Information security

This advice provides information regarding the security of client information.

Introduction

Families whose personal information is obtained in the course of child protection work are entitled to expect that measures are in place to protect their personal information from misuse, loss or unauthorised access.

Misuse, loss or unauthorised access to child protection clients’ personal information can have a significant impact on the child, their family and the carer (where relevant) and may place the child at risk. In particular, disclosing the whereabouts of a child, their school or activities can have severe consequences for the child, carer and family, especially if they have been subjected to violence, resulting in protection orders or intervention orders.

Disclosure can also result in damage to the department’s and individuals’ reputation.

There are significant legal penalties for staff contravening certain provisions of the CYFA.

Sound privacy practice contributes to reduced risks and enhanced reputation, and leads to improved casework relationships as a result of the increased trust which comes from dependable handling of people’s personal information.

See Information sharing for detailed information about the legislative basis for information sharing in child protection practice.

The Public Records Act 1973 defines the standards to be followed with regard to the management, preservation and disposal of all public records in Victoria.

Child protection practitioners are required to act in a way that is compatible with the Charter of Human Rights and Responsibilities Act 2006 in making decisions regarding children and families. This includes the right of people not to have their privacy unlawfully or arbitrarily interfered with, and not to have their reputation unlawfully attacked. See Human rights and child protection.

Guidelines for securing client information

Child protection practice requires that personal client information will sometimes have to be taken or sent out of the office, or created outside the office and not taken there until the next working day.

Maintaining security

  • Never discuss or read client information in a public place, including lifts, foyers and coffee shops.
  • Ensure withheld addresses of clients, families, carers or professionals do not appear on reports or other material that is for distribution, and addresses are marked as withheld and phone numbers as silent in CRIS where appropriate.
  • See the department’s Information security tips for additional information.

Attending clients’ homes

Visits must sometimes be undertaken early in the day, so documents needed to facilitate the visit must be taken home the night before. Likewise, it is sometimes necessary to conduct visits after normal office hours, so notes created during a visit must be taken home overnight.

Writing up case notes out of the office or working from home

  • Writing electronic case notes out of the office should be done using a departmental Ultrabook computer.
  • Use of non-departmental computers should be avoided. If a departmental Ultrabook computer is unavailable for use, an approved portable storage device (PSD) must be used, so that material is not saved on the hard drive of a non-departmental computer. This means any temporary copies of the file created by the word processing software should also be on the PSD. If this is not the case, any temporary files should be deleted from the home computer when the work is complete, and the recycle bin or trash folder emptied.
  • Any non-departmental computer used must have anti-virus, spyware and firewall software consistent with department standards.
  • Working at home that involves personal information about clients or others may only occur in exceptional circumstances and with the permission of a manager.
  • Personal information must not be sent to or from a personal email address to facilitate working at home.

Issuing Children's Court reports

  • Do not include withheld addresses in court reports.
  • Do not include the contact details of professionals involved with the child and their family in court reports. This will be automatically omitted if the report is generated from CRIS.

Attending court

Consider whether the complete file will be needed at court for the type of hearing you are attending. Directions hearings, mentions and IAO rollovers are unlikely to create a need for access to the file. If the hearing is for an alleged breach for a new IAO or for a variation, only material relevant to the issues before the Court will be needed. This will usually be limited to information which may be used as evidence to support the submissions being made about the application – usually recent events and recent reports.

Ensure that documents transported to court are placed in a satchel, briefcase or other suitable container. They must remain in the personal custody of the practitioner at all times.

If you are ordered to provide information from the file to other parties at court, make sure the magistrate explains to the parties that the material must be returned to you at the end of the hearing. If this does not happen, speak to your lawyer immediately. After the hearing, retrieve all copies, retain one copy for the file and securely destroy the others.

