Important Update

Consequences of Children Legislation Amendment (Information Sharing) Act 2018

Children Legislation Amendment (Information Sharing) Act 2018

The Children Legislation Amendment (Information Sharing) Act 2018 (“amending Act”) has come into effect and it has implications for both Freedom of Information and Privacy.

The legislation has two key purposes:

  1. It permits agencies to share confidential information with one another where it promotes the safety or wellbeing of a child or group of children;
  2. It establishes a register of children born or residing in Victoria (“Child Link”) which contains personal information and will be made available to a range of professionals who deliver government-funded services to children and their families.

What can/can't your organisation do? 

The amendments may affect your organisation if you deal with sensitive information in relation to the wellbeing or safety of children.

 

Information Sharing – Part 6A the Act

In order to be able to proactively exchange information under Part 6A the Act, you must be an information sharing entity prescribed by the Regulations.

 

Voluntary Disclosure - s 41V Child Wellbeing and Safety Act 2005 (“the Act”)

An information sharing entity (“disclosing entity”) is permitted to disclose confidential information, other than excluded information, to another information sharing entity (“receiving entity”) upon satisfying two conditions:

  1. The disclosure is made for the purpose of promoting the wellbeing or safety of a child or group of children; and
  2. A reasonable belief is held by the disclosing entity that the disclosure may assist the receiving entity to carry out one or more of the following activities:
    • Making a decision, assessment or plan relating to a child or group of children;
    • Initiating or conducting an investigation relating to a child or group of children;
    • Providing a service relating to a child or group of children;
    • Managing any risk to a child or group of children.

Previously, the Act required a serious risk to the safety of a child before information could be shared. The amending Act encourages a more preventative approach to child safety by identifying, assessing and managing risk at an earlier stage.

 

Request for Confidential Information (s 41W the Act)

An information sharing entity (“requesting entity”) may request another information sharing entity (“responding entity”) to disclose confidential information, other than excluded information, if the request is made for the purpose of promoting the wellbeing or safety of a child or group of children.

In making a request under s 41W, the requesting entity may disclose any confidential information that may assist the responding entity to:

  1. Identify the confidential information held that is relevant to the request; and
  2. Form an opinion on whether the confidential information can be disclosed under the Act.

If the following two conditions are satisfied, a responding entity must disclose the confidential information requested:

  1. If the disclosure is made for the purpose of promoting the wellbeing or safety of a child or group of children; and
  2. The responding entity holds a reasonable belief that the disclosure may assist the requesting entity to carry out one or more of the following activities:
    • Making a decision, assessment or plan relating to a child or group of children;
    • Initiating or conducting an investigation relating to a child or group of children;
    • Providing a service relating to a child or group of children;
    • Managing any risk to a child or group of children.

Where a court, tribunal, holder of a judicial or quasi-judicial office or registry are prescribed to be information sharing entities, they are excluded from this obligation to disclose (s 41W(5) the Act).

 

There are various offences outlined in Division 5 which prohibit unauthorised use or disclosure of information.

 

Access to Child Link Register – Part 7A of the Act

In order to have access to Child Link, you must be a Child Link user as outlined in s 46K of the Act. Those with access to Child Link are permitted to use and disclose the information for limited purposes related to the specific services that they deliver.

The Department of Education and Training and the Department of Health and Human Services will be permitted to use de-identified data from Child Link to inform policy and planning for delivery of services to benefit Victorian children and their families.

What does it mean for FOI?

Freedom of Information Act 1982 (Vic)

 

s 27

Through amendments to s 27 of the Freedom of Information Act 1982 (“FOI Act”), an agency may neither confirm or deny the existence of documents where disclosure would increase the risk to the safety of a child or group of children.

 

s 33

Under s 33 of the FOI Act, certain agencies must now consider whether disclosure would increase the risk to the safety of a child or group of children as part of an assessment as to whether disclosure of personal affairs information would be unreasonable.

 

s 49P

The powers of the Information Commissioner (“the Commissioner”) under s 49P are amended such that, on review, the Commissioner can make a decision to neither confirm nor deny the existence of documents if disclosure would increase risk to the safety of a child or group of children.

 

s 56

The effect of s 56(6) is that the Victorian Civil and Administrative Tribunal (“the Tribunal”) may announce its findings in terms that neither confirm nor deny the existence of documents where disclosure has been refused on the grounds that it would constitute an unreasonable disclosure of personal affairs for the reason that it would increase the risk of harm to a child or group of children.

What does it mean for Privacy?

Privacy and Data Protection Act 2014 (Vic)

A new s 15B is inserted into the Privacy and Data Protection Act 2014 (“PDP Act”) which displaces a number of Information Privacy Principles (“IPPs”). To the extent that any IPP requires consent of the person to whom the personal information relates for the collection, use or disclosure of that information, it will not apply to the collection of personal or sensitive information for the purposes of Part 6A of the Act or by users of the Child Link register or the Secretary of the Department of Education and Training for the purposes of Part 7A of the Act.

 

IPP 1.4

IPP 1.4 requires an organisation to collect personal information about an individual only from that individual. The collection of personal information under Part 6A of the Act by a user of the Child Link Register is an exemption to this.

 

IPP 1.5

Where personal information is collected under Part 6A or 7A of the Act or by a user of the Child Link Register, the organisation need not comply with IPP 1.5 to ensure that the individual is aware of the items outlined in IPP 1.3. This is because compliance would be contrary to the promotion of the wellbeing or safety of a child to whom the information relates. 

 

IPP 10.1

IPP 10.1 does not apply to the collection, use or disclosure of sensitive information for the purposes of Part 6A or 7A of the Act. 

 

Health Records Act 2001 (Vic)

A new s 14C is inserted into the Health Records Act 2001 (“HR Act”), creating several exemptions to obligations under the Health Privacy Principles (“HPPs”). To the extent that a HPP requires consent of the person to whom the health information relates for the collection, use or disclosure of that information, it will not apply to the collection of health information under Part 6A or Part 7A of the Act.

 

HPP 1.3

HPP 1.3 requires an organisation to collect health information about an individual only from that individual. HPP 1.3 will not apply to the collection, use or disclosure of health information for the purposes of Part 6A or 7A of the Act. 

 

HPP 1.5

Where health information is collected under Part 6A or 7A of the Act or by a user of the Child Link Register, the organisation is exempted from complying with HPP 1.5 to ensure that the individual is aware of the items outlined in HPP 1.4. This is because compliance would be contrary to the promotion of the wellbeing or safety of a child to whom the information relates. 

HPP 4.3

The Secretary to the Department of Education and Training is exempted from making a written note (as required by HPP 4.3) when health information is deleted under the Act. 

 

Our firm can assist you in determining whether the the new amendments apply to your organisation and what steps you should take to ensure compliance.  For more information or assistance contact Mick Batskos (03 9601 4144;  Email: mick@foisolutions.com.au).