Information Sharing

As the name suggests, personal information is just that, personal. Therefore, before sharing any information you need to be clear whether the information is classed as personal data (i.e., information that relates to an identified or identifiable individual). 

If it is personal data, then you must start by gaining consent to share the information, unless one of the following apply:

• there is evidence that the child has suffered, or is likely to suffer, significant harm;
• there is reasonable cause to believe that a child has suffered, or is likely to suffer, significant harm;
• there is evidence to suggest that if you sought consent a child or adult may be harmed;
• there is evidence that action may need to be taken to prevent or detect a crime meaning that it may not be appropriate to ask for consent.

Consent may be explicit (when the person has been asked specifically to give consent for a certain piece of information to be shared) or implicit (for example when a person has signed an agreement saying that information can be shared with certain agencies – in this case, the agreement is there but it is not specific about what information can be shared). If you are seeking consent to share information for safeguarding purposes, then attempts should be made to get explicit consent.

Whichever type of consent is used, the consent should be informed consent. This means that the person giving consent understands what the information being shared is, why it is being shared, and what the implications of sharing and not sharing the information are. This may mean that you need to consider the ability (or capacity) of the person to give consent.

Speak to your DSL for further guidance and support.

If you decide to share information you must record your decision, the context in which the information was shared and the reasons for your decision.

Recording is important because there is a chance that someone will ask you or your employers why you chose to share or not share information. Such questions may not come immediately, and in some cases these questions only arise many years later. Even if you are still working at your setting, it is likely that you will not remember why you made the decision you did, but if there is a clear record this will provide the required information.

Your setting will have its own policy on recording, but good practice suggests that you should record the date, time, what you were being asked to share, what you decided and why.

Adapted from Information sharing advice for safeguarding practitioners.

1. The GDPR and Data Protection Act 2018 are barriers to sharing information – no.  The GDPR and Data Protection Act 2018 don’t stop information sharing, but provide the means to make sure information is shared in the right way.
2. Consent is always needed to share personal information – no. You should seek explicit consent whenever possible, but if (for reasons set out above) this is not possible, you can override the need for consent.
3. Personal information collected by one organisation cannot be disclosed to another organisation – no. Unless the information is obviously irrelevant to what is happening, the need to safeguard children means there are no such barriers.
4. The common law duty of confidence and the Human Rights Act 1998 prevent the sharing of personal information – no.  These provide a framework by which information is shared, but often the risk to the child outweighs all else.
5. IT systems are often a barrier to effective information sharing – no.  IT systems can be an important tool when sharing information, but they should not overrule professional judgement.