Executive Summary

Part 6A of the Act provides key principles underpinning information sharing through CISS, including a focus on timely information sharing to promote the wellbeing and safety of children. These principles are complemented by some intentionally broad provisions to support authorised professionals in roles which support child wellbeing and safety sharing information in good faith. These include the provisions which protect the use and disclosure in good faith, the broad definition of ‘confidential information’ and the absence of a definition of ‘wellbeing’ to enable authorised professionals to use their professional judgement regarding what and when is appropriate to share. However, to manage risks associated with inappropriate use, the additional powers and defences to sharing information under CISS only apply to ISEs prescribed in the Child Wellbeing and Safety (Information Sharing) Regulations 2018 (the Regulations), and the public more generally cannot share or request information under CISS.

In determining whether CISS has been implemented within its scope, this Review has focused on the extent to which implementation activities have supported prescribed professionals to share information through CISS as intended, the Program Logic (Appendix A), and government oversight of CISS.

As CISS’ current scope prescribes secondary, tertiary and universal services in the health, education/early childhood, justice and human services sectors, implementation activities have focused on these sectors. Key implementation activities undertaken since CISS’ inception for these workforces include:

• development of the Regulations and the Child Information Sharing Scheme Ministerial Guidelines (the Ministerial Guidelines), issued under the powers in Part 6A
• training of prescribed workforces,⁹ with over 40,000 workers accessing the online Learning Management System (LMS) in addition to over 2,000 attendees at in-person sessions
• resources to support CISS users, such as webpages, fact sheets, videos, toolkits and a searchable database of ISEs
• an Enquiry Line and email inbox for ISE queries, of which usage has grown significantly since the Two-Year Review, with 1,469 contacts in the first two years growing to 15,496 contacts from January 2021 to September 2023
• stakeholder engagement and communications activities
• the CISS Change Program, including the CIS Supporting Reform in Place project and Capacity Building Grants, which was a key element of the Victorian Government response to the Two-Year Review’s recommendations.

The Department has also developed the VCIS Reform Monitoring and Reporting Framework (MRF) for measuring and monitoring the impact of CISS over time. Underpinning the MRF is the VCIS Reform Outcome Measurement Framework which identifies CISS’ intended outcomes over the short-, medium- and long-term.

Taken together, these implementation activities have comprehensively addressed the current scope of CISS, as well as drawing out relevant links to concurrent reforms such as Child Link, FVISS and MARAM.

Key enablers to CISS implementation included:

• provision of multimodal training and resources, tailored to the professional’s sector and location
• establishment of Child Link, which has enabled some CISS users to more quickly identify other services or people supporting a child in their care
• dedicated resourcing for CISS implementation in the Department and other departments responsible for the workforces involved
• in some sectors, organisational cultures that promote trust, communication and collaboration. These cultures promoted enabling more timely and proactive information sharing, within and between different workforces.

Key barriers to CISS implementation included:

• the scale and diversity of prescribed workforces, in particular the varied functions, roles and workplaces
• the COVID-19 pandemic (COVID-19), which delayed or otherwise restricted the delivery of particular implementation initiatives, primarily for Phase One workforces.

An assessment of the extent to which CISS has achieved the short- and medium-term outcomes, as outlined in the Program Logic (see Figure 1.4), has been undertaken to inform the findings of this section.

Overall, this Review found that a broad range of sectors and stakeholders across Phase One and Phase Two workforces are sharing and accessing confidential information using CISS to promote a child’s wellbeing and/or safety.

The majority of respondents (76 per cent) to the CISS Workforce Survey indicated that they are confident in their understanding of CISS (n=330). 70 per cent of respondents indicated that they found the training they received on CISS to be useful and informative (n=330). Stakeholder consultation with ISEs suggested that understanding of the purpose of CISS varies between workforces, sectors and regions.

