- Published by:
- Department of Education
- Date:
- 23 Dec 2023
Secretary's foreword
Secretary's foreword to the Child Link Secretary's Guidelines.
Victoria’s Child Information Sharing reform promotes a systematic approach to improving how information is shared between professionals who have responsibility for child wellbeing and safety. The reform recognises that early access to information can enhance professional decision-making, increase collaboration across services and sectors, and improve service provision to children and families. Early and more responsive information sharing can empower professionals to identify issues and vulnerabilities, provide earlier supports and prevent the escalation of risk into harm.
A key part of the Child Information Sharing reform is Child Link. Part 7A of the Child Wellbeing and Safety Act 2005 (Vic) (Child Wellbeing and Safety Act) establishes Child Link as a new digital tool that consolidates and displays key factual information about every child in Victoria to promote the wellbeing and safety of children in Victoria. The launch of Child Link in 2021 is a significant milestone in the implementation of Victoria’s Child Information Sharing reform and is a further enabler to improve outcomes for Victorian children.
Child Link forms part of the Child Information Sharing reform, alongside the Child Information Sharing Scheme (CISS). CISS, which commenced in 2018, provides legal permissions which allow organisations and services prescribed as information sharing entities to share information with each other, either voluntarily or upon request, to promote the wellbeing and safety of children.
Child Link supports CISS by combining information from existing government source systems into a single entry for every Victorian child. By linking together information from organisations, Child Link assists authorised professionals to:
- make more informed decisions about the wellbeing, safety and support needs of a child in their school or service
- better identify risks and vulnerabilities and provide the necessary support to prevent any escalation of harm
- encourage cross-service collaboration to facilitate more holistic support around a child, and
- facilitate smoother transitions between early childhood and education services by responding to gaps in participation.
Upon the launch of Child Link, I am pleased to make these Guidelines pursuant to section 46S of the Child Wellbeing and Safety Act 2005. The Guidelines are intended to outline Child Link’s policy, operational and technological features, and provide context to Part 7A of the Act, including:
- how child link entries are created and what information is recorded about a child
- who can access Child Link and what information can be shared
- how Child Link Users are authorised to access Child Link
- restrictions and offences
- how information on Child Link is managed.
The Guidelines complement the Child Information Sharing Scheme Ministerial Guidelines, and are accompanied by a suite of resources, tools, and training for Child Link Users.
1. Overview of Child Link
Overview of Child Link in the Secretary's Guidelines for Child Link.
Currently, children and families in Victoria engage with a range of services to support development, health, and learning outcomes from a child’s birth through to when they leave school. These services include Maternal and Child Health services, supported playgroups, early childhood education and care services, funded kindergartens, registered schools and home schooling, child protection services, and out of home care services. When a child and the child’s family engage with these services, the service creates a record of the engagement in a ‘source system’ of that relevant service, with the information that the child or their family has provided.
Prior to Child Link, professionals working with children reported the challenge of needing to exercise professional judgment while often having insufficient information, background, or history about a child. Professionals working with children need readily available, accurate information on children in their care to support early identification of risks and vulnerabilities to reduce the chances that another child will fall through the cracks.
Part 7A of the Child Wellbeing and Safety Act and regulations made under that Act allow Child Link to draw information from Victorian Government source systems. Child Link then matches and merges the information to ensure accuracy in identifying the child and combines this information to create a single entry of aggregated information for each child. Child Link is updated daily to ensure the information on Child Link is based on the most recent information received from the various source systems.
The information provided from the source systems to Child Link includes only information which is permitted by the Child Wellbeing and Safety Act and regulations to be displayed on Child Link and specific information that is required to accurately identify individuals.
Child Link may display the following information in relation to a child:
- the child’s name, date and place of birth, and sex
- the names of the child’s siblings
- the names and the relationship of persons who have parental responsibility and/or day-to-day care of the child
- whether the child identifies as Aboriginal and/or Torres Strait Islander
- the child’s participation and engagement in government childhood services and the contact details of those services
- if the child or their sibling has a past or current child protection order and if the order placed the child or their sibling in out of home care.
Child Link does not display a child’s address information or contact details for the child or the child’s family. Child Link is not a case management system and does not contain any case notes, professional opinions, or detailed health records. The information on Child Link cannot be directly edited or amended by professionals who use Child Link.
