Information sharing guidance

Staffordshire and Stoke on Trent Adult

Safeguarding Partnership Board (SSASPB)


Information Sharing Guidance for Practitioners



Introduction and purpose of the guidance                                                       

Staffordshire and Stoke on Trent Adult Safeguarding Partnership Board             

(SSASPB) and information sharing

Record keeping                                                                                             


What if the adult refuses to give consent to share information?                         

How much should be shared?                                                                         

Independent Advocates and information sharing                                              

False perceptions about needing evidence or consent to share safeguarding       


What if a safeguarding partner is reluctant to share information?                      


The Data Protection Act 2018 and the General Data Protection Regulation         


Seven golden rules of information sharing                                                      


Useful Contacts                                                                                           


Introduction and purpose of the guidance.

 A recurring factor in serious case reviews (now Safeguarding Adult Reviews) has been a failure to understand the legislation and guidance surrounding information sharing and a failure to share information effectively.

An analysis of 18 Serious Case Reviews across London over a two-year period (Bestjan, 2012) found that almost all (94%) highlighted issues regarding information handling, incorporating both record keeping and information sharing.

This document provides guidance to front line staff and managers and explains why and how we share information between agencies who are involved in Adult Safeguarding. It has been produced taking the Care Act 2014 into consideration and will be refreshed periodically to provide the best possible current guidance.

The Care Act statutory guidance (October 2014: Chapter 14 paragraph 43) states that:

Early sharing of information is the key to providing an effective response where there are emerging concerns.

To ensure effective safeguarding arrangements:

All organisations must have arrangements in place which clearly set out the processes and principles for sharing of information between each other, with other professionals and the Safeguarding Adult Board, this could be via an Information Sharing Agreement to formalise the arrangements and no professional should assume that someone else will pass on information which they think may be critical to the safety and wellbeing of the adult. If a professional has concerns about the adult’s welfare and believes they are suffering or likely to suffer abuse or neglect, then they should share information with the Local Authority and, or, the Police if they believe or suspect that a crime has been committed.

Staffordshire and Stoke-on-Trent Adult Safeguarding Partnership Board (SSASPB) and information sharing

In order to carry out its functions, the SSASPB will need access to information that a wide number of people or other organisations may hold. Some of these may be SSASPB members, such as the NHS and the police. Others will not be, such as private health and care providers or housing providers/housing support providers or education providers.

In the past, there have been instances where the withholding of information has prevented organisations being fully able to understand why decisions and actions were or were not made and so has hindered them identifying, to the best of their ability, the lessons to be applied to prevent or reduce the risks of such cases reoccurring. If someone knows that abuse or neglect is happening they must act upon that knowledge, not wait to be asked for information.

Section (or clause) 45 of the Care Act states that:

The SAB (Safeguarding Adult Board) may request a person to supply information to it or to another person. The person who receives the request must provide the information provided to the SAB if:

  • the request is made in order to enable or assist the SAB to do its job;
  • the request is made of a person who is likely to have relevant information and then either:

i) the information requested relates to the person to whom the request is made and their functions or activities or;

ii) the information requested has already been supplied to another person subject to a SAB request for information.

This has been described as a mandate to share information - a demand power – with clear expectations that it will be adhered to.   

The request for information sharing will most likely take place to facilitate S.42 Care Act: ‘enquiries’ and S.44 Care Act: Safeguarding Adult Reviews.

Record keeping

Good record keeping is a vital component of professional practice. Whenever a complaint or allegation of abuse is made, all agencies should keep clear and accurate records and look for past incidents, concerns, risks and patterns. Detailed, relevant record keeping will greatly improve the opportunity to safeguard the adult.

Staff should be given clear directions as to what information should be recorded and in what format.

Records should be kept in such a way that the information can easily be collated for local use and national data collections.


 Any confidentiality agreement drawn up between agencies agreement should be consistent with the below listed principles set out in the Caldicott Review published in 2013. 

  1. Justify the purpose(s) for needing the personal confidential information
  2. Do not use personal confidential information unless it is absolutely necessary
  3. Use the minimum necessary of personal confidential information
  4. Access to personal confidential data should be on a strict need- to- know basis
  5. Everyone with access to personal confidential data should be aware of their responsibilities
  6. Comply with the law
  7. The duty to share information can be as important as the duty to protect patient confidentiality

What if the adult refuses to give consent to share information?

Frontline workers and volunteers should always share safeguarding concerns in line with their organisation’s policy, usually with their line manager or safeguarding lead in the first instance, except in emergency situations. As long as it does not increase the risk to the individual, the member of staff should explain to them that it is their duty to share their concern with their manager. The safeguarding principle of proportionality should underpin decisions about sharing information without consent, and decisions should be on a case-by-case basis.

