View Thresholds and Pathways - early help, prevention and statutory services for children and families NCC View Thresholds and Pathways - early help, prevention and statutory services for children and families NCC
View Working Together View Working Together

1.9 Information Sharing Protocol

RELEVANT READING AND LINKS

For additional guidance see the documents contained in the HM Government Information Sharing Guidance issued in October 2008 which can be found on the Department for Education website/HM Government information sharing guidance.

Further useful guidance can be found in: 2013 Protocol and Good Practice Model: Disclosure of information in cases of alleged child abuse and linked criminal and care directions hearings.

For additional information see references to information sharing in Northamptonshire Thresholds and Pathways - Early Help, Prevention and Statutory Services

For information sharing between Social Care Services and the RSPCA see Information Sharing between Social Care Services and the RSCPA Procedure

AMENDMENT

This chapter was updated in January 2014.


Contents

  1. Introduction
  2. Myth Buster on Data Protection
  3. Seven Golden Rules for Information Sharing
  4. Flowchart of Key Questions for Information Sharing
  5. Questions (Golden Rules)


1. Introduction

Information sharing is key to the goal of delivering better, more efficient public services that are coordinated around the needs of the individual. It is essential to enable early intervention and preventative work, for safeguarding and promoting welfare and for wider public protection. Information sharing is a vital element in improving outcomes for all.

Where practitioners have to make decisions about sharing information on a case-by-case basis that are not clearly covered by statute, the decision to share or not share information must always be based on professional judgement. It should be taken in accordance with legal, ethical and professional obligations, supported by HM Government information sharing guidance and informed by training and experience.

Information Sharing Protocols and Data Exchange Agreements are useful tools in setting out the principles by which information can be shared. They can also be used to define the information that will be shared between organisations, designed to support bulk or regular sharing of information between IT systems or organisations.

Information Sharing Protocols are not required before front-line practitioners can share information about a person. By itself, the lack of an Information Sharing Protocol must never be a reason for not sharing information that could help a practitioner deliver services to a person.

The remainder of this section is based upon the HM Government Guidance “Information Sharing: Pocket Guide”. For those who have to make decisions about information sharing on a case-by-case basis, it seeks to give clear practical guidance.

Alongside this document, the Government has published:

  • Information Sharing: Guidance for practitioners and managers;
  • Information Sharing: Case examples which illustrate best practice in information sharing situations;
  • Information Sharing: Training materials available for local agency and multi-agency training, and for use by training providers; and
  • Information Sharing: Further guidance on legal issues which is a summary of the laws affecting information sharing.

It is recognised that it is most important that people remain confident that their personal information is kept safe and secure and that practitioners maintain the privacy of the individual, whilst sharing information to deliver better services. It is therefore important that practitioners can share information appropriately as part of their day-to-day practice and do so confidently.

Practitioners recognise the importance of information sharing and there is already much good practice. However, in some situations they feel constrained from sharing information by uncertainty about when they can do so lawfully, especially in early intervention and preventative work where information sharing decisions may be less clear than in safeguarding or child protection situations.

It is important to remember there can be significant consequences to not sharing information as there can be to sharing information. You must use your professional judgement to decide whether to share or not, and what information is appropriate to share.


2. Myth Buster on Data Protection

  • The Data Protection Act 1998 is not a barrier to sharing information but provides a framework to ensure that personal information is shared appropriately;
  • Data protection law reinforces common sense rules of information handling. It is there to ensure personal information is managed in a sensible way;
  • It helps us strike a balance between the many benefits of public organisations sharing information, and maintaining and strengthening safeguards and privacy of the individual;
  • It also helps us balance the need to preserve a trusted relationship between practitioner and client with the need to share information to benefit and improve the life chances of the client or protect the public.


