Create your own Brochure

[Skip to content]

Search our Site
Tuesday 24 April 2018

Solihull Integrated Offender Management Information Sharing Protocol

Version: KR/P/1/1.0 

Prepared by: Andrew Shipway, Corporate Information Governance Manager, Solihull Metropolitan Borough Council; and Sara Rooney Drug & Alcohol Action Manager, Solihull MBC

Approved by: Approved by Integrated Offender Management Group on behalf of the Community Safety Partnership, May 2012


  • Version Control
  • Deciding what information needs to be shared

  • Fairness and Transparency

  • Information Quality Standards

  • Retention of Shared Information

  • Security of Shared information

  • Access to Personal Information and Freedom of Information

  • Review

  • Signatories

  • Appendix

  • Primary Designated and Designated officers



Version Control

Title: Integrated Offender Management Information Sharing Protocol

Version: 1.2
Document type: Final
Prepared by: Andrew Shipway, Corporate Information Governance Manager, Solihull Metropolitan Borough Council Sara Rooney Drug & Alcohol Action Manager, Solihull MBC

Approved by: Approved by Integrated Offender Management Group on behalf of the Community Safety Partnership, May 2012.

Review date: Annually (May 2013)

Circulation: Signatory authorities to the Information Sharing Agreement



Version History

Version Number




May 2006

Draft created and sent to SMBC Corporate Information Governance Team for comment


October 2006

To update re. Care trust


June 2007

To include reference to management of offenders including PPO’s and High Crime Causers (HCC’s). To update PDO and DO lists. Distributed


January 2008

To update 2.2 to refer to Solihull Local Strategic Partnership (LSP)


July 2009

Amend title page to include LSP logo and amend title. SMBC PDO amended to Head of Public protection. Police PDO amended to Crime manager. Police DO amended to Offender manager


April 2010

Update document to incorporate IDOM model of working


April 2011

Updated to include registered social landlords and meet the requirements of ASB Case conferencing


May 2011

Updated to include Waterloo Housing Association


October 2011

Updated to reflect the new guidance of Information Sharing issued by the Information Commissioners Office


Dec 2011

Updated following consultation with IOM Board members, includes reference to risk section 4.1.1


January 2012

Updated to include response from WM Police Data Protection Manager Ref: sections 1.4.1 and 4.1.1


May 2012

Approved document/final



1.  Deciding what information needs to be shared  

The Data Protection Act requires that any sharing of personal information must be necessary. Any information shared must be relevant and not excessive.



1.1  Objectives

1.1.1  In accordance with the law and associated guidance, this protocol provides a formal agreement to share information, to facilitate the management of offenders engaged in the Integrated Offender Management model in Solihull.  In particular, the protocol will ensure that partners can develop effective action plans around enforcement, disruption, treatment and resettlement, in order to reduce offending, whilst also recognising the duty of confidentiality and the right to privacy in respect of personal information.


1.1.2  Below is a list of some of the primary purposes for information sharing:


  • Identifying adult offenders whose criminal/anti-social behaviour or drugs use fits the PPO criteria, or warrants the focussed effort of one or more partner agencies to disrupt, apprehend, prosecute or support them, in order to reduce the adverse effects of that behaviour on society.

  • Supporting multi-agency working to provide integrated services to reduce the risk of offending behaviour and substance use (drugs and alcohol).

  • Assessing and reviewing the needs of adult offenders.

  • Providing coordinated packages of support across a range of agencies to improve the outcomes for the offender, their family, or wider society.

  • To assess and manage risks in relation to adult offenders and their families in a coherent manner, and to protect communities from the individual’s offending behaviour.

  • Assessing the effectiveness of any action plans.

  • Evaluating any initiatives undertaken.

  • Investigating complaints or actual/potential legal claims.



1.2  Risk Assessment

1.2.1  The parties to this agreement have carefully examined the benefits of sharing the information and balanced this against any negative or detrimental effect it may have on individuals. The conclusion reached is that sharing of personal data is necessary for the above purposes (i.e. identification and management of individual offenders) and not to do so would impede the above purposes.


1.2.2  Information which is shared in accordance with any of the legislation (as stated in section 1.5) will be lawful if it is necessary for any of the purposes defined in the legislation. Necessary implies a mandatory requirement and any risk assessment must be based upon this level of judgement.


1.2.3  Where it is necessary to share information with any non statutory agency that is not party to this protocol, then consent will always be required from the individual. In any case, where the disclosure of any personal information is likely to be contentious, or to have a significant affect of the data subject’s life, or if there is any doubt about the legality of a case, then legal advice through a senior manager, should be sought.



1.3  Anonymised Information

1.3.1  Personal information is any information, which can identify a living individual (either by itself or with other information likely to come into someone’s possession). The parties to this agreement have examined whether the information can be anonymised so that it does not identify anyone. The conclusion is that the information needs to be personal information because individual persons must be identified and managed to achieve the above purpose.



1.4  Minimum Information Shared

1.4.1  Sharing excessive information, which is surplus to requirements, breaches the Data Protection Act. Therefore, only minimal, relevant and essential information will be shared, for the purposes of offender management. With reference to the table shown below, the ‘*’ indicates which agency may share the particular type of information, because they are the original holder of that   information. Third party recipients of         information should not disclose that information to another party, without the express permission of the original owner, or the data subject.


Table 1

Solihull IOM Information Sharing Protocol table 1.jpg


1.5   Legal Provisions

1.5.1   Powers to share information - In order to share the information the signatories of this agreement need to be able to identify either express statutory powers or implied statutory powers which underpin the exchange of information. Parties to this agreement have identified and agree that the following legislation underpins the sharing of the information.


  • S17 & S115 Crime and Disorder Act (1998) – to prevent and reduce crime and disorder.

  • S17 Children’s Act (1989) – duty of protection, or provision of services to children in need, for example, where offending behaviour interferes with a child’s education.

  • S29 of the Data Protection Act 1998 refers to the ‘prevention or detection of crime’ as an exception which allows personal data in this area to be processed.

  • S47 Children’s Act (1989) – duty to share information where there is reasonable cause to suspect that a child is likely to suffer significant harm.

  • The Criminal Justice and Court Services Act (2000) –duty on the Police and Probation to assess and manage the risk imposed by sexual, violent and other potentially dangerous offenders who may cause serious harm to the public.

  • Criminal Justice Act (2003) – duty to work collaboratively in assessing and managing the sexual and violent offenders who present the highest risk in communities.

  • Homelessness Act (2002) - duty on Local Authority to prevent homelessness amongst those most in need.

  • Sexual Offences Act (1997) (updated 2003) – duty to verify details around Schedule 3 offenders, and notifying releases of such offenders from prison.

  • Child Protection Act (1999) – duty on employers to access CRB information about persons employed to work with children.

  • S113 &115 Police Act (1997) – the provision of information by the Secretary of State in relation to Criminal Record Certificates.

  • Police Reform Act (2002) – a statutory duty on Local Authorities, Police, Fire Authorities, and PCTs to work together to reduce crime and disorder, and the fear of crime.

  • Prevention of Terrorism Act (1971) – duty to protect the public from acts of terrorism.

  • MAPPA Protocol for the Sharing of Information (1998) (updated 2004) – duty to develop a risk management plan around registered sex offenders, violent offenders, and other offenders who present the highest levels of risk.

  • Freedom of Information Act (2000) – the duty on public sector agencies to disclose information held, if a legitimate request is made.

  • By way of duty to the Courts.



1.6  Restrictions on sharing information

1.6.1  Neither party to this agreement have identified any legislation that will prevent the

sharing of the information.


1.6.2  It is recognised that all public bodies must act in a manner compatible with the European Convention on Human Rights / Human Rights Act 1998. In particular Article 8 which states that:


(1) Everyone has the right for his private and family life, his home and his correspondence.


(2) There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.

1.6.3   Bearing this in mind all parties agree that therewill not be any infringement of individuals privacy under Article 8 because, although the obligation to provide personal data, the release of personal data without consent, and the collection and storage of personal data all amount to interferences with an individuals right to respect for his or her privacy. Whether or not such interferences amount to a breach of Article 8 will depend on an assessment of whether the disclosure was ‘in accordance with the law’, necessary in a democratic society for a legitimate aim (in the interests of national security, public safety or the economic well being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others), and proportionate. The adequacy of the safeguards in the overall regime is central to this assessment. This agreement outlines the legislation, necessity to share, proportionality of what is shared and the adequate safeguards for sharing.



