Subject Paragraphs Page

Transcription

1 Contents Subject Paragraphs Page Introduction Part one Relevant Provision Of The Crime and Disorder Act Crime and Disorder Act Legal Status of the Youth Offending Team Responsibilities of the Youth Offending Team Manager Information Requested by Youth Offending Teams 19 6 Responsibilities Of Agencies Contributing To Youth Offending Teams Health & Youth Offending Teams Advice to Health Professionals Police Sharing Information about Victims with Yots Disclosure Of Information By Youth Offending Teams Security Other Rights Part two Data Protection Act Principles Retention Of Data: Time Limits Annexes A: Information Flows Between The Partner Agencies and the Youth Offending Teams B: Notification Procedure C: Sexual Offenders Act 1997 Schedule One D: A Manual For Caldicott Guardians Protecting and Using Patient Information 1

2 Introduction 1 The purpose of this guidance is to: facilitate the development of local information sharing protocols, by the Youth Offending Teams, which are consistent with each other across England and Wales; clarify the purposes for which the Youth Offending Teams need to share personal data with respect to the families, and the children and young people with whom they are working; alert agencies to the need to share information to protect the public from harm from sexual and violent offences from young offenders; provide advice as to the appropriate use of the enabling power (to share information between the agencies participating within the Youth Offending Teams) as detailed in Section 115 of the Crime and Disorder Act 1998 in line with: the Data Protection Principles (Data Protection Act 1998); the common law duty of confidentiality; and offer a standard notification for the Youth Offending Teams to notify the Data Protection Commissioner that as data users/controllers they will be holding personal data, on computerised records, with respect to children, young people and families with whom they are working NB the agreement of a protocol does not provide a free rein to obtain and disclose information freely without considering the Data Protection Requirements. Teams should support implementation of the protocol by the provision of training for staff Part One of this guidance is aimed at giving practical advice to Youth Offending Teams. Part Two provides the legal background for the guidance in Part One, with detailed guidance on the Data Protection Principles. The term Youth Offending Team (Yot) Manager is used throughout this guidance to denote the post responsible for the overall management of the Youth Offending Team within a particular Local Authority area. It is acknowledged that staff with this responsibility may have other job titles (e.g. Head of Youth Offending Services, Assistant Director, Youth Offending Services). The guidance has been read and approved by the Data Protection Commisioner s Office and legal advice has been provided by the Home Office. 2

3 Part one Relevant provision of the Crime and Disorder Act The Crime and Disorder Act 1998: establishes the principal aim to prevent offending by children and young people (Section 37); requires each local authority, with responsibility for Education and Social Services, to establish a multi-agency Youth Offending Team, with representation from the Police, the Probation Service, Social Services, the Health Service, and Education (Section 39); provides a basic legal authority, where none already exists, for the disclosure of personal information where this is necessary or expedient to the successful implementation of the Act (Section 115);and promotes the principles of restorative justice with emphasis being placed on both the greater involvement of victims (for their views to be sought) and on those who have offended making amends (Section 67). The information needs of the Teams arise from their responsibility under Section 37 of the Crime and Disorder Act 1998 to prevent offending by children and young people. The Teams will be: assessing, using the ASSET tool, children and young people referred to them by either the Police or the Courts or by another agency providing a children s service (including assessment of any risk they may present of harm to others); and managing children and young people subject to an offending prevention programme as part of either a voluntary arrangement (e.g. in connection with a Final Warning) or a statutory Order Youth Offending Teams may be involved in the commissioning of services from organisations other than the statutory partner agencies. These other agencies involved in the delivery of services on behalf of the Yots should be specifically referred to in the protocol and should sign up to the Information Sharing Protocol. This is to ensure their compliance with the agreement made between the partner agencies and the Data Protection legislative requirements it reflects. If they are unwilling to sign up to the Protocol, serious consideration will be necessary as to how far they can be integrated with the work of the Yot. Such other parties may include: agencies who second staff to the Teams, for example the Careers Service or the Youth Service; and Voluntary sector organisations, for example those who may be providing such services as Mentoring, Restorative Justice initiatives, Bail Support and Supervision. 3

4 The Youth Offending Team should: ensure that the contracts/agreements between themselves and their external service providers include adequate and concise requirements for the exchange of personal data; and be in a position to oversee the adequacy of standards for the protection of data, to respond to any complaints and breaches, and to satisfy requests for information from data subjects (young people known to the Youth Offending Team and their parents or primary carers). Legal Status Of The Youth Offending Team Each Youth Offending Team, for information sharing purposes, is a separate legal entity. Youth Offending Teams are a statutory creation and have a specified membership, specified funding, and a specified function. They are a statutory entity created and regulated by Section 39 of the Crime and Disorder Act The Youth Offending Team Manager is responsible for ensuring the compliance of the Team, and any external agency (i.e. beyond the statutory YOT partner agencies) with which it contracts, with the Data Protection Act No other person must knowingly or recklessly without the data controller s consent obtain, disclose, or procure disclosure of personal data or of the information contained in personal data (Section 55, Data Protection Act 1998). The principles of the Act are set out in Part Two below of this guidance. The Manager is expected to ensure children and young people referred to the Team are assessed, using ASSET (the assessment tool), for factors associated with offending so that services can be put in place to help the child or young person to develop and reduce the risk of them re-offending. Sharing of information between agencies will be critical to the effectiveness and accuracy of these assessments. Within the meaning of the 1998 Data Protection Act the Youth Offending Team Manager is the Data Controller. This results from his or her ability to decide how personal data is to be handled, to enter into contracts with others on behalf of the Team and because of his/her responsibility for the Yot s budget. 4

5 Responsibilities Of The Youth Offending Team Manager These are: (i) the Notification to the Data Protection Commissioner of the data the Yot will be processing (the Template, and procedural guidance is included at Annex B); (ii) the management of the Information System; (iii) ensuring the terms of the notification are complied with. These should include the weeding of personal data, in line with the agreed time limits (page 16) for retention of personalised data; (iv) ensuring that contracts between the Youth Offending Team and any external service providers include adequate and concise requirements for the exchange of personal data; (v) providing the necessary level of security for holding personal data; (vi) responding to any complaints and ensuring requests for information from individuals can be satisfactorily responded to; and (vii) ensuring, in line with the requirements of the Children Act 1989, that the Police and Social Services are notified of any offence or possible offence(s) against a child or young person. The process for such referrals should follow procedures agreed by the local Area Child Protection Committee. Youth Offending Team Managers will need to ensure that all service users and their primary carers are informed, both in writing (translated into the languages of the ethnic minority populations known to be resident in the area) and, verbally, at their first formal meeting with a Yot worker, of the Complaints and Representations procedures relating to their Yot. The information should detail where the representation or complaint will be managed within the management structure for the Team and in what circumstances it will be necessary to refer it on to the parent agency, if the complaint is against a member of staff who has been either seconded by one of the partner agencies or is a representative of a voluntary organisation. Youth Offending Team Managers may also be able to offer help to agencies contributing to Youth Offending Teams to fulfil obligations on them arising from youth justice activities. These are summarised in the next section. 5

6 19 Information Requested By Youth Offending Teams Staff seconded to Youth Offending Teams may request data about individuals, including children, young people, parents, and victims, from their parent service. Such information should only be used for the purpose for which it was obtained in line with the Second Principle of Data Protection. Once the data has been passed to one member of the Youth Offending Team it may be shared with other members with a need for the data for the purpose of preventing offending. This ability is essential to achieving effective (in terms of the prevention of offending/re-offending) assessment and supervision of young people referred to the Team. NB for issues with regard to information passing from the Health Service to the Youth Offending Teams please refer to Health and Youth Offending Teams Advice To Professionals (page 7) Responsibilities of Agencies Contributing to Youth Offending Teams Each agency needs to determine the circumstances in which a young person will be referred to the Youth Offending Team. Relevant criteria are whether the young person: has offended or is being prosecuted; or is at risk of offending (referral in line with the principal aim of the Youth Justice System to prevent offending by children and young people Section 37, Crime and Disorder Act 1998). The criteria for making referrals and any relevant timing (e.g the arrangements agreed by the Youth Offending Team with the Police for notification of young people to be assessed with a view to a Final Warning being imposed) should be set out in the protocol between the Yot and the respective agencies. The protocol should detail: (a) the information to be provided by the named agencies, and (b) the use(s) the Youth Offending Team may have for it. Annex A identifies the categories of information Youth Offending Teams should require from the named agencies either following a referral or during the course of an intervention (either voluntary or statutory). Teams, in their use and recording of the information they receive, will need to ensure adherence to the First Data Protection Principle [page 15]. Prior to recording information the Youth Offending Team must be satisfied that the information was obtained fairly and in accord with the tenets of the protocol. the Second Data Protection Principle [page 16]. This requires data controllers to ensure that any disclosure of personal data is compatible with the purposes for which they obtained it (see section on Disclosure of Information by Youth Offending Teams). 6