Individuals may not give their consent to the sharing of safeguarding information for several reasons. For example, they may be frightened of reprisals, they may fear losing control, they may not trust social services or other partners, or they may fear that their relationship with the abuser will be damaged. Reassurance and appropriate support along with gentle persuasion may help to change their view on whether it is best to share information.

If a person refuses intervention to support them with a safeguarding concern, or requests that information about them is not shared with other safeguarding partners, their wishes should be respected. However, there are a number of circumstances where the practitioner can reasonably override such a decision, including:

  • The person lacks the mental capacity to make that decision – this must be properly explored and recorded in line with the Mental Capacity Act 2005
  • Other people are, or may be, at risk, including children
  • Sharing the information could prevent a crime
  • The alleged abuser has care and support needs and may also be at risk
  • A serious crime has been committed
  • Staff are implicated
  • The person has the mental capacity to make that decision, but they may be under duress or being coerced
  • The risk is unreasonably high and meets the criteria for a multi-agency risk assessment conference referral
  • A court order or other legal authority has requested the information.

If none of the above apply and the decision is not to share safeguarding information with other safeguarding partners, or not to intervene to safeguard the person:

  • Support the person to weigh up the risks and benefits of different options
  • Ensure they are aware of the level of risk and possible outcomes
  • Offer to arrange for them to have an advocate or peer supporter
  • Offer support for them to build confidence and self-esteem if necessary
  • Agree on and record the level of risk the person is taking
  • Record the reasons for not intervening or sharing information
  • Regularly review the situation

If it is necessary to share information outside the organisation:

  • Explore the reasons for the person’s objections – what are they worried about?
  • Explain the concern and why you think it is important to share the information
  • Tell the person who you would like to share the information with and why
  • Explain the benefits, to them or others, of sharing information – could they access better help and support?
  • Discuss the consequences of not sharing the information – could someone come to harm?
  • Reassure them that the information will not be shared with anyone who does not need to know
  • Reassure them that they are not alone, and that support is available to them.

If the person cannot be persuaded to give their consent then, unless it is considered dangerous to do so, it should be explained to them that the information will be shared without consent. The reasons should be given and recorded. If it is not clear that information should be shared outside the organisation, a conversation can be had with safeguarding partners in the police or local authority without disclosing the identity of the person in the first instance. They can then advise on whether full disclosure is necessary without the consent of the person concerned. It is very important that the risk of sharing information is also considered. In some cases, such as domestic violence or hate crime, it is possible that sharing information could increase the risk to the individual. Safeguarding partners need to work jointly to provide advice, support and protection to the individual in order to minimise the possibility of worsening the relationship or triggering retribution from the abuser. (Reference:  SCIE doc)

How much should be shared?

Decisions about who needs to know and what needs to be known should be taken on a case by case basis, within agency policies and the constraints of the legal framework.

Principles of confidentiality designed to safeguard and promote the interests of an adult should not be confused with those designed to protect the management interests of an organisation. These have a legitimate role but must never be allowed to conflict with the welfare of an adult. If it appears to an employee or person in a similar role that such confidentiality rules may be operating against the interests of the adult, then a duty arises to make full disclosure in the public interest.

 In certain circumstances, it will be necessary to exchange or disclose personal information which will need to be in accordance with the law on confidentiality and the Data Protection Act 1998 where this applies.

Independent Advocates and information sharing.

Where the adult has no appropriate person to support them and has substantial difficulty in being involved in the local authority processes, they must be informed of their right to an independent advocate.

False perceptions about needing evidence or consent to share safeguarding information

Some frontline staff and managers can be over-cautious about sharing personal information, particularly if it is against the wishes of the individual concerned. They may also be mistaken about needing hard evidence or consent to share information. The risk of sharing information is often perceived as higher than it actually is. It is important that staff consider the risks of not sharing safeguarding information when making decisions.

What if a safeguarding partner is reluctant to share information?

There are only a limited number of circumstances where it would be acceptable not to share information pertinent to safeguarding with relevant safeguarding partners. These would be where the person involved has the mental capacity to make the decision and does not want their information shared and:

  • Nobody else is at risk
  • No serious crime has been or may be committed
  • The alleged abuser has no care and support needs
  • No staff are implicated           
  • No coercion or duress is suspected
  • The public interest served by disclosure does not outweigh the public interest served by protecting confidentiality
  • The risk is not high enough to warrant a multi-agency risk assessment conference referral
  • No other legal authority has requested the information.


In the event of any differences of opinion regarding the sharing of information then professionals are encouraged to use the SSASPB escalation policy which can be found on the web pages It has been produced to maximise the opportunity to resolve disagreements promptly and at the most appropriate level of supervision or management.

