This is the second article in a three-part series on the expanding issue of information sharing and how it relates to the schools system. In this series, Kieran Seed and Lauren Osbich consider the past and future development of information sharing regimes, particularly in the context of child protection and how schools can gain a stronger understanding of their obligations.
With the Royal Commission into Institutional Responses to Child Sexual Abuse (Royal Commission) likely to propose national or interjurisdictional information sharing regimes in relation to child protection, it seems timely to look at the different methods of information sharing already implemented (or proposed) across Australia, and outline best practice guidelines for schools when preparing for the final recommendations of the Royal Commission.
In last week's article, we discussed the topic of information sharing, what it means in practice, how it interacts with other legal obligations like privacy and why it is relevant to schools, especially in situations of child abuse incidents. In this week's article, we will be looking at:
- information sharing as it has been addressed in various states and territories around Australia, and nationally
- the impact of cumulative harm in child abuse incidents
- best practice guidelines for information sharing
- how effective information sharing approaches can be adopted by a school.
National initiatives for information sharing
As detailed in our previous article, under Australian Privacy Principle (APP) 6, an APP entity – such as a non-government school – can only use or disclose personal information for a purpose for which it was collected or a secondary purpose to which an exception applies, such as mandatory reporting obligations for child abuse purposes. However, children's commissioners and the national child sex offender register both operate within this principle to guide schools in information sharing practices for child abuse or children at risk.
Nationally, the Children's Commissioner (and its state/territory counterparts) works to improve services and safety for all children. Children's Commissioners have a particular focus on children and young people who are at risk or come into contact with child protection systems. The role of the Children's Commissioner is as an advocate for change and information sharing initiatives are limited to national legislative changes such as adherence to the UN Convention on the Rights of a Child. Most Children's Commissioners, however, also oversee Working with Children Checks (and equivalent background screening) which has been particularly targeted by the Royal Commission for improved information sharing practices across state and territory borders.
Laws in each jurisdiction also provide for child sex offender registration and each jurisdiction mandates that the Police Commissioner (or equivalent) must establish and maintain a Child Protection Offender Register, and, with the exception of New South Wales, restrict access to the Register and the information contained in it. It is largely left to the discretion of the Police Commissioner to determine who may have access to the Register and for what purpose, in terms of information sharing arrangements.
Currently, no Register is available to the public. The Western Australian Register provides a three-tier access system for information, rather than open access. The Northern Territory Sex Offender Public Website (Daniel’s Law) Bill 2015 (which has since been withdrawn from Parliament) went a step further than Western Australia in proposing that the Northern Territory serious sex offender website be publicly accessible, allowing anybody to access the information. Additionally, a private member’s Bill – the Child Protection (Nicole's Law) Bill 2015 – is also before NSW Parliament, which would allow the public to be notified of the identity and residential address of convicted child sex offenders.
Some state/territory initiatives for information sharing
NSW, Victoria, the ACT and Queensland have legal frameworks in place to govern information sharing for child safety matters. SA has provided best practice guidelines which will be discussed at the end of the article. All legislative frameworks have a key interest in common - that the safety of the child at risk is the primary consideration for information sharing provisions and will override any other duties of confidentiality, secrecy or privacy when tensions arise between prescribed bodies (this is a defined list of people and bodies and may include non-government schools or non-government organisations in some jurisdictions).
NSW - Generally considered unique in legislative information sharing, Chapter 16A of the Children and Young Persons (Care and Protection) Act 1998 was enacted to simplify information exchange between government agencies and other prescribed bodies (including non-government schools) where information relates to the safety, welfare and wellbeing of a child. Chapter 16A explicitly details that information is to be exchanged despite other laws that prohibit or restrict the disclosure of personal information and regardless of whether or not the child consents to the information exchange.
Victoria - Under the Children, Youth and Families Act 2005, information can be shared with DHHS Child Protection when it is relevant to the safety, stability and development of a child. Information is considered to be relevant if it relates directly to concerns about the child. However, this test is limited as it means that information can only be shared if it is a matter relevant for child protection, which may not take into account cumulative harm (discussed below). Additionally, under the Children Legislation Amendment (Reportable Conduct) Act 2017, new provisions were implemented to allow information sharing in regards to reportable conduct information, and like NSW, non-government schools are governed by that scheme.
ACT - Under the Reportable Conduct and Information Sharing Legislation Amendment Act 2016, new provisions were implemented to allow information sharing with regard to Working with Vulnerable People registration and reportable conduct information. A designated entity for the purposes of the legislation includes a non-government school, and, like NSW and VIC, the legislation details that information is to be exchanged despite other ACT laws to the contrary.
Queensland - The Child Protection Reform Amendment Bill 2017, introduced in September 2017, provides for a new legislative information sharing regime for child protection in Queensland and provides for the exchange of information about a child and their family between prescribed entities and service providers while protecting the confidentiality of that information. The proposed information exchange provisions also include the establishment of the SCAN (Suspected Child Abuse and Neglect) system as well as introducing a new category of specialist service providers, defined as non-government entities who provide services to children (including non-government schools). Finally, the Bill also details that where safe, possible and practicable, consent should be obtained from the child, however a child's safety, well-being and best interests take precedence over the protection of an individual's privacy. These new information sharing provisions, if enacted, would solve many of the complex consent and privacy related issues associated with information sharing for schools in Queensland.
An overriding problem with state/territory initiatives for information sharing is that, where there is no specific legislation, the information exchange will be primarily governed by a combination of privacy legislation, discussed in our previous article, or child protection legislation, with fragmented and often confusing results.
Identifying patterns of cumulative harm in children at risk
One of the key failures of current information sharing regimes across Australia, and a key issue identified by the Royal Commission especially in relation to interjurisdictional Working with Children Checks, is an inability to deal adequately with cumulative harm, defined as a series of acts or omissions that when viewed separately, may not indicate significant risk, but when viewed together suggest a pattern of significant harm. In other words, should schools share information regarding individual child safety incidents before they are considered together to meet a definition of abuse?
Existing mandatory reporting guidelines and interjurisdictional directions for information sharing fail to consider when it would be appropriate to share prior acts or omissions, which, while not individually reaching the threshold of a significant risk to a child, may form a different overall picture of a child's exposure to risk. School Governance anticipates that the Royal Commission's recommendations will provide further guidance on this issue when they are released.
Best practice guidelines - South Australia leading the way and lessons for schools
Following on from legislation and guidelines in the UK and New Zealand, South Australia has established their own best practice guidelines to apply to information sharing. The guidelines are called the Information Sharing Guidelines (the Guidelines) and apply to all non-government service providers (including organisations who do paid or volunteer work with children or young people and all non-government schools). Some of the key reasons for information sharing detailed in the Guidelines are when a disclosure is necessary to:
- divert a person from offending or harming themselves
- protect a person or groups of people from potential harm, abuse or neglect
- protect service providers in situations of danger
- help service providers more effectively address risks to safety and well-being
- alert other service providers to a person's need for assistance.
The Guidelines also provide strict instructions that information may be shared when it is believed a person is at risk of harm (from others or as a result of their own actions) and adverse outcomes can be expected unless appropriate services are provided. Consent should be obtained where it is reasonable and practicable to do so.
Schools should understand, in advance of the Royal Commission recommendations, their information sharing obligations and in what circumstances it is appropriate to disclose otherwise protected information.