Raising concerns

Information sharing

Poor information/data sharing has been documented in nearly all safeguarding reviews resulting in missed opportunities to take actions that keep people safe.

In safeguarding, no health staff have ever been found guilty of information/data sharing breach.

Robust information sharing is at the heart of safe and effective safeguarding practice. Information sharing is covered by legislation, principally the General Data Protection Act 2018 (GDPR) and the Data Protection Act 2018. The GDPR and the Data Protection Act 2018 introduce new elements to the data protection regime, superseding the Data Protection Act 1998.

Practitioners must have due regard to the relevant data protection principles which allow them to share personal information. The GDPR and Data Protection Act 2018 place greater significance on organisations being transparent and accountable in relation to their use of data.

All organisations handling personal data need to have comprehensive and proportionate arrangements for collecting, storing, and sharing information. The GDPR and Data Protection Act 2018 do not prevent, or limit, the sharing of information for the purposes of keeping children, young people and adults safe.

Professionals should refer to specific advice from their professional body regarding information sharing, for instance, the General Medical Council’s (GMC’s) Ethical Guidance for Child Protection or section 5 of the NMC Code 2015. There is a requirement for professionals to contribute, participate and share information for the purpose of statutory reviews.

Such guidelines are further supported by the Caldicott Principles, updated in 2017. Principle Seven states that the duty to share information can be as important as the duty to protect patient confidentially. It is crucial to understand that sharing information, when there is a need to share it, and a lawful basis for doing so, and maintaining its security and confidentiality, are compatible activities.