1.7 Sensitive Personal Information

1.7.1 Applying the definitions of sensitive personal information as defined at section 2 of the Data Protection Act, the sensitive personal information being shared relates to:


  • Racial or Ethnic Origin.

  • Physical or Mental Health or Condition.

  • Commissioned or Alleged Commission of Offences.

  • Any proceedings for any offence committed or alleged to have been committed, the disposal of such proceedings or the sentence of any court in such proceedings.


1.7.2 Although sensitive it is essential that this information is shared because it allows individual offenders to be identified and managed.



1.8 Consent

1.8.1 Consent is not always necessary. However, if any party to this agreement decides that they do need to gain an individual’s consent to legitimise the sharing of their information this must be a specific, informed and freely given consent. In this context, a failure to object is not to be taken as consent.


1.8.2 Most importantly, the individual must understand what is being consented to and the consequences of giving or withholding consent. If any party to this agreement is relying on consent to share information about a person, they must stop doing so if consent expires or is withdrawn.


1.8.3 If the information to be shared is sensitive, then if consent is relied upon it must be ‘explicit’ consent. Explicit informed consent means that the service user should understand the nature and extent of the disclosure that is to be made, who is likely to receive the information and how it may be used. A general release form, which gives permission for the release of “any relevant information”, is not likely to be consistent with the principles of explicit consent. Ideally consent will be obtained in writing.



2.  Fairness and transparency

The Data Protection Act requires that with some exceptions in order for the information sharing to be ‘fair’ the individuals’ whose information is being shared need to be made aware of the fact that the exchange is taking place, by whom and why.




2.1  Fair Processing Notices

2.1.1  It has been decided to inform individuals of the fact that their information is being shared in multi-agency meetings and plans. The information will describe which organisations are involved, what information is being shared, why and how often and how it benefits individuals. A contact telephone number will also be provided should anyone require further details. People will also be informed that they can object in writing to their information being shared and any objections will be considered and responded to within 21 days of receipt.


2.1.2  The Data protection Act states that, unless a relevant exemption applies, personal data will be processed fairly only if certain information is given to the individual or individuals concerned. It is clear that the law gives organisations some discretion in how they provide fair processing information – ranging from actively communicationg it to making it readily available. The oral or written statement that individuals are given when information about them is collected is often called a ‘fair processing notice’ or a ‘privacy notice’.


2.1.3  In general terms a privacy notice should state:

  • Your identity and, if you are not based in the UK, the identity of your nominated UK representative;

  • The purpose or purposes for which you intend to process the information; and

  • Any extra information you need to give individuals in the circumstances to enable you to process the information fairly.

The last of these requirements is vague. However, because the data Protection Act covers all sorts of processing, it is hard to be prescriptive. When deciding whether you should give any other information in the interests of fairness, you have to take into account the nature of the personal data and what the individuals concerned are likely to expect. For example, if you intend to disclose information to another organisation, fairness requires that you tell the individuals concerned unless they are likely to expect such disclosures.


2.1.4  When deciding how to draft and communicate a privacy notice, try to put yourself in the position of the people you are collecting information about. Ask yourself:

·         Do they already know who is collecting the information and what it will be used for?

·         Is there anything they would find deceptive, misleading, unexpected or objectionable?

·         Are the consequences of providing the information, or not providing it, clear to them?



Information quality standards


The Data Protection Act requires that personal information be  relevant, kept accurate and up to date. Decisions taken on inaccurate information can have serious consequences.




2.2         Six Elements of Information Quality

2.2.1     Signatories to this agreement have no desire to share inaccurate information. Parties are in agreement that any information shared should be of the highest quality and that procedures / systems must be in place to guarantee this.  There are 6 elements to Information Quality:


  • Accuracy

  • Reliability

  • Timeliness

  • Validity

  • Relevance

  • Complete


This is how each party will ensure the 6 elements of Data Quality: 


2.2.2     Accuracy – Signatories to this agreement will take steps to ensure that information shared is accurate.


2.2.3     Reliability - Any changes to the way the information is collected may have a bearing on the quality of the information. Any changes which may affect the quality of the information will be communicated to all parties in advance.


