This domain is about working legally and safely. This means working in compliance with the relevant regulations, legislation and organisational procedures that govern confidentiality and data protection, as well as those that protect the rights of customers. Practitioners must also work safely to protect themselves and others from any physical risk or hazards.

F1	Handle information safely and securely Understand the legal requirements for the protection of personal data (Data Protection Act, GDPR). Apply organisational protocols and principles for the storage and security of personal data. Understand and respect individuals’ right to confidentiality. Understand who is entitled to access records/data. Keep accurate records in line with security, confidentiality and data protection. Handle and destroy data safely.
F2	Health and safety Understand and comply with health and safety procedures in the workplace.
F3	Safeguarding Understand that vulnerable groups can be particularly at risk of financial and other types of abuse. Understand that you may be required to undergo certain checks (e.g. Disclosure and Barring Service) to provide face to face guidance to certain groups. Support practices that help to safeguard individuals from harm or abuse. Be aware of the appropriate actions to take when faced with cases of actual or potential harm or abuse. Knowledge of organisations and agencies to which safeguarding concerns can or should be reported.
F4	Dealing with poor, illegal or unsafe practice Understand how to identify poor, illegal or unsafe practice. Understand your own responsibilities for reporting bad, illegal or unsafe practice. Understand the escalation procedures and systems for reporting (internally and to outside agencies).