2.2 Information Sharing
Last reviewed in March 2020
Next review in March 2022
IMPORTANT COVID-19 NOTE
Whilst many staff will be working remotely during the coronavirus outbreak, it is important to note that personal data must at all times continue to be processed and stored in accordance with Data Protection principles.
You should not use personal devices to communicate with service-users, store personal data on personal devices or download and use apps onto work or personal devices (phones/laptops/tablet computers) without express authorisation from your manager.
- The Concept of Information Sharing(Jump to)
- Key Points for Workers when Sharing Information(Jump to)
- Confidentiality and Consent(Jump to)
- The General Data Protection Regulation (GDPR) and Data Protection Act 2018(Jump to)
- Caldicott Guardians(Jump to)
- National Guidance on Sharing Information(Jump to)
- The Domestic Violence Disclosure Scheme(Jump to)
- Child Sex Offender Disclosure Scheme(Jump to)
- Age Assessment Information Sharing for Unaccompanied Asylum Seeking Children(Jump to)
The Concept of Information Sharing
Working Together to Safeguard Children 2018 states that:
“Effective sharing of information between practitioners and local organisations and agencies is essential for early identification of need, assessment and service provision to keep children safe. Serious case reviews (now referred to as child safeguarding practice reviews) have highlighted that missed opportunities to record, understand the significance of and share information in a timely manner can have severe consequences for the safety and welfare of children.
“Practitioners should be proactive in sharing information as early as possible to help identify, assess and respond to risks or concerns about the safety and welfare of children, whether this is when problems are first emerging, or where a child is already known to local authority children’s social care (e.g. they are being supported as a child in need or have a child protection plan). Practitioners should be alert to sharing important information about any adults with whom that child has contact, which may impact the child’s safety or welfare.
Information sharing is also essential for the identification of patterns of behaviour when a child is at risk of going missing or has gone missing, when multiple children appear associated to the same context or locations of risk, or in relation to children in the secure estate where there may be multiple local authorities involved in a child’s care. It will be for local safeguarding partners to consider how they will build positive relationships with other local areas to ensure that relevant information is shared in a timely and proportionate way.
The Data Protection Act 2018 and General Data Protection Regulations (GDPR) do not prevent the sharing of information for the purposes of keeping children safe. Fears about sharing information must not be allowed to stand in the way of the need to promote the welfare and protect the safety of children.
Fears about sharing information must not be allowed to stand in the way of the need to promote the welfare and protect the safety of children, which must always be the paramount concern..” (Working Together 2018)
Key Points for Workers when Sharing Information
Professionals do not necessarily need the consent of the information subject to share their personal information.
Sharing confidential information without consent will normally be justified in the public interest in the circumstances shown below in Confidentiality and Consent.
The Seven Golden Rules for Information Sharing
The ‘Seven Golden Rules’ and the following Questions will help support your decision making so you can be more confident that information is being shared legally and professionally. Each situation should be considered on a case-by-case basis. See Information Sharing Flowchart
If you answer ‘not sure’ to any of the questions, seek advice from your supervisor, manager, nominated person within your organisation or area, or from a professional body.
The Information sharing guidance for Practitioners makes a point which should be borne in mind. Information can be held in many different ways, in case records or electronically in a variety of IT systems with access for different professionals. The use of emails in professional communications also raises another mechanism for sharing information other than in direct person to person contact. However the information is shared, it should always be recorded in the individual’s record.
Confidentiality and Consent
Working Together 2018 states that:
It is also possible that an overriding public interest would justify disclosure of the information (or that sharing is required by a court order, other legal obligation or statutory exemption). To overcome the common law duty of confidence, the public interest threshold is not necessarily difficult to meet – particularly in emergency situations. Confidential health information carries a higher threshold, but it should still be possible to proceed where the circumstances are serious enough. As is the case for all personal information processing, initial thought needs to be given as to whether the objective can be achieved by limiting the amount of information shared – does all of the personal information need to be shared to achieve the objective?