The final arbiter of disagreements is the SSASPB Independent Chair who may consider whether the concern warrants a request, under Clause 45 of the Care Act, for the ‘supply of information’. If so, the reluctant party would only have grounds for refusal if it would be ‘incompatible with their own duties or have an adverse effect on the exercise of their functions’. It is hoped that this will be a very rare occurrence and partners are encouraged to contact their Adult Safeguarding lead (see useful contacts for local points of contact) who can provide support and guidance through the escalation process.

The Data Protection Act 2018 and the General Data Protection Regulation (GDPR)

The GDPR (28.05.18) forms part of the data protection regime in the UK, together with the new Data Protection Act 2018 (DPA 2018). The law is wide-reaching and places a range of duties and responsibilities on organisations that store data from which individuals can be identified. The Information Commissioners Office offers detailed guidance on the new regulation. The changes in the law do not change our practice with regard to safeguarding adults because the GDPR, like the previous legislation, allows us to share information without consent in certain circumstances. If it is deemed to be in the public interest, data may be collected, processed, shared and stored. It may be stored for longer periods in the public interest and in order to safeguard the rights and freedoms of individuals. The principles of GDPR:

  • Processed lawfully, fairly and in a transparent manner in relation to individuals
  • Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
  • Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
  • Accurate and, where necessary, kept up to date
  • Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed
  • Processed in a manner that ensures appropriate security of the personal data.

For a more detailed explanation of the principles see the Information Commissioners Office guidance using the link found in the references section at the end of this document.

The seven golden rules to sharing information

1. Remember that the General Data Protection Regulation (GDPR), Data Protection Act 2018 and human rights law are not barriers to justified information sharing but provide a framework to ensure that personal information about living individuals is shared appropriately.

2. Be open and honest with the individual (and/or their family where appropriate) from the outset about why, what, how and with whom information will, or could be shared, and seek their agreement, unless it is unsafe or inappropriate to do so.

3. Seek advice from other practitioners, or your information governance lead, if you are in any doubt about sharing the information concerned, without disclosing the identity of the individual where possible.

4. Where possible, share information with consent, and where possible, respect the wishes of those who do not consent to having their information shared. Under the GDPR and Data Protection Act 2018 you may share information without consent if, in your judgement, there is a lawful basis to do so, such as where safety may be at risk. You will need to base your judgement on the facts of the case. When you are sharing or requesting personal information from someone, be clear of the basis upon which you are doing so. Where you do not have consent, be mindful that an individual might not expect information to be shared. 

5. Consider safety and well-being: base your information sharing decisions on considerations of the safety and well-being of the individual and others who may be affected by their actions.

6. Necessary, proportionate, relevant, adequate, accurate, timely and secure: ensure that the information you share is necessary for the purpose for which you are sharing it, is shared only with those individuals who need to have it, is accurate and up-to-date, is shared in a timely fashion, and is shared securely (see principles).

7. Keep a record of your decision and the reasons for it – whether it is to share information or not. If you decide to share, then record what you have shared, with whom and for what purpose.


Care Act 2014;  Department of Health (DoH), Published 15th May 2014, available at:

Care and Support Statutory Guidance; Issued under the Care Act 2014, Department of Health, Published 23rd October 2014, and frequently updated, available at:

Safeguarding Information: Adult Safeguarding. Social Care Institute for Excellence (SCIE) January 2019, available at:

Serious Safeguarding Adults Reviews: Guidance note on options for London, Sue Bestjan, Published April 2012, available at:

Caldicott review: information governance in the health and care system, Department of Health (DoH), Published 26th April 2013, available at:

Data Protection Act 1998, Department of Health (DoH), Published 16th July 1998, available at:

Information Commissioner’s Office Guidance available at:

Useful Contacts

Points of contact

Stoke-on-Trent City Council

Strategic Manager – Early Intervention, Contact and Hospital

Adult Social Care, Health Integration and Well Being

01782 234078/233001


Staffordshire County Council

Adult Safeguarding Team Leader

01785 895154

Staffordshire Police

Detective Superintendent

01785 235290

North Staffordshire and Stoke on Trent Clinical Commissioning Groups

Designated Nurse Adult Safeguarding

01782 401029

South Staffordshire Clinical Commissioning Groups

Designated Nurse Adult Safeguarding

01785 895546

University Hospitals of North Midlands

Director of Nursing

01782 675484

University Hospitals of Derby and Burton

Adult Safeguarding Lead 

01332 787547

North Staffordshire Combined Healthcare Trust

Head of Safeguarding


01782 441664

Midlands Partnership Foundation Trust

Safeguarding Lead