2.2.4     Timeliness - The information is to be shared on a monthly basis and this is considered frequent enough to guarantee an adequate level of accuracy.


2.2.5     Validity - Parties are to share the following information in the following formats:


Information Type

Agreed Standards, Definitions or Conventions to be used


Title / Forename / Surname

e.g.   Mr Joe Bloggs


Property Number and Street Name
Locality Name
Post Town
Post Code (with no spaces)


1 Chapel Hill


State M for male or F for Female






White and Black African

White and Asian

Any other Mixed Background.


Asian or Asian British




Any other Asian Background


Black or Black British



Any other Black background


Chinese or other Ethnic Group


Any other ethnic group

Date of Birth


CRO Number


OM Details

Name and organisation

Criminal History

Free Text


Free Text

Family Details/Circs

Free Text

Victims Details (with consent)

Free Text

Current Intelligence

Free Text

License or other Conditions

Free Text

Assessment relevant to management of risk

Free Text

Compliance history e.g.with DTTO/DRR/ Supervision/ Care Co-ordinate/ RoB/RA

Free Text

Current/ Previous engagement

Free Text

Offender in Treatment

Free Text

Level of Substance misuse

Free Text

Drug Test Results

Free Text

Progress against CarePlan

Free Text

Info essential to case management of offender

Free Text



2.2.6  Relevance - This Information Sharing Agreement has identified the information to be shared as being relevant for the task in hand. This agreement will be reviewed at least annually to determine amongst other things whether the information shared is still adequate and relevant.


2.2.7  Complete - All parties will keep the information they exchange under review and as stated above will review the Information Sharing Agreement at least once a year. If at any time either party determines that the information shared is no longer achieving the stated purposes immediate action will be taken to address and remedy this.



3.  Retention of shared information


The Data Protection Act requires that personal information should not be kept for any longer than is required.




3.1  Retention and Disposal

3.1.1  Parties to this agreement understand that the information shared should not be held indefinitely and should only be retained for as long as it is needed. The retention period will either be based upon legislation which requires that the information be kept for a set period, or in the absence of any legislative requirement, each party to this agreement will determine how long they need to keep the information based upon their own business need.


3.1.2  After this time their details will be permanently deleted and this will apply both electronic and manual records.


3.1.3  Electronic Records – For information to be deleted it must be permanently and irrecoverably deleted. This means it cannot exist on the organisations electronic backups or other systems, unless it is held for different purposes which require it to be retained for longer.


3.1.4  Manual Information – Each party to this agreement holds manual information on service users. Each service user has a manual file (similar to a personnel file). In line with the above retention schedule each party has agreed that the file will be shredded and put into confidential waste at the end of the retention period 



4.  Security of shared information

The Data Protection Act requires that organisation’s have adequate organisational and technical safeguards in place to guarantee the safety and security of personal information they hold. Any safeguards must be proportional and appropriate to the nature of the information and the harm that might result from unauthorised or unlawful processing or accidental loss, destruction or damage.




4.1  Identify/Evaluate Risk

Possible impact of accidental loss or deliberate compromise of restricted information is:

  • a. A risk to the individuals personal safety or liberty

  • b. Disruption to emergency service activities that requires reprioritisation

  • c. Hinder the detection, impede the investigation of, or facilitate the commission of low-level crime (i.e. crime not defined in legislation as ‘serious crime’) or hinder the detection of a serious crime.

  • d. A low level criminal prosecution to collapse

  • e. A breach of proper undertakings to maintain the confidence of material provided by third parties.

  • f. A breach of statutory restrictions on disclosure of material.

  • g. An undermining of confidence in public services.

  • h. Monetary penalty notice of up to £500,000 being issued to the data controller.


Information is shared via email. Any information shared by email will only be sent via secure email addresses and to individuals identified as Designated Officers and Primary Designated Officers.


Members of ODOC and representatives of organisations change periodically. The information sharing agreement will be presented and agreed to at the beginning of each ODOC meeting.



4.2  Protective Markings

4.2.1  Parties to this agreement have agreed that a Protective Marking of PROTECT or above should be applied to the information.



