The Information Commissioner’s Office (ICO) has published guidance on disclosing information safely and can be read here.

The guidance is aimed at helping organisations fully understand their obligations and promoting good practice. It is relevant to organisations who disclose information which has been derived from personal data, including organisations releasing data as part of a subject access request. It is also relevant to public authorities responding to a freedom of information or environmental information request, proactively publishing data as part of a publication scheme or otherwise making data available.

The guidance explains some of the most common types of inappropriate disclosures that the ICO has seen as well as other types of disclosures of which data controllers and public authorities should be aware.