Organisations will not get in trouble if they share information to protect children and young people at risk of serious harm, the UK Information Commissioner’s Office (ICO) has promised.
This message comes as the ICO publishes new guidance to address concerns from organisations and frontline workers that may be scared to share information for fear of falling foul of data protection law.
The need to improve data sharing practices has been highlighted in recent serious case reviews in the UK where children have died or been seriously harmed through abuse or neglect. Poor information-sharing among organisations and agencies was identified as one of the factors contributing to failures to protect the children.
“My message to people supporting and working with children and young people is clear: if you think a child is at risk of harm, you can share information to protect them. You will not get in trouble with the ICO for trying to prevent or lessen a serious risk or threat to a child’s mental and physical wellbeing.
“Data protection law helps organisations share data when required. Our guide will support senior leaders to put strong policies, systems and training in place, so their staff are encouraged and empowered to share data in an appropriate, safe and lawful way.”
- John Edwards, UK Information Commissioner
Free marketing materials and a video have also been produced to support organisations to raise awareness of the benefits of sharing information to protect children and young people from harm.
The ICO will also develop a suite of guidance on sharing information to safeguard children aimed at specific sectors across the UK, recognising the different legislative and policy landscapes.
For more information visit ico.org.uk/datasharing.
Notes for editors
- The Information Commissioner’s Office (ICO) is the UK’s independent regulator for data protection and information rights law, upholding information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
- The ICO has specific responsibilities set out in the Data Protection Act 2018 (DPA2018), the United Kingdom General Data Protection Regulation (UK GDPR), the Freedom of Information Act 2000 (FOIA), Environmental Information Regulations 2004 (EIR), Privacy and Electronic Communications Regulations 2003 (PECR) and a further five acts and regulations.
- The ICO can take action to address and change the behaviour of organisations and individuals that collect, use, and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit.
- To report a concern to the ICO telephone call our helpline on 0303 123 1113, or go to ico.org.uk/concerns.