4.3  Physical Mechanisms for delivering/sharing the information

Electronic Sharing of Information


4.3.1  Any information that is shared electronically must be done so via encrypted means. For example if information is shared by email then it will not be sufficient to simply password protect a document, the email itself must be encrypted. Alternatively, the email can be sent via a secure network such as the GCSX network.


4.3.2  If information is shared by copying it onto portable media such as a CD, DVD or memory stick then the media must be encrypted and protected by a strong password containing at least 8 characters in length and containing upper and lower case characters and at least one special character and one number. Since encryption standards are always evolving, it is recommended that data controllers ensure that any solution which is implemented, meets the current standard such as the recommended FIPS 140-2 (cryptographic modules, software and hardware) and FIPS – 197.


Postal Service


4.3.3  If information is sent through the post it will be sent by special delivery. Items sent by Special Delivery are tracked throughout their journey through the postal system and so if they get lost there is a stronger chance they will be found. Items sent by

Recorded Delivery are treated as normal post except for the fact they are signed for upon delivery. Therefore Recorded Delivery will not be used.


4.3.4  Parties to this agreement will ensure that the envelopes/packaging used are either special tamper proof packaging or else strong enough to prevent damage and potential loss of information during transit.


Planned Meetings



  Drug Intervention Programme Case Reviews 
Applies to:  All clients active on the Drug Intervention Programme Caseload, both in prison, and in the community.
Attendees: DIP Team and Treatment Agencies.
Frequency: Monthly.
Purpose: To monitor case progress on individual clients, and to make decisions around care co-ordination, caseload management and closure of cases. Additionally, to ensure effective tracking of clients through the Criminal Justice System, and to allow all agencies involved in the care and treatment of a client to agree coherent and consistent courses of action.
Information Sharing Arrangements: Most of the information shared during the Case Review process falls within the boundaries of the Confidentiality Waiver, signed by clients, to ensure effective ‘continuity of care’. In other words they will have given their consent for the sharing. In addition to that agreement, agencies may share information in line with this protocol, where it is necessary and proportionate and fair and lawful.
Authorities: Where information is shared outside the provisions of the client’s ‘confidentiality waiver’, but that information will solely be contained within the context of Case Management within the CJIT, the authority of the Service Provider Manager, or the DIP Manager is required. Where the information is the shared beyond that context, e.g. with enforcement agencies, the DIP Manager will determine the appropriateness of that purpose. That authority should be recorded in writing, stating what information is to be shared, with whom, and for what purpose.
Audit/Records: Written records of the decision to share information, including details of the authority given, as well as the information shared, should be included within the Minutes of the Case Review Meeting where that decision was taken.


MAPPA/ Child protection Panels &
Child Protection Arrangements

            Separate arrangements apply to MAPPA and Child Protection meetings, and all information sharing arrangements should comply with the relevant MAPPA/Child Protection protocols




One Day One Conversation (ODOC) meetings
and Anti Social Behaviour Case Conferencing.


Applies to:       Prolific and Priority Offenders or offenders being managed by this process, including High Crime Causer User’s (HCCU’s) and ASB Offenders known to, or proposed by any parties to this protocol. 
Attendees: Representatives from West Midlands Police, Staffordshire & West Midlands Probation Trust, Solihull Community Housing, Solihull Drugs Intervention Programme, SIAS (Solihull Integrated Addiction Services), Children’s Social Services SMBC, Adult Mental Health Services SMBC. Other services may be represented, this will be dependent upon the assessed needs of the offender.
Frequency:    Monthly.
Purpose:        To develop joint, coherent action plans around identified offenders that contribute to effective case management. Additionally, to encourage consistency in practice across agencies, allowing a focussed approach around these offender groups, leading to the promotion of a safe community.
Information sharing arrangements: Identified offenders may sign a‘confidentiality waiver’that will support information sharing for the purposes outlined. In other words they may consent to the sharing. In addition to that agreement, information may be shared in accordance with this protocol to support the role of the Forum. Where non-statutory, agencies are involved in ODOC meetings, the Chair should ensure that the representative fully understands their responsibilities under this protocol, and its governing legislation. A signed declaration to this effect is required.
Authorities:   Representatives at the ODOC meetings should carry the explicit authority of their organisation to share information for the purposes of the Forum. The information shared should be an objective assessment of the organisation’s views on the identified offender, and not a personal view, although a professional judgement may be given if appropriate.

