Information-Sharing and Recording
91. As highlighted in the section on Core principles, sharing appropriate information is an essential component of child protection and care activity. To secure the best outcomes for children, practitioners need to understand when it is appropriate to seek or share information, how much information to share and what to do with that information. Practitioners also need to consider from and with whom information can, and should, be sought and/or shared. This applies not only between different agencies, but also within agencies  . At the same time, children and their families have a right to know when information about them is being shared. Where appropriate, their consent should be sought, unless doing so would increase the risk to a child or others, or prejudice any subsequent investigation.
Information-sharing for child protection: general principles
- The wellbeing of a child is of central importance when making decisions to lawfully share information with or about them.
- Children have a right to express their views and have them taken into account when decisions are made about what should happen to them.
- The reasons why information needs to be shared and particular actions taken should be communicated openly and honestly with children and, where appropriate, their families.
- In general, information will normally only be shared with the consent of the child (depending on age and maturity). However where there is a risk to a child's wellbeing, consent should not be sought and relevant information should be shared with other individuals or agencies as appropriate.
- At all times, information shared should be relevant, necessary and proportionate to the circumstances of the child, and limited to those who need to know.
- When gathering information about possible risks to a child, information should be sought from all relevant sources, including services that may be involved with other family members. Relevant historical information should also be taken into account.
- When information is shared, a record should be made of when it was shared, with whom, for what purpose, in what form and whether it was disclosed with or without informed consent. Similarly, any decision not to share information and the rationale should also be recorded.
- Agencies should provide clear guidance for practitioners on sharing information for example, the GMC guidance on Protecting Children and Young People . This should include advice on sharing information about adults who may pose a risk to children, dealing with disputes over information-sharing and clear policies on whistle-blowing.
- It is not necessary to seek consent when there is legislative requirement to share information; for example when making a referral to the Children's Reporter, or the prevention and detection of crime.
92. Local areas should ensure there are robust information-sharing protocols in place and that practitioners understand their responsibilities in relation to the sharing, storing and retrieving of information. Local data-sharing partnerships and others responsible for providing guidance/decisions about information-sharing should be involved in producing these protocols.
93. This chapter addresses the issues surrounding the sharing and recording of information across and between services, and with children and their families.
Confidentiality and consent
94. Privacy and confidentiality is governed by legal provisions that aim to safeguard personal information, particularly:
- the UN Convention on the Rights of the Child (1989);
- the Human Rights Act 1998;
- the Data Protection Act 1998; and
- professional codes of conduct.
95. The same legal provisions also provide for sharing of information for purposes such as public protection, crime prevention and crime detection.
96. The Data Protection Act 1998 provides specific conditions for processing personal information and sensitive personal information respectively. The Act requires that an individual's data be processed fairly and lawfully and that specific conditions/justifications for processing are met. At least one condition from Schedule 2 of the Act must be met before processing personal data and in addition at least one from Schedule 3 of the Act in respect of sensitive personal data. The Schedules provide several conditions/justifications for processing, only the first of which rely on consent - where required, this should be fully informed and freely given. However, the issue of obtaining consent can be difficult and it should only be sought when the individual has real choice over the matter. Where circumstances exist it may not be appropriate to seek consent, for example where an assessment under the wellbeing indicators or Child Protection raises concerns, it will be possible to share information if one of the other conditions in the Schedules is met. This includes where the processing is necessary for the exercise of any function conferred by or under an enactment. Specific reference to the Data Protection Act and to national and/or local guidance supporting it should be made in any case where practitioners are unsure about their ability to share information. Perth and Kinross CPC have produced helpful guidance  on this.
97. Where agencies are acting in fulfilment of their statutory duties, it is not necessary or appropriate to seek consent - for example, where a referral is made to the Reporter under the Children's Hearing (Scotland) Act 2011 or where a report is provided by the local authority in the course of an investigation by the Reporter under the Act .
98. There is an important distinction between making the child
aware that information will/may be shared and seeking their consent
for that sharing.
