We’re required by law to protect the public funds we handle. We may share information provided to us with other bodies responsible for auditing public funds. We need to do this to prevent and detect fraud.

We carry out data matching exercises. This is the process of comparing records to make sure we can identify potentially fraudulent claims, errors and overpayments.

Privacy notice

Data matching usually involves personal information. Computerised data matching helps auditors find claims and payments that might be fraudulent. Including personal data within an exercise does not mean anyone is under suspicion. Finding a match means there may be an inconsistency that needs investigated. No assumption is made on whether there is fraud, error or other explanation until an investigation happens. The exercise can also help organisations ensure their records are up to date.

Audit Scotland asks us to take part in data matching exercises to help prevent and detect fraud. We’re required to provide particular sets of data for matching. These are set out 
 in Audit Scotland’s instructions.

Audit Scotland carry out data matching exercises with statutory authority. This is covered under its powers in Part 2A of the Public Finance and Accountability (Scotland) Act 2000. It does not need permission from the individuals concerned. Data matching by Audit Scotland is subject to a Code of Practice.

Find out more

For more informatoin see Audit Scotland's full privacy notice.