Through the CISS Workforce Survey, the majority of respondents either agreed or strongly agreed that:

• CISS makes it easier to share and access information about a child’s wellbeing and safety (65 per cent)
• CISS allows for better support to be delivered to the children in their care (58 per cent)
• there is an improved ability to promote child wellbeing and safety through their organisation’s use of CISS (75 per cent, n=330).

A key area of progress is the enabling of cooperation and collaboration across services. The majority (64 per cent) of survey respondents agreed (47 per cent) or strongly agreed (17 per cent) that their organisation’s use of CISS has resulted in more communication and collaboration between service providers (n=330). Stakeholders consulted in this Review corroborated this, particularly those from the education and health sectors. Additionally, a majority of survey respondents agreed or strongly agreed that generally, staff in their organisation are open to sharing information with other agencies. This reflects progress against the important intended outcome of organisational culture change, particularly given that the intent of CISS is to provide timely and effective information sharing among service providers. However, further work is likely required to ensure that communication and collaboration between service providers is consistently and systematically demonstrated across all workforces.

“It is helpful that there is now a shared understanding between services/systems about information sharing.”
– Phase One stakeholder

CISS is intended to enable the early identification of potential risks and opportunities for early support to promote the wellbeing and safety of children. 73 per cent of CISS Workforce Survey respondents indicated there is an improved ability to identify risks to children earlier, which broadly aligned with those consulted stakeholders who suggested there is an increased confidence among service providers in using CISS to identify and act on children’s needs (n=330). While these results broadly suggest that CISS has improved ISEs’ ability to promote the wellbeing and safety of children earlier, these improvements were more prominently reported among workforces prescribed in Phase Two. For example, 76 per cent of respondents in the education sector indicated that their organisation’s use of CISS has improved their ability to identify risks early.

As awareness and understanding of CISS has improved, so too has users’ confidence in sharing information related to the wellbeing and safety of children. CISS Workforce Survey results revealed that a lack of confidence was the least likely reason ISEs would refuse a request for information. While users reported confidence in their understanding of CISS, those who indicated they were not as confident either agreed or strongly agreed they would benefit from more training. Stakeholders in this Review noted a positive culture shift facilitated by CISS, particularly in the family violence, early childhood, and local government sectors. Despite this progress, further work is needed to ensure consistent implementation of this culture change across all workforces. The collective insight from various stakeholder groups suggests good progress in understanding CISS and achieving systemic change since the Two-Year Review.

“CISS has been very helpful to ensure that everyone is on the same page and working for the benefit of the child’s wellbeing and development.” – Phase Two early childhood professional

The ability of this Review to make findings regarding outcomes realised by CISS has been limited by the design of data collection reporting arrangements. Specifically, only ISEs are required to record information sharing activity and there is no central repository regarding information sharing activity or impact. Some larger government agencies who are either ISEs themselves or have oversight of ISEs have established centralised teams within their organisations to manage information sharing activities and consequently coordinate the collection of information sharing data for that entity. Some of these entities have provided data to the Review.

Due to the timing of this Review, it is not expected that CISS could have achieved the long-term outcomes outlined in the Program Logic (see Figure 1.4); rather, this Review provides evidence of the extent to which CISS is on track to achieve these outcomes over time. Successful outcomes are likely dependent on a number of factors, including further implementation support of CISS and improved engagement with the VCIS Reform across a wider range of services. There should also be recognition of the longer timeframes required to achieve long-term child wellbeing and safety outcomes, and factors other than child information sharing that are likely to also affect the achievement of these outcomes.

In the Two-Year Review, positive signs of impact were reported, including a cultural shift among ISEs towards shared responsibility for child wellbeing and safety. This led to increased collaboration and a deeper understanding of the significance of child safety. This trend has continued as documented in this Review, with 64 per cent of CISS Workforce Survey respondents indicating that through their organisation’s use of CISS, there is more communication and collaboration between service providers (47 per cent agree, 17 per cent strongly agree, n=330). Further, 72 per cent of CISS Workforce Survey respondents indicated that generally, staff at their organisation are aware of their legal responsibilities when sharing information through CISS (56 per cent agree, 16 per cent strongly agree, n=330). While this represents a generally strong awareness of legal responsibilities when sharing information through CISS, 80 per cent of respondents who did not indicate that they were confident in their understanding of CISS indicated that they would benefit from more training on CISS (48 per cent agree, 32 per cent strongly agree, n=82). This emphasises the ongoing need for strengthening understanding and engagement across all ISEs for a coordinated approach in safeguarding child wellbeing and safety.