Attending case planning meetings or case conferences outside the office

  • When a case planning meeting is held outside the office the client file should not normally be taken to the meeting.
  • It is not always necessary to provide a document. Sometimes the required information can be provided verbally.
  • Meeting documents for other professionals, such as reports, should be taken to the meeting or sent by encrypted email in advance.
  • When sending information to another agency by email, always use the agency’s authorised email address, not a hotmail, gmail or yahoo address, nor a worker’s personal email address.
  • If multiple copies of documents for the meeting are needed, make them in advance on a departmental copier so that no image is left on the hard drive of a non-departmental machine.
  • Keep copies of the content of paper files to the minimum needed for work requirements, and protect the copies in the same way as the original. Where multiple copies are created, for meetings or court for instance, they should be retrieved and securely destroyed.
  • Do not place unwanted drafts, working papers or copies of client information in unsecured wastepaper bins. They must be shredded or placed in a locked secure disposal bin as soon as they are no longer required.

Undertaking home visits to discuss draft reports

  • Do not provide drafts that include identifying information about other people unless you are sure they have consented or been given an opportunity to object to the inclusion.
  • If the report will be provided to other family members or kinship carers, check with the family whether their address details can be included. If not, make sure they are not in the final report.
  • If a report was provided by a third party, do not discuss it without consent from the author or other lawful authority.
  • If the report is for the Court, inform the person you are talking to and ask whether they need to apply for suppression of any part of the report from other potential parties to the hearing.
  • Do not leave draft reports with anyone. Allow enough time to discuss them and comment or ask questions. Explain that they will be provided with a copy of the final version (if they are entitled to receive it and it is not subject to an application for suppression).

Sending an email or fax

  • Personal information sent by email outside the department must be protected by encrypting it, except for emails sent to Victoria Police to request a national police history check. See Undertaking national police history checks for tasks that must be undertaken.
  • For instructions on how to send a secure email see the Sending emails securely tool.
  • Check fax numbers and email addresses are correct before sending information to other professionals. Fax numbers should be coded into machines to prevent misdialled numbers.
  • When sending information to another agency by email, always use the agency’s authorised email address, not a hotmail, gmail or yahoo address, nor a worker’s personal email address.
  • Ensure only authorised people will receive client information transmitted by fax or email. Arrange by phone who will receive the document at the other end.

Securing paper documents

Paper client files may be easily viewed without authorisation, either in an office environment or where they are required at other locations, such as a court. Practitioners must be scrupulous in ensuring paper files are kept secure at all times.

  • Ensure hard copy written reports and handwritten case notes that need to be retained are placed as soon as possible on the client file. See Case recording for additional information.
  • Ensure that handwritten notes that have been written up contemporaneously as a CRIS case note are securely destroyed or placed in a secure document disposal bin.
  • The client paper file should generally remain in the office. Client files should be kept in locked filing cabinets.
  • When paper documents, including the case file, must be taken out of the office they are to be placed in a satchel, briefcase or other suitable container. They must remain in the personal custody of the authorised practitioner at all times (not left unattended, checked in as airport luggage or left with hotel porters) or alternatively must be locked in a home filing cabinet, or an in-room hotel safe.
  • Only remove from the office the minimum information required for the defined business purpose, for instance, a report required for a meeting or court appearance.
  • When attending meetings at other locations, client papers removed from child protection premises must not be left on desks or tables where unauthorised persons could read them.
  • Storage of a file in an unattended motor vehicle, even if it is locked, is not an acceptable level of security at any time.
  • Never leave documents that contain personal information in a letter box, under a client’s door or with another person to pass onto a client.
  • Ensure TRIM is updated to reflect the movement and current location of all files.

Using portable storage devices (PSDs)

Portable electronic data storage devices such as Ultrabooks, laptop computers (including iPads, notebooks and tablets) CDs, DVDs and USB drives are only to be used to carry client related information outside of the office when there is no other option and there is a real operational need to do so. In particular, only PSDs provided by the department and not personally owned PSDs are to be used.

  • Information must be encrypted when stored on the PSD so that if it is lost or stolen the information is not disclosed.
  • Unless securely stored, the PSD should remain in the personal custody of the authorised user; not left unattended, or checked in as airport luggage or with hotel porters, for instance.
  • PSDs should be locked in a secure cabinet, inside a secure work area, when not in the personal custody of the user. This includes locking the PSD away when stored at home, or in an in-room safe when stored in a hotel room. A locked house, hotel room, or office is not secure enough on its own for this purpose. A separate secure container within the house, room, or office is required. This secure container must not be readily transportable.
  • Storage of a PSD in an unattended motor vehicle, even if it is locked, is not an acceptable level of security at any time.
  • When client related documents are no longer required on PSDs they must be deleted from the device. Consistent with case recording standards, the final version of any document must first be saved to the client file.

Postage

  • If any personal information is being sent by post, check that the address is correct by referring to the CRIS file and ensuring that the name of the recipient corresponds to the name listed for that address on CRIS.
  • If there is any uncertainty about a person’s current address, do not attempt service of legal papers or send highly personal material by ordinary post. Although this form of service is permitted under CYFA, it is not safe, given the highly transient nature of many clients and their families. Instead, contact the person to confirm their address details before sending the material. If no response is received, consider asking the Court to dispense with service for that individual until they can be located. See Service of documents and Dispensation of service for tasks that must be undertaken.

Securing data in the work place

  • Do not leave client information displayed on a screen when you leave your desk. (Press the Windows key + L to lock the screen).
  • Set up secure printing processes with regularly used printers so that password entry is required at the printer.
  • Do not leave a printer or copier unattended when printing or copying client material. Ensure it is removed from the printer or copier immediately.
  • Lock paper files in a secure cabinet, inside a secure work area, when not in use.
  • Do not hold meetings or interviews in secure work areas where client information may be in use or displayed on whiteboards or screens.
  • Only discuss client related information with supervisors or colleagues, as appropriate to the professional requirements of the situation.
  • Unless there is a specific need, case notes entered on CRIS should not be routinely printed and placed on the paper file. Paper files are inherently less secure and more vulnerable to unauthorised access.
  • It is not always necessary to provide a document. Sometimes the required information can be provided verbally.
  • Keep copies of the content of paper files to the minimum needed for work requirements, and protect the copies in the same way as the original. Where multiple copies are created, for meetings or court for instance, they should be retrieved and securely destroyed.
  • Do not place unwanted drafts, working papers or copies of client information in unsecured wastepaper bins. They must be shredded or placed in a locked secure disposal bin as soon as they are no longer required.

CRIS access

Child protection practitioners are granted CRIS access to child protection records dependent on their role. Other departmental employees may be granted CRIS access to undertake specific departmental functions, such as child death inquiries, audits or responding to freedom of information requests.

Additional access maybe granted if it has been endorsed by a divisional executive officer and approved by a Deputy Secretary.

Where CRIS access is not granted, practitioners must only share client information with internal or external service providers where there is a legitimate need for the information and information sharing complies with relevant legislation. See Information sharing for additional information.

Disclosure

See Information sharing.

Privacy breaches

Any privacy breach is to be treated as a Category 1 Incident and reported immediately. See Breaches of privacy for additional information.

Considerations for good practice

Whether it relates to our banking or financial records, our medical or other personal information, all of us have a reasonable expectation that the professionals to whom we entrust this information will treat it confidentially and with respect. We own the information that relates to our personal affairs, as do the children and families with whom we work. In all respects, practitioners and managers must ensure client related hard copy information and files are kept securely.

In our daily work, there is a risk we may become forgetful or careless with client information: leaving documents on desks; taking uncovered files out of the office; using client names or discussing sensitive client information in public.

Child protection pracitioners must be vigilant at all times when discussing client information, dealing with client files and any client records, to ensure that client information is not discussed where it can be overheard or left anywhere that can be accessed by unauthorised persons.

Any improper disclosure of personal information entrusted to the department is a matter for significant concern and subject to disciplinary procedures.

1