Access to Child Link by professionals is limited by a person’s role and purpose of use of Child Link to ensure that only appropriately skilled and trained people within a permitted service will have access. Prior to access being granted, authorised professionals must be trained on how to use Child Link in their work, including completing Child Link training in cultural sensitivity and information security. Some of the authorised professionals permitted to become Child Link Users include Maternal and Child Health nurses, school principals, key staff at schools, early childhood teachers and Child Protection practitioners.
Child Link has been built with information security and privacy as core principles. Access, transmission and storage of information aligns with strict security protocols built into the system, which adhere to relevant privacy and data security law in Victoria. Child Link has the power to block access to part or all of a child’s entry and block a particular Child Link User’s access to Child Link or a child’s entry on Child Link. The blocking of access will only take place if the access poses an unacceptable risk of harm to a person or in all the circumstances is otherwise inappropriate. In addition, offences and penalties exist to discourage unauthorised access, use and disclosure of information from Child Link.
When information will be on Child Link
An entry must be created in Child Link for every child, from birth to 18 years of age, born in Victoria or who moves to Victoria after birth, when the earliest of the following occurs:
- when the child is born in Victoria
- when the child has first contact with a relevant service, including a:
- Maternal and Child Health service or provider
- supported playgroup
- funded kindergarten (at enrolment)
- registered school (at enrolment)
- school nurse program
- student support service provided by the Department of Education (DE)
- when the child is registered for home schooling
- when a child protection order (CPO) is made in respect of the child.
A child entry must be created when the above events occur. A child entry must be created from the source system information of the relevant service(s), including the information the child or family has provided the service. Child Link does not require consent from the child or the child’s family to collect, use or disclose the information about the child or a person with parental responsibility for, or day-to-day care of, the child, to establish and maintain Child Link and data management.
Information on a child's entry
The information that may be displayed on a child’s entry is limited by legislation, as specified in section 46D(1) of the Child Wellbeing and Safety Act.
The following information about a child may be displayed on Child Link:
Information about a child
- name of the child, including any other names the child has been known by
- child’s date of birth
- child’s place of birth
- child’s sex, or, if not disclosed, a record to that effect
- whether the child is Aboriginal, Torres Strait Islander, or both.
What information about a whether a child is Aboriginal, Torres Strait Islander will be displayed?
An Aboriginal and/or Torres Strait Islander person is someone who is of Aboriginal or Torres Strait Islander descent, identifies as an Aboriginal or Torres Strait Islander person; and is accepted as such by the community in which they live, or formerly lived.
The information on whether a child is Aboriginal and/or Torres Strait Islander will be displayed as ‘yes’, ‘no’, or ‘not disclosed’ (‘not disclosed’ is recorded if the person has declined to provide this information or if it has not been captured in the source system). The most up-to-date information received as to whether the child identifies, or has been identified, as being Aboriginal, Torres Strait Islander, or both, will be displayed.
What information about a child’s sex will be displayed?
Child Link will include the child's sex or, if it has not been disclosed, a record to that effect. Under the legislation a child’s identified gender may not be displayed. Some source systems include the child’s sex and/or the child’s gender. Child Link will display sex, or if sex is not disclosed or cannot be confirmed through the data (including an instance where the child’s sex and the child’s identified gender do not match in source systems) a record stating ‘not disclosed’.
Sex refers to a person’s biological sex characteristics. This has historically been understood as either female or male. However, we now know that some people are born with natural variations to sex characteristics.
Gender is part of how you understand who you are and how you interact with other people. Many people understand their gender as being female or male. Some people understand their gender as a combination of these or neither. Gender can be expressed in different ways, such as through behaviour or physical appearance.
Child's key family relationships
- the name(s) of, and the relationship to the child, of each person who has or has had parental responsibility or day-to-day care of the child
- the name of any siblings1, including other names the sibling has been known by.
What information about parental responsibility or day-to-day care of the child will be displayed?
For persons with parental responsibility and/or day-to-day care of a child the following information may be displayed:
- the full names of each of those persons and any other names by which they are or have been known
- whether they have parental responsibility and/or day-to-day care of the child
- at which time the person(s) have or have had parental responsibility and/or day-to-day care of the child
- the relationship of the person with parental responsibility for, or day-to-day care of, the child.