The MASH/FDFF/ SPOA environments are unique because they enable multiple sources of information to be considered and shared in a secure and safe location.
Each has its own Information Sharing Agreement setting out arrangements for the lawful sharing of information between signatory organisations involved in the safeguarding of children.
There is no absolute requirement for agencies in the MASH to obtain consent before sharing information, nor is there a blanket policy of never doing so. There is an obligation to consider on all occasions and on a case by case basis whether the information will be shared with or without consent. A practitioner's determination should always be reasonable, necessary, and proportionate in line with the seven golden rules of information sharing. It should always be recorded together with the rationale for the decision.
Information sharing in these circumstances is governed by a legal framework that helps to balance the individual's right to privacy with the need to protect children and young people at risk or who may need support.
The professional holding the information must always consider relevance and proportionality before releasing information from the MASH/FDFF/SPOA.
When the Mash/ FDFF/ SPOA decides a threshold has been met for a referral to a Social Work team for an assessment under S17 or S47, consideration to what they have got consent to share, outside of the MASH/ FDFF/ SPOA environment, should be transparent and recorded.
When conducting an s47 enquiry, the social worker should seek the parents’ permission to conduct s47 checks unless to do so would place the child at risk of significant harm. Managers must record decisions about seeking permission.
The General Data Protection Regulation (GDPR) and Data Protection Act 2018
The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 introduce new elements to the data protection regime, superseding the Data Protection Act 1998. Practitioners must have due regard to the relevant data protection principles which allow them to share personal information,
The GDPR and Data Protection Act 2018 place greater significance on organisations being transparent and accountable in relation to their use of data. All organisations handling personal data need to have comprehensive and proportionate arrangements for collecting, storing, and sharing information.
The GDPR and Data Protection Act 2018 do not prevent, or limit, the sharing of information for the purposes of keeping children and young people safe.
The GDPR provides a number of bases for sharing personal information. It is not necessary to seek consent to share information for the purposes of safeguarding and promoting the welfare of a child provided that there is a lawful basis to process any personal information required. The legal bases that may be appropriate for sharing data in these circumstances could be ‘legal obligation’, or ‘public task’ which includes the performance of a task in the public interest or the exercise of official authority. Each of the lawful bases under GDPR has different requirements.
It continues to be good practice to ensure transparency and to inform parent/ carers that you are sharing information for these purposes and seek to work cooperatively with them.
To effectively share information:
A Caldicott Guardian is a senior person responsible for protecting the confidentiality of patient and service-user information and enabling appropriate information-sharing. The Guardian plays a key role in ensuring that the NHS, Local Authority Social Services Departments and partner organisations satisfy the highest practicable standards for handling patient identifiable information. Since Caldicott Guardians were established, key legislation including: the Data Protection Act 1998, Human Rights Act 1998, Public Interest Disclosure Act 1998, Audit Commission Act 1998, Terrorism Act 2000, section 60 of the Health and Social Care Act 2001 and Regulation of Investigatory Powers Act 2000, and The Freedom of Information Act 2000 have become law which has extended the role and responsibility of the Caldicott Guardian.
The Seven Caldicott Principles
These are applicable to Children and Young People's Directorate and Health Trusts. They have more recently been extended into councils with social care responsibilities, in order to provide a framework for working within the Data Protection Act 1998 and to promote appropriate information sharing.
Every local Health Service and Children and Young People's Directorate has its own Caldicott Guardian, to provide advice and guidance on appropriate information sharing.
National Guidance on Sharing Information
Working Together 2018 states that:
Where there is a clear risk of significant harm to a child, or serious harm to adults, the public interest test will almost certainly be satisfied. However, there will be other cases where practitioners will be justified in sharing some confidential information in order to make decisions on sharing further information or taking action. The information shared should be proportionate. Decisions in this area need to be made by, or with the advice of, people with suitable competence in Child Protection work such as named or designated professionals or senior managers.