7 25 26 The protocol must acknowledge that referrals of children/young people to the Youth Offending Teams, most particularly by the Police, may be the outcome, in addition to the Crime and Disorder Act 1998, of one of the following legislative requirements: the Children and Young Person s Act 1969 the requirement that the Police should notify the Local Authority of any decision to charge or summons a juvenile and the duty placed on a Local Authority to investigate the circumstances of any juvenile brought before the Court; and the 1933 Children and Young Persons Act requiring the Police to notify the Local Authority of the arrest of a young person who is being either supervised or looked after by the Local Authority. Additionally those working with and within the Yot should be aware of its responsibilities to follow agreed (by the Area Child Protection Committee) local procedures when child abuse is suspected or disclosed: the Children Act 1989 the duty partner agencies have to pass information to Social Services and/or the Police, with respect to any offence or possible offence against a child or young person. NB This requirement also applies, with respect to those held within the Secure Estate, where either young people disclose abuse or YOT staff members suspect abuse In relation to young people who are being referred to the Youth Offending Team, each agency will need to determine how they are going to notify the young person of the referral. This may be done by letter to the young person or by the worker already involved with the young person. Interventions offered by the Teams at the Final Warning stage are of a voluntary nature. The Police, in each area, should be provided by the Youth Offending Team with a standard letter enabling them to notify the child/young person and their parent/carer of the referral to the Team. The purpose of the referral is for an assessment which will consider public interest, the willingness or otherwise of a child/young person to co-operate with a programme managed by a Yot, and the need for such an offending prevention programme. Health & Youth Offending Teams Advice to Health Professionals This section is based on advice provided by the Department of Health, and its guidance contained in the document Protecting and Using Patient Information, A Manual for Caldicott Guardians (Annex D). Health professionals are as committed as other professionals to work in the best interests of children and young people and to contribute to attempts to ensure their needs are met. This requires close working with other agencies, including Youth Offending Teams. 7

8 31 32 The central issue for Health professionals is that patient based information is generally given to them in confidence by patients and that as a result, prior to disclosure to a third party, they must have regard to the common law duty of confidence, and statutory restrictions on disclosure (NB this does not apply to anonymised data). The decision to disclose can be justified on the following grounds: there are no statutory restrictions on disclosure; and either the subject of the information has been informed of the proposed disclosure and has consented to it: e.g. the Yot worker has provided written consent obtained from a family/young person for a General Practitioner to disclose personal information; or a three way meeting has been held, involving the young person (and his/her family), a health professional and a Yot worker prior to a course of treatment, enabling an agreement as the type of information which will be shared with the Yot worker; or that on balance there is an overriding public interest in the disclosure (e.g. where disclosure of the personal data would assist in protecting the public from offending by the young person as envisaged by the enabling power in Section 115) The Health representative in the Team may be asked to promote with other health professionals and services the agreements reached locally (i.e the Information Sharing Protocol) regarding information exchange and the role, within the ASSET process, for information as to the possible health (physical/mental) needs of young people and the possible links to their offending behaviour. Where the child or young person is not competent to give consent, information may be shared in their best interests, although the consent of the parent(s) or those with parental responsibility should be sought in the first instance. In addition, in the absence of consent, whether sought or otherwise, the threshold for the release of information will need to be considered very carefully and the decision to disclose made on a case by case basis. The process for deciding in these cases wil need to be covered by a local protocol. Such a balancing judgement will need to take into account: the various legal responsibilities at stake; the duty of confidence to the individual; the public interest in the maintenance of confidentiality within health service practice; 8

9 Consideration will need to be given as to whether the harm which could result from disclosure of personal information (for example the risk of possible damage to the relationship of trust, between doctor and patient, increasing the likelihood of non compliance with a programme of health care intervention in the future) is assessed as outweighing the positive benefit to the child or young person (for example in diverting him or her from a criminal lifestyle) and/or provide significant protection to others in the public interest. Where the decision is made to share information in the public interest, health professionals should ensure that their reasons for reaching this decision are recorded and agreed by other members of the Yot. In taking the decision to disclose, Health professionals will need to make a clear distinction between the acquisition and subsequent sharing of information which takes place openly and expressly as part of the legal process, for example when a professional has been asked to write a report for a Court hearing, and the sharing of information acquired in the past in the context of a therapeutic relationship. Police Sharing Information About Victims With Yots The Police will need to seek the informed consent of victims to their participation in a restorative process before the details are disclosed. This may be obtained by, either: (i) the Police Officer investigating the case (at the time of the investigation, using a leaflet provided by the Yot paragraph 39); or (ii) the Officer who informs the victim of the outcome of the enquiries; or (iii) the Officer seconded to the Youth Offending Team. The initial contact by the Yot may utilise a leaflet explaining the services that may be available to the victim. The victim must be asked to indicate a wish to participate in a restorative process prior to a follow up contact being made by, either a member of a Yot, or by a representative of a restorative justice service. Under no circumstances should a victim be pressured into giving consent. Disclosure of Information By Youth Offending Teams Decisions made by both the Police and the Courts, supported by the assessments undertaken by the Youth Offending Teams, will determine the service(s) those offending will receive. These services may be provided by: Youth Offending Team; A voluntary organisation contracted by the YOT to deliver the service; Any one of the statutory partner (within the YOT) agencies; As a result Yots will have to share personal information when referring the child/young person to other services so that the latter can respond appropriately to the perceived needs. 9

10 Each Youth Offending Team should provide written information to those referred as to how personal data relating to them may be used and the legal context for doing so. This information could usefully be included in any leaflet outlining the role of the Team and the rights of service users to make a representation or complaint. Other multi agency settings in which the Yots will find it necessary to share information about those referred to them include: (i) the submission of reports to the Police, Crown Prosecution Service & Courts (ii) the Post Court Report provided for custodial facilities by Youth Offending Teams following a Court decision to impose either a Court Ordered Secure Remand or custodial sentence (Detention and Training Order or Section 53 disposal); (iii) Sentence Planning meetings held within custodial facilities; (iv) case conferences convened by Social Services Departments when a child/young person is thought to either have been either subject to abuse (sexual, emotional, physical) or to be at risk, or is a perpetrator; (v) Planning meetings and Reviews for both children in need and those looked after (within the meaning of the Children Act 1989); (vi) discussing the need to register those who have offended against other children/young people as Schedule One Offenders; (vii) the transfer of cases to the Probation Service relating to young people who are: on or around their eighteenth birthday (in accordance with local protocols); made subject to a Community Service Order, a Combination Order or a Drug Treatment and Testing Order where it has been agreed these Orders will be supervised by the Probation Service on behalf of a Youth Offending Team; or subject to a Detention and Training Orders and it is agreed locally that the Probation Service will accept case (full or partial) responsibility. (viii) meetings related to local consideration of the appropriateness of a Local Authority, in partnership with the Police, applying to a Magistrates Court (civil proceedings) for an Anti Social Behaviour Order; (ix) (x) (xi) applications to the Family Proceedings Court for a Child Safety Order; offending by those with a legal status of either child in need or looked after child/young person each Social Services Department, under Quality Protects (England) and Children First (Wales) are required to monitor the rates of offending by these populations: or in response to requests for information from Family Court Welfare teams (or the CAFCASS agency from ) These processes will involve the Teams in sharing personal information about an individual which they have received from another agency represented within the Team. 10

11 Staff representing parent agencies within the Youth Offending Teams may authorise the use of personal data obtained from their agency by colleagues from other agencies provided its use accords with: Section 115 of the Crime and Disorder Act 1998; The First Data Protection Principle ensuring the information is used fairly; The Second Data Protection Principle the information is used for the purpose for which it was obtained; The public interest must outweigh any duty of confidentiality. The Youth Offending Teams should distribute a leaflet to each child/young person with whom they are working, and to their parent/carer detailing: the role and responsibilities of the Youth Offending Team; the aim of the Yot to have the consent of the child/young person and their parent/carer wherever possible prior to sharing/obtaining their personal data; the reasons why personal information is required and how it will be recorded, used, and stored; their right of access to the information held by the Yot; how long the information will be retained by the Yot; and the process by which they make a representation or complaint The Yots must ensure that the information they receive as the third party is used only for the reasons why it was originally gathered. The case file should detail: why the personal information is required by the Yot; and the source of the information and why it was originally obtained The Teams will have regular opportunities to ensure the above is the case: each statutory Order and Referral Order will be reviewed at regular intervals (as per National Standards); and prior to cases being closed the staff member with case responsibility must ensure that all file entries relating to personal data are accurate. Following a referral where there is no statutory requirement for the young person to work with the Yot and where the young person refuses to work with the Team, consideration will need to be given to what information should be removed from the Team s system. It will not be appropriate to keep all information about individuals who have refused to work, on a voluntary basis, with the Team. It will be necessary to retain personal data on those who fail to co-operate with Yot interventions in support of Final Warnings as these are citeable in Court. 11

12 Security All case files (paper records) holding personal data on individuals known to Youth Offending Teams should be held within secure filing cabinets to which only authorised personnel can have access. The cabinets should not be stored in any area of the Yot s premises to which service users may have access. Case files should have a section in them for third party information to which access by the subject has not been approved. This section should be removed prior to giving access for the subject to his/her file. Youth Offending Team staff should have passwords to enable access to computerised records. Records, both computerised and paper should be stored in such a way as to enable easy retrieval in the event of a request for access by an individual. The three principles which Yots should adhere to with respect to security are: Confidentiality: protecting sensitive information from unauthorised disclosure or intelligible interception Integrity: safeguarding the accuracy and completeness of information and computer software; Availability: ensuring that information and vital services are available to users when required; Other Rights All staff must be able to recognise a request from an individual to prevent processing likely to cause damage to that individual. All staff must be aware of the manager or designated member of staff who is responsible for responding to such requests. In relation to a request to prevent processing likely to cause substantial damage, the Yot member s response should indicate whether he or she will comply with the request or not. The Yot member must provide a written response to the individual within 2l days setting out their decision on the request. If the Yot member decides that the request will not be complied with, they must set out their reasons in the response to the individual. A copy of the request and response should be retained. 12

13 Part two Data Protection Act The Data Protection Act 1998 sets out key principles which the information sharing protocol for the Youth Offending Teams must address. First Data Protection Principle This requires that the data controller ensures they have a legitimate basis for their processing of personal data. Legitimacy is established where the data controller has: the consent of the data subject, or where the processing is necessary for; the exercise of a legal obligation; the exercise of a public function; legitimate interests which outweigh the rights and freedoms of the individuals. In relation to the processing carried out by the Youth Offending Team, provided that they are processing personal data for the purposes specified in the Crime and Disorder Act l998, they will be able to satisfy this requirement of the First Data Protection Principle. A data controller must consider whether they are processing sensitive personal data which is that personal data which falls within the following categories: racial or ethnic origin; physical or mental health; and criminal offences and proceedings. If any of the above apply then the data controller will also need to satisfy at least one of the grounds in Schedule 3 of the First Principle, either the explicit consent of the data subject(s) has been obtained or the processing is necessary for; compliance with a legal duty; the protection of the vital interests of the data subject; exercising legal rights (Section 115 of the Crime and Disorder Act); medical purposes by a health professional or similar; and racial or ethnic monitoring for equal opportunities. In relation to the young persons with whom the Youth Offending Team are working, these requirements may be satisfied by a number of the grounds contained in Schedule 3. However, in relation to the processing of data relating to victims, it may be, but not necessarily, that the only grounds for processing their personal data is with explicit consent. Having established a legitimate basis for processing, the Youth Offending Team will need to ensure that they are processing personal data fairly and lawfully. 13

14 Section 115 facilitates the lawful sharing of information but the data controller will still need to consider whether they are bound by the common law duty of confidentiality. This means that in every case the controller must objectively assess whether the public interest justifies a disclosure. If the prevention or detection of crime would be prejudiced if the disclosure was not made, then disclosure may be regarded as being in the public interest. To ensure personal information is processed fairly, a data controller will need to provide individuals with the following details at the time of obtaining their information: the identity of the data controller; how their personal information may be used; and any other information necessary to render the obtaining fair. If, having obtained personal information from an individual, a data controller discloses that information to a third party, the third party is obliged to provide those details to the individual, unless, when it was obtained the individual was made aware (e.g. by Yot leaflet) as to how their personal data may be used. The Second Data Protection Principle The data controller must only use personal data for the purposes for which it was obtained and must ensure that any disclosure of personal data is compatible with the purposes for which they obtained the data. The Third Data Protection Principle This requires that personal data shall be adequate, relevant and not excessive in relation to the purpose(s) for which they are processed. While a young person may be known to one of the partner agencies it may not be relevant to disclose all the personal data held for the purpose of preventing offending. The Fourth Data Protection Principle Personal data must be accurate and kept up to date. The Fifth Data Protection Principle Personal data processed should not be kept for longer than is necessary in the case of the Youth Offending Teams this is for the purpose of the prevention of offending by the child/young person. 14

15 Retention of Personalised Data: Time Limits Each Youth Offending Team should have a review and weeding policy. The procedures supporting the policy should be (where the young person is not involved in further offending which results in a substantive outcome, i.e a Reprimand, Final Warning, Referral Order, or sentence) in those cases resulting in either: (i) a Reprimand or a Final Warning the case file should be retained for either three years after closure of the case or when the young person reaches his/her eighteenth birthday, whichever is the sooner; or (ii) a conviction the case file should be retained for five years but after three years the file should be reduced to containing only basic information: name date of birth gender last caseworker history of contact with the youth justice system (i.e record of offending and disposals received) outcome of last contact with the Youth Offending Team The exceptions to the above are those young people who have been convicted of the sexual offences, applying to young people under 20, which are detailed in Schedule One, Sex Offenders Act These are set out in Annex B. The time limits relating to the sexual offences apply to those under the age of 18 at the time of disposal/conviction. If a Yot wishes to retain information about their activities in order to Offence/outcome Pre Court Decision: Reprimand* Final Warnings* Referral Orders* Sexual Offences (Schedule One, Sex Offenders Act 1997) Offences on Sex Offender Register Statutory Orders* Time limits 3 years or when the young person reaches their eighteenth birthday whichever occurs first; 3 years or when the young person reaches the age of 18 whichever occurs first; Section 53(1) or a Section 53(2) disposal of 30 months or more Retained for indefinite period. Subject to length of time on register. All case files to be kept for five years following either the closure or transfer of the case but after 3 years the file should be reduced to the basic information detailed above. * with the exception of disposals imposed for sexual offences against children (i.e. those under the age of 18) which result in the child/young person being recorded by the Local Authority Social Services Department as a Schedule One offender. 15

16 evaluate their effectiveness, for example, re-offending rates, then this should be kept in a depersonalised or reduced form. When de-personalising the data Youth Offending Teams must ensure that all personal identifiers (e.g. case reference, PNCID, PIN etc.) are removed from the case record. The Sixth Data Protection Principle Processing of personal data must be in accordance with the rights of the individual concerned. These are set out below. The Seventh Data Protection Principle This requires that appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data, and against accidental loss or destruction of, or damage to, personal data. 16

17 Annex A Information flows between the partner agencies and the Youth Offending Teams Information Required Details of child/young person Reasons Why Information Required Possible Sources of Information a. Name, address, gender, ethnicity, date of birth Contact purposes and to ensure accurate monitoring of those both identified as being at risk and those involved in the youth justice system. 1. Child/young person 2. Family 3. Agency making referral to the Yot b. Reasons why a child/young person is thought to be at risk of offending this relates to the risk factors identified within the ASSET process: Lifestyle Perception of self and others Thinking and behaviour Attitudes to offending Motivation to change & Indicators of vulnerability Indicators of serious harm to others To help the Youth Offending Team arrange interventions to reduce the risk factors and encourage the child/young person into more positive activities. 1. Schools/Colleges 2. Police 3. General Practitioner/other Health Service providers 4. Social Services 5. The Probation Service 6. The Youth Service 7. Housing 8. Parents/Carers 9. Voluntary Organisations 10. The community 11. The Crown Prosecution Service Will include details of : Living arrangements Family & personal relationships Education/unemployment Neighbourhood Substance misuse Health (physical, emotional/behavioural difficulties, conduct disorder 17

18 Information Required Details of child/young person (cont.) Reasons Why Information Required Possible Sources of Information Offending history of child/young person Attitudes to offending after offending history 1. Assessment of their offending behaviour and the degree of risk they may present to the public/to staff visiting 2. Is on the Sex Offender Register? 3. Is registered as a Schedule One offender? 4. Has committed or been reported for offences that resulted in serious harm (or the risk of it) to others. 1. Police 2. Crown Prosecution Service 3. Social Services 4. Probation Service 5. YOT Information Systems Family Situation a. Child/young person has been assessed as: Child in need Looked after child/or qualifying for services under Section 24, Children Act 1989 On the child protection register and whether a service is being provided currently. Assessment of risk and protective factors and to: Enable liaison/joint planning with allocated Social Worker 1. Child/young person 2. Family 3. Social Services case files and computer records b. Parent/step parent/carer or sibling having history of offending and the nature of that offending. Assessment offending within the family is a known risk factor Need for Parenting Order or the provision of family support. (i) Police (ii) Probation Service (iii) Social Services (iv) CAFCAS (when formed to replace current Family Court Welfare Teams). 18

19 Information Required Education Reasons Why Information Required Possible Sources of Information Current/last school or unit/college Behaviour record Difficulties with literacy and numeracy Whether the child/young person has special needs? Has he/she been statemented? Any record of truancy Any record of exclusions (fixed or permanent) 1. For assessment (truancy, exclusion and poor school attainment are risk factors). 2. Enable joint working between Yot and the education unit being attended by the child/young person. 1. Child/young person 2. Parents/Carers 3. Social Services 4. Local Education Authority 5. Unit/school attended by the child/young person 6. Behavioural Support Service 7. Educational Psychologist 8. Connexions Health Does the child/young person have: A specific health problem? a problem with drug, alcohol or solvent misuse? Emotional/Behavioural difficulties, a Conduct Disorder, anti social behaviour or a personality disorder? A General Practitioner? Does the parent/step parent have health related problems? For assessment is there a link between a health problem and the child/young person s offending behaviour? Enable joint working between Youth Offending Team and Health workers. To ensure any health problems of the parent/step parent/carer/sibling that impact on the offending of the child/young person can be taken into account and/or addressed. 1. Child/young person 2. Family 3. Social Services 4. General Practitioner/ Hospital 5. Child and Adolescent Mental Health Service 6. Drugs services/partner agencies 7. Voluntary Sector partner 8. Police 19

20 Information Required Victim Reasons Why Information Required Possible Sources of Information Name and contact details To implement Reparation Order or other restorative justice interventions 1. Police 2. Victim Support 3. The victim Victim statement For the purpose of both preparing reports at both the pre Court and post conviction stages 1. Police 2. Victim Support 3. The victim and Restorative justice interventions Police/risk of harm to others Has the young person ever been Cautioned, Warned, or convicted, for offences that could cause serious harm to others? Is the person associating with (or under the influence of) other persons known to have caused serious harm to others (e.g paedophiles)? Details of offending record and known risk factors; Any evidence of continued association or previous known risk factors which suggest repetition of harm to others? 1. Police 2. Social Services 3. Probation (offending within family) 20

21 Annex B Notification procedure Prepared by The Data Protection Commisioner For Youth Offending Teams, August Youth Offending Team Managers should contact: The Office of the Data Protection Commissioner, Mrs Elizabeth France: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF Tel: The attached form N903 should be requested. The fee for notification is currently Part 1 Draft Notification Based on Information Provided To Us And Your Nature Of Business Registration Number Z All the details in Part 1 will appear in your register entry and must be checked to ensure they are accurate and complete. All page numbers are references to the Notification Handbook. Data Controller (See page 9) Contact Details (These details will not appear on the Register but will be used by us for all correspondence) N903 Youth Offending Team Dummy N903 Youth Offending Team Dummy Tel No Fax Number Address Ext These are the purposes we have drafted for you based on your nature of business N903 Youth Offending Team (Please amend if incorrect). They should reflect (in general terms) the type of processing you carry out. If you need to change any of the draft details please refer to the instructions on the final page. However please note that the Commissioner has determined that the level of detail provided in these draft purposes is sufficient for the purpose of notification, bearing in mind the overriding objectives referred to in the introduction to the Notification Handbook. 21

22 Staff Administration Data subjects are: Staff including volunteers, agents, temporary and casual workers customers and clients Relatives, guardians and associates of the data subject Advisers, consultants and other professional experts Data Classes are: Personal details Family, lifestyle and social circumstances Education and training details Employment details Financial details Racial or ethnic origin Trade union membership Physical or mental health or condition Recipients are: Data subjects themselves Relatives, guardians or other persons associated with the data subject Current, past or prospective employers of the data subject Healthcare, social and welfare advisers or practioners Education, training establishments and examining bodies Suppliers, providers of goods or services Local government Central government Voluntary and charitable organisations Ombudsmen and regulatory authorities Data processors Transfers None outside the European Economic Area 2 Data Controller s Free Text Description Of Purpose The management of children and young people subject to an offending prevention programme as part of either a voluntary arrangement or a statutory order. Data subjects are: Staff including volunteers, agents, temporary and casual workers Customers and clients Relatives, guardians and associates of the data subject Advisers, consultants and other professional experts Students and pupils Offenders and suspected offenders Witnesses Victims Data Classes are: Personal details Family, lifestyle and social circumstances Education and training details Employment details Racial or ethnic origin Physical or mental health or condition sexual life Offences (including alleged offences) Criminal proceedings, outcomes and sentences Recipients are: Data subjects themselves Relatives, guardians or other persons associated with the data subject Current, past or prospective employers of the data subject Healthcare, social and welfare advisers or practitioners Education, training establishments and examining bodies Business associates and other professional advisers Employees and agents of the data controller Police forces Local government Central government Voluntary and charitable organisations Ombudsmen and regulatory authorities Data processors Transfers None outside the European Economic Area 22

23 Annex C Sex Offenders Act 1997: Schedule One Below are the sexual offences (England and Wales) which must be considered when determining the length of time for which a case file must be retained (the guidance applies specifically to offenders under 20). Sexual Offences Act 1956 Section 1 Rape Section 5 intercourse with a girl under 13 Section 10 Incest by a man Section 14 Indecent Assault on a woman Section 15 Indecent Assault on a man Section 16 Assault with intent to commit buggery Section 28 Causing or encouraging prostitution of, intercourse with, or indecent assault on, girl under 16; NB with the exception of the offences under Sections 1, 5, and 28 the time limits do not apply if the victim of, or the other party to, is aged 18 or over. The only exceptions to this provision are, with respect to Indecent Assault on either a man or a woman, if the young person either receives a Section 53 sentence or has been admitted to a hospital subject to a Restriction Order. Other Relevant Legislation (Sexual Offences) Indecency With Children Act 1960 Section 1(1) Criminal Law Act 1977 Section 54 inciting girl under 16 to have incestuous sexual intercourse. Protection of Children Act 1978 Section 1 indecent photographs of children. Criminal Justice Act 1988 Section 160 possession of indecent photographs of children. Time Limits Offenders Under 18 For the fixed periods set out in the Act they are halved for those offenders under 18 (Section 4(2)) 23

24 24

25 Annex D Protecting and using patient information A manual for Caldicott Gardens Protocols Governing the Receipt and Disclosure of Patient/Client Information (within the Health Service) Crime and Disorder Act 1998: Protocols Introduction The Crime and Disorder Act 1998 introduces a number of measures to reduce crime and disorder, including the introduction of local crime partnerships based around local authority boundaries to formulate and implement strategies for reducing crime and disorder in the local area. The new measures include Youth Offending Teams, anti-social behaviour orders, sex offender orders and local child curfew schemes. All of these measures depend upon close co-operation, including the proper exchange of information, and the NHS clearly has an important role to play. The Crime and Disorder Act supports and facilitates this exchange of information but does not in itself constitute a statutory requirement for NHS organisations to disclose patient information to other agencies. In the absence of such a requirement, it is essential that NHS organisations, whilst contributing as fully as they are able to their local crime partnership, continue to operate within the constraints provided by common and statute law. Lawful & Proper Information Exchange Section 115 of the Crime and Disorder Act 1998 provides that any person has the power to lawfully disclose information, for the purposes of the Act, to the police, local authorities, probation service or health authorities (or persons acting on their behalf), where they do not otherwise have this power. However, whilst section 115 ensures that all agencies have a power to disclose, it does not impose a requirement on them to exchange information and responsibility for disclosure remains with the agency that holds the data. Any disclosure of patient based information, almost always provided to NHS staff in confidence by patients, must therefore have regard to both the common law duty of confidence, and statutory restrictions on disclosure. NB The Courts have recently ruled that the common law duty of confidence does not apply to information that has been effectively anonymised so that individuals cannot be identified. There is thus no barrier to the sharing of effectively anonymised data. 5 In the absence of a statutory requirement to disclose patient identifiable information (or a court order requiring disclosure), a decision to disclose must therefore be justified. This necessitates that the disclosing agency be confident: that there are no statutory restrictions on disclosure (e.g. those provided by the Human Fertilisation and Embryology Act 1990); that the subject of the information has been informed of the proposed disclosure and has consented to it; or that on balance, there is an overriding public interest in the disclosure. 25