Parental responsibility in relation to a child, means all the duties, powers, responsibilities, and authority which, by law or custom, parents have in relation to children.
Day-to-day care in relation to a child, means the daily care and control of the child, whether or not involving parental responsibility for the child.
Parents noted in Child Link will come from parent information included in source systems. A parent in Child Link incorporates roles that may have parental responsibility for a child and/or day-to-day care for the child.
Child protection orders (CPO)
Current or previous CPOs made in relation to the child or their sibling, including:
- the date the CPO was made
- whether the CPO is currently in force
- whether the CPO has or had the effect of placing the child in out of home care
- whether the CPO confers or conferred parental responsibility on a person other than the child’s parent to the exclusion of all others.
What CPOs will be included in Child Link?
The types of CPOs which can be shown on Child Link are determined by legislation. The CPOs in Child Link include the following orders in the Children, Youth and Families Act 2005:
- an order made under Part 4.8 (protective invention orders)
- a protection order
- a permanent care order
Orders that will not be included in Child Link include Intervention Orders (such as a family violence intervention order or personal safety intervention order) and Adoption Orders.
Enrolment and participation
Enrolment and participation information in each of the following services that the child has engaged with, or any other prescribed service or program2.
The service engagement information in Child Link includes:
- the name and contact details of the service
- the dates of the child’s participation in the service, such as the date of an appointment, or the date range of participation
- the age the child first attended the service
- any other relevant service type or program details.
Maternal and Child Health (MCH) services
Universal MCH program and the Enhanced MCH programs are included in Child Link. For these MCH programs, referral dates and consultation information, including key ages and stages appointment dates and drop-in session appointments dates.
Supported playgroups
Supported playgroups include the government-funded targeted service which provides free sessions for children aged 0-5 years. Supported playgroups do not include community-based playgroups that a child may attend.
Funded kindergartens
Child Link will display information in relation to a child’s engagement and participation in a funded kindergarten. Types of funded kindergarten includes four-year old kindergarten, three-year old kindergarten, and early start kindergarten. Funded kindergartens can be in children’s centres, long day care centres, community kindergartens, independent schools, and some government schools. There will also be instances where some children attend two different kindergarten services and only enrolment in the funded kindergarten service will be displayed on Child Link.
Registered schools or home schooling
Education in Victoria is compulsory for children aged from 6 to 17 years. Child Link will display information in relation to the following registered school types:
- Government schools, primary or secondary schools funded by and the responsibility of the government.
- Non-government schools, is the broad term for independent schools and Catholic schools in Victoria. These schools are not part of the government school system and have their own enrolment process and costs. Independent schools are represented by the membership-based organisation, Independent Schools Victoria. The Lutheran, Ecumenical and Seventh-Day Adventist school systems are considered to be independent schools.
- Home-schooling, where a parent or both parents assume the overall responsibility for their child’s educational program. Any child of compulsory school age who is being educated at home must be registered with the Victorian Regulations and Qualifications Authority. There is also the option to combine school and home education under an arrangement called partial enrolment.
The following schools sub-type descriptions will also be displayed on Child Link:
- primary school, which is Prep Year to Year 6.
- secondary school, which is Years 7 to 10. Most secondary schools also include Years 11 and 12 to prepare for tertiary study.
- primary/secondary school, which combines primary and secondary at the same location.
- specialist school, which specialise in subject, or specialise in teaching students with disability.
School nurse programs
Primary School Nurses visit government and non-government schools throughout each year. Primary School Nurse information will be displayed on Child Link for children in government and non-government schools. The Secondary School Nurse Program information will only be displayed on Child Link for children in government schools.
Child Link will display engagement with school nursing in relation to dates of Health assessments and the School Entrant Health Questionnaire (SEHQ) and Occasions of Service for assessment, consultation, treatment, or other service provided by a school nurse to a student. No personal health information in relation to a child and their engagement with the school nursing program will be displayed.
Student support services provided by DE
Student Support Services are allied health services delivered by DE to children in government schools who require additional support. The purpose of Student Support Services is to assist children and young people facing a range of barriers to learning to achieve their educational and developmental potential through the provision of a range of strategies and specialised support. Child Link will only display the dates of engagement with Student Support Services. Child Link and will not display the type of Student Support Service or any other personal health information in relation to the child’s engagement with this service.
Sensitivity flags
Sensitivity flags may be attached to information on the child’s entry relating to a child’s relationships or engagements, where the information has been flagged as sensitive in nature and additional discretion must be applied. See Section 3 for more information on sensitivity flags and Child Link Users.
Accuracy of information
If a professional working with a child or the child’s family identifies information on Child Link which is not correct, the professional can amend the information in their source system. The amended information in the source system will be extracted by Child Link and, as a result, corrected on Child Link. The professional can also contact Child Link to advise of the issue identified.
When is a child’s entry no longer accessible?
A child’s entry on Child Link will no longer be accessible to Child Link Users:
- if the child has died, or
- once the child turns 18 and is no longer enrolled in a registered school or registered for home schooling (whichever is later).
When a child’s entry has been removed from access, the child’s information may still be used for the purpose of de-identified information. For further details on de-identified information, see Section 5 on Information Management.
[1] Sibling includes a brother, sister, half-brother, half-sister, adoptive brother, adoptive sister, step-brother, step-sister.
[2] Services or programs prescribed by Regulations made under the Child Wellbeing and Safety Act.
2. Child Link Authorisers
Child Link Authorisers in the Secretary's Guidelines for Child Link.
The authorisation process provides a key safeguard, so that only relevant and suitable professionals are given access to Child Link. The roles and persons who may be become Child Link Users are set out in the Child Wellbeing and Safety Act and associated regulations. Most Child Link Users must be authorised by a senior responsible person in their organisation or workforce before they can access Child Link. This is to ensure that Child Link is only accessed by those professionals who need to use Child Link in their work with children and families and that Child Link is used appropriately and safely.
Who is a Child Link Authoriser?
The person or role who is the Authoriser for each type of Child Link User is set out in the Child Wellbeing and Safety Act and associated regulations. The legislation requires that Authorisers of Child Link Users authorise each Child Link User in writing. For example, to become a Child Link User:
- An early childhood teacher, will be authorised by the approved provider of their education and care service
- A teacher or student wellbeing professional within a school, will be authorised by the principal of their school
- A Maternal and Child Health nurse with a council Maternal and Child Health service, will be authorised by the Chief Executive Officer of that council
- A Child Protection practitioner, will be authorised by the Secretary of the Department of Fairness, Families and Housing.
For a complete list of Authorisers for each type of Child Link User, see Appendix B.
A Child Link Authoriser determines who in their organisation is eligible to have access to Child Link and enables and manages this access. In determining whether a professional should be a Child Link User, a Child Link Authoriser may consider:
- the relevance of the person’s role in relation to accessing confidential information on Child Link, including whether the role has responsibility for:
- identifying, assessing, and managing the needs and risks experienced by children
- connecting children with relevant wellbeing and safety services or programs
- delivering tailored services or programs to children to support their development, wellbeing, or safety
- the capability of the person to effectively use Child Link, including whether the person has the appropriate skills to sufficiently handle and manage confidential information
- the person’s understanding of the Child Information Sharing reform, including CISS, that are important for Child Link access.
A Child Link Authoriser must ensure that the prerequisites for Child Link access have been met before enabling a professional to register as a Child Link User. There are conditions, as set out in the Child Wellbeing and Safety Act, for eligibility to become a Child Link User (see Section 3 on Child Link Users for the list of prerequisites).
Child Link Authorisers are obliged to ensure that Child Link Users operating under their authorisation are complying with the Secretary’s Guidelines, the terms and conditions of use of Child Link and any associated user practice guidance. Child Link Authorisers are required to review and confirm the Child Link Users they have authorised on a regular basis, to ensure no change of circumstances for those Child Link Users have occurred.
The authorisation of a Child Link User and the ongoing management of their access by a Child Link Authoriser is conducted on the Child Link system. To enable this, Child Link Authorisers are registered on Child Link and must accept the terms and conditions of use for access to Child Link. A Child Link Authoriser does not have access to confidential information on Child Link unless the Child Link Authoriser is also an authorised Child Link User.
Suspending a Child Link User’s access
A Child Link User’s access may be suspended by their Child Link Authoriser or by authorised Child Link system administrators. A Child Link Authoriser may temporarily suspend the access of a Child Link User under their authorisation at any time. This may occur for example, where the Child Link User does not access Child Link for a significant period.