A written record should be made at every ODOC meeting indicating what information has been shared, and with whom. The record should detail any action plans agreed as a result of the information shared.

ASB Group:   The work of the ASB Operational Group has valid links to this protocol, due to its involvement with PPOs, and Drugs Users. Local agreement allows the Minutes from that Group to be shared with the ODOC meeting. This Information should be treated as third party information, and subject to the same degree of confidentiality etc, as outlined below.



4.4  Points of Contact

4.4.1  Each agency should appoint a Primary Designated Officer (PDO), who should be a manager of sufficient standing, and have a co-ordinating and authoring role. The agency may also appoint Designated Officers (DO) within the same body (appendix).


4.4.2  The responsibilities of the PDO in relation to information exchanged under this protocol are to ensure:

  • a. It is obtained, processed and disclosed fairly and lawfully.

  • b. It is kept securely.

  • c. It is processed in accordance with the rights of the data subject.

  • d. It is accurate, relevant and held no longer than necessary.

  • e. It is disclosed only for specified related purposes.

  • f. It is disclosed without the subject’s knowledge and/or agreement only where failure to do so would prejudice the objective and then only when there is a lawful and legitimate basis for doing so.


4.4.3  The PDO and DOs will hold a file or folder containing all aspects of the documentation and information sharing process.. This file will be managed by the DO/PDO to ensure that it is accurate, up to date, and information held in it will be reviewed at least quarterly by arrangement. The folder must include:

  • a. Record of data disclosed.

  • b. Project chronology.

  • c. Project access list.

  • d. Notes of meetings, and recent phone calls.



4.5  Mandatory Safeguards

4.5.1  All parties to this Information Sharing Agreement agree that any staff who process the shared information:


  • a) Understand they have an obligation to safeguard and protect the information.

  • b) Receive appropriate training to enable them to understand the risks surrounding Information security and what safeguards they can take to protect information.


4.5.2  Additionally all parties agree that they will ensure that:


  • a) Unauthorised staff and other individuals are prevented from gaining access to personal information.

  • b) Visitors are received and supervised at all times in areas where personal information is stored.

  • c) All computer systems that contain personal information are password protected.  The level of security should depend on the type of information held, but ensure that only those who need to use the information have access.

  • d) All new software is virus-checked prior to loading onto an organisations machines. The same for disks, memory sticks and any other similar removable device.

  • e) Paper files are stored in secure locations and only accessed by those who need to use them.

  • f) Information is not left on public display in any form. Desks are cleared at the end of each day and sensitive material locked safely away.



4.6         Indemnity Agreement

4.6.1     In consideration of the provision of information, the organisations and signatories to this agreement undertake to indemnify any of those partners included in this Information Sharing Agreement against any liability which may be incurred by one of the partners as a result of the provision of such information.


4.6.2     In respect of every disclosure, the receiving party undertakes to indemnify the disclosing party against all actions, claims, demands and proceedings and all damages, costs and expenses incurred in connection therewith made or brought against the other party by any person in respect of any loss or distress to that person by the loss, unauthorised destruction, or disclosure of any personal information by the party which has been disclosed to them in confidence by the other. “disclosure of any personal information” also includes “any disclosure found to be in contravention of the Data Protection Act 1998”.


4.6.3     Provided that this indemnity shall not apply where the liability arises from information supplied which is shown to have been incomplete or incorrect (i.e. where the information does not comply with the fourth data protection principle) unless the partner claiming the benefit of this indemnity establishes that the error did not result from any wilful wrongdoing or negligence on its part.


4.6.4     Further this indemnity shall not apply unless the partner claiming the benefit of this indemnity notifies the granting partner as soon as possible and no later than [seven] days from the date that gives rise to any action, claim or demand to which this indemnity applies of such action, claim or demand, permits the granting partner to deal with the action, claim or demand by settlement or otherwise and renders the granting partner all reasonable assistance in so doing.


