The Information Commissioner has issued Guidance on data protection consideration when sharing personal information for childcare purposes. The theme is that data protection law permits information sharing in a fair and proportionate way when that is required (1) in order to identify children at risk of harm and (2) safeguard them from harm. Indeed appropriate information sharing is central to safeguarding children from harm effectively and promoting their wellbeing.
The Guidance sets out 10 steps to be followed:-
- Step 1: Be clear about how data protection can help you share information to safeguard a child.
- Step 2: Identify your objective for sharing information, and share all the information you need to, in order to safeguard a child, which is a “compelling reason” for sharing information.
- Step 3: Develop and keep under review clear and secure policies and systems for sharing information securely.
- Step 4: Be clear about transparency at every stage and allowing the exercise of human rights.
- Step 5: Assess the risks and do a Data Protection Impact Assessment.
- Step 6: Enter into a data sharing agreement.
- Step 7: Follow the seven data protection principles that are at the heart of data protection, all of which are important.
- Step 8: Share information using the right lawful basis and keep a record of your decision.
- Step 9: Share information in an emergency.
- Step 10: Read the data sharing Code of Practice.