Topic outline

  • 1. Introduction

    The Care Act 2014 establishes criteria which require the sharing of confidential information. It is important, therefore, to establish, within the context of Safeguarding Adults, an Agreement for sharing information between the partner agencies that have committed to the Multi-Agency Agreement in the Safeguarding Adults Procedures.

    This Agreement covers the sharing of information for any of the purposes listed below and comprises the common principles and procedures, which will be adopted wherever, and whenever these agencies have to share information for these purposes.


    • 2. Purposes for Which Information May be Shared

      For the purpose of Safeguarding Adults, relevant information will be shared to:

      • Keep Service Users at the centre of the Safeguarding Adults process;
      • Involve them of, and involve them in, decision making processes;
      • Coordinate partnership working and improve delivery of services;
      • Standardise the Safeguarding Adults process;
      • Share relevant and updated information to prevent unnecessary duplication of data collection / creation processes;
      • Help identify other people who may be at risk of abuse and take appropriate steps to ensure their safety and wellbeing;
      • Assist with the prevention and detection crime;
      • Investigate and address complaints;
      • To establish and share learning outcomes where possible;
      • To facilitate and incorporate governance arrangements and monitoring processes.

      Statistical information may be shared to:

      • Coordinate partnership working and improve delivery of services;
      • Train staff and set, monitor and maintain professional standards;
      • Identify relevant patterns and trends of abuse and to inform or improve practice;
      • Manage, plan, commission and contract services;
      • Develop multi-agency strategies;
      • Improve performance and management audit;
      • Inform local and national research initiatives.

      • 3. Objectives

        This Agreement supports effective integrated multi-agency safeguarding work by providing a standard for lawful information sharing and principles which will assist professionals in determining the thresholds for information sharing.

        It provides a framework for the secure sharing of information between agencies to:

        • Ensure individuals receive appropriate information and services to safeguard them from or minimise abuse and neglect;
        • Ensure there is a consistent and effective response to any concerns, allegations or disclosures of abuse and neglect;
        • Work effectively and efficiently together throughout the safeguarding process;
        • Prevent abuse and neglect occurring within agencies;
        • Meet the needs of communities and individuals for care, safeguarding and support;
        • Set out for individuals the reasons why information about them may need to be shared and how this sharing will be managed and controlled so that confidentiality is maintained.

        • 4. Principles Guiding the Sharing of Information

          In seeking to share information for the purposes of Safeguarding Adults, agencies will adhere to the following principles:

          • The agencies that are party to this Agreement are committed to enable data to be shared in a manner that is compliant with their statutory responsibilities;
          • Where possible and appropriate individuals should be fully informed about the information that is recorded about them and as a general rule, be asked for consent before their information is shared with colleagues or another agency. There may be justifications to override this requirement, for example if an individual/s are at risk or the act of obtaining consent would (or would be likely to) jeopardise the ability to safeguard;
          • The rules about disclosure of information apply to adults who lack capacity.  Where appropriate, consent should be obtained from the person with legal authority to act on the person's behalf. The reasons for the final decision should be clearly recorded;
          • Agencies will ensure that staff receive appropriate training around issues of privacy and security;
          • Where professionals request that information supplied by them be kept confidential from the people who use services, the outcome of this request and the reasons for taking the decision will be recorded;
          • Where an agency’s organisational or procedural interests conflict with the effective safeguarding of individual/s, the lawful interests of the individual/s shall prevail.

          • 5. Summary of Core Principles

            All information sharing, record keeping should be compliant with the following:

            • 5.1 Caldicott Principles

              (See Manual for Caldicott Guardians).

              • Justify the purposes of using person-identifiable information;
              • Only use person-identifiable information where necessary to do so;
              • Use the minimum that is required;
              • Access should be on a strict need to know basis;
              • Everyone should understand their responsibilities;
              • Everyone must understand and comply with the law.

              • 5.2 Data Protection Principles

                The Data Protection Act and General Data Protection Regulation (GDPR) cover all recording, storage and sharing of personal information held on paper files or computer. All personal data must be recorded and shared lawfully and all agencies to this agreement must be able to demonstrate their data is:

                • Processed lawfully, fairly and in a manner transparent to the data subject;
                • Processed for specific, explicit purposes and not processed for further, incompatible reasons;
                • Adequate, relevant, and limited to the data that is needed to get the job done;
                • Accurate, current, and - where necessary, promptly updated;
                • Not kept for longer than necessary;
                • Processed in accordance with the rights of the data subject;
                • Protected by the appropriate security;
                • Not transferred to a country outside the EEC without adequate protection.

                Personal data relevant to an Adult Safeguarding matter (that is, the Adult at Risk and / or anyone involved with their situation or circumstances) will need to be processed in order for SSAB to carry out its proper functions under the Care Act 2014. These requirements activate the processing conditions within the Data Protection Act that (subject to full observance of the Caldicott and Data Protection Act processing principles) confirm the lawfulness of sharing for safeguarding purposes.

                • 6. Legislation and Guidance

                  The key legislation and guidance affecting the sharing and disclosure of information in respect of Safeguarding Adults include:

                  Other relevant legislation/powers includes:

                  See also Legal Framework Procedure.

                  • 7. Good Practice Guidelines

                    Data Protection Act 1998, Schedule 2, Condition 3 and Schedule 3, Condition 10 (read in conjunction with The Data Protection (Processing of Sensitive Personal Data) Order 2000 – S.I. 2000 No 417).

                    • The views and wishes of the abused person will normally be respected when sharing the information they give us;
                    • Decisions to share information in safeguarding cases must be made/agreed at the appropriate level within a given agency, and by an appropriate individual;
                    • Agencies should ensure they have clear guidelines for when the duty to safeguard the wider public (or a particular person / persons) outweighs their responsibility to protect an individual's right to privacy;
                    • Staff must never confuse confidentiality with secrecy;
                    • Agencies cannot give assurances of absolute confidentiality in cases where there are concerns about abuse, particularly in those situations where others may be at risk. There will be circumstances when a duty to safeguard others will outweigh the responsibility to any one individual;
                    • Information given to, or created by an individual member of staff or agency representative belongs to the agency not that member of staff;
                    • The abused person and when relevant, their carers, must be advised why and with whom information will be, or has been shared where possible and appropriate to do so:
                    • Information must be shared on a 'need to know' basis only;
                    • Information will be shared only for the purpose of providing care or for safeguarding the abused person or others;
                    • Information given to an agency must only be used for the purposes for which it was intended, or for purposes that can be shown to be compatible with those purposes;
                    • Information should be shared with the minimum number of individuals (i.e. professionals, carers, others) required to ensure the safety of the individual or of others;
                    • Information sharing should follow documented processes, with information flowing to authorised recipients from authorised sources. Decisions to share outside of these processes must be documented in the relevant Safeguarding records;
                    • Information sharing by electronic methods should be done using appropriate levels of security and encryption. The use of ‘7ZIP’ software to encrypt information in a manner that is easy to send and receive is recommended. This software is free to download and use, and does not require specialist training to be able to use it.

                    • 8. Application

                      Decisions about sharing information need to be taken on a case-by-case basis.

                      Therefore, before you share information, you need to ask yourself the following questions:

                      • Do I have the permission of the abused person do disclose personal information?

                      If Not:

                      • Do I have the legal authority to disclose this information?
                      • Is there a duty to protect the wider public interest; are other people at risk?
                      • All decisions made in terms of withholding or sharing information must be recorded in detail.

                      • 8.1 Service user as perpetrator

                        If it is assessed that the service user continues to pose a threat to others (service users, staff etc), then this should be included in any information passed onto service providers / strategic partners.

                        • 8.2 Safeguarding Adults Meetings

                          All discussions or meetings taking place under the Safeguarding Adults process respects the boundaries of confidentiality and are held under the shared understanding that:

                          • Meetings are called in circumstances where there are concerns that the safety and wellbeing of an individual or several individuals is at risk, and that this safety may outweigh some rights of individual privacy;
                          • The disclosure of information outside of meetings, beyond that which is agreed at meetings, may be considered as a breach of the subject's privacy and a breach of the confidentiality of the agencies involved;
                          • If consent to disclose outside of meetings is considered essential, permission should be sought from the Safeguarding Manager chairing the meeting, and a decision will be made on the principle of a public safety 'need to know';
                          • Unauthorised disclosure of safeguarding information may be a disciplinary matter.

                          • 9. Formal Approval and Adoption

                            Sunderland Safeguarding Adults Executive Board is responsible for the approval, maintenance and review of this Agreement and the development of any additional service specific procedures.

                            This Agreement applies to all agencies committed to the Partnership Agreement in the Safeguarding Adults Policy Document. It also applies to all staff, agency workers and volunteers working within agencies that are party to this Agreement.

                            Dissemination/circulation of the agreement

                            Agencies will ensure that their staff are made aware of and have access to this Agreement.

                            Agencies will ensure that the Agreement will be communicated to service users/patients and carers to ensure that individual rights in relation to the disclosure and use of personal information are upheld.


                            • 10. Other Useful Resources

                              All key partner agencies will have internal policy and procedural guidance and public information in respect of information sharing and security in compliance with the Data Protection Act and Caldicott Principles. Staff should use these references.