Information sharing protocols (MAISP tier 2)

Multi Agency Information Sharing Protocol (MAISP) Tier 2 provides a centrally approved information sharing protocol template for organisations that routinely share personal information. MAISP Tier 2 protocols are sector specific, that is crime and disorder, health, social care, education. Once agreed, each MAISP Tier 2 protocol and signatories will be listed on the Surrey MAISP webpages.

There is no requirement for organisations to complete and publish a MAISP Tier 2 protocol and you may choose to rely on local Information Sharing Agreements. However, the MAISP Tier 2 is designed to ensure that for the specific data sharing organisation are undertaking they comply with Data Protection Act 2018, General Data Protection Regulation (UK-GDPR), and the Information Commissioner's Office (ICO) Statutory Code of Practice on Data Sharing. It will help with the requirements placed on organisations to demonstrate accountability, transparency and due diligence while making sure that subjects of the data sharing have access to all their rights.

How to produce a MAISP Tier 2 Protocol

Complete a MAISP Tier 2 template available from, email: and have the relevant person in your organisation sign it (Data Protection Officer, Senior Information Risk Officer, Caldicott Guardian). Send the completed MAISP Tier 2 template to the Surrey MAISP Action Group, email:

Organisations that sign up to a MAISP Tier 2 protocol are automatically considered a signatory to the MAISP Tier 1.

Current Tier 2 protocols include:

Review: Individual authors of MAISP Tier 2 protocols are responsible for reviewing and updating them. Any MAISP Tier 2 that is 3 months past its published review date will be removed from the Surrey MAISP webpages.

Subscribe to our newsletters for latest news and events.