Chapter 6 — Responding to requests for information under the Information Sharing Schemes
Schools and other Information Sharing Entities must respond to information sharing requests from other Information Sharing Entities. Schools should respond to a request from another Information Sharing Entity in a timely manner and prioritise any requests that relate to safety concerns.
All information that meets the three-part threshold test for the Child Information Sharing Scheme and/or the three requirements for sharing for the Family Violence Information Sharing Scheme must be shared on request from authorised services.
Often schools may be responding to requests for information under both Information Sharing Schemes (child wellbeing or safety or family violence protection or assessment). In that case schools must meet the requirements for each scheme separately.
When responding to requests for information under both Information Sharing Schemes schools need to meet the three-part threshold test for the parts of the information that is being shared to promote child wellbeing or safety, and the three requirements for the information being shared to assess or manage family violence risk. If the requirements for one of the Information Sharing Schemes is not met, then schools cannot share under that scheme but may still share under the other scheme.
When sharing under both Information Sharing Schemes, the Family Violence Information Sharing Scheme consent requirements are not applicable as there is a child/children at risk.
For Decision Trees for sharing information under both the Child Information Sharing Scheme and the Family Violence Information Sharing Scheme refer to: Can I share information under the CISS and Can I share information under the FVISS .
Schools are encouraged to have a conversation with the requesting Information Sharing Entity before declining to share information. The Information Sharing Entity may be able to provide further details that would satisfy the school that the relevant requirements for sharing have been met.
Schools may also choose to voluntarily share additional information to what has been requested and which meets the requirements for sharing.
Responding to a request for information under the Child Information Sharing Scheme
When schools receive a request for information from an Information Sharing Entity using the Child Information Sharing Scheme, the following steps must be taken:
- Verify the request has come from another Information Sharing Entity via the online ISE — if you are unsure if the requester is from a prescribed organisation, you may ask them to send an email from their work email account.
- Determine if the request meets the three-part threshold test. All items in the request that meet the threshold test must be shared.
- Consider the Child Information Sharing Scheme legislative principles before sharing information.
- Seek and take into account the views of the child and/or family member before sharing their information, if appropriate, safe and reasonable to do so. If it is not safe, appropriate and reasonable, information sharing should continue.
- Respond to the request:
- if all or parts of the information requested is going to be refused, the requesting Information Sharing Entity must be notified in writing why the information is not being shared — refer to: the Email template for declining a request for information under CISS and/or FVISS
- if the information will be shared, collate the information and provide it to the Information Sharing Entity in the manner determined by the school (in writing or by phone). Schools are encouraged to consider any requests regarding the manner in which the Information Sharing Entity wishes to receive the information.
- Document the following:
- the Information Sharing Entity that requested the information
- date of request
- the information that was requested
- if refusing a request, the request and the reason why it was refused
- the information that was shared
- the date information was shared
- who the information was shared with
- relevant risk assessments or safety plans that have been prepared for a person at risk of family violence.
- For best practice, schools should also record:
- the scheme information was shared under
- who the information is being shared about
- how the threshold was met.
- If sharing is about any child, a child’s parent, or any third party, schools must also record:
- whether the school sought their views about sharing their information
- if their views were not sought, the reason why
- if they were informed that their information was shared.
- Store the record securely. Take reasonable steps to ensure that records are kept secure and protected from misuse, loss and unauthorised disclosure. Refer to: Records Management — School Records for further information.
Responding to a request for information under the Family Violence Information Sharing Scheme
When schools receive a request for information from another Information Sharing Entity using the Family Violence Information Sharing Scheme, the following steps must be taken:
- Verify the request has come from another Information Sharing Entity via the online ISE — if you are unsure if the requester is from a prescribed organisation, you may ask them to send an email from their work email account.
- Determine if the request meets the three requirements for sharing, noting that:
- for the first requirement relating to purpose of sharing:
- all Information Sharing Entities may request and receive information for the purpose of family violence protection
- only Information Sharing Entities that are also prescribed Risk Assessment Entities may request and receive information from other Information Sharing Entities for the purpose of family violence assessment — refer to the online ISE List to determine if the Information Sharing Entity is also a Risk Assessment Entity
- where consent for sharing is not required because the victim survivor is a child, schools should seek and take into account the views of the child and/or family member that is not a perpetrator as to whether the information should be shared, where it is safe, appropriate and reasonable to do so.
- for the first requirement relating to purpose of sharing:
- Consider the Family Violence Information Sharing legislative principles before sharing information
- Respond to the request:
- if all or parts of the information requested is going to be refused, the requesting Information Sharing Entity must be notified in writing why the information is being refused — refer to: Email template for declining a request for information under CISS and/or FVISS
- if the information will be shared, collate the information and provide it to the Information Sharing Entity in the manner determined by the school (in writing or by phone). Schools are encouraged to consider any requests regarding the manner in which the Information Sharing Entity wishes to receive the information.
- Document the following:
- the Information Sharing Entity that requested
- date of request
- the information that was requested
- the information that was disclosed
- who the information was shared with
- the date the information was shared
- if sharing about child or adult victim survivors or third parties where a child is at risk, whether you sought their views about sharing their information. If their views were not sought, reason why.
- if sharing about child or adult victim survivors or third parties where a child is at risk, if they were informed that their information was shared
- if sharing about adult victim survivors of family violence where no child is at risk, whether consent was sought and obtained from adult victim survivors and any third parties and whether the consent was written, verbal or implied. If the information was shared without consent, record the reason why.
- if the information was shared without consent, record if the person was informed that their information was shared without consent
- copies of any supporting documents, such as safety plans developed for the student.
- For best practice, schools should record:
- the scheme information was shared under
- who information is being shared about
- how the requirements for sharing were met.
- Store the record securely. Take reasonable steps to ensure that records are kept secure and protected from misuse, loss and unauthorised disclosure. The record must also be only accessible with those who have a requirement to access or manage it. Refer to: Records Management — School Records for further information.
Reviewed 06 June 2024