3. Seven Golden Rules for Information Sharing

  1. Remember that the Data Protection Act is not a barrier to sharing information but provides a framework to ensure that personal information about living persons is shared appropriately;
  2. Be open and honest with the person (and/or their family where appropriate) from the outset about why, what, how and with whom information will, or could be shared, and seek their agreement, unless it is unsafe or inappropriate to do so;
  3. Seek advice if you are in any doubt, without disclosing the identity of the person where possible;
  4. Share with consent where appropriate and, where possible, respect the wishes of those who do not consent to share confidential information. You may still share information without consent if, in your judgement, that lack of consent can be overridden in the public interest. You will need to base your judgement on the facts of the case;
  5. Consider safety and well-being: Base your information sharing decisions on considerations of the safety and well-being of the person and others who may be affected by their actions;
  6. Necessary, proportionate, relevant, accurate, timely and secure: Ensure that the information you share is necessary for the purpose for which you are sharing it, is shared only with those people who need to have it, is accurate and up-to-date, is shared in a timely fashion, and is shared securely;
  7. Keep a record of your decision and the reasons for it - whether it is to share information or not. If you decide to share, then record what you have shared, with whom and for what purpose.

The ‘Seven Golden Rules’ and the following Questions 1-7 will help support your decision making so you can be more confident that information is being shared legally and professionally.

If you answer ‘not sure’ to any of the questions, seek advice from your supervisor, manager, nominated person within your organisation or area, or from a professional body.


4. Flowchart of Key Questions for Information Sharing

Click here to view Flowchart of Key Questions for Information Sharing.


5. Questions (Golden Rules)

Question 1

Is there a clear and legitimate purpose for sharing information?
  • Why do you or the other person want the information?
  • What is the outcome you are trying to achieve?
  • Could the aims be achieved without sharing the information?

Golden Rule

Remember that the Data Protection Act is not a barrier to sharing information but provides a framework to ensure that personal information about living persons is shared appropriately.

Other things to consider:

  • Do not assume that you need to share the whole case file;
  • Different agencies may have different processes for sharing information. You will need to be guided by your agency’s policies and procedures and, where applicable, by your professional code.

For more details, see the Information Sharing: Guidance for practitioners and managers paragraphs 3.3 - 3.9.

Question 2

Does the information enable a living person to be identified?

  • If the information is about an identifiable living individual, or could enable a living person to be identified when considered with other information, it is personal information and is subject to data protection law. This is likely to be the case in the course of your work. You should be open about what information you might need to share and why;
  • However, it may not be appropriate to inform a person that information is being shared, or seek consent to this sharing. This is the case if informing them is likely to hamper the prevention or investigation of a serious crime, or put a child at risk of significant harm or an adult at risk of serious harm.

Golden Rule

Be open and honest with the person (and/or their family where appropriate) from the outset about why, what, how and with whom information will, or could be shared, and seek their agreement, unless it is unsafe or inappropriate to do so.

Other things to consider:

  • If the person was informed about how and with whom their personal information might be shared at the outset, it will usually not be necessary to inform them again as long as the use as described in the original notification is the same.

For more details, see the Information Sharing: Guidance for practitioners and managers paragraphs 3.10 - 3.11.

Question 3

Is the information confidential?

  • Not all information is confidential;
  • Confidential information is information of a private or sensitive nature that:
    • Is not already lawfully in the public domain or readily available from another public source; and
    • Has been provided in circumstances where the person giving the information could reasonably expect that it would not be shared with others.

Golden Rule

Seek advice if you are in any doubt, without disclosing the identity of the person where possible.

For more details, see the Information Sharing: Guidance for practitioners and managers paragraphs 3.12 - 3.16.

If the information is not confidential you must now consider Question 6.

If the information is confidential you must now consider Question 4.

Question 4

Do you have consent to share?

  • You should seek consent where possible and respect the wishes of those who do not consent to share confidential information. You may still share information without consent if, in your judgement on the facts of the case, that lack of consent can be overridden in the public interest;
  • You do not always need consent to share personal information. There will be some circumstances where you should not seek consent, for example, where doing so would:
    • Place a child at increased risk of significant harm; or
    • Place an adult at increased risk of serious harm; or
    • Prejudice the prevention, detection or prosecution of a serious crime; or
    • Lead to unjustified delay in making enquiries about allegations of significant harm or serious harm.

Golden Rule

Share with consent where appropriate and, where possible, respect the wishes of those who do not consent to share confidential information. You may till share information without consent if, in your judgement, that lack of consent can be overridden in the public interest. You need to base your judgement in the facts of the case.

Other things to consider:

  • Generally, there should be ‘no surprises’;
  • Obtaining explicit consent is best practice. It can be expressed either verbally or in writing, although written consent is preferable since that reduces the scope for subsequent dispute;
  • You will need to consider whose consent should be ought. Does the person have the capacity to understand and make their own decisions on this occasion? If not, is someone else authorised to act on their behalf?
  • Consent must be informed, i.e. when people agree on information sharing, they must understand how much of their information needs to be shared, who will see it, why it is necessary to share the information and any implications of sharing or not sharing;
  • Consent can be withdrawn at any time.

For more details, see the Information Sharing: Guidance for practitioners and managers paragraphs 3.17 - 3.37.

Question 5

Is there sufficient public interest to share the information?

  • Even where you do not have consent to share confidential information, you may lawfully share if his can be justified in the public interest. Where consent cannot be obtained or is refused, or where seeking it is unsafe or inappropriate (as explained at question 4), the question of whether there is a sufficient public interest must be judged by the practitioner on the facts of each case. A public interest can arise in a wide range of circumstances. For a fuller definition of public interest refer to the Glossary in Information Sharing: Guidance for practitioners and managers;
  • Where you have a concern about a person, you should not regard refusal of consent as necessarily to mean that you cannot share confidential information;
  • In making the decision you must weigh up what might happen if the information is shared against what might happen if it is not, and make a decision based on professional judgement.

Golden Rule

Consider safety and well-being: Base your information sharing decisions on considerations of the safety and well-being of the person and others who may be affected by their actions.

Other things to consider:

A competent adult has the right to make decisions which may put themselves at risk but which present no risk of significant harm to children or serious harm to other adults. In this case it may not be justifiable to share information without consent.

For more details, see the Information Sharing: Guidance for practitioners and managers paragraphs 3.38 - 3.47.

If you decide not to share information you must consider Question 7.

If you decide to share information you must consider Question 6.

Question 6

Are you sharing information appropriately and securely?

  • Only share what is necessary to achieve the purpose, distinguishing clearly between fact and opinion;
  • Share only with the person or people who really need to know the information;
  • Make sure the information is accurate and up-to-date;
  • Understand the limits of any consent given and especially if the information has been provided by a third party;
  • Check who will see the information and share the information in a secure way. For example, confirm the identity of the person you are talking to; ensure a conversation or phone call cannot be overheard; use secure email; ensure that the intended person will be on hand to receive a fax;
  • Establish with the recipient whether they intend to pass it on to other people and ensure that they understand the limits of any consent that has been given;
  • Inform the person to whom the information relates that you are sharing the information, if it is safe to do so, and if you have not already told them that their information may be shared.

Golden Rule

Necessary, proportionate, relevant, accurate, timely and secure:

  • Ensure that the information you share is necessary for the purpose for which you are sharing it, is shared only with those people who need to have it, is accurate and up-to-date, is shared in a timely fashion, and is shared securely.

For more details, see the Information sharing: Guidance for practitioners and managers paragraphs 3.48 - 3.49.

Question 7

Have you properly recorded your information sharing decision?

  • Record your information sharing decision and your reasons, including what information you have shared and with whom, following your agency’s arrangements for recording information and in line with any local information sharing procedures in place;
  • If, at any stage, you decide not to share information, you should record this decision and the reasons for it.

Golden Rule

Keep a record of your decision and the reasons for it whether it is to share information or not. If you decide to share, then record what you have shared, with whom and for what purpose.

For more details, see the Information Sharing: Guidance for practitioners and managers paragraphs 3.50 - 3.51.

End