Navigation Menu

Whitelist policy

The Knowledge Hub is classified as ‘OFFICIAL’ under the Government Security Classifications Policy. Our site may be used to store OFFICIAL content, data and material, as defined by the National Police Information Risk Management Team (NPIRMT) document "Guidance on: Handling of Policing Data within OFFICIAL". This consists of business support information including commercial information and supplier details that is generally available in the public domain or can be disclosed under the Freedom of Information Act.

Access to ‘OFFICIAL’ policing data stored and processed by the Knowledge Hub is authorised on a ‘need-to-know’ basis – i.e. users must be authorised and must only have access to information required based on business need. The basis of authorisation for access to the Knowledge Hub is that users must belong to recognised policing and government organisations and approved delivery/ commercial partners. Approvals for access to the Knowledge Hub are the responsibility of The Police ICT Company (the Company) in collaboration with policing and government organisations only – delivery partners and other third parties are not permitted to act as authorising bodies for Knowledge Hub access.

The purpose of this policy is to provide the authoritative source (whitelist) of recognised organisations. A person’s organisation does not have to be on the whitelist for them to be authorised access to the Knowledge Hub. However, individuals whose organisations are on the whitelist have the following privileges and responsibilities:

  • They may register on the Knowledge Hub without the need for approval by a system administrator;
  • They act as approvers for registration requests from individuals working for non-whitelisted organisations;
  • They may set up and facilitate OFFICIAL-SENSITIVE groups without the need for approval by a system administrator; and
  • They act as sponsors for individuals working for non-whitelisted organisations who wish to set up and/or facilitate OFFICIAL-SENSITIVE groups.

This whitelist undergoes regular, biannual review, and is maintained with the aim of reflecting organisational changes within the UK policing community. The Police ICT Company maintains this policy at its discretion and will deal with any exceptions a case-by-case basis and act as the arbiter in all decisions to approve changes to the whitelist.

Information Sources

This policy document has been informed through a number of police community consultations, and by existing sources within the following policing groups:

  • College of Policing (‘police.uk’ domain approval policy [ref: ‘Police UK User Guide’ V0.1]);
  • National Police Information Risk Management Team (NPIRMT); and,
  • Other key stakeholders from the Knowledge Hub (and policing) user community, including a workshop held by the Company on 26 March 2019.

Essential Whitelist Criteria

The Knowledge Hub whitelist extends to organisations and entities that are designated as policing or law enforcement organisations, as well as to their public sector partners.

The following are designated as policing organisations:

  • Police forces
  • Police authorities
  • Organisations recognised by the UK policing community
  • Association of Police & Crime Commissioners (APCC)
  • Police and crime commissioners (PCC)
  • Home Office
  • Ministry of Defence (MoD)
  • HM Forces
  • Policing staff associations
  • Policing social organisations
  • Other policing organisations
  • Force collaborations
  • Bluelight Commercial
  • National policing programmes

Public sector partners are organisations who are on the ‘.gov.uk’ domain and who work in partnership with policing. Please note that due to the large number of such organisations, the list on the Whitelisted domains page contains only those who are presently members of the Knowledge Hub. Additional public sector organisations will be added as required.

The following categories of organisations and entities are explicitly excluded from the Knowledge Hub whitelist:

  • Commercial ventures and identities;
  • Private companies;
  • Internet Service Providers (ISP); and
  • Organisations and entities outside of the UK and its territories (including non-UK policing organisations).

Knowledge Hub Whitelisted Organisations

See the Whitelisted domains page for the full, up-to-date whitelist of approved organisations on the Knowledge Hub.

Change Control

As agreed with representatives of the Knowledge Hub community and the National Police Information Risk Management Team, the Company will retain control of the whitelist. With guidance from the Company’s Senior Information Risk Owner (SIRO) and Information Asset Owner for the Knowledge Hub (currently the Company’s Head of Service Delivery) and, if necessary, the national SIRO for policing, Commissioner Dyson, the Company will decide when it is appropriate to add a new organisation to the whitelist.

Additions to the whitelist will be made by a site administrator and a notification will be posted in the Knowledge Hub Facilitators’ Society group.