SEFTON LSCB Safeguarding Policies and Procedures Online Manual

    12.2 Objectives of this Information Sharing Agreement

    Last updated 18/05/2017

    12.2.1 Principles of Information Sharing

    Storing and sharing information about offenders is essential to the multi-agency approach to their management. The quality of both risk assessment and risk management is reliant on the RA and DtC agencies (and others as appropriate) sharing accurate personal information in a timely manner.

    The practice of information-sharing between MAPPA agencies is governed by legislation and certain principles, including those set out in the MAPPA Guidance and the Data Sharing Code of Practice issued in 2011 by the Information Commissioner’s Office (ICO).

    12.2.2 Information Sharing Practice

    The MAPPA information sharing process works through the involvement and presence of the appropriate agencies at MAPPA meetings and on the basis of proper information sharing documentation, consistent with the MAPPA Guidance, which provides a consistent process for sharing information across England and Wales. These meetings and documents enable agencies to share information that:

    • is relevant to undertaking a multi-agency risk assessment
    • identifies the likelihood of re-offending
    • identifies serious risk of harm issues and their imminence, and
    • is critical to delivering an effective risk management plan.
    12.2.3 Ownership of Information Shared

    All information shared under MAPPA must be processed in line with the Data Protection Act 1998 (DPA). Most personal information remains the responsibility of the agency that provided it and they are considered to be the data controller under DPA. For example, the NPS is the data controller for information regarding their statutory supervision of the offender and the police are the data controller for information regarding their management of a registered sexual offender. All agencies that retain copies of the minutes of MAPPA meetings or other information shared under MAPPA act as joint data controllers for those minutes or that information under DPA. Subject Access Requests (SAR) and Freedom of Information (FOI) requests concerning shared information must be responded to in line with the MAPPA Guidance.