Under GDPR, data protection is very strict. I don't know if GDPR still applies after someone's died. As there's still a risk of fraudsters and money launderers using dead people's personal data, I think they would still be following strict data protection rules.
However, if the client had power of attorney before their father died, they would probably be able to request the data from the police as they would have the right to manage the data of person they are PoA for while they're still alive. As the person is deceased I don't see why the police would withhold it from a PoA unless it was crucial in an ongoing criminal case. There are laws about "tipping off" organised criminals that the police are investigating them, so some info about criminal investigations is kept under wraps by police.
If your character didn't have power of attorney but were next of kin to the deceased, I don't know if that would mean they could access the deceased person's data under GDPR regulations or not. Personally I think you could probably ask the police what their policy is. Under GDPR organisations and companies are supposed to be open and honest about what they do with people's data and how they protect it. Also there might be something on the gov dot uk website as this has all kinds of random legal information on it.
Because of GDPR regulations, you need to be sure you are getting info from someone clued up in UK laws. Also, GDPR comes from the EU. All EU law is supposed to automatically become UK law after Brexit, but hey, you never know. Something else to check. My employer hasn't said anything about GDPR regulations changing and they're very on the ball regarding compliance and regulations.