Guest Author: Jon Trew
Recording concerns about a child is probably the most common safeguarding task that any teacher will undertake. It is therefore essential that these recordings are accurate and secure. The Northern Ireland Department for Education has produced some clear advice about managing pupil records in Northern Ireland schools.
The document known as Circular 2020/07 emphasises the importance of maintaining accurate records to safeguard children. Key sections include requirements for keeping pupil records, recording, and storing child protection information, managing access, and sharing information, transferring records, and handling records during school closures or amalgamations. The circular also outlines the legislative context and provides templates and checklists to assist schools in compliance.
1. Maintain Confidentiality of Child Protection Records
The guidance provides a clear framework for maintaining confidentiality, making informed decisions about information sharing, and ensuring proper retention and disposal of records in line with statutory requirements.
Access to safeguarding records should be restricted to relevant staff only, such as the Principal, Designated Teacher (DT), and Deputy Designated Teacher (DDT). For records stored on PCs or laptops, adequate security measures, including password protections, must be implemented to prevent unauthorised access The advice relates to both online-electronic as well as paper-based records.
2. Compliance with GDPR and Safeguarding in Schools
Each school is responsible for maintaining its records and record-keeping systems, ensuring compliance with statutory requirements, including data protection legislation such as the Data Protection Act 2018 (DPA) and the General Data Protection Regulation (GDPR).
The circular makes it clear that all schools have a responsibility to keep accurate safeguarding records. It is essential that they must make detailed records of all concerns and of all actions taken. Recording helps identify early concerns and ensure effective safeguarding practices and it is the responsibility of the school governors to ensure that the information stored is GDPR compliant and in line with statutory requirements on data protection.
It is good practice for every school to either develop a specific Child Protection Records Management Policy or include reference to it in their records management policy.
3. Effective Recording of Child Protection Information
Child protection information should be recorded accurately and promptly to assist in identifying patterns of concern and managing safeguarding practices.
The circular defines child abuse in line with the DOH document called ‘Co-operating to Safeguard Children and Young People in Northern Ireland (August 2017).’ Schools must ensure that volunteers have the necessary clearances and a record of these should be maintained.
The circular provides a proforma template that staff can use to note their concerns and remind us that all recording must be made promptly, ideally within 24 hours. Accumulated minor incidents can be crucial in identifying harm.
Specific guidelines include:
- Incident Reporting: All allegations of child abuse must be recorded in the school’s record of Child Abuse Complaints, which should be retained securely and signed and dated by the Principal.
- Confidentiality: Child protection information is confidential and should not be kept in the child’s educational record. Instead, it should be stored in a separate secure filing system, either physically or electronically, with restricted access.
The Child Protection File should include the following:
- A chronology of events/ action taken
- A record of all notes of concern
- Any notes initially recorded which should be kept securely with the child protection file
- Records of discussions and telephone calls (with colleagues, parents and children/young people and other agencies or services)
- Correspondence with other organisations – sent and received
- Referral forms – both for support and/or specialist services (irrespective of outcome);
- Formal plans linked to the child e.g. child protection plan, child in need plan
- Risk assessments
- Risk Management Plans / Individual Safety and Support Plans
- School reports to interagency meetings and conferences
- Minutes of interagency meetings e.g. child in need, strategy, child protection conference
- Any other relevant notes / papers
4. Managing Secure Pupil Records in Northern Ireland Schools
Child protection records must be stored securely to maintain confidentiality. Physical records should ideally be kept in a fireproof cabinet, while electronic records should be secured with appropriate password protections. These records should be accessible only to the DT, DDT, or Principal, and should not be removed from the school premises except under specific circumstances, such as for case planning meetings or court orders.
Access to Records and Sharing of Information
Access to records should be restricted to authorised staff only. Access to child protection records should be strictly on a need-to-know basis. Decisions to share information must prioritise the child’s safety and comply with data protection principles, ensuring that shared information is necessary, proportionate, relevant, adequate, accurate, timely, and secure clear policies should govern who can access records and under what circumstances. Information should be shared only with relevant parties to protect the child.
Transfer of Child Protection Records
Procedures for transferring records between schools ensure continuity in safeguarding practices. The transfer should be done securely and with proper documentation. The circular emphasises that child protection information must not be lost during transitions.
When transferring child protection records, the Board of Governors must ensure that a formal record of the pupil’s academic achievements, skills, and progress is transferred within 15 school days of the pupil’s departure. This ensures continuity in monitoring and safeguarding the pupil’s welfare.
Closure, Retention, and Disposal of Child Protection Records
The school is a data controller, and therefore has responsibility to ensure that data protection legislation is complied with. Records should be kept until the subject’s 30th birthday or longer if necessary. Records of allegations against school staff, unless the staff member is completely exonerated, should be retained indefinitely due to the possibility of historical allegations.
School Closures and Amalgamations
In the event of school closures or amalgamations, appropriate measures should be taken to transfer or securely dispose of child protection records. Advice should be sought from the relevant Employing Authority or the Information Commissioner’s Office (ICO) to ensure compliance with statutory requirements.
5. Supporting Secure Record Keeping with Safeguarding Software
The circular lists relevant legislation and guidance documents and provides templates and proformas to aid in compliance. The guidance also specifically refers to CPOMS, in section 2.1 Electronic and Online/Cloud-Based Child Protection Record Systems, however the advice does stress that schools need to satisfy themselves that their system of choice is secure and fit for purpose.
CPOMS StudentSafe supports schools in Northern Ireland with securely and efficiently managing pupil safeguarding records. The software provides complete control over who has access to what information and when with intelligent role-based access. Access can be easily tiered to reflect the needs of your school so that only those who need to access information can do so.
Ensuring data confidentiality is made simple with the privacy features included in StudentSafe, like Hide Names, using asterisks for student names, Blank Screen for interruptions and Redaction, for hiding names or sensitive information in reports. Furthermore, all of the information can be securely integrated into leading SMS/MIS systems, including SIMS and Bromcom, preventing the need to enter data twice and offering a holistic approach to school management information.
For a limited time, schools in Northern Ireland may be eligible to take advantage of a complimentary trial of CPOMS StudentSafe until 31 March 2025. Arrange a demo today to learn more.
