguarding. Understanding how information-sharing should legally work can help bring clarity and guide your next steps.
This guidance explains, in plain English, when a LADO can disclose information, when such disclosure may breach data protection law, and what you can do if you believe your confidentiality has been mishandled.
Understanding the issue or context
Facing an allegation—especially one linked to safeguarding—can be overwhelming. That stress increases when you believe your personal information has been shared with “random people” or individuals with no clear safeguarding function. It is understandable to question whether this is allowed and whether it breaches your rights.
The LADO process exists to coordinate safeguarding concerns involving adults who work with or care for children. However, LADOs must also follow strict data protection rules. Knowing these rules helps you understand what should—and should not—happen.
The legal rules or framework
1. LADOs can share information, but only with those who need it
A LADO may lawfully share information with:
- social care teams,
- the police,
- your employer or organisation,
- safeguarding leads,
- regulatory bodies.
This is permitted because it is necessary to assess safeguarding risk.
2. Disclosure must follow the Data Protection Act 2018 and UK GDPR
Personal information:
- must be shared lawfully,
- must be necessary for the safeguarding purpose,
- must be limited to a “need to know” group,
- must be handled confidentially and securely.
Sharing information with people who do not need it is unlikely to meet the “lawful basis” required under data protection law.
3. Sharing with “random people” is not permitted
If information was shared with:
- individuals not involved in the investigation,
- colleagues with no safeguarding duties,
- members of the public,
- friends or acquaintances of staff,
this would usually breach:
- the Data Protection Act 2018,
- UK GDPR confidentiality rules,
- the local authority’s own safeguarding policies.
4. Your right to raise concerns
If disclosure appears excessive, unnecessary or unjustified, you have valid grounds to:
- question the disclosure,
- seek clarification,
- make a complaint,
- request a data protection review.
The possibility of further action is recognised in law.
Practical steps to take (step-by-step guidance)
1. Record what happened
Make a factual note of:
- who you believe was told,
- how you found out,
- what information was shared,
- when the disclosure occurred.
Specific details strengthen any future complaint.
2. Ask the local authority for clarification
You can request:
- a list of everyone the LADO shared information with,
- the reasons for sharing,
- the legal basis relied upon under UK GDPR.
They are obliged to respond.
3. Make a formal complaint if you suspect mishandling
Your complaint should explain:
- why you believe the disclosure was unnecessary,
- which individuals appear to have been informed,
- the impact on your privacy or reputation.
The authority must investigate.
4. Contact the local authority’s Data Protection Officer (DPO)
The DPO must review:
- whether the disclosure complied with UK GDPR,
- whether personal data was mishandled,
- whether further action is needed.
5. Escalate to the Information Commissioner’s Office (ICO)
If the local authority’s response is inadequate, you can ask the ICO to investigate a potential data protection breach.
6. Seek legal advice if reputation or employment has been affected
A solicitor can advise on:
- misuse of private information,
- data protection claims,
- defamation (where relevant),
- next steps depending on the impact of the disclosure.
Common pitfalls to avoid
- Assuming all disclosure is unlawful. LADOs must share information with safeguarding partners.
- Waiting too long before raising concerns. Early action protects evidence.
- Confronting individuals informally. Use formal channels for clarity and accuracy.
- Not keeping written notes. Documentation is key in data protection matters.
- Believing you have no rights. You have strong rights under UK GDPR regarding how your data is handled.
Avoiding these pitfalls helps ensure your concerns are taken seriously and addressed properly.
Frequently Asked Questions
Can a LADO share allegations with people outside the safeguarding process?
No. Disclosure must be restricted to those who need the information for safeguarding or investigation purposes.
Does sharing my data without justification breach UK GDPR?
Yes. Unnecessary or excessive sharing of personal information can breach the Data Protection Act 2018 and UK GDPR.
Can I ask who received my information?
Yes. You can request this directly from the local authority.
Do I have grounds for a complaint?
Yes. If your information was shared improperly, you have valid grounds for a formal complaint.
Can I take further action for a data breach?
Possibly. A solicitor can advise whether a claim for damages or other remedies is appropriate.
Does raising a complaint affect the safeguarding process?
No. Complaints about data handling run separately from the allegation assessment.
Conclusion
If you’d like to understand your rights and options in plain English, visit LegalGuidance.org — a free resource powered by Martin Taggart Legal Consulting.
For professional, fixed-fee advice from a UK solicitor, visit MartinTaggart.com.
This information is general guidance only and not legal advice. For personalised support, please contact Martin Taggart Legal Consulting.