For UK employers, having a clear DBS policy is no longer optional—it is a key part of safer recruitment, safeguarding, and legal compliance. Creating a DBS policy from scratch may feel daunting, but with the right structure, it becomes a practical document that protects both your organisation and the people you work with.
This guide explains what a DBS policy is, why it matters, and how employers can build one step by step.
What Is a DBS Policy and Why Is It Important?
A DBS policy sets out how your organisation uses Disclosure and Barring Service (DBS) checks. It explains when checks are required, what level of check applies, and how information is handled.
A well-written policy helps:
-
Demonstrate compliance with safeguarding obligations
-
Ensure fair and consistent recruitment decisions
-
Protect sensitive criminal record information
-
Reassure candidates, clients, and regulators
Without a DBS policy, employers risk inconsistent practices, data protection breaches, and claims of unfair treatment.
Defining Roles That Require DBS Checks
The first section of your DBS policy should clearly define which roles require a check and why. This must be based on job duties, not assumptions.
Explain:
-
Which roles require a Basic, Standard, or Enhanced DBS check
-
Whether checks are mandatory before employment starts
-
How eligibility is assessed for regulated activity
Clarity here prevents over-checking, which can be unlawful, and under-checking, which can expose safeguarding risks.
Outlining the DBS Checking Process
Your policy should clearly describe the process from start to finish. This ensures consistency and transparency for both hiring managers and applicants.
Include:
-
When the DBS check is requested (e.g. after a conditional offer)
-
Who is responsible for initiating and tracking checks
-
How identity is verified
-
Expected timescales and what happens if delays occur
Many employers work with a registered DBS provider such as ClearCheck to streamline this process and reduce administrative errors. You can learn more about compliant DBS processing at https://clearcheck.co.uk/.
Handling DBS Results Fairly and Lawfully
A crucial part of creating a DBS policy from scratch is explaining how results are assessed. A positive disclosure does not automatically mean rejection.
Your policy should state:
-
How disclosures are reviewed objectively
-
Factors considered (relevance, seriousness, time elapsed)
-
Who makes final decisions
-
How applicants can discuss or explain disclosures
This approach supports fair recruitment and reduces discrimination risks.
Data Protection and Record Keeping
DBS information is highly sensitive personal data. Your policy must explain how it is protected.
Cover:
-
Secure storage of DBS information
-
Who can access it
-
How long records are retained
-
Secure disposal once no longer needed
This helps ensure compliance with GDPR and DBS Code of Practice requirements.
Reviewing and Updating Your DBS Policy
A DBS policy should not be static. Your final section should confirm how often it is reviewed and who is responsible for updates, especially when legislation or guidance changes.
FAQs
Is a DBS policy legally required?
There is no single law mandating a DBS policy, but it is strongly recommended and often expected by regulators and inspectors.
Can one DBS policy cover all roles?
Yes, but it must clearly distinguish between roles that require different levels of DBS checks.
Should employees see the DBS policy?
Yes. Transparency helps build trust and ensures candidates understand the process.
How often should a DBS policy be reviewed?
At least annually, or whenever safeguarding or data protection rules change.
Can small businesses use a DBS policy template?
Yes, but it should always be tailored to your organisation’s specific roles and risks.
