Information Sharing

Introduction

Safeguarding people from harm and abuse often requires information sharing between services and organisations.  Sharing information enables professionals to fully understand and assess the risk to the person and make informed decisions about what action needs to be taken.  Not sharing information in such circumstances can leave the person at risk of abuse and/or harm.  Safeguarding people from harm and abuse often requires information sharing between services and organisations.  Sharing information enables professionals to fully understand and assess the risk to the person and make informed decisions about what action needs to be taken.  Not sharing information in such circumstances can leave the person at risk of abuse and/or harm.  

Sharing information between organizations as part of day-to-day safeguarding practice is already covered in the common law duty of confidentiality, the General Data protection Regulation, the Human Rights Act and the Crime and Disorder Act. The Mental Capacity Act is also relevant as all those coming into contact with adults with care and support needs should be able to assess whether someone has the mental capacity to make a decision concerning risk, safety or sharing information. This section, which is based on the SCIE Safeguarding Adults Sharing Information guide, summarises key parts of these laws to help increase understanding of the basic principles in relation to safeguarding practice and, in particular, the sharing of safeguarding information.

Human Rights Act 1998

Articles 2 and 3 of the Human Rights Act 1998 place an obligation on public authorities to protect people's rights to life and their freedom from torture, inhumane and degrading treatment.  Meeting these obligations may necessitate lawful information sharing.

The Data Protection Act 2018

The Data Protection Act 2018 is the UK's implementation of the General Data Protection Regulation (GDPR).

Everyone responsible for using personal data has to follow strict rules called 'data protection principles'.  They must make sure the information is:

  • used fairly, lawfully and transparently
  • used for specified, explicit purposes
  • used in a way that is adequate, relevant and limited to only what is necessary
  • accurate and , where necessary, kept up to date
  • kept for no longer than is necessary
  • handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage

There is stronger legal protection for more sensitive information such as race, ethnic background, political opinions, religious beliefs, trade union membership, genetics, biometrics, health, sex life or orientation.

General Data Protection Regulation (GDPR)

This was designed to respond to technological and societal changes over the last 20 years.  It is designed to strengthen the protection of personal information and extend the rights and controls individuals have over their data.  

The Care Act

The Care Act emphasises the need to empower people, to balance choice and control for adults against preventing harm and reducing risk, and to respond proportionately to safeguarding concerns.