Tees Multi-agency Information Sharing Protocol
1. Introduction
1.1 The Government’s statutory guidance, ‘Working Together to Safeguard Children', outlines why information sharing is essential for effective safeguarding and promoting the welfare of children and young people: It is a key factor identified in many serious case reviews (SCRs), where poor information sharing has resulted in missed opportunities to take action to keep children and young people safe.
1.2 Safeguarding Partners across Hartlepool, Middlesbrough, Redcar & Cleveland and Stockton-on-Tees have a duty to ensure that children across Teesside are safe. To do this there is a need to share information across organisational and professional boundaries; in order to provide effective co-ordination and integration of services. As much of the information that needs to be shared involves personal details about service users and their needs, emphasis is also placed on the importance of security and confidentiality in relation to this personal information.
2. What Information Is To Be Shared?
2.1 The personal data to be shared could include: names; contact details; personal details; family details; lifestyle and social circumstances; goods and services provided; financial details; employment and education details; housing needs; visual images, personal appearance and behaviour; business activities; case file information; NHS patient numbers.
2.2 Special category data that could be shared includes: racial or ethnic origin; religious or philosophical beliefs; health information; and sex life or sexual orientation.
2.3 Criminal convictions and offences information could also be shared.
2.4 The above list is not exhaustive and as long as practitioners are satisfied that:
- a) The data protection principles are satisfied, in particular - lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy; and
- b) It is supported and permitted by the safeguarding legislation and statutory guidance, the sharing of other additional data would be appropriate.
3. Sources of Information
3.1 The nature of the multi-agency work to safeguard children may involve information being provided by the following partners via referrals or professional assessments based on information held in their records management systems. This will usually involve information being shared between partners that was originally gathered direct from data subjects.
- Hartlepool and Stockton-on-Tees Safeguarding Children Partnership
- South Tees Safeguarding Children Partnership
- Hartlepool Borough Council
- Middlesbrough Council
- Stockton-on-Tees Borough Council
- Redcar & Cleveland Borough Council
- South Tees Youth Offending Service
- Hartlepool Youth Offending Service
- Stockton Youth Offending Service
- Cleveland Police
- National Probation Service
- Durham Tees Valley Community Rehabilitation Company
- HM Prison Service
- NHS England
- South Tees Hospitals NHS Foundation Trust
- North Tees Hospitals NHS Foundation Trust
- North East Ambulance Service NHS Foundation Trust
- Tees Esk and Wear Valleys NHS Foundation Trust
- Harrogate and District NHS Foundation Trust
- NHS Tees Valley Clinical Commissioning Group/Individual GP Practices
- Education/voluntary sector organisations/individuals providing services in pursuance of section 74 of the Education and Skills Act 2008.
3.2 This list is not definitive and practitioners should follow the statutory guidance in ‘Working Together to Safeguard Children’ where it is proposed to share personal data between other additional partners for the purposes of safeguarding a child.
4. Legal Framework
4.1 The UK General Data Protection Regulation 2016 (UK GDPR) provides a number of bases for sharing personal information. It is not necessary to seek consent to share information for the purposes of safeguarding and promoting the welfare of a child provided that there is a lawful basis to process any personal information required. The legal bases that are appropriate for sharing data in these circumstances are:
Personal Data
- UK GDPR Article 6(1)(c) processing of personal data is necessary to comply with a legal obligation; and
- UK GDPR Article 6(1)(e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (also know as ‘public task’).
Special Category Data
- UK GDPR Article 9(2)(h) the provision of health or social care or treatment or the management of health or social care systems and services
Criminal Convictions and Offences Data
- UK GDPR Articles 6(1)(c) legal obligation; 6(1)(e) public task
- Paragraph 2 Part 1 of Schedule 1 of the Data Protection Act 2018 - Health or social care purposes.
(Note that the word ‘processing’ refers to use of the data by individual organisations for their own purposes and the sharing of data with external partners and agencies).
4.2 The data protection legislation does not prevent the sharing of information for the purposes of keeping children safe. Fears about sharing information must not be allowed to stand in the way of the need to promote the welfare and protect the safety of children.
4.3 However, to ensure compliance with the ‘transparency’ and ‘fairness’ principles, as far as practically possible, when you capture data about individuals for the first time, you must inform them about the proposed purpose and potential sharing arrangements as part of their ‘right to be informed’. This is usually achieved by providing and explaining your organisation’s privacy notice.
4.4 Where you receive personal data from a third party, unless you are satisfied that the sender has already made the individuals aware or it would be impossible to do so, you have one month to inform them about the proposed purposes or at your first point of contact with them. Again, this is usually achieved by providing a privacy notice.
5. Purposes for which information may be shared
5.1 Safeguarding Partners across the North East have in place an over-arching Regional Multi-Agency Information Sharing Agreement (Tier 1) which sets out how they share information lawfully, appropriately, and in compliance with best practice to establish consistent principles and practices between Partner Agencies.
5.2 The corresponding Tees-wide Information Sharing Agreement (Tier 2) sets out how information sharing will be data protection compliant specific to the statutory functions of the Safeguarding Partners.
5.3 In order for safeguarding partners to perform their statutory functions to safeguard and promote the welfare of children across Teesside, they are required to co-ordinate their services, implement Local and National learning and drive action (Working Together to Safeguard Children). In order to fulfil these functions information will be shared for the purposes of:
- Undertake Rapid Reviews / Local Learning Reviews
- Undertake multi-agency audits
- Protect and support children and young people
- Protecting children from maltreatment
- Preventing impairment of children’s mental and physical health or development
- Ensuring that children grow up in circumstances consistent with the provision of safe and effective care
- Taking action to enable all children to have the best outcomes
- Co-ordinate, commission and contract services
6. Relevant Documentation: