Question to the Department for Education:

To ask the Secretary of State for Education, with reference to Clause 4 of the Children’s Wellbeing and Schools Bill, if she will set out (a) what safeguards will be put in place to protect information shared under this clause against unauthorized access, misuse, or hacking; (b) how she will define the scope of relevant information, (c) which identifier will be used as the consistent identifier, (d) whether she has taken any independent advice on the strength of oversight procedures, and (e) what steps her Department will take to ensure that marginalized or vulnerable children and families are not disproportionately affected by this data-sharing duty.

Information sharing governance is crucial to Clause 4, and existing data protection requirements will apply. As is the case now, misuse of personally identifiable information is guarded against via governance processes that are the responsibility of data controllers and processors, who use systems to store sensitive children's data and follow the relevant security and processes. Consistent identifier piloting will consider what measures are needed for the number to be used securely and effectively.

“Relevant information” will be set out in statutory guidance, which relevant agencies must have regard to

The NHS number is being piloted as the consistent identifier, we will mandate the consistent identifier via regulations only when confident in the benefits, cost, security and governance

The department is working closely with the Information Commissioner’s Office for both the consistent identifier and the information sharing duty to develop our approach.

Impact and equalities assessments will ensure vulnerable families are not disproportionately affected.