Myth-busting guide to information sharing
Sharing information enables practitioners and agencies to identify and provide appropriate services that safeguard and promote the welfare of children. Below are common myths that may hinder effective information sharing.
Data protection legislation is a barrier to sharing information
No - the Data Protection Act 2018 and General Data Protection Regulations do not prohibit the collection and sharing of personal information, but rather provide a framework to ensure that personal information is shared appropriately. In particular, the Data Protection Act 2018 balances the rights of the information subject (the individual whom the information is about) and the possible need to share information about them.
Consent is needed to share personal information
No - you do not need consent to share personal information. It is one way to comply with the data protection legislation but not the only way. The GDPR provides a number of bases for sharing personal information. it is not necessary to seek consent to share information for the purposes of safeguarding and promoting the welfare of a child provided that there is a lawful basis to process any personal information required. The legal bases that may be appropriate for sharing data in these circumstances could be 'legal obligation', or 'public task' which includes the performance of a task in the public interest or the exercise of official authority. Each of the lawful bases under GDPR has different requirements. It continues to be good practice to ensure transparency and to inform parent/carers that you are sharing information for these purposes and seek to work cooperatively with them.
Personal information collected by one organisation/agency cannot be disclosed to another
No - this is not the case, unless the information is to be used for a purpose incompatible with the purpose for which it was originally collected. In the case of children in need, or children at risk of significant harm, it is difficult to foresee circumstances where information law would be a barrier to sharing personal information with other practitioners.
The common law duty of confidence and the Human Rights Act 1998 prevent the sharing of personal information
No - this is not the case. In addition to the Data Protection Act 2018 and GDPR, practitioners need to balance the common law duty of confidence and the Human Rights Act 1998 against the effect on individuals or others of not sharing the information.
IT systems are often a barrier to effective information sharing
No- IT systems, such as the Child Protection Information Sharing project (CP-IS), can be useful for information sharing. IT systems are most valuable when practitioners use the shared data to make more informed decisions about how to support and safeguard a child.