4.6.5     This indemnity shall not apply to the extent that the partner claiming the benefit of the indemnity makes any admission which may be prejudicial to the defence of the action, claim or demand. By signing this Information Sharing Agreement all parties and signatories agree that they have read, understood and agree to abide by the terms and conditions of this agreement. 



5.  Access to personal information and Freedom of Information

The Data Protection Act gives individuals the right to ask for and receive copies of personal information held by an organisation (subject to certain exemptions) and the Freedom of Information Act gives individuals rights of access to all other types of information.




5.1  How to Handle requests Information

5.1.1  All parties to this agreement have agreed that if either organisation receives a request from an individual to access any of the shared information it is their responsibility to process the request. However, should the information in question have originated from the other organisation then they will be contacted within 5 days of receiving the request and views sought on whether the information should be disclosed or whether there are any reasons which would legitimise it being withheld.


5.1.2  If a member of the public requests a full copy of the signed information sharing agreement, neither party to this agreement have any objections to a full copy being released. Both parties to the agreement would ordinarily make this information available in any case by way of their publication schemes.



6.  Review

6.1  Annual Reviews

6.1.1  This Information Sharing Agreement will be reviewed by all parties on the anniversary of the signing of this agreement. Thereafter, it will be reviewed at least annually or sooner should circumstances warrant it.


6.1.2 Each review will examine whether:


  • The sharing of information is having the desired effect.

  • Fair processing notices still provide an accurate explanation of the information sharing activity.

  • Procedures for ensuring the quality of information are being adhered to and are working in practice.

  • Organisations you are sharing information with are also meeting agreed quality standards.

  • Retention periods are being adhered to and continue to reflect business need.

  • Security remains adequate and, if not, whether any security breaches have been investigated and acted upon.

  • Individuals are being given access to all the information they are entitled to, and that they are finding it easy to exercise their rights.




Solihull MBC


West Midlands Police


Staffordshire and West Midlands Probation Trust


Welcome (SIAS)


Birmingham & Solihull Mental Health Foundation Trust (SIAS)


Aquarius (SIAS)


Solihull Community Housing


Registered Social landlords providing accommodation in Solihull, Bromford Housing, Harden Housing Association, Mercian Housing Association, Sanctuary Housing and Waterloo.




As at April 2012


Primary Designated Officers (PDO) and Designated Officers (DO)



Note: The allocation of PDO and DO responsibilities is according to roles and grades within each agency. The associated, up to date names should be made available to all parties to this protocol by each agency represented on this list.


Probation (Solihull)

PDO: Any Senior Probation Officer




Any Probation Officer or Probation Services Officer, who has a role in managing individual offenders.            




PDO:  CrimeManager




PoliceOffender Managers, DIP arrest referral workers                                                           




PDOs  Community Safety Manager
   Drug& Alcohol Action Manager
   DrugIntervention programme manager




Any officer who has a role which contributes to the management of offenders                          



SMBC –  Children’s Services

PDO Head of Service Children In Need




Designated Team Manager –Children’s Social Work                                               



Solihull Community Housing


Director of Housing


Head of Estate Management


Head of Housing Options Tenancy Relations Manager Tenancy and Property Manager


Housing Aid and Homelessness Manager




TenancyRelations and Allocations:


Tenancy Relations Manager


Senior Tenancy Relations Officer Tenancy Relations Officer – 7 identified persons at Grade D.


Tenancy and Allocations:


Tenancy and Property Manager


Allocations manager Housing Officers – 4 identified persons at Grade D.


Housing Advice:


HousingAid and Homelessness Manager Homelessness Manager

  Housing Advisors – 10 identified persons at Grade D.




PDO: Executive Director




Service Managers

  DIP Through care and Aftercare Team                                                                              



The Bridge, Birmingham & Solihull Mental Health Foundation Trust


The Bridge Team leader







Solihull YOS

PDO: YOS Manager  




Any YOS case worker involved in the management of young offenders through the Integrated Offender management processes, included in this information sharing protocol.



Harden Housing Association

PDO:   Housing Services Manager



Mercian Housing Association

PDO:   Senior Neighbourhood Officer



Sanctuary Housing

PDO:   Tenancy Services Officer



Bromford Group


PDO:   Community Safety Manager




Housing Manager

  Community Safety Team Manager