26 The latter requires a balancing judgement to be made on a case by case basis. Specific measures to prevent crime, reduce the fear of crime, detect crime, protect vulnerable persons, maintain public safety, or divert young offenders from re-offending are clearly in the public interest. It is the responsibility of the holder of the confidential information to determine whether the duty of confidence to the individual, the harm that could result from disclosure and the public interest in maintaining the confidential nature of the clinician/patient relationship is outweighed by the public interest arguments for disclosure. If in doubt, NHS organisations should seek legal advice. Protocols The best way of ensuring that disclosure is properly handled is to operate within a carefully worked out information sharing protocol. Protocols should be supported by all the agencies involved and should be made available to the public. The Home Office, in guidance aimed largely at the police, has promoted this approach. There remains a need however, for NHS organisations to ensure that the particular sensitivities that apply to health information are appropriately reflected. It is recommended therefore that the following principles and associated good practice should be incorporated in all Crime and Disorder Protocols and that all signatories are made aware of the context within which NHS organisations must work. Designated officers It is usually suggested by the police that signatories to a C&D Protocol should nominate designated officers to regulate, monitor and act as the channel through which requests for information are made and handled. The Department of Health supports this approach and it is recommended that the Caldicott Guardian should be the designated individual for NHS organisations. Scope of C&D Protocols Protocols should provide operational guidelines for signatory agencies on the exchange of personal information (as defined and regulated by the Data Protection Act 1998) and also effectively anonymised information to: help local partnerships to implement the provisions of the Crime and Disorder Act; facilitate the work of youth offending teams. Protocols should govern the exchange of information to obtain the following Orders Anti-Social Behaviour Orders; Sex Offender Orders; Child Safety Orders; Child Curfew Orders; 26

27 Protocols should also apply to the exchange of information following a conviction by a Court. It will therefore be relevant to: Drug Treatment and Testing Orders; Reparation Orders; Action Plan Orders; Supervision Orders; Detention and Training Orders; Parenting Orders; Finally, protocols should apply to any other exchange of information that is intended to support action under any other provision of the Crime and Disorder Act. General Principles Section 115 of the Crime and Disorder Act provides a power to exchange information where disclosure is necessary to support the local strategy to reduce crime and disorder, the youth justice plan, or another provision of the Act. However, although the Act creates a situation where the exchange of information may be lawful, the duty of confidentiality will still apply to personal health data. The Act does not provide a statutory authority to disclose such information, though the duty of partnership requires that signatories do all they can within the restrictions imposed by law. Data Protection legislation, in the form of the 1998 Act is also relevant to the sharing of personal data (as defined in the Act), and signatories should obtain a copy of the guidance provided by the Data Protection Registrar s Office Crime and Disorder Act 1998: data protection implications for information sharing. It is clearly necessary for protocols to distinguish between effectively anonymised information and information which remains capable of identifying individuals. It is also necessary to distinguish between personal information that is held in confidence and that which is not. A further distinction, generally of less importance, is between personal information relating to the living and that relating to the deceased. The following matrix illustrates the applicability of key legislation (and the common law) to the various categories of information. A version of this matrix, expanded to cover other legislation governing the use of information by each of the signatory agencies, might usefully be included within the protocol. Common Law Duty of Confidence Data Protection Act 1998 Computer Misuse Act 1990 Human Fertilisation & Embryology Act 1990 NHS (Venereal Diseases) Regulation & Directions 1974 & 1991 Other? Anonymised/ Information No No Yes No No Personal health information (living individuals) Yes Yes Yes Yes Yes Personal health information (deceased) Yes 1 No Yes Yes Yes 1. It is not clear under law whether the Common law duty of confidence extends to information provide in confidence by those who have subsequently died. However, the Department of Health and the professional regulatory bodies advise that best practice is to act as if the duty does continue after death. 27