Information Sharing & Consent
In every Serious Case Review that has ever been undertaken, information sharing has been a key theme. It is essential that all professionals gain consent and share information appropriately within the network of those working with a child and their family. If you do not have consent and are unsure about whether to share information, discuss it with your line manager in the first instance. We recommend you undertake the LSCP E-Learning courses and read the guidance and legislation detailed below.
Missing, Exploitation and Trafficking Information Sharing Guidance
Successful partnership working depends substantially on effective communications and information sharing between agencies. MET Information Sharing Guidance document.
Working Together 2018 Extracts
23. Effective sharing of information between practitioners and local organisations and agencies is essential for early identification of need, assessment and service provision to keep children safe. Serious Case Reviews (SCRs) have highlighted that missed opportunities to record, understand the significance of and share information in a timely manner can have severe consequences for the safety and welfare of children.
24. Practitioners should be proactive in sharing information as early as possible to help identify, assess and respond to risks or concerns about the safety and welfare of children, whether this is when problems are first emerging, or where a child is already known to local authority Children's Social Care (e.g. they are being supported as a child in need or have a child protection plan). Practitioners should be alert to sharing important information about any adults with whom that child has contact, which may impact the child's safety or welfare.
25. Information sharing is also essential for the identification of patters of behaviour where a child has gone missing, where multiple children appear associated to the same context or locations of risk, or in relation to children in the secure estate where there may be multiple local authorities involved in a child's care. It will be for local safeguarding partners to consider how they will build positive relationships with other local areas to ensure that relevant information is shared in a timely and proportionate way.
26. Fears about sharing information must not be allowed to stand in the way of the need to promote the welfare, and protect the safety, of children, which must always be the paramount concern. To ensure effective safeguarding arrangements:
- all organisations and agencies should have arrangements in place that set out clearly the processes and the principles for sharing information. The arrangement should cover how information will be shared within their own organisation/agency and with others who may be involved in a child's life.
- all practitioners should not assume that someone else will pass on information that they think may be critical to keeping a child safe. If a practitioner has concerns about a child's welfare and considers that they may be a child in need or that the child has suffered or is likely to suffer significant harm, then they should share the information with local authority children's social care and/or the police. All practitioners should be particularly alert to the importance of sharing information when a child moves from one local authority to another, due to the risk that knowledge pertinent to keeping a child safe could be lost.
- all practitioners should aim to gain consent to sharing information, but should be mindful of situations where to do so would place a child at increased risk of harm. Information may be shared without consent if a practitioner has reason to believe that there is a good reason to do so, and that the sharing of information will enhance the safeguarding of a child in a timely manner. When decisions are made to share or withhold information, practitioners should record who has been given the information and why.
27. Practitioners must have due regard to the relevant data protection principles which allow them to share personal information, as provided for the Data Protection Act 2018 and the General Data Protection Regulation (GDPR). To share information effectively:
- all practitioners should be confident of the processing conditions under the Data Protection Act 2018 and the GDPR which allow them to store and share information for safeguarding purposes, including information which is sensitive and personal, and should be treated as 'special category personal data'.
- where practitioners need to share special category personal data, they should be aware that the Data Protection Act 2018 contains safeguarding of children and individuals at risk as a processing condition that allows practitioners to share information. This includes allowing practitioners to share information without consent, if it is not possible to gain consent. It cannot be reasonably expected that a practitioner gains consent, or if to gain consent would place a child at risk
Myth-busting guide to information sharing
Sharing information enables practitioners and agencies to identify and provide appropriate services that safeguard and promote the welfare of children. Below are common myths that may hinder effective information sharing.
Data protection legislation is a barrier to sharing information
No - the Data Protection Act 2018 and GDPR do not prohibit the collection and sharing of person information, but rather provide a framework to ensure that personal information is shared appropriately. In particular, the Data Protection Act 2018 balances the rights of the information subject (the individual whom the information is about) and the possible need to sharing information about them.
Consent is always needed to share personal information
No - you do not necessarily need consent to share personal information. Wherever possible, you should seek consent and be open and honest with the individual from the outset as to why, what, how and with whom, their information will be shared. You should seek consent where an individual may not expect their information will be shared. You should seek consent where an individual may not expect their information to be passed on. When you gain consent to share information, it must be explicit, and freely given. There may be some circumstances where it is not appropriate to seek consent, or because to gain consent would put a child's or your young person's safety at risk.
Personal information collected by one organisation / agency cannot be disclosed to another
No - this is not the case, unless the information is to be used for a purpose incompatible with the purpose to which it was originally collected. In the case of children in need, or children at risk of significant harm, it is difficult to foresee circumstances where information law would be a barrier to sharing person information with other practitioners. Practitioners looking to share information should consider which processing condition in the Data Protection Act 2018 is most appropriate for use in the particular circumstances of the case. This may be the safeguarding processing condition or another relevant provision.
Gillick / Fraser Competence - NSPCC
When we are trying to decide whether a child is mature enough to make decisions, people often talk about whether a child is 'Gillick competent' or whether they meet the 'Fraser guidelines'.
The Gillick competency and Fraser guidelines help us all to balance children’s rights and wishes with our responsibility to keep children safe from harm
Data Protection Act
The Data Protection Act 2018 controls how personal information is used by organisations, businesses or the government.
(1)This Act makes provision about the processing of personal data.
(2)Most processing of personal data is subject to the GDPR.
(3)Part 2 supplements the GDPR (see Chapter 2) and applies a broadly equivalent regime to certain types of processing to which the GDPR does not apply (see Chapter 3).
(4)Part 3 makes provision about the processing of personal data by competent authorities for law enforcement purposes and implements the Law Enforcement Directive.
(5)Part 4 makes provision about the processing of personal data by the intelligence services.
(6)Part 5 makes provision about the Information Commissioner.
(7)Part 6 makes provision about the enforcement of the data protection legislation.
(8)Part 7 makes supplementary provision, including provision about the application of this Act to the Crown and to Parliament.
Everyone responsible for using data has to follow strict rules called ‘data protection principles’. They must make sure the information is:
- used fairly and lawfully
- used for limited, specifically stated purposes
- used in a way that is adequate, relevant and not excessive
- kept for no longer than is absolutely necessary
- handled according to people’s data protection rights
- kept safe and secure
- not transferred outside the European Economic Area without adequate protection
There is stronger legal protection for more sensitive information, such as:
- ethnic background
- political opinions
- religious beliefs
- sexual health
- criminal records