Disclaimer: These notes are for guidance only. We cannot be held responsible for any action taken as a direct result of information contained herewith. we would always recommend that expert legal advice is sought. Please see our introduction page for more information.

Introduction

‘…there is great potential to make better use of personal information to deliver benefits to individuals and to society, including through increased data sharing.’

The Prime Minister – Performance and Innovation Unit report – April 2002

It is a reasonable expectation that action necessary to protect the public will be taken by those with the power to do so and that individuals at risk from an offender will be made aware of this potential and what is being done to protect them. To be able to do so effectively, health and criminal justice practitioners and organisations will need to share data, including that which may be classed as personal and sensitive. They will also need to know when such sharing is required, when it is merely permitted, and, crucially, when it is forbidden.

It should also be noted that, at times, a person might lack the capacity to make an informed decision on health, justice or social issues, and it might be in their ‘best interests’ for personal or sensitive information about them to be disclosed to others, even without the person’s consent. Occasionally, this could be for purposes other than those for which the information was originally obtained.

It is possible that the failure to disclose important information about an individual thought to pose a risk will create greater problems than will be caused by the disclosure of that information without the person’s consent. However, on reflection it will also be recognised that offenders and patients will soon loose trust if confidences are broken, and they may well fail to divulge important information in the future or not participate in health programmes. Thus, it is essential that decisions on whether information should be disclosed be made on a rational analysis of the law, and by weighing the balance between the risks and benefits of disclosure for the individual and for others who might be affected.

There is no single source that regulates public bodies and their employees regarding the sharing of personal information. It is covered by a number of different areas of law as follows:

• The law that governs the actions of public bodies (administrative law)
• The Human Rights Act 1998 and the European Convention on Human Rights
• The common law tort of breach of confidence
• The Data Protection Act 1998
• The law of the European Union

All statutory authorities have a general ‘Duty of Partnership’ to work together in the public interest and in many cases, this generic requirement is reinforced by specific guidance. For example, the Protection of Children Act 1999 sets out the statutory requirements required for people seeking to work with children. This clearly impacts on certain classes of offender or patients considered to be a risk to others. The Crime & Disorder Act 1998 as amended by the Police Reform Act 2002 requires the police, police authorities, Primary Care Trusts, local authorities and fire authorities to formulate and implement strategies for the reduction of crime and disorder and the combating of drug misuse. If the disclosure of information is “necessary and expedient” for those purposes, there are circumstances in which it may take place, even though there would otherwise be nothing in law to permit it. Clearly, information on the potential risk an individual might pose is a legitimate matter for consideration for release of data to other agencies through this forum, although it may be rare that this involves the disclosure of identifiable health information. Public Protection is also the key concern under Multi Agency Public Protection Arrangements (MAPPA), established under the Criminal Justice Act 2003. Essentially, these require the ‘Responsible Authority’ (Police, Prison Service and Probation, acting jointly) to establish arrangements for assessing and managing the risks posed by violent and sexual offenders and to keep those arrangements monitored and under review. Other authorities have a duty to cooperate with the Responsible Authority, these include:

• Local Authority Social Services
• Primary Care Trusts, other NHS Trusts and Strategic Health Authorities
• Jobcentres Plus
• Youth Offending Teams
• Registered Social Landlords which accommodate MAPPA offenders
• Local Housing Authorities
• Local Education Authorities
• Electronic Monitoring providers

However, and crucially, information may only be disclosed for the purposes of MAPPA if such disclosure is permitted by the common law or by a statute other than the Criminal Justice Act 2003.

The National Offender Management Service Corporate Plan 2005-8 places high priority on assessing offenders and judging the risk they pose so that courts can target sentences effectively and victims and the public can be protected.

Clearly, to be able to assess risk posed by potentially violent or sexual offenders may require some sharing of personal and sensitive information.

Professional Codes

In addition to legal considerations, individuals who are members of professions covered by Codes of Practice or standards expected for their profession, such as those issued by the Nursing and Midwifery Council, General Medical Council and the General Social Work Council, will need to work within these standards. Practitioners must recognise their professional duty to maintain patient/client confidentiality and the normal requirement not to disclose confidential information without consent. However, there will be occasions when disclosure without consent will be in the best interests of the data subject where they lack capacity, in the public interest or required by other legal obligations. Practitioners should follow their professional bodies’ guidance on confidentiality and information sharing and where in doubt, seek specific advice from that body on how to proceed or from a senior colleague. Specific guidance regarding the position of Police Surgeons is available from the British Medical Association.

Guidance Documents

There are a number of other guidance documents on information sharing available and staff are advised to refer to them through the automatic links provided in the references below. National Research is also being undertaken into this important topic. Staff at the Office of the Deputy Prime Minister are undertaking projects on Frameworks for Information Sharing in a Multi-Agency Environment (FAME) and secure exchange of information for children at risk and to support crime reduction (RYOGENS)

As every case varies, it is not possible to publish a definitive guide covering every situation, however, a check-list of things to consider when producing information sharing policies or in specific cases where there is doubt is to be found in it own section within this site.