The Data Protection Act 2018 requires that:
“you may share information without consent if, in your judgement, there is a lawful basis to do so, such as where safety may be at risk. You will need to base your judgement on the facts of the case. When you are sharing or requesting personal information from someone, be clear of the basis upon which you are doing so. Where you do not have consent, be mindful that an individual might not expect information to be shared.”
The Act balances the rights of the information subject (the individual whom the information is about) and the need to share information about them. Never assume sharing is prohibited – it is essential to consider this balance in every case. For more information, see the Information Commissioner website.
The relevant issues for social workers are usually around sharing information where consent has been withheld. There is a public interest defence if sharing information is for the purposes of safeguarding a child or vulnerable person.
Section 115 of the Crime and Disorder Act 1998 establishes:
The power to disclose information is central to the Act's partnership approach. The Police have an important general power under common law to disclose information for the prevention, detection and reduction of crime. However, some other public bodies that collect information may not previously have had power to disclose it to the Police and others. This section puts beyond doubt the power of any organisation to disclose information to Police authorities, local authorities, Probation Service, Health Authorities, or to persons acting on their behalf, so long as such disclosure is necessary or expedient for the purposes of crime prevention. These bodies also have the power to use this information.
Article 8 in the European Convention on Human Rights states that:
Everyone has the right to respect for his/her private and family life, home and correspondence;
There shall be no interference by a public authority with the exercise of this right except such as in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of rights and freedoms of others.
The Domestic Violence Disclosure Scheme
The Domestic Violence Disclosure Scheme (DVDS) gives members of the public a formal mechanism to make enquires about an individual who they are in a relationship with, or who is in a relationship with someone they know, where there is a concern that the individual may be violent towards their partner. This scheme adds a further dimension to the information sharing about children where there are concerns that domestic violence and abuse is impacting on the care and welfare of the children in the family. See more Domestic Violence Discolsure Scheme factsheet
Members of the public can make an application for a disclosure, known as the ‘right to ask’. Anybody can make an enquiry, but information will only be given to someone at risk or a person in a position to safeguard the victim. The scheme is for anyone in an intimate relationship regardless of gender.
Partner agencies can also request disclosure is made of an offender’s past history where it is believed someone is at risk of harm. This is known as ‘right to know’.
If a potentially violent individual is identified as having convictions for violent offences, or information is held about their behaviour which reasonably leads the police and other agencies to believe they pose a risk of harm to their partner, a disclosure will be made.
Child Sex Offender Disclosure Scheme
The Child Sex Offender Review (CSOR) Disclosure Scheme is designed to provide members of the public with a formal mechanism to ask for disclosure about people they are concerned about, who have unsupervised access to children and may therefore pose a risk. See more here Child Sex Offender Disclosure Scheme This scheme builds on existing, well established third-party disclosures that operate under the Multi-Agency Public Protection Arrangements (MAPPA).
Police will reveal details confidentially to the person most able to protect the child (usually parents, carers or guardians) if they think it is in the child’s interests.
The scheme has been operating in all 43 police areas in England and Wales since 2010. The scheme is managed by the Police and information can only be accessed through direct application to them.
If a disclosure is made, the information must be kept confidential and only used to keep the child in question safe. Legal action may be taken if confidentiality is breached. A disclosure is delivered in person (as opposed to in writing) with the following warning:
If the person is unwilling to sign the undertaking, the police must consider whether the disclosure should still take place.
Age Assessment Information Sharing for Unaccompanied Asylum Seeking Children
The issue of age assessment in social work with asylum seeking young people remains controversial and has been something that Children’s social care have struggled with since the millennium. The ADCS Asylum Task Force has worked with the Home Office to provide two new jointly agreed documents, as detailed below. These documents are offered as practice guidance, by way of assistance to local authorities and their partners. The use of the proforma and consent form is voluntary. The content does not, nor does it seek to, be binding on local authorities. It is simply a recommended approach.