Care Act guidance leaves social workers none the wiser on new duty to share safeguarding information

The link between the new duty and the existing law on data protection and information sharing is unclear from draft statutory guidance, says Belinda Schwehr

By Belinda Schwehr, Care and Health Law

The draft Care Act 2014 guidance says very little of value, about the new, apparently mandatory, duty to share information with safeguarding adults boards, under section 45 of the Act.

45 Supply of information
(1) If an SAB requests a person to supply information to it, or to some other person specified in the request, the person to whom the request is made must comply with the request if—
(a) conditions 1 and 2 are met, and
(b) condition 3 or 4 is met.
(2) Condition 1 is that the request is made for the purpose of enabling or assisting the SAB to exercise its functions.
(3) Condition 2 is that the request is made to a person whose functions or activities the SAB considers to be such that the person is likely to have information relevant to the exercise of a function by the SAB.
(4) Condition 3 is that the information relates to—
(a) the person to whom the request is made,
(b) a function or activity of that person, or
(c) a person in respect of whom that person exercises a function or engages in an activity.
(5) Condition 4 is that the information—
(a) is information requested by the SAB from a person to whom information was supplied in compliance with another request under this section, and
(b) is the same as, or is derived from, information so supplied.
(6) Information may be used by the SAB, or other person to whom it is supplied under subsection (1), only for the purpose of enabling or assisting the SAB to exercise its functions.

In paragraph 14.137, the guidance merely restates the section of the Act which created the duty. There is no example, no discussion of sanctions for refusal, no exploration of the interplay between confidentiality, data protection and the exceptions to both that enable disclosure of information, based on the public interest, people’s legal rights and the exercise of statutory functions. Further, by omission, the guidance implies that the information sharing duty will be limited to an SAB’s function of carrying out safeguarding adults reviews into serious cases (section 44 of the Act).

Back in the Spring, in a previous column, I pointed out that this duty could, on paper at least, given the structure of the Act, be used in individual safeguarding enquiries, under section 42 of the Act.

42 Enquiry by local authority
(1) This section applies where a local authority has reasonable cause to suspect that an adult in its area (whether or not ordinarily resident there)—
(a) has needs for care and support (whether or not the authority is meeting any of those needs),
(b) is experiencing, or is at risk of, abuse or neglect, and
(c) as a result of those needs is unable to protect himself or herself against the abuse or neglect or the risk of it.
(2) The local authority must make (or cause to be made) whatever enquiries it thinks necessary to enable it to decide whether any action should be taken in the adult’s case (whether under this Part or otherwise) and, if so, what and by whom…

If certain conditions are met, a person or body ‘must’, on the request of the SAB, supply information to the board or to any other person mentioned in the request – and this could be the council’s safeguarding lead, presumably.

Under section 45, the information must be requested for the purpose of enabling or assisting the SAB to perform its functions. Section 43 of the Act, on the establishment of SABs, does not define their functions, but says this:

(2) The objective of an SAB is to help and protect adults in its area in cases of the kind described in section 42(1).

(3) The way in which an SAB must seek to achieve its objective is by co-coordinating and ensuring the effectiveness of what each of its members does.

(4) An SAB may do anything which appears to it to be necessary or desirable for the purpose of achieving its objective.

So it seems to me it could and should exercise its power to call on others to provide information, as something it believes necessary for the purpose of achieving the objective of helping and protecting adults, and that in so doing it is seeking to ensure the effectiveness of the local authority member of the SAB in exercising its enquiry function.

In my previous piece, I suggested that SABs could therefore expect to be asked to issue requests for information, on a regular basis, by the council safeguarding lead. I said that it was wholly unclear from the legislation in what situations ordinary factors related to confidentiality or non-disclosure would be a legitimate excuse to refuse a request from the SAB or what should be done about the request or a refusal to comply with it in such a situation.

In the guidance, there is no scenario, no debate, no illustration of the relevance of the section 45 duty, illustrating the use to which this section could be used, and crucially, nothing about any refusal to share requested information, and no discussion of the consequences for the refuser.

Problems with confidentiality

In the wider context of confidentiality in general, the draft guidance says this:

“Practitioners must always seek the consent of the individual before taking action or sharing personal information.”

The General Medical Council’s (GMC) guidance on confidentiality points out, in paragraph 19, that people should still be informed, where practicable, even if their consent is not required. It means that they or their representative can take preventative steps, or threaten them, so as to protect themselves from damaging disclosure, if they want to. That is consistent with an approach to autonomy that ought to run through all of safeguarding. But the Care Act draft guidance goes on:

However, there may be circumstances when consent cannot be obtained because the adult lacks the capacity to give it, but the best interests of the individual or others at risk demand action. It is the responsibility of all staff and members of the public to act on any suspicion or evidence of abuse or neglect and to pass on their concerns to a responsible person/agency.”

Just in terms of simple paragraph construction, the draft Care Act Guidance fails to make it clear that sometimes even a capacitated individual’s refusal to give consent, when asked, is not enough to make it wrong to pass on the information; it also fails to give any underpinning for the assertion that it is all our duties to pass on suspicions of abuse or neglect – that is not part of the common, or any other law, that I know of, even if those working in safeguarding think that it should be.

The existing law of information sharing

The guidance also says:

“All agencies should identify arrangements, consistent with principles and rules of fairness, confidentiality and data protection for making records available to those affected by, and subject to, an enquiry.’

Why this can’t be done centrally, by government, is a really pressing and uncomfortable question, to my mind, and not one that should be scotched with the usual suggestion that ‘local authorities will seek their own legal advice’. If law is law, and policy is national, there is no excuse for not supplying national guidance about this, to my mind.

Regional special interest legal groups may well get together to harmonise their existing protocols, but the point is that this is a new statutory duty, and there is nothing written anywhere about its effect or place in the hierarchy of principles about this fraught area of balance between competing interests.

Prepare for the Care Act

Belinda Schwehr will be explaining the implications of the Care Act for social work practice at Community Care’s forthcoming conference on the subject, in London, on 17 September 2014. Register now for a discounted place.

There is already power to share information in support of much that gives rise to safeguarding concerns. Section 115 of the Crime and Disorder Act 1998 states that any person who would not otherwise have the power to disclose information to a ‘relevant authority’, does in fact have the power,  where disclosure is necessary or expedient for the purposes of the Act (reduction and prevention of crime and disorder).

A relevant authority to whom disclosure can be made, is defined to include the police, local authority, probation committee and NHS Clinical Commissioning Group. So no public body should be worried as to its powers for so doing.

Home Office advice about this 1998 legislation stresses two points, however, even if one is asked to disclose the information to a relevant authority. First, that it puts beyond doubt the power of your organisation to disclose information to one of the relevant authorities. But second, it stresses that this is not the same as a duty to disclose. Thus, it is said, that the power to disclose does not override other legal considerations including the common law duty of confidentiality, the Data Protection Act 1998 or the Human Rights Act 1998. So, even under Section 115, the balancing principles we would normally always need to talk about, still apply.

Further, this excerpt can be found in the Social Care Institute for Excellence’s safeguarding guide for practitioners, Protecting adults at risk in London: good practice resource:

“Having express or implied statutory powers in any particular case does not mean that the Human Rights Act 1998, the common law duty of confidentiality, and the Data Protection Act 1998 can be disregarded. Where a statutory gateway explicitly removes the need to consider confidentiality, then confidential information can be shared; however this will be rare and in limited circumstances. Where there are implied powers you need to consider the language of the gateway and the surrounding circumstances.”

But here we have a duty, not a power. It would be what the Scie guidance calls a mandatory statutory gateway.

In the draft Care Act Guidance, staff are referred to other sources on information sharing. “The Home Office and the Office of the Data Protection Commissioner (formerly Registrar) have issued general guidance on the preparation and use of information sharing protocols.” There is no reference provided, but it is probably the 2008 document Information Sharing: Further guidance on legal issues or Public Sector Data Sharing: Guidance on the Law. The most up-to-date guidance from the Information Commissioner, the 2011 Data sharing code of practice, does not even mention safeguarding. It says this:

Express obligations – occasionally, a public body will be legally obliged to share particular information with a named organisation. This will only be the case in highly specific circumstances but, where such an obligation applies, it is clearly permissible to share the information.’

It may well be permissible, but what is the council to do, if someone says no? Is it a breach of public law, or just nothing – not a crime, or anything attracting a sanction?

A duty without caveat

The duty is expressed without caveat, so the normal principles of statutory construction would mean that the ‘must’ –  in terms of individuals’ duty to comply with the SAB request – means must. That is, the duty exists without regard to the confidentiality of those involved in the underlying factual situation, or the relationship between the person from whom the information is sought, and the individuals that the information is about.

If this is really to mean that information should be disclosed regardless of the privilege against self-incrimination, or the nature of the information and the circumstances of its creation, then one would expect to see examples and enforcement mechanisms, and some discussion of the consequences for people’s general regard for the reputation for beneficence of councils!

But all the guidance says in paragraph 14.143 is that:

“Decisions about who needs to know and what needs to be known should be taken on a case by case basis, within agency policies and the constraints of the legal framework.”

In the section in the guidance on safeguarding adults reviews, at 14.127, the guidance says the following:

It is vital, if individuals and organisations are to be able to learn lessons from the past, that reviews are trusted and safe experiences that encourage honesty and sharing to obtain maximum benefit from them. If individuals and their organisations are fearful of SARs, their response will be defensive and their participation guarded and partial.”

Putting safeguarding adults reviews beyond Freedom of Information law

This suggests that the policy vision behind the information sharing duty is that it is to be used after something has gone wrong, rather than before, or in individual safeguarding enquiry scenarios. If that is so, then the provision at section 45(6) prohibiting use of the information in any other context other than for the purposes of SAB functions seem to be aimed at ensuring that SARs come within the definition of those investigations that do not have to be disclosed under FOI law.

In fact, the 2000 FOI Act states that public bodies must provide information if requested, unless an exemption applies.

In Leach v National Care Standards Commission, an unreported decision from October 2002 upheld the then NCSC’s refusal to disclose the source of ultimately disproved allegations of abuse and neglect at a residential care home for older people.

The Lincolnshire and Vicarage Farm cases later explored sections 31, 40 and 41 of the FOI Act – which cover exemptions from Freedom of Information for information required for law enforcement, personal data and information provided in confidence – as legitimate grounds for not sharing information in the context of investigations into wrongdoing. These would include complaints, multi-agency meetings or safeguarding processes.

This large and complex area of case law is highly significant, it is therefore suggested, for interpreting the new duty under section 45 of the Care Act. FOI operates in favour of disclosure unless an exemption applies; and the ban in subsection (6) on the use of information provided under this section, in any context other than for the purposes of the SAB functions, operates against any further disclosures. Yet, advocates are going to be present at safeguarding strategy meetings, in future, and relatives who wish to obtain information about incidents with a view to getting redress for the victim, through being their litigation friend, may well be present, too.

I asked in March whether it could possibly the intention of this provision to prevent people from bringing legal proceedings based on what they have found out from safeguarding procedures? Surely that would have been something that would have had to have been debated in the context of an Act to promote well-being, and covered in the guidance? The guidance says the following:

‘”If it appears to an employee or person in a similar role that such confidentiality rules may be operating against the interests of adults at risk of abuse or neglect then a duty arises to make full disclosure in the public interest.”

Does this duty to disclose exist despite the the ban in section 45 (6) on disclosure? Surely it does not. But again, without a sanction, how would one know?

A change in the law on information sharing?

The statements of practice, from Scie and the Home Office, and the previous body of case law, operate so as to raise the question whether the Act has done something ‘solid’ to change the law of information sharing by inserting a positive duty to share, upon request.

The Act also provides for the imposition of an organisational duty of candour to disclose information to families on regulated care providers in cases of care failures, but that does not even get a mention in the Care Act guidance!

Also, section 92 of the Care Act creates an offence whereby:

(1) A care provider of a specified description commits an offence if—

(a) it supplies, publishes or otherwise makes available information of a specified description,

(b) the supply, publication or making available by other means of information of that description is required under an enactment or other legal obligation, and

(c) the information is false or misleading in a material respect.

But there is no offence created for just saying ‘No’, when asked to supply information by an SAB under section 45.

So, all told, the safeguarding chapter is not yet fit for purpose, in my mind. And time is running out to make it so.

More from Community Care

Comments are closed.