Removing a Child Link User’s authorisation
A Child Link Authoriser may remove their authorisation of a Child Link User at any time. This includes where a Child Link User no longer requires access or no longer fulfils prerequisites for access to Child Link.
If the Child Link Authoriser becomes aware that a Child Link User may pose an unacceptable risk of harm to any person, they must remove their authorisation immediately. Examples include where the Child Link User:
- has been investigated under the Reportable Conduct Scheme and the investigation has been substantiated
- has a Child Protection report against them at the investigation outcome stage
- is currently charged with or has been convicted or found guilty of committing an offence under the Child Wellbeing and Safety Act, or under other legislation, which involves physical or sexual harm or threats of physical or sexual harm, violence or threats of violence, dishonesty, or neglect.
- has a Working with Children exclusion, suspension, or revocation
- has had Victorian Institute of Teaching (VIT) registration credentials suspended or revoked.
A Child Link Authoriser must also remove the authorisation of a Child Link User where the Child Link User:
- no longer needs access to Child Link, for example when they:
- leave the organisation
- change roles in the organisation to a role that does not require Child Link access
- take extended leave, such as long-service leave, parental leave, or sabbatical
- changes roles in the organisation to a role that requires authorisation to access Child Link for another purpose or under a different Child Link Authoriser
- no longer meets prerequisites for access to Child Link, for example if they no longer hold a valid Working with Children Clearance or Victorian Institute of Teaching registration.
Delegation
Under section 46L of the Child Wellbeing and Safety Act, the following persons may by instrument delegate any power, function, or duty under Part 7A of the Child Wellbeing and Safety Act 2005 (other than the power of delegation):
- Secretary to DE to a person employed or engaged by the Secretary.
- Chief Executive Officer of a council to a person employed in or engaged by the council.
- An approved provider of an approved education and care service to a person employed in or engaged by the education and care service.
- Principal Commissioner for Commission for Children and Young People to a person employed or engaged by the Principal Commissioner.
The Secretary to the Department of Health and the Secretary to the Department of Families, Fairness and Housing can also delegate any power, duty or function they have under Part 7A of the Child Wellbeing and Safety Act using section 46L of the Act (in accordance with the General Orders issued by the Premier). The Secretary to the Department of Health also has a general delegation power under section 15 of the Public Health and Wellbeing Act 2008.
The delegation of any power, function, or duty includes the authorisation of Child Link Users under section 46K of the Child Wellbeing and Safety Act. Persons or roles who have received a delegated power to authorise Child Link Users, must, in order to comply with the Child Wellbeing and Safety Act, authorise Child Link Users in writing.
3. Child Link Users
Child Link Users in the Secretary's Guidelines for Child Link.
The professionals who may be authorised to be Child Link Users are limited to specific roles which have responsibility for child wellbeing and safety. Access to Child Link is prescribed in the Child Wellbeing and Safety Act and associated regulations and is restricted by role and purpose to ensure that only appropriately skilled and trained people within an organisation will be able to access Child Link.
Key professionals who work for universal or targeted children’s services (such as Maternal and Child Health nurses, school principals or Child Protection practitioners), and professionals with stewardship responsibility for child wellbeing and safety, (such as the Principal Commissioner for Children and Young People and select delegates) are permitted, once authorised, to access Child Link as Child Link Users. For a full list of permitted Child Link Users, refer to Appendix B.
For a Child Link User to be eligible to access Child Link, a professional must have the following prerequisites:
- be employed by an information sharing entity prescribed under CISS3
- hold a role specified in the Child Wellbeing and Safety Act as a Child Link User type4, which includes:
- professionals who work directly with children, such as Maternal and Child Health nurses, teachers in early childhood education and care services, teachers in independent, Catholic, and government schools and Child Protection practitioners
- professionals responsible for planning and promoting participation in programs and services
- professionals with oversight roles for children and families in Victoria.
- hold either a valid Working with Children Clearance5 or Victorian Institute of Teaching Registration6.
What is an information sharing entity in relation to Child Link?
An information sharing entity in relation to Child Link is an entity prescribed under CISS. Information sharing entities are authorised to request and share confidential information with other information sharing entities to promote the wellbeing or safety of a child or a group of children and to assist the recipient to deliver services in relation to the child or group of children. For more information, see the Child Information Sharing Scheme Ministerial Guidelines, published by DE in 2021.
An entity can be prescