Child and Family Violence Information Sharing Schemes

Policy last updated

29 May 2023

Scope

Schools

Date:: March 2021

Policy
Guidance
Chapter 1 — About the Information Sharing Schemes
Chapter 2 — Definitions
Chapter 3 — Preparing for the Information Sharing Schemes
Chapter 4 — Guiding principles for the Information Sharing Schemes
Chapter 5 — Requirements before sharing information under the Information Sharing Schemes
Chapter 6 — Responding to requests for information under the Information Sharing Schemes
Chapter 7 — Requesting information under the Information Sharing Schemes
Chapter 8 — Proactively sharing information under the Information Sharing Schemes
Chapter 9 — Considerations when sharing information about diverse and at-risk communities
Chapter 10 — Complaint handling under the information sharing schemes
Chapter 11 — Safeguards when using the Information Sharing Schemes
Resources

Policy

The purpose of this policy is to support Victorian government schools to request and share information under the Child Information Sharing Scheme (CISS) and Family Violence Information Sharing Scheme (FVISS).

Summary

The Information Sharing Schemes provide prescribed Information Sharing Entities (ISEs) with an expanded ability to share confidential information with other ISEs to promote the wellbeing or safety of children or to assess or manage family violence risk.
Victorian schools and a range of other Victorian services are prescribed ISEs and can request and share information under the Information Sharing Schemes. The Guidance tab provides detailed guidance for schools on using the Information Sharing Schemes.
The Information Sharing Schemes complement existing obligations and frameworks and do not replace current authorisations (such as Child Safe Standards, Mandatory Reporting, Privacy or Criminal Law and Reportable Conduct) to share information.
ISEs must meet a range of requirements when using the Information Sharing Schemes to request and share information.
Following this policy and guidance will ensure your school is aligned with current legislation, departmental policy, and the legally binding Ministerial Guidelines.

Details

The Child Information Sharing Scheme and Family Violence Information Sharing Scheme (the Information Sharing Schemes) provide authorised organisations, including Victorian schools, with an expanded ability to share confidential information with other authorised services to promote the wellbeing or safety of children or to assess or manage family violence risk.

Under the Information Sharing Schemes, organisations that are prescribed as Information Sharing Entities (ISEs):

must acknowledge they have received a request for information
must respond to requests for information and provide all relevant information to other ISEs that meets the requirements of the scheme it was requested under and do so in a timely manner
must consider the information sharing legislative principles for the schemes
if declining to share all or part of a request for information, must advise the requesting ISE in writing
can request information from other ISEs
can proactively share information with other ISEs
must meet the record keeping requirements of the Information Sharing Schemes.

Organisations and services that are prescribed ISEs include:

Victorian schools
department funded and delivered child wellbeing and safety programs and services (such as Student Support Services)
centre-based education and care services (long day care, kindergarten and before and after school hours care services)
key tertiary and frontline services (such as Child Protection, Maternal and Child Health and Victoria Police)
key health services (such as GPs and public hospitals).

More details regarding organisations and services that can share information may be found at Who can share information under the information sharing and MARAM reforms page.

All ISEs can request and share information under the Information Sharing Schemes.

The Information Sharing Schemes complement existing obligations and frameworks. They do not replace current authorisations (such as Child Safe Standards, mandatory reporting, privacy or criminal law and reportable conduct) to share information. In many cases existing obligations work together with the Information Sharing Schemes and will enhance collaboration between services.

Schools should continue to share information as appropriate in accordance with other laws and department policies, such as when making a mandatory report or when sharing information with external services under existing arrangements and mechanisms. The Information Sharing Schemes do not impact on these existing permissions and obligations.

However, there may be times when it is appropriate to use the Information Sharing Schemes to request and share confidential information with authorised services. For example, where schools determine that insufficient information is available to effectively support a student’s wellbeing or safety, they can use the schemes to request and proactively share information with authorised services. The schemes enable schools and other prescribed ISEs to access and share relevant information with each other to promote the wellbeing or safety of children and to assess or manage family violence risk.

The Guidance tab provides detailed guidance for Victorian government schools on using the Information Sharing Schemes including:

an overview to implementing the Information Sharing Schemes
legislative principles for the Information Sharing Schemes
3-part threshold test for the CISS and the 3 requirements for information sharing under the FVISS
responding to requests for information under the Information Sharing Schemes, and record keeping for responses
requesting information under the Information Sharing Schemes and record keeping for requests
proactively sharing information under the Information Sharing Schemes, and record keeping for proactive sharing
considerations when sharing information about diverse and at-risk communities
complaints handling under the Information Sharing Schemes and record keeping for complaints
safeguards when using the Information Sharing Schemes.

Background

The Information Sharing Schemes were introduced in response to Royal Commissions, coronial inquests and independent inquiries over the past decade that identified poor information sharing as a barrier to service collaboration with detrimental outcomes for children and families. The Information Sharing Schemes enable schools and other ISEs to access and share relevant information to promote the wellbeing or safety of children or to assess or manage family violence risk.

The FVISS commenced in February 2018 for a select group of organisations. Phase One of the Information Sharing Schemes commenced in September 2018 and included key frontline professionals, such as Child Protection, Maternal and Child Health and Victoria Police. From 19 April 2021, as part of Phase Two, universal services such as education and health are authorised to request and share information using the Information Sharing Schemes.

Note: The department has updated the below related policies to include additional information on the Information Sharing Schemes.

Relevant legislation

Guidance

This guidance contains the following chapters:

Chapter 1 — About the Information Sharing Schemes
Chapter 2 — Definitions
Chapter 3 — Preparing for the Information Sharing Schemes
Chapter 4 — Legislative principles for the Information Sharing Schemes
Chapter 5 — Requirements before sharing information under the Information Sharing Schemes
Chapter 6 — Responding to requests for information under the Information Sharing Schemes
Chapter 7 — Requesting information under the Information Sharing Schemes
Chapter 8 — Proactively sharing information under the Information Sharing Schemes
Chapter 9 — Considerations when sharing information about diverse and at-risk communities
Chapter 10 — Complaint handling under the Information Sharing Schemes
Chapter 11 — Safeguards when using the Information Sharing Schemes

The Child Information Sharing Scheme and the Family Violence Information Sharing Scheme (the Information Sharing Schemes) were introduced in response to Royal Commissions, coronial inquests and independent inquiries over the past decade that identified poor information sharing as a barrier to service collaboration with detrimental outcomes for children and families.

The Child Information Sharing Scheme enables prescribed Information Sharing Entities (including all schools) to share confidential information about any person, at any time, to promote the wellbeing or safety of children where requirements for sharing are met. Any person’s information can be shared without their consent to promote the wellbeing or safety of a child or group of children. Historical information can also be shared if it meets the relevant requirements for sharing.

By using the Child Information Sharing Scheme, schools can obtain a more complete picture of a student, to promote the student’s wellbeing or safety.

All Victorian children under the age of 18 years are covered, as well as unborn children who are the subject of a report to Child FIRST or Child Protection.

The Family Violence Information Sharing Scheme enables prescribed Information Sharing Entities (including all schools) to share relevant information to assess or manage risk of family violence to children and adults. Consent is not required from any person, including third parties, to share information to assess or manage family violence risk to a child. Information can be shared with other Information Sharing Entities for the management of family violence risk. Only Risk Assessment Entities, a specialist subset of Information Sharing Entities, can request and receive information to assess for family violence risk.

Any personal, health and sensitive information (that is not excluded information), such as observations and school records, that is relevant to promoting the wellbeing or safety of a child or group of children or assessing or managing family violence risk about a perpetrator, victim survivors (adult or child), or a third party can be shared.

The Information Sharing Schemes enable Information Sharing Entities to request and share all relevant information with each other to promote the wellbeing or safety of children or to assess or manage family violence risk when certain requirements for sharing are met.

If the request for information meets the requirements for sharing, to the extent necessary all relevant information held by the school must be shared in a timely manner. Schools should work with the requesting Information Sharing Entities to determine the timing and urgency of the request.

Under the Information Sharing Schemes, schools and other Information Sharing Entities must:

respond to requests for information to promote child wellbeing or safety or to assess or manage family violence risk and provide all requested information that meets the requirements for sharing

and can:

request information to promote child wellbeing or safety or to manage family violence risk
proactively share information to promote child wellbeing or safety or to assess or manage family violence risk.

The Information Sharing Schemes complement and expand upon existing information sharing and child protection laws and do not replace existing authorisations to share information such as the Child Safe Standards, reporting to Child Protection or Victoria Police, the Reportable Conduct Scheme and other privacy and information sharing laws.

Schools should continue to use and share information using existing Department policies and information sharing mechanisms. However, there may be times when it is appropriate to use the Information Sharing Schemes to request and share confidential information with authorised services. For example, where a school determines that insufficient information is available to effectively support a student’s wellbeing or safety, the school can use the Information Sharing Schemes to request and proactively share information with authorised services, such as with Child Protection.

Chapter 2 — Definitions

Some key terms relevant to the Information Sharing Schemes are listed below.

Adolescent who uses family violence
Under the Family Violence Information Sharing Scheme, a young person from the ages of 10 to 17 who chooses to use coercive and controlling techniques and violence against family members, including intimate partners is described as an adolescent who uses family violence. Adolescents who use family violence often coexist as victims of family violence and therapeutic responses should be explored.

Alleged perpetrator
The term most commonly used in Victoria to describe a person where there is not sufficient information for an Information Sharing Entity to form a reasonable belief that a person poses a risk of family violence. Under the Family Violence Information Sharing Scheme, information about alleged perpetrators can only be shared with Risk Assessment Entities (RAE) for a family violence assessment purpose (refer to further reference to perpetrators below).

Confidential information
For the purposes of the Information Sharing Schemes, the term ‘confidential information’ includes:

health information and identifiers for the purposes of the Health Records Act 2001 (Vic)
personal information for the purposes of the Privacy and Data Protection Act 2014 (Vic), including sensitive information (such as a criminal record), and unique identifiers
personal information for the purposes of the Privacy Act 1988 (Cth), including sensitive information

Family violence
Family violence is defined in the Family Violence Protection Act 2008 as:

behaviour by a person towards a family member that:
- is physically or sexually abusive
- is emotionally or psychologically abusive
- is financially abusive
- is threatening or coercive
- in any other way, controls or dominates the family member and causes that family member to feel fear for the safety or wellbeing of that family member or that of another person.
behaviour that causes a child to hear, witness or otherwise be exposed to the effects of any behaviour referred to above.

Aboriginal community definitions of family violence include extended family, kinship networks, elder abuse and exclusion or isolation from Aboriginal culture and/or community by non-Aboriginal perpetrators.

Information Sharing Entities (ISEs)
Only organisations or services that are prescribed as Information Sharing Entities can share information under the Information Sharing Schemes. Prescribed organisations are those that have been determined under the child wellbeing and safety regulations or family violence protection regulations to be authorised to request and share information, and are required to respond to requests for information from other Information Sharing Entities when relevant requirements for sharing are met.

Examples of information sharing entities include:

schools (government, independent and Catholic)
long day care
kindergartens
before and after school hours care
Child Protection
out-of-home care
Victoria Police
Maternal and Child Health Services
the Orange Door.

A list of authorised organisations can be found at Information Sharing Entity List.

Perpetrator (FVISS)
Under the Family Violence Information Sharing Scheme, perpetrator is the term most commonly used in Victoria to describe a person if it is reasonably believed that there is a risk they may commit family violence. Aboriginal and Torres Strait Islander peoples and communities may prefer to use the term ‘person who uses family violence’ over perpetrator. It is not an appropriate term to use to describe adolescents who use family violence they are described as adolescent who uses family violence.

Risk Assessment Entity (RAE)
Under the Family Violence Information Sharing Scheme, there is also a subset of specialist Information Sharing Entities known as Risk Assessment Entities (RAEs) that are able to request and receive information for a family violence assessment purpose.

Risk Assessment Entities have specialised skills and authorisation to conduct family violence risk assessment. Schools are not Risk Assessment Entities under the Family Violence Information Sharing Scheme.

Examples of Risk Assessment Entities include:

Victoria Police
Child Protection
family violence services
some Orange Door services.

A list of authorised organisations can be found online at Information Sharing Entity List.

Third party
Any person other than the child or the child’s family members when using the Child Information Sharing Scheme or the victim survivor or perpetrator when using the Family Violence Information Sharing Scheme. Third parties include friends, neighbours, colleagues or workmates whose confidential information may be relevant to promoting the wellbeing or safety of the child or group of children (the Child Information Sharing Scheme) or is relevant to assessing or managing risk of family violence (the Family Violence Information Sharing Scheme).

Victim survivor (FVISS)
Under the Family Violence Information Sharing Scheme the term victim survivor is used to describe a person about whom it is reasonably believed that there is a risk the person may be subjected to family violence. This includes adults or children who have disclosed family violence or who have been identified as affected by family violence. Aboriginal and Torres Strait Islander peoples and communities may prefer to use the term ‘person experiencing family violence’ over victim survivor.

To prepare for the Information Sharing Schemes, Victorian government schools must do the following.

Identify staff

Identify school staff who can request and share information under the Information Sharing Schemes on behalf of the school. This will include the school principal and any other staff member identified by the principal to request and share information under the schemes, on behalf of their school.

Before identifying a staff member to request and share information under the Information Sharing Schemes, the principal must be satisfied that the staff member:

is employed or otherwise contracted (other than on a voluntary basis)
is sufficiently competent in the use of the Information Sharing Schemes — refer to the Resources tab for professional learning options
has appropriate skills, understanding and experience in the identification and management of student wellbeing or safety, and the appropriate and sensitive management of confidential information
wherever possible, has regular engagement with students and families whose information may be shared or requested, and/or the children in whose interest information may be shared or requested.

Note: This point does not prohibit information sharing entities identifying appropriate roles to use the scheme which do not have direct contact with students and families.

Appropriate professionals who principals may identify to make decisions under the Information Sharing Schemes and share confidential information on behalf on the school include (but not limited to):

year level coordinators
student wellbeing coordinators
teachers
mental health in schools practitioners
psychologists employed by the school
school chaplains funded or employed by the school.

Professionals and other school connected roles who principals may not identify as those who can make decisions under the Information Sharing Schemes and share confidential information on behalf of the school include:

private psychologists
non-staff members of school council
school administration staff members
volunteers.

The examples above do not limit who can perform other functions under the Information Sharing Schemes (for example, administration, or contributing relevant information to identified school staff about students or their families, or having conversations with students and their family members about the sharing of their information).

Schools must also ensure that people exercising administrative functions, such as storing and transmitting information, are competent in the appropriate, sensitive and compliant management of confidential information.

Where schools are an approved education and care provider under the National Law, such as those that employ staff and deliver Outside Schools Hours Care services, school councils, in consultation with school principals, will identify appropriate staff to request and share information on behalf of the school as an approved provider.

Complete professional learning

It is recommended at least one school leader and 2 staff members complete available professional learning on the Information Sharing Schemes. These staff may then train and support other identified school staff to understand and manage information sharing under the schemes.

There is not a requirement for all school staff to undertake professional learning.

Refer to the Resources tab for professional learning options.

Establish an initial point(s) of contact in the school to respond to information sharing requests made under the Information Sharing Schemes and to triage requests to identified staff as appropriate.

Schools should ensure office staff responsible for answering telephone calls and managing emails to any generic school email address are aware of the initial point of contact for information sharing requests under the schemes.

Schools may also wish to update their website with the initial point of contact information.

Update local school policies

Updates to local school policies for alignment with the Information Sharing Schemes are minimal as Victorian government schools are expected to follow the Department’s policy and guidance on this PAL topic rather than develop their own policy on requesting and sharing information under the schemes.

Minor updates have been made to the following government school template policies:

Health Care Needs Policy
Child Safety Policy

Refer to the School Policy Templates Portal (staff login required) for further information.

When using the Information Sharing Schemes schools must have regard to a number of guiding principles, specific to each scheme.

Schools must consider the following legislative principles when using the Child Information Sharing Scheme:

Give precedence to the wellbeing and safety of a child or group of children over the right to privacy.
Seek to preserve and promote positive relationships between a child and the child’s family and people significant to the child.
Seek to maintain constructive and respectful engagement with children and their families.
Be respectful of and have regard to a child’s social, individual and cultural identity, the child’s strengths and abilities and any vulnerability relevant to the child’s safety or wellbeing.
Promote the cultural safety and recognise the cultural rights and familial and community connections of children who are Aboriginal, Torres Strait Islander or both.
Seek and take into account the views of the child and the child’s relevant family members, if it is appropriate, safe and reasonable to do so.
Take all reasonable steps to plan for the safety of all family members believed to be at risk from family violence.
Only share confidential information to the extent necessary to promote the wellbeing or safety of a child or group of children, consistent with the best interests of that child or those children.
Work collaboratively in a manner that respects the functions and expertise of each Information Sharing Entity.

Schools must consider the following legislative principles when using the Family Violence Information Sharing Scheme:

Information Sharing Entities should:
- work collaboratively to coordinate services in a manner that respects the functions and expertise of each Information Sharing Entity
- give precedence to the right to be safe from family violence over the right to privacy
- only collect, use or disclose a person’s confidential information to the extent that the collection, use or disclosure of the information is necessary:
  - to assess or manage risk to the safety of a person from family violence
  - to hold perpetrators of family violence accountable for their actions.
- collect, use or disclose the confidential information of a person who identifies as Aboriginal or Torres Strait Islander in a manner that:
  - promotes the right to self-determination and is culturally sensitive
  - considers the person’s familial and community connections.
  - have regard for and be respectful of a person’s cultural, sexual and gender identity and religious faith.
When sharing any person’s information to assess or manage risk to a child, schools should:
- promote the agency of the child and other family members at risk of family violence by ensuring their views are taken into account (having regard for the appropriateness of doing so and the child’s age and maturity)
- take all reasonable steps to ensure the information is shared in a way that:
  - plans for the safety of all family members at risk of family violence
  - recognises the desirability of preserving and promoting positive relationships between those family members and the child.
- take into consideration the age and stage of the child, and their cultural, sexual and gender identity.

Both of the Information Sharing Schemes have 3 requirements that must be met before relevant information can be shared between prescribed Information Sharing Entities. All information that meets the requirements:

must be shared on request
can be proactively shared with another Information Sharing Entity.

Child Information Sharing Scheme three-part threshold test

Schools and other prescribed Information Sharing Entities must ensure the following three-part threshold test for sharing is met before using the Child Information Sharing Scheme to share information with each other.

1. The purpose of sharing is to promote the wellbeing or safety of a child or group of children

Schools are expected to use their expertise and professional judgement to decide whether information sharing meets the threshold for promoting the wellbeing or safety of a child or group of children and what and how much information to share. In doing so, schools should seek and take into account the views of the child and relevant family members, if safe, appropriate and reasonable to do so. The term wellbeing is not defined in the legislation so that professionals can exercise their professional judgement.

Wellbeing can include:

protecting children from risk or incidents of harm and other safety concerns
promoting positive wellbeing such as:
- good health
- positive relationships with adults, other children and development
- age-appropriate learning and development
prevention and early intervention measures which may avoid the escalation of wellbeing issues into safety concerns.

The Child Information Sharing Scheme allows sharing information to support collaborative service provision to children and respond to identified needs and risks, regardless of whether a professional considers the issue to relate to either wellbeing or safety. For example, a child and family service may understand a young person’s intermittent drug use to be a safety risk, where a school may understand it to be both a wellbeing and safety issue.

There may be instances where information needs to be shared to promote the wellbeing and safety of more than one child, including where one student poses a risk to another. In such cases, schools should exercise their judgement to consider and balance each student’s wellbeing and safety to achieve the best possible outcomes for each child. This may require a particular focus on the needs of more vulnerable students.

Schools may refer to existing best practice developmental and wellbeing frameworks to guide decision making under the scheme.

These include the:

2. Sharing information to assist another Information Sharing Entity to undertake their activities

To meet the second part of the threshold test, the disclosing Information Sharing Entity must form a reasonable belief that sharing the confidential information may assist the receiving Information Sharing Entity to carry out one or more of the following professional activities:

making a decision, an assessment or a plan relating to a child/children, such as an individualised learning plan or behavioural support plan for schools or a case management plan for tertiary services
initiating or conducting an investigation relating to a child/children
providing a service relating to a child/children
managing any risk to a child/children.

Threshold parts 1 and 2 can be used together. That is, a school can consider the activities the receiving Information Sharing Entity may use the information for (threshold part 2) in determining whether the information to be shared is for the purpose of promoting child wellbeing or safety (threshold part 1).

In line with the legislative principles, the school should work with the receiving Information Sharing Entity, as required, to determine whether the information to be shared may assist them to promote the wellbeing or safety of a child or group of children.

In any instance, information must not be used by the receiving Information Sharing Entity (including other schools) to unlawfully limit, remove or prevent a child’s or a relevant family member’s access to services (for example, to screen a child before they are accepted for enrolment by a school). This would not promote the wellbeing or safety of the child.

Example — What is a ‘child wellbeing or safety purpose’?

Outcome of a Child Protection report

Where information about the outcome of the report could be used to assist the child, other children or the family members of the child, this information may be for a child wellbeing or safety purpose.

Yes — A school has made a report to Child Protection about a student. Knowing the outcome of the report (including if the report has been closed), reasons for this outcome and any additional information that Child Protection holds (for example past history of service engagement and/or disengagement, changed family care arrangements, identification of protective factors) may enhance the school’s ability to support the student.

Some of the ways this information could be used to promote the wellbeing or safety of the student include: adapting engagement with the student, making referrals, seeking further information from other information sharing entities, liaising with these and possibly other information sharing entities and services to deliver integrated services to the child and/or family members of the child, and providing support directly to relevant family members.

Yes — If the student is no longer attending the school the outcome of the Child Protection report may still be considered relevant for a child wellbeing or safety purpose, for example if a sibling is still attending the school.

No — If the school has no direct, indirect or likely future contact with the student or any of the student’s family members, knowing the outcome of the report is unlikely to be for a child wellbeing or safety purpose.

3. The information is not excluded information

Excluded information is information that, if shared, could reasonably be expected to do the following:

endanger a person’s life or result in physical injury
prejudice a police investigation or interfere with the enforcement or administration of the law
prejudice a coronial inquest or inquiry
prejudice a fair trial of a person or the impartial adjudication of a particular case
disclose information that would be privileged from production in legal proceedings on the ground of legal professional privilege or client legal privilege
disclose or enable a person to ascertain the identity of a confidential source of information in relation to the enforcement or administration of the law, such as revealing a confidential police source
contravene a court order
be contrary to the public interest
contravene another law.

Schools are not required to conduct investigations to determine that information is not ‘excluded information’ before sharing it. Rather, if schools are aware that information falls within an excluded category then they are not permitted to share that information.

Once the threshold for sharing has been met, identified school staff must still exercise their professional judgement in only sharing information to the extent necessary to promote the wellbeing or safety of a child or group or children. For example, while a case file may contain information that meets the threshold for sharing, the school must still consider what specific information from the file to share to achieve the particular objective.

Seeking consent

If the above three-part threshold has been met, schools do not require consent from any person to share relevant information with other Information Sharing Entities under the Child Information Sharing Scheme.

However, students and their families are often well-placed to understand their needs and risks. Before requesting and sharing information, schools should:

inform students and families (who do not pose a risk) of their obligation to share information and inform them each time their information is shared — whenever it is safe, appropriate, and reasonable to do so
seek and take into account the views of the student or the relevant family members about sharing their confidential information — whenever it is appropriate, safe and reasonable to do so.

Wherever possible a person from the school with an ongoing positive relationship with the student should be included in the conversation. This may not always be a person who the principal has identified to share on behalf of the school. For example, where a student wellbeing coordinator has been identified by the school as the person responsible for sharing under the scheme, the appropriate person to have a conversation about information sharing with a child might be their home room teacher, sport teacher or school counsellor.

Schools should plan in advance how they will conduct the conversation. If the person who will have the conversation is not the person who will be directly involved in decision-making and sharing the information, decide who will be present for the conversation. For example, the person who has the relationship with the student and/or relevant family members may:

conduct the conversation on their own and report back to the staff member responsible for sharing
lead the conversation with the responsible sharer present, or
introduce the responsible sharer and be present while the responsible sharer leads the conversation.

If schools are including relevant family members in the conversation, determine in advance how to approach this. It may be appropriate to seek the views of relevant family members before the conversation with the student, to gauge their support and plan the engagement with the student, for example if a strong negative reaction is anticipated from the student and the relevant family member’s views are not known. Alternatively, it may be appropriate to first engage the student and then consider together whether or how to seek the views of relevant family members. This may be the case where a student is older and is independently making sound decisions about an issue, and the family’s views are likely to be in conflict with those of the student.

Schools should take views into account when deciding whether, what, when and how much to share, and who to share with, wherever possible. Factors to consider when taking into account a student’s views include their:

age
maturity
vulnerability
ability to clearly express their views
competence to understand the nature and consequences of particular decisions.

For example, a school may give significant weight to the views of a mature young person aged 17 who expresses a clear wish not to include their family members in a conversation about information sharing.

Schools would not seek and take into account views:

if it is inappropriate: for example, if a student is living independently and family members no longer have access to their personal information.
if it is unsafe: for example, if it is likely to jeopardise a student’s wellbeing or safety or place another person at risk of harm.
if timeliness is an issue: when there is an immediate risk; if the school is assessing or managing risk to another person.
if it is unreasonable: for example, if the student or their relevant family member does not have a service relationship with the school (for example, if they are no longer enrolled in the school); if the school is unable to make contact with them.

Where it is not safe, appropriate and reasonable to seek and take into account views, information sharing should continue.

Note: Once a student turns 18, schools may not use the Child Information Sharing Scheme to share information to promote that student’s wellbeing or safety. The school would need consent from the student to share their information unless it can be shared under other legislation. However, the school would be able to share information using the Child Information Sharing Scheme if it would promote the wellbeing or safety of a child, for example, to the promote the wellbeing or safety of another student or a sibling of the student who is under the age of 18.

For further guidance about the circumstances in which information can be shared between Information Sharing Entities using the Child Information Sharing Scheme refer to: Child Information Sharing Scheme Ministerial Guidelines.

The Child Information Sharing Scheme permits Information Sharing Entities to share information with a child, a person with parental responsibility for the child or a person with whom the child is living, for the more limited purpose of managing a risk to the child’s safety.

Schools should consider the following when determining whether to share information with a student or relevant family member to manage a risk to the safety of a student:

the nature and significance of the risk to the safety of the student
whether the information will enable the recipient to manage the risk to the safety of the student and, if so, what information will assist that person to manage the risk most effectively
whether any of the information proposed to be shared is known to be ‘excluded information’ or restricted from sharing under other legislation.

Information shared with a student or their relevant family members cannot be further used or disclosed by that person unless it is for the purpose of managing a risk to the child’s safety or as permitted by any other law.

Information sharing with family members and students in a family violence context presents particular and complex risks. Consistent with the purpose of managing risks to children’s safety, information must not be shared with a perpetrator or alleged perpetrator of family violence, or other offence against a child, if it could put the student or another person at further risk.

Family Violence Information Sharing Scheme: three requirements for information sharing

Under the Family Violence Information Scheme, schools and other prescribed Information Sharing Entities may request or share with other Information Sharing Entities information about a person that is relevant to assessing or managing a family violence risk.

Before sharing under the Family Violence Information Sharing Scheme, schools and other Information Sharing Entities must ensure the following three requirements are met.

1. The purpose of sharing is to assess family violence risk or protect victim survivors from family violence risk

The two purposes for which information can be shared between information sharing entities are:

Family violence assessment purpose:
- establishing whether a risk of family violence is present
- assessing the level of risk to the victim survivor
- correctly identifying the perpetrator or victim survivor.
  Note: Only Information Sharing Entities that are also prescribed as Risk Assessment Entities under the Family Violence Information Sharing Scheme may request and receive information from other Information Sharing Entities for the purpose of undertaking a family violence assessment. While schools are Information Sharing Entities, they are not Risk Assessment Entities. This means that schools may share (either proactively or on request) information with a Risk Assessment Entity for the purpose of that entity conducting a family violence assessment, but they may not request or receive information for the purpose of the school conducting a family violence risk assessment. Refer to the section below on family violence risk assessments.
Family violence protection purpose: once family violence risk is established, to manage the risk to the victim survivor. This includes information sharing to support ongoing risk assessment.
Note: All Information Sharing Entities, including schools, can proactively share, request and receive information from other Information Sharing Entities for the purpose of family violence protection once family violence risk has been established (provided the following 2 requirements are also met) — refer to the section below on establishing family violence risk.

2. The applicable consent requirements are met

Under the Family Violence Information Sharing Scheme, consent is not required from any person to share confidential information that is relevant to assessing or managing family violence risk to a child. In a majority of cases schools will be sharing information when a student under the age of 18 years is at risk. However, there may be occasions where schools should seek consent before using the Family Violence Information Sharing Scheme to share information as outlined below.

Where a student is under the age of 18, including adolescents, and is a victim survivor:

Consent is not required from any person to share information relevant to assessing or managing family violence risk to a child. However, you should seek and take into account the views of the child and family member that is not a perpetrator where it is safe, reasonable and appropriate to do so.
Consent is never required from a perpetrator or alleged perpetrator.

Where a student is under the age of 18, including adolescents, and they are using or at risk of using family violence:

their consent is not required to share their information under the Information Sharing Schemes
when no child is at risk, consent is required from adult victim survivors and any third parties to share their information, unless schools can legally share under existing privacy laws
consent is not required when sharing information is necessary to assess or manage family violence risk to a child.

Where a student is 18 years of age or older and is an adult victim survivor:

when no child is at risk, consent is required from adult victim survivors and any third parties to share their information, unless schools can legally share under existing privacy laws
consent is not required when sharing information is necessary to assess or manage family violence risk to a child.

Where a student is 18 years of age or older and they are using family violence:

their consent is not required to share their information under the Information Sharing Schemes
when no child is at risk, consent is required from adult victim survivors and any third parties to share their information, unless schools can legally share under existing privacy laws
consent is not required when sharing information is necessary to assess or manage family violence risk to a child.

Where a student is 18 years of age or older and they are at risk of using family violence:

their consent is not required to share their information under the Information Sharing Schemes
when no child is at risk, consent is required from adult victim survivors and any third parties to share their information, unless schools can legally share under existing privacy laws
consent is not required when sharing information is necessary to assess or manage family violence risk to a child.

3. The information is not known to be excluded information

Excluded information is information that could reasonably be expected to:

endanger a person’s life or result in physical injury
prejudice a police investigation or interfere with the enforcement or administration of the law
prejudice a coronial inquest or inquiry
prejudice a fair trial of a person or the impartial adjudication of a particular case
disclose information that would be privileged from production in legal proceedings on the ground of legal professional privilege or client legal privilege
disclose or enable a person to ascertain the identity of a confidential source of information in relation to the enforcement or administration of the law, such as revealing a confidential police source
contravene a court order
be contrary to the public interest
contravene another law.

Information Sharing Entities are not required to conduct investigations to determine that information is not 'excluded information' before sharing it. Rather, if they are aware that information falls within an excluded category then they are not permitted to share that information. For example, a school does not have to investigate whether there are any open or planned legal proceedings that might be prejudiced by sharing requested information that meets parts one and two of the threshold for sharing, but if the school is aware of open proceedings that they reasonably expect could be prejudiced by the disclosure of the information, then identified school staff must not disclose that particular information.

Information that is shared with Information Sharing Entities should be as accurate and current as possible to best promote the wellbeing and safety of children. When sharing information that has been obtained from another source, schools should advise that the information came from another source and when the information was obtained, if appropriate, safe and reasonable to do so. For example, it may be appropriate to advise that information is law enforcement data obtained from Victoria Police, if known.

Sharing for family violence risk assessment

Some Information Sharing Entities are also prescribed under the Family Violence Information Sharing Scheme as Risk Assessment Entities.

Schools and other information sharing entities can share relevant information proactively or on request with Risk Assessment Entities for risk assessment purposes. Schools must share information with a Risk Assessment Entity if they need to:

confirm whether family violence is occurring
enable the Risk Assessment Entity to assess the level of risk the perpetrator poses to the victim survivor
correctly identify the perpetrator who is using family violence or the victim survivor.

Schools can only share information with other Information Sharing Entities that are not Risk assessment Entities and request information from Risk Assessment Entities once family violence risk has been established and the identity of the perpetrator and victim survivors are known.

This is to prevent sharing that might escalate risk to a child or family member.

Establishing family violence risk

In the absence of a family violence risk assessment by a Risk Assessment Entity, schools may establish family violence risk if they form a reasonable belief that family violence is occurring through one or more of the following:

receiving a disclosure from a child or family member that family violence is occurring
noticing observable signs/indicators of family violence — refer to: Observable signs of trauma that may indicate family violence
receiving information from another Information Sharing Entity or another person that family violence is occurring. For example, being notified of the existence of a Family Violence Intervention Order, a risk assessment or safety plan completed by a specialist family violence service or another Information Sharing Entity.

If a school has formed reasonable belief that family violence risk is present and the identity of the perpetrator or victim survivor/s is clear (for example the victim survivor has identified the perpetrator), this would enable the school to share information under the Family Violence Information Sharing Scheme for a family violence protection purpose.

Sharing for family violence risk management (protection)

Once family violence risk is established, Information Sharing Entities can share information with other Information Sharing Entities (including from Risk Assessment Entities) if all information sharing requirements are met and they reasonably believe sharing is necessary to:

remove, reduce or prevent family violence risk
understand how risk is changing over time
inform ongoing risk assessment.

For further information about sharing information under the Family Violence Information Sharing Scheme refer to: Family Violence Information Sharing Scheme Ministerial Guidelines.

The Information Sharing Schemes are designed to complement each other, to enable services to share information to respond to the range of needs and risks facing students and families.

Often schools may be sharing for both information sharing purposes:

to promote a student’s wellbeing or safety under the Child Information Sharing Scheme and
to assess or manage family violence risk to a child or adult under the Family Violence Information Sharing Scheme.

In that case schools must meet the requirements for each scheme separately when sharing information. If the requirements for one of the Information Sharing Schemes is not met, then schools cannot share under that scheme but may still share under the other scheme.

When sharing under both Information Sharing Schemes, the Family Violence Information Sharing Scheme consent requirements are not applicable as there is a child/children at risk.

Schools should be mindful that sharing information in the context of family violence may pose particular and complex risks for students and other family members. When considering sharing to promote child wellbeing or safety, schools be alert to whether family violence risk may be present. When sharing information in a family violence context, schools should take all reasonable steps to plan for and maximise the immediate and ongoing safety of the student and all family members at risk of family violence. Information sharing should occur in accordance with a relevant safety plan.

When sharing under one scheme, school should consider whether sharing under the other scheme may also be beneficial. For example, when sharing to assess or manage family violence risk, schools should consider whether additional information should be shared with other Information Sharing entities to promote the student’s wellbeing or safety beyond the assessment and management of family violence risk, such as to develop an individualised learning plan for the student.

For an example of when a school might share information for both information sharing purposes, refer to: Which Information Sharing Scheme do I use?

Schools and other Information Sharing Entities must respond to information sharing requests from other Information Sharing Entities. Schools should respond to a request from another Information Sharing Entity in a timely manner and prioritise any requests that relate to safety concerns.

All information that meets the three-part threshold test for the Child Information Sharing Scheme and/or the three requirements for sharing for the Family Violence Information Sharing Scheme must be shared on request from authorised services.

Often schools may be responding to requests for information under both Information Sharing Schemes (child wellbeing or safety or family violence protection or assessment). In that case schools must meet the requirements for each scheme separately.

When responding to requests for information under both Information Sharing Schemes schools need to meet the three-part threshold test for the parts of the information that is being shared to promote child wellbeing or safety, and the three requirements for the information being shared to assess or manage family violence risk. If the requirements for one of the Information Sharing Schemes is not met, then schools cannot share under that scheme but may still share under the other scheme.

When sharing under both Information Sharing Schemes, the Family Violence Information Sharing Scheme consent requirements are not applicable as there is a child/children at risk.

For Decision Trees for sharing information under both the Child Information Sharing Scheme and the Family Violence Information Sharing Scheme refer to: Can I share information under the CISS and Can I share information under the FVISS.

Schools are encouraged to have a conversation with the requesting Information Sharing Entity before declining to share information. The Information Sharing Entity may be able to provide further details that would satisfy the school that the relevant requirements for sharing have been met.

Schools may also choose to voluntarily share additional information to what has been requested and which meets the requirements for sharing.

When schools receive a request for information from an Information Sharing Entity using the Child Information Sharing Scheme, the following steps must be taken:

Verify the request has come from another Information Sharing Entity via the online ISE list — if you are unsure if the requester is from a prescribed organisation, you may ask them to send an email from their work email account.
Determine if the request meets the three-part threshold test. All items in the request that meet the threshold test must be shared.
Consider the Child Information Sharing Scheme legislative principles before sharing information.
Seek and take into account the views of the child and/or family member before sharing their information, if appropriate, safe and reasonable to do so. If it is not safe, appropriate and reasonable, information sharing should continue.
Respond to the request:
- if all or parts of the information requested is going to be refused, the requesting Information Sharing Entity must be notified in writing why the information is not being shared — refer to: the Email template for declining a request for information under CISS and/or FVISS
- if the information will be shared, collate the information and provide it to the Information Sharing Entity in the manner determined by the school (in writing or by phone). Schools are encouraged to consider any requests regarding the manner in which the Information Sharing Entity wishes to receive the information.
Document the following:
- the Information Sharing Entity that requested the information
- date of request
- the information that was requested
- if refusing a request, the request and the reason why it was refused
- the information that was shared
- the date information was shared
- who the information was shared with
- relevant risk assessments or safety plans that have been prepared for a person at risk of family violence.
For best practice, schools should also record:
- the scheme information was shared under
- who the information is being shared about
- how the threshold was met.
If sharing is about any child, a child’s parent, or any third party, schools must also record:
- whether the school sought their views about sharing their information
- if their views were not sought, the reason why
- if they were informed that their information was shared.
Store the record securely. Take reasonable steps to ensure that records are kept secure and protected from misuse, loss and unauthorised disclosure. Refer to: Records Management — School Records for further information.

When schools receive a request for information from another Information Sharing Entity using the Family Violence Information Sharing Scheme, the following steps must be taken:

Verify the request has come from another Information Sharing Entity via the online ISE List — if you are unsure if the requester is from a prescribed organisation, you may ask them to send an email from their work email account.
Determine if the request meets the three requirements for sharing, noting that:
- for the first requirement relating to purpose of sharing:
  - all Information Sharing Entities may request and receive information for the purpose of family violence protection
  - only Information Sharing Entities that are also prescribed Risk Assessment Entities may request and receive information from other Information Sharing Entities for the purpose of family violence assessment — refer to the online ISE List to determine if the Information Sharing Entity is also a Risk Assessment Entity
- where consent for sharing is not required because the victim survivor is a child, schools should seek and take into account the views of the child and/or family member that is not a perpetrator as to whether the information should be shared, where it is safe, appropriate and reasonable to do so.
Consider the Family Violence Information Sharing legislative principles before sharing information
Respond to the request:
- if all or parts of the information requested is going to be refused, the requesting Information Sharing Entity must be notified in writing why the information is being refused — refer to: Email template for declining a request for information under CISS and/or FVISS
- if the information will be shared, collate the information and provide it to the Information Sharing Entity in the manner determined by the school (in writing or by phone). Schools are encouraged to consider any requests regarding the manner in which the Information Sharing Entity wishes to receive the information.
Document the following:
- the Information Sharing Entity that requested
- date of request
- the information that was requested
- the information that was disclosed
- who the information was shared with
- the date the information was shared
- if sharing about child or adult victim survivors or third parties where a child is at risk, whether you sought their views about sharing their information. If their views were not sought, reason why.
- if sharing about child or adult victim survivors or third parties where a child is at risk, if they were informed that their information was shared
- if sharing about adult victim survivors of family violence where no child is at risk, whether consent was sought and obtained from adult victim survivors and any third parties and whether the consent was written, verbal or implied. If the information was shared without consent, record the reason why.
- if the information was shared without consent, record if the person was informed that their information was shared without consent
- copies of any supporting documents, such as safety plans developed for the student.
For best practice, schools should record:
- the scheme information was shared under
- who information is being shared about
- how the requirements for sharing were met.
Store the record securely. Take reasonable steps to ensure that records are kept secure and protected from misuse, loss and unauthorised disclosure. The record must also be only accessible with those who have a requirement to access or manage it. Refer to: Records Management — School Records for further information.

As prescribed Information Sharing Entities under the Information Sharing Schemes, schools can request information from any other Information Sharing Entity to promote the wellbeing or safety of a child or group of children or to manage family violence risk.

When requesting information relating to family violence risk to a child (anyone under the age of 18 years old) they will be doing so under both Information Sharing Schemes, as managing family violence risk for children will also benefit their safety and wellbeing.

While it is the responsibility of the Information Sharing Entity that receives the request to ensure that the requirements for sharing under either scheme is met before sharing the information, schools should submit sufficient details in their request to the Information Sharing Entity feels satisfied the requirements for sharing are met.

If a school’s request for information under the Information Sharing Schemes is declined by another Information Sharing Entity, schools should have a conversation with the declining Information Sharing Entity about the reason for this decision. The school may be able to provide further details that would satisfy the other Information Sharing Entity that the threshold has been met.

For a template for making a request for information from another Information Sharing Entity under the Information Sharing Schemes refer to: Template for making or responding to a request and proactively sharing information under CISS and/or FVISS.

Schools should note that some Information Sharing Entities have their own forms for information sharing request, such as:

Victoria Police — online request form
Corrections Victoria
Child Protection — Schools can request information from, or share information with, Child Protection at a local level. For example, with a department case worker currently involved with a student or family. In circumstances where the existing worker is unknown, or if the information is historical or relates to a closed Child Protection case, schools can contact the Information Sharing Unit:
Email: info.exchange@dhhs.vic.gov.au
Phone: 1300 090 979

Schools should use these forms when requesting information under the Information Sharing Schemes from prescribed statutory organisations.

When schools want to request information from another Information Sharing Entity using the Child Information Sharing Scheme, the following steps must be taken:

Determine why the information is needed and how it will be used by the school to promote a student’s wellbeing or safety
Consider the Child Information Sharing Scheme legislative principles before requesting information, including to take into account the views of the child and/or family member before requesting the information if safe, appropriate and reasonable to do so. If it is not safe, appropriate and reasonable, information sharing should continue.
Verify that the service they are requesting the information from is a prescribed Information Sharing Entity using the online ISE List.
Contact the Information Sharing Entity and verify their specific requirements in lodging a request for information.
For best practice, schools should record:
- the date request was made
- the Information Sharing Entity the request was made to
- how the three-part threshold was met
- the requested information.
  Refer to: Template for making or responding to a request and proactively sharing information under CISS and/or FVISS
Store the record securely. Take reasonable steps to ensure that records are kept secure and protected from misuse, loss and unauthorised disclosure. The record must also be only accessible with those who have a requirement to access or manage it. Refer to: Records Management — School Records for further information.

When schools want to request information from another Information Sharing Entity under the Family Violence Information Sharing Scheme, the following steps must be taken:

Determine the request meets the three requirements for sharing for family violence risk management (protection).
Consider the Family Violence Information Sharing legislative principles before requesting information, including seeking taking into account into account the views of the child and/or family member that is not a perpetrator where it is appropriate, safe and reasonable to do so.
Verify that the service that the request will be sent to is an Information Sharing Entity via the online ISE List.
Contact the Information Sharing Entity and verify their specific requirements in lodging a request for information.
For best practice, schools should record:
- the date request was made
- the information sharing entity the request was made to
- how the three requirements for sharing were met
- the requested information.
Store the record securely. Take reasonable steps to ensure that records are kept secure and protected from misuse, loss and unauthorised disclosure. The record must also be only accessible with those who have a requirement to access or manage it. Refer to: Records Management — School Records for further information.

Some Information Sharing Entities are also prescribed as Risk Assessment Entities under the Family Violence Information Sharing Scheme. Risk Assessment Entities can receive and share information for the purpose of establishing or assessing the risk of family violence in addition to the purpose of managing the risk to the victim survivor once risk has been established.

Information Sharing Entities that are not also Risk Assessment Entities may only request information from other Information Sharing Entities using the Family Violence Information Sharing Scheme for the purpose of family violence protection, once they have formed a reasonable belief that family violence is present (i.e. family violence risk is established).

This means that schools, as Information Sharing Entities (but not Risk Assessment Entities) cannot request information from any Information Sharing Entities (including those that are also Risk Assessment Entities) until family violence has been established. For guidance on establishing family violence, refer to the chapter on Requirements before sharing information under the Information Sharing Schemes.

A school may share information with another Information Sharing Entity without a request from that Information Sharing Entity if the information they are sharing meets the three-part threshold test for the Child Information Sharing Scheme or the three requirements for sharing under the Family Violence Information Sharing Scheme.

If a school is proactively sharing under the Family Violence Information Sharing Scheme for a student under the age of 18 they will also be sharing under the Child Information Sharing Scheme, as the management of family violence risk will also benefit the student’s, or group of students’ wellbeing and safety. When sharing information under both Information Sharing Schemes schools need to meet the three-part threshold test for the parts of the information that are being shared to promote child wellbeing or safety (the Child Information Sharing Scheme), and the three requirements for the information being shared to assess or manage family violence risk (the Family Violence Information Sharing Scheme).

For a template for proactively sharing information refer to: Template for making or responding to a request and proactively sharing information under CISS and/or FVISS.

A school may share proactively with an Information Sharing Entity that is also a Risk Assessment Entity for a family violence assessment purpose. Assessment may be to establish if family violence is occurring, determine who the perpetrator is or determine the level risk.

When schools want to share information proactively with another Information Sharing Entity, the following steps must be taken:

Determine the sharing meets the three-part threshold test.
Consider the Child Information Sharing Scheme legislative principles before sharing information, including seeking and taking into account the views of the child and/or family member whenever it is safe, appropriate, and reasonable to do so.
Verify that the service that will receive the information is an information sharing entity the online ISE List.
Contact the Information Sharing Entity and verify their specific requirements for receiving information.
Provide the information to the Information Sharing Entity.
Document the following:
- the Information Sharing Entity that received the information
- date information was shared
- the information that was shared.
For best practice, schools should record:
- the scheme information was shared under
- who information is being shared about
- how the threshold was met.
If sharing is about any child, a child’s parent or any third party, schools must also record:
- whether the school sought their views about sharing their information
- if their views were not sought, the reason why
- if they were informed that their information was disclosed.
Store the record securely. Take reasonable steps to ensure that records are kept secure and protected from misuse, loss and unauthorised disclosure. The record must also be only accessible with those who have a requirement to access or manage it. Refer to: Records Management — School Records for further information.

When schools want to share information proactively with another Information Sharing Entity, the following steps are to be taken:

Determine the request meets the three requirements for sharing for family violence risk management (protection).
Consider the Family Violence Information Sharing Scheme legislative principles before sharing information, including seeking and taking into account the views of the child and/or family member who is not a perpetrator where it is appropriate, safe and reasonable to do so.
Verify that the service that will receive the information is an information sharing entity via the online ISE List.
Contact the Information Sharing Entity and verify their specific requirements for receiving the information.
Provide the information to the Information Sharing Entity.
Document the following:
- the Information Sharing Entity information was shared with
- date when information was shared
- the information that was shared
- record who the information was shared with.
For best practice, schools should record:
- the scheme information was shared under
- who information was being shared about
- how the sharing requirements were met.
Store the record securely. Take reasonable steps to ensure that records are kept secure and protected from misuse, loss and unauthorised disclosure. The record must also be only accessible with those who have a requirement to access or manage it. Refer to: Records Management — School Records for further information.

When schools want to share information proactively with a Risk Assessment Entity for the purpose of the entity undertaking a family violence risk assessment the following steps must be taken:

Determine the sharing meets the three requirements for sharing under the Family Violence Information Sharing Scheme.
Consider the Family Violence Information Sharing Scheme legislative principles before sharing information including seeking and taking into account the views of the child and/or family member that is not a perpetrator where it is appropriate, safe and reasonable to do so.
Verify that the service that will receive the information is a Risk Assessment Entity via the online ISE List.
Contact the Risk Assessment Entity and verify their specific requirements for receiving the information.
Provide the information to the Risk Assessment Entity.
Document the following:
- the Risk Assessment Entity the information will be shared with
- date when information is shared
- the information that will be shared
- who the information was shared with.
For best practice, schools should record:
- the scheme information was shared under
- who information is being shared about
- how the threshold was met.
Store the record securely. Take reasonable steps to ensure that records are kept secure and protected from misuse, loss and unauthorised disclosure. The record must also be only accessible with those who have a requirement to access or manage it. Refer to: Records Management — School Records for further information.

When sharing information to promote child wellbeing and safety or to identify and respond to family violence, schools need to consider that some groups experience increased vulnerability to family violence. For example, some groups experience higher rates of and increased vulnerability as a result of their age, cultural background, location or socioeconomic status.

‘Diverse communities’ and ‘at-risk groups’ are broadly defined to include:

diverse cultural, linguistic and faith communities (also collectively called CALD communities)
people with a disability
people experiencing mental health issues
lesbian, gay, bisexual, transgender, queer/questioning, intersex, asexual and gender diverse, (LGBTIQA+) people
women in or exiting prison
people who work in the sex industry
people living in regional, remote and rural communities
male victim survivors
older people (aged 65 years, or 45 years for Aboriginal people)
children (0 to 4 years of age are most at risk) and young people (12 to 25 years of age).

It is helpful for schools to consider both the individual circumstances of the student and parent/carer and also the different family and community contexts. This will improve their ability to engage with children and families.

When sharing information about Aboriginal people, schools should consider:

that for Aboriginal people the concept of family is much broader as it encompasses kinship relationships and the broader Aboriginal and Torres Strait Islander community
how to promote a child’s cultural safety
how to recognise the cultural rights, familial and community connections of a children who are Aboriginal, Torres Straight Island or both
the need for additional support for Aboriginal and Torres Strait Islander students through the Department’s regions.

When sharing information about people with disabilities, schools should consider:

asking the child or young person what they need, to ensure they understand the information provided and are able to provide an informed opinion, without making assumptions about which supports may be required
asking the child or young person if they would like to seek the support of a trusted person or advocate to ensure that they understand the reason for information sharing.

When sharing information about people from a CALD background, schools should consider:

there may be language and literacy considerations. This requires sensitivity around ways of communication — schools may need to source an interpreter of the correct language and dialect.
there may be complex family and community dynamics to consider, as well as complex migration experiences
when sharing information about people from a refugee background, there is often an added layer of trauma.

When sharing information about people who identify as LGBTIQA+, school should consider:

the impact sharing information about sexual orientation, sex or gender may have on safety in the family or community
that services may discriminate against, further abuse, or exclude individuals because of sexuality, sex, gender or sex characteristics
that sex, gender and sexuality may not be recognised by services, or that individuals’ needs will not be understood
that homophobia, biphobia or transphobia by family members is recognised as family violence.

Under the Information Sharing Schemes, Information Sharing Entities and individuals (for example, parents, students and members of the community) may complain about how information was shared under the schemes.

Complaints can be made verbally or in writing.

In responding to complaints, schools should appropriately consider the circumstances and identities of the complainant and acknowledge and respond to concerns in a timely and respectful manner. It is recommended that complaints in relation to the schemes be addressed to the Principal or Assistant Principal.

Complaints to schools from other Information Sharing Entities

Schools may receive complaints from other Information Sharing Entities about how the school has undertaken activities under the Information Sharing Schemes, including if a request for information has not been met.

Under the Information Sharing Schemes, schools must respond directly to complaints from other Information Sharing Entities. This is to enable complaints to be resolved at a local level first, which supports the legislative principles of the schemes to promote services working collaboratively to coordinate their services in a manner that respects the functions and expertise of each Information Sharing Entity.

As an example of a complaint from an Information Sharing Entity to a school, an Information Sharing Entity may complain about how the school shared information under the Information Sharing Schemes, such as, the school did not:

fulfil the request for information
share relevant information that should be shared
respond in a timely way.

In its response, the school may explain whether it viewed the requirements for sharing as having been met for all or some of the requested information and its professional judgement about whether it was safe, appropriate and reasonable to share the information. In relation to a complaint about timeliness, depending on the circumstances, a school may respond by explaining the reasons for the delay, or may apologise and consider how it could improve its operational response.

If schools cannot resolve a complaint with another Information Sharing Entity, it should advise that Information Sharing Entity that they may contact the regional office and request the region’s assistance with resolution.

Schools may also request the region’s assistance when responding to a complaint from an Information Sharing Entity.

Complaints from parents, carers and other individuals

Schools may receive complaints from parents, students and other individuals, such as other family members or members of the community, in relation to the Information Sharing Schemes. For example, a parent may complain that their views and/or the views of their child or other relevant family members were not sought in relation to sharing their personal information.

Note: A ‘parent’, in relation to a child, includes a carer and any person who has parental responsibility for the child including parental responsibility under the Family Law Act of the Commonwealth, and any person with whom a child normally or regularly resides.

For complainants who are parents, mature minors, or adult students. or advocates of these complainants, the Department’s three tier framework continues to apply. Parent (and mature minor, or adult student complaints) are best managed at the local school level.

Where a parent is not satisfied with the outcome or resolution achieved with the school (tier one), they may contact the regional office (tier two), or if the complainant feels uncomfortable raising the complaint directly with the school, they can escalate the complaint to the local regional office (tier two) for resolution.
Parents have an additional opportunity for resolution by contacting the Department’s central office, if they remain unsatisfied with the outcome or resolution achieved at the regional office.

For further information on managing complaints from parents, mature minors, adult students or their advocates refer to: Complaints — Parents.

For complaints from other individuals, for example, from other family members who are not parents, or neighbours, a two-tier framework of resolution at local school level first, then escalation to the local regional office for resolution applies.

School complaints policy

The template Complaints Policy has been updated to include record keeping obligations for the Information Sharing Schemes and a link to this Child and Family Violence Information Sharing Schemes topic. Schools should update their own local policy on parent complaints with this additional information.

For the template, refer to the School Policy Templates Portal — Complaints (login required).

Privacy complaints

Many complaints under the Information Sharing Schemes are likely to relate to privacy. For example, a parent may complain that their personal information, or their child’s personal information has been shared outside the Department without their permission. If the complaint is unable to be resolved at the local level, schools may direct these privacy complaints to the Department’s Privacy team. Contact the Privacy Team for advice by phoning 03 8688 7967 or emailing privacy@education.vic.gov,au

Schools should refer complaints that are a mixture of privacy-related elements and other more process-related elements (such as how the school has conducted activities under the Information Sharing Schemes) to their regional office in the first instance. The regional office will triage these complaints and refer to the Privacy team.

If a complaint has been responded to by the Privacy team and the complainant is not satisfied with the response, they can escalate their complaint to the Office of the Victorian Information Commissioner (OVIC) or the Office of the Victorian Health Complaints Commissioner (HCC). These Offices will first confirm that the Department has had the opportunity to respond directly.

For more information about how the Department manages privacy complaints, refer to the Department’s website Make a privacy complaint.

The Department’s website advises complainants that privacy complaints can be made to a regional office, or directly to the Department’s Privacy team. Regional offices will refer any privacy complaints to the Privacy team for response.

Making a complaint to another Information Sharing Entity

Schools can complain directly to other Information Sharing Entities about how they have conducted their activities under the Information Sharing Schemes. Before making a complaint to another Information Sharing Entity, schools should first contact the Information Sharing Entity directly to raise their concerns. This is in keeping with the aim of the Information Sharing Schemes to facilitate services working together collaboratively for integrated services provision. It may be that through further conversation the issue can be resolved without a formal complaint.

Schools should check the other Information Sharing Entity’s website or contact them directly to determine the other Information Sharing Entity’s complaints handling requirements, for example whether they provide a complaints template or if there are specific contact details for complaints about sharing information under the Information Sharing Schemes.

If the complaint is not resolved locally by the Information Sharing Entity, schools may contact the Community Liaison Officer in their regional office for further support in the first instance.

Record keeping for complaints made under the Information Sharing Schemes

Record keeping for complaints received

Schools (as Information Sharing Entities) must keep a record of any complaints received in relation to the Information Sharing Schemes. Schools must record:

the date the complaint was made and received
the nature of the complaint — schools should record relevant details such as:
- whether the complainant is:
  - an Information Sharing Entity or Risk Assessment Entity
  - third party
  - student or family member
  - victim survivor of family violence
- if the complaint is about the information that was shared, whose information was involved
- the circumstances surrounding the sharing of information
- any harms that the complainant believes have resulted from the event
any action that was taken to resolve the complaint
any necessary action that has been taken to prevent, or lessen, the risk of further similar complaints by addressing the reasons for the complaint
the time taken to resolve the complaint
if the school was unable to resolve the complaint, what (if any) further action was taken.

For a template for recording complaints made under the Information Sharing Schemes refer to: Template for recording complaints made under CISS and/or FVISS.

Schools must store the complaint records securely and take reasonable steps to ensure that the records are kept secure and protected from misuse, loss and unauthorised disclosure. Refer to Records Management — School Records for further information.

Record keeping for complaints made by a school

Schools are encouraged to also keep a record of any complaints made in relation to the Information Sharing Schemes for good practice.

Schools should record:

the date the complaint was made
the nature of the complaint with relevant details
the Information Sharing Entity to whom the complaint was made (including the details of the person to whom the complaint was made)
the outcome of the complaint.

Safeguards

The Information Sharing Schemes provide safeguards for the authorised sharing of information.

Offences and penalties may apply where information is shared unlawfully under the Information Sharing Schemes. The Information Sharing Schemes include offences for unauthorised and intentional or reckless use or disclosure of confidential information, and falsely claiming to be an Information Sharing Entity, or an authorised representative of an Information Sharing Entity — or knowingly allowing someone else to believe that you are.

When school staff, with authorisation to share information under the schemes, act in good faith and with reasonable care when sharing information, they will:

not be held liable for any criminal, civil or disciplinary action for providing the information
not be in breach of any code of professional ethics, or considered to have departed from any accepted standards of professional conduct.

Acting in accordance with the Code of Conduct for Public Sector Employees, which requires all staff to demonstrate the value of respect by maintaining confidentiality and treating private information properly, also acts as a protection. Schools treat information properly by complying with legislation and Departmental policies relating to dealing with personal and health information, for example, this policy, the Privacy and Information Sharing Policy, Schools’ Privacy Policy, Records Management — School Records Policy and Information Security Policy.

Record keeping that meets regulatory requirements provides a good basis for demonstrating that a professional acted in good faith.

Good record keeping practices also support compliance with the Information Sharing Schemes by ensuring records are not shared inappropriately.

If school staff identify or suspect that information is being shared inappropriately, they should immediately notify the principal or an appropriate member of the school’s leadership team or, where the concern is related to conduct of the principal, the regional office.

Refer to Complaints — Information for Employees and Complaints, Misconduct and Unsatisfactory Performance — Teaching Service for further information.

Resources

There is a range of online resources and professional learning available on the Child Information Sharing Scheme (CISS) and Family Violence Information Sharing Scheme (FVISS).

Templates and forms

Training (online via webinar and eLearn)

eLearn Education Leaders is a self-paced online course for education workforce professionals who are responsible for personnel impacted by the information sharing reforms and who will play a role in the change management process.
eLearn Education Professionals is a self-paced online course designed for people working in schools, education and care services who are likely to share information and require a detailed operational understanding of the reforms. It is designed to support education professionals to share information confidently, safely and appropriately.
Webinar: Information Sharing for Education Professionals is an interactive online webinar designed for all educational workforce staff who need a detailed operational understanding of the information sharing reforms. It will build workforce confidence in how to safely share information under CISS and FVISS, and how to meet record keeping requirements.

To register for a webinar or eLearn, visit: Training for the information sharing and MARAM reforms.

Training hours count towards professional learning for Victorian Institute of Teaching (VIT) registration.

Toolkit and contextualised guidance for education and care services

A toolkit and contextualised guidance is available to all Victorian schools and centre-based education and care services on the department’s Child protection privacy and information sharing website. These documents provide detailed guidance on CISS and FVISS for all education services on how to share and request information.

Child Protection and Child Safe Standards (PROTECT)

The department’s PROTECT website applies to all employees, contractors and service providers and includes advice on how to create a child safe environment, identify and report signs of abuse and mandatory reporting requirements. Visit the Child Protection and Child Safe Standards (PROTECT) website.

Ministerial guidelines

The ministerial guidelines for the information sharing schemes provide detailed guidance about the circumstances under which information can be shared between professionals. The ministerial guidelines are legally binding for all information sharing entities. Refer to:

Child and Family Violence Information Sharing Schemes

Policy last updated

Scope

On this page:

Policy

Policy

Summary

Details

About the Information Sharing Schemes

Background

Related policies

Relevant legislation

Guidance

Guidance

Chapter 1 — About the Information Sharing Schemes

Chapter 1 — About the Information Sharing Schemes

Chapter 2 — Definitions

Chapter 2 — Definitions

Chapter 3 — Preparing for the Information Sharing Schemes

Chapter 3 — Preparing for the Information Sharing Schemes

Identify staff

Complete professional learning

Establish initial point of contact for information sharing requests

Update local school policies

Chapter 4 — Guiding principles for the Information Sharing Schemes

Chapter 4 — Guiding principles for the Information Sharing Schemes

Child Information Sharing Scheme: principles for sharing

Family Violence Information Sharing Scheme: principles for sharing

Chapter 5 — Requirements before sharing information under the Information Sharing Schemes

Chapter 5 — Requirements before sharing information under the Information Sharing Schemes

Requirements before sharing information under the Child Information Sharing Scheme

Child Information Sharing Scheme three-part threshold test

1. The purpose of sharing is to promote the wellbeing or safety of a child or group of children

2. Sharing information to assist another Information Sharing Entity to undertake their activities

Example — What is a ‘child wellbeing or safety purpose’?

3. The information is not excluded information

Seeking consent

Sharing information with a child or family member

Requirements for sharing information under the Family Violence Information Sharing Scheme

Family Violence Information Sharing Scheme: three requirements for information sharing

1. The purpose of sharing is to assess family violence risk or protect victim survivors from family violence risk

2. The applicable consent requirements are met

3. The information is not known to be excluded information

Sharing for family violence risk assessment

Establishing family violence risk

Sharing for family violence risk management (protection)

Sharing information under both Information Sharing Schemes

Chapter 6 — Responding to requests for information under the Information Sharing Schemes

Chapter 6 — Responding to requests for information under the Information Sharing Schemes

Responding to a request for information under the Child Information Sharing Scheme

Responding to a request for information under the Family Violence Information Sharing Scheme

Chapter 7 — Requesting information under the Information Sharing Schemes

Chapter 7 — Requesting information under the Information Sharing Schemes

Requesting information from an Information Sharing Entity under the Child Information Sharing Scheme

Requesting information from an Information Sharing Entity under the Family Violence Information Sharing Scheme

Requesting information for the purpose of a family violence assessment under Family Violence Information Sharing Scheme

Chapter 8 — Proactively sharing information under the Information Sharing Schemes

Chapter 8 — Proactively sharing information under the Information Sharing Schemes

Sharing information proactively with an Information Sharing Entity under the Child Information Sharing Scheme

Sharing information proactively with an Information Sharing Entity when a child is at risk under Family Violence Information Sharing Scheme

Sharing information proactively with a Risk Assessment Entity for a family violence risk assessment

Chapter 9 — Considerations when sharing information about diverse and at-risk communities

Chapter 9 — Considerations when sharing information about diverse and at-risk communities

Chapter 10 — Complaint handling under the information sharing schemes

Chapter 10 — Complaints handling under the Information Sharing Schemes

About complaints handling under the Information Sharing Schemes

Complaints to schools from other Information Sharing Entities

Complaints from parents, carers and other individuals

School complaints policy

Privacy complaints

Making a complaint to another Information Sharing Entity

Record keeping for complaints made under the Information Sharing Schemes

Record keeping for complaints received

Record keeping for complaints made by a school

Chapter 11 — Safeguards when using the Information Sharing Schemes

Chapter 11 — Safeguards when using the Information Sharing Schemes

Safeguards

Resources

Resources

Templates and forms