99. If a child's wellbeing is considered to be at risk, relevant information must always be shared.
100. The application of this principle can be highly sensitive, particularly where children and young people make use of a service on the basis of its confidentiality. Good examples of this are helplines set up to support children and young people, such as ChildLine. Many young people need the time and space that such confidential services can offer to talk about their problems with someone who can listen and advise without necessarily having to refer. However, on some occasions, this contract of confidentiality can be suspended if the information received concerns risks to a child or another person. The Children and Young People (Scotland) Act 2014 contains provisions which, when enacted, will introduce a duty to share concerns about a child's wellbeing with the Named Person. In such cases the Act allows for the disclosure of information obtained through confidential service contact, where the requirements set out in the Act have been met.
Recording and analysing information
101. Decision-making depends on having sufficient, succinct, accurate and accessible records. A distinction should always be made between facts, hearsay and opinions. Records should include note of:
- dates of staff contacts with children and families;
- the child's views and emotional wellbeing;
- actions and decisions and the rationale behind them;
- outcomes of interventions;
- the Child's Plan (incorporating a Child Protection Plan, where the child is believed to be at risk of significant harm) and
- a chronology of significant events involving the child.
102. Chronologies can help identify patterns of events or accumulation of concerns (or positive developments). They should be reviewed and monitored by managers with a quality assurance role. Care should be taken to ensure chronologies are cross-referenced with relevant information from other agencies. For further information, see the SWIA Practice Guide on Chronologies or GIRFEC Practice Paper 8.
Storage and retention of records
103. Good information-sharing depends on the quality of record-keeping and on robust processes for storing information. All agencies should have clear procedures for recording and handling personal information, including managing the interface between electronic and manual records. Procedures should also be in place for the storage, retrieval, retention and disclosure of information. Where there are arrangements for the sharing of files or electronic information - for example, in an integrated assessment as part of a single planning process - there should be clear protocols in place to support this.
104. Local procedures should provide clear guidance on how different types of information ( e.g. verbal, written or electronic) should be recorded and/or stored. These procedures also need to address the issue of protective markings and the secure storage of information by their own and other services or third parties. The length of time records are kept will be influenced by both legislative and regulatory requirements and local services should ensure processes are in place to conform to these standards. All staff should understand their responsibilities with regard to recording, storing and sharing information.
105. Public access to information is governed by the Data Protection Act 1988 and the Freedom of Information (Scotland) Act 2002 ( FOI), which came into force in 2005. The subject access provisions of the Data Protection Act 1998 give individuals the right to apply for a copy of any personal data held about them. FOI gives the public a right of access to information held by public authorities in Scotland, with some reservations to protect personal privacy. FOI is fully retrospective and applies to all information, not just information created or filed since the Act came into force. Staff should be aware that any information they record may be the subject of an information access request under FOI. If a member of staff receives an FOI request, they should refer this to the appropriate person within their agency.
Sharing of information across areas when a child moves
106. Where there is a change in a child's circumstances and they move to another local authority, the originating area is responsible for forwarding information, including details of any increased levels of risk resulting from the move, to the receiving local area. The Children and Young People (Scotland) Act 2014 contains provisions which, when enacted, introduces a legal duty for the Named Person Service Provider to inform the new service provider of that move, and to share information that they consider necessary to promote, support or safeguard a child's wellbeing. Where a Child's Plan is in place, the legislation is specific that, with few exceptions, the area into which the child moves is responsible for the management of the Plan.
107. Where active involvement with a child and their family is effectively reducing risk and the family then moves, the original area must refer to the receiving area and pass on the child's records. When involvement with the family has recently commenced or terminated, the details of the concerns should be passed on to the receiving area as quickly as possible.
108. Concerns must be communicated to the receiving area and a written notification provided, even where initial contact was made by other means. This notification should include information on the history of original authority's involvement with the child and their family and the identified risks, including the most recent intervention plan and any progress made.
109. Where the case history is lengthy and/or significant, a
face-to-face meeting between relevant staff from both areas should
be considered as a follow up to the written referral.
110. Where a child or young person is on the Child Protection
Register and moves to another local authority, the process
described in the section focusing on transfer
Child Protection Case Conferences should be
111. For further information on what should happen when a child or young person and their family go 'missing' from an area, see the section on Children and young people who are missing.
There is a problem
Thanks for your feedback