The Criminal Records Bureau (CRB) only operates a central database in order to record transactions that occur during the disclosure process, where an applicant's personal data, provided on an application form, are compared against information held by the police, the Department of Health and the Department for Children, Schools and Families.
Enhanced disclosures also contain relevant non-conviction information provided by local police forces. Non-conviction information of this sort is referred to as “approved information” and is released under Section 113B (4) of Part V of the Police Act 1997, which states that:
“Before issuing an enhanced criminal record certificate the Secretary of State shall request the chief officer of every relevant police force to provide any information which, in the chief officer's opinion (a) might be relevant for the purpose described in the statement under subsection (2) (the positions eligible for Enhanced Disclosure) and (b) ought to be included in the certificate”.
Therefore, the police have a duty to disclose information which they believe may be relevant and should be disclosed.
The chief officer of each police force is Data Controller, under the Data Protection Act 1998, of all information placed by that force on the PNC or retained in local force records. Therefore, only the chief officer of any given force or his nominee has the power to amend or delete the approved information relating to an applicant and neither the CRB nor the Home Office has any influence over such decisions.
The CRB does operate a disputes process, which enables an individual to challenge the accuracy and relevancy of any information shown on their Disclosure.