“[CISS] fosters a culture about responsibility as to how you handle the child into the ‘next relationship’ as well (i.e., the individual child and the next entity they deal with).” – Phase One Commissioner

CISS is still maturing in terms of achieving a coordinated approach to information sharing that is adaptable to its workforces. The evidence of CISS achieving the outcomes of effective, efficient, responsive, and agile service systems is limited. CISS is a critical component in facilitating the achievement of this outcome over time, but the success of service systems relies on various factors, including adaptability to the dynamic environment of child and family services.

The Review’s approach in considering how CISS has affected communities experiencing disadvantage or vulnerability does not assume that these concepts are experienced universally by particular cohorts within the community. It is important to recognise the importance of strength-based approaches that are empowering for communities who may be at risk of or experiencing disadvantage, rather than applying a deficit-based lens. Given that this review question directly asks for consideration of any such negative impact, the review advises as follows.

The Victorian Government has implemented provisions within the Act, and guidance within, the Ministerial Guidelines and CISS practice guidance to address potential risks in information sharing, particularly concerning communities facing disadvantage or vulnerability. These instruments emphasise cultural safety safeguards, outlining key risks that need management.

The design of CISS aimed for broad applicability given its coverage of all children in Victoria, but inherent risks surfaced for particular communities experiencing disadvantage or vulnerability. The Department reported broad stakeholder endorsement of proposed changes, including importantly from the Aboriginal Community Controlled Organisations (ACCOs) within the Aboriginal support community.

The Ministerial Guidelines provide that where an ISE becomes aware that information recorded or shared about any person is incorrect, it should take reasonable steps to correct that information. ISEs must take reasonable steps to protect the information they hold against loss, misuse and unauthorised access, modification or disclosure. They must also ensure that information is managed securely to avoid the risk of intentional or unintentional privacy breaches.

However, under the current Scheme design, instances of the circumstances mentioned above may not be detected and may not become known to the Department or any other authority. This Review acknowledges that at this time there has been limited data reported to the Department on the extent to which there have been instances of refusals or non-responses to CISS requests across these communities.

It has also been noted through stakeholder consultation that one reason community organisations might refuse or not respond to a request under CISS is their concern that government and/or other information requesting bodies may act in ways that are culturally unsafe. An example provided by a stakeholder included experiencing challenges with professionals working in schools to address intergenerational trauma in a culturally sensitive manner. Specifically, a question was raised on the appropriateness of having a school psychologist working with a child with experience of trauma without the involvement of an ACCO (i.e., a trusted community connection familiar with the additional complexities of Aboriginal and Torres Strait Islander lived experience) and what guidance can be provided for these situations.

Aside from such examples and feedback from stakeholders, it is difficult to assess the impact of CISS on communities experiencing disadvantage or vulnerability. The Department has developed cultural safety safeguards and practices and applied them as part of its place-based implementation activities. More work is needed to understand the acceptance and impact of these safeguards and practices.

The omission of disability and private mental health services as prescribed ISEs poses a risk to the wellbeing of Victorian children with additional needs. Inclusion of these providers in CISS could enhance support for children’s holistic health, social, wellbeing, and educational experiences. Many ISEs involved with children with disabilities face challenges in providing safe and inclusive care, potentially impacting the mental distress of parents and carers seeking adequate support.

Positive unintended consequences relating to reform implementation

The scope of the intended outcomes of CISS is intentionally broad, encompassing elements of child wellbeing and safety, workforce capability, and service collaboration and integration. All the positive impacts of implementation activities identified in this Review aligned with the intended outcomes of CISS to some extent.

Negative unintended consequences relating to reform implementation

While CISS aimed to instil confidence in the legality of child information sharing, it also introduced formalities for entities accustomed to informal sharing mechanisms.

In the CISS Workforce Survey, four per cent of respondents agreed and a further 20 per cent were unsure about whether they had witnessed a negative impact on a person experiencing vulnerability or disadvantage resulting from information sharing through CISS (n=330). Further data collection and consultation would be required to understand the extent to which CISS users can identify negative impacts.

Stakeholders highlighted uncertainty and confusion in comprehending how ongoing reforms, including CISS, FVISS, and MARAM, align and affect one another, indicating a need for further clarity and support.

This Review did not identify any unintended consequences of CISS in relation to interpretation of the legislative framework.

As the compliance monitoring and reporting process continues to mature over time, identifying and addressing potential misinterpretation will be more easily facilitated.

Overall, Part 6A of the Act provides a comprehensive legislative framework, with strong alignment with the intended outcomes of CISS. This Review did not identify any legislative amendments required to enable CISS to meet its intended outcomes.

The Regulations predominately prescribe ISEs and the record keeping requirements ISEs must comply with when disclosing or receiving information or receiving and managing a complaint.

The Royal Commission into Institutional Responses to Child Sexual Abuse recommended that information sharing schemes be implemented in phases. This Review did not identify any issues with the prescription of particular workforces in the Regulations within the first five years of CISS’ phased rollout and operation. However, the long-term vision of CISS is for all services supporting a child to be actively engaged in identifying and monitoring risks or issues associated with their wellbeing and safety. Recognising the phased approach to implementation, it is noted that key workforces including disability should be prescribed in the VCIS Reform. Until this occurs, intended outcomes will not be maximised.

The record keeping obligations in the Regulations are necessary and, at the regulatory framework level, are likely to be sufficient to manage the breadth of risks in relation to sharing of confidential information, such as clearly identifying who the information was shared with and for what purpose, and complaints record keeping. The Ministerial Guidelines provide further expectations of data security and complaints management. However, there are potential gaps in how these legislative settings have been established, as the data collected through ISE record keeping is not centrally collated and it is not clear from this Review whether there are consistent levels of record keeping compliance for every ISE. While not a requirement under the current legislative settings, the lack of visibility on how CISS is being used presents risks. There are opportunities to identify and address common issues and risks associated with child wellbeing and safety more systematically.

To address the issues noted above and achieve the intended outcomes of CISS, CISS could be expanded to include more of the services that engage with children for wellbeing or care and services, determined based on the relevance and feasibility of the organisations to be prescribed under CISS. However, any expansion of CISS would need to be carefully designed and implemented to manage the risks associated with expanding the number of entities handling confidential information.

In terms of regulatory consideration, it would be beneficial to introduce reform to support improved oversight and transparency regarding the impacts of CISS. This could be achieved by full implementation of the Outcome Measurement Framework including reconsideration of the approach to recording people authorised (i.e., trained) to use CISS as well as measuring and reporting on the utilisation and impact of CISS.

Confidence in the oversight of state-wide outcomes for children’s wellbeing and safety will be particularly critical to any successful expansion of the Regulations’ prescribed workforces. There are inter-related child wellbeing and safety schemes and initiatives that CISS operates in conjunction with, which are also broadly relevant to CISS ISEs. There is an opportunity to assess the inter-relationship and comprehensiveness of these schemes for their effectiveness in safeguarding children.

Another key limitation of the legislative framework is the inability of CISS to support children in border communities, as services in these locations are often dispersed across Victoria and neighbouring jurisdictions (i.e., New South Wales and South Australia). Difficulties also persist where a child has recently moved from or into Victoria from another jurisdiction. The outcomes of CISS would be best supported through clearer links to complementary interstate schemes and clear procedural guidance for when information to support a child’s wellbeing and safety needs to be shared across borders. This is best achieved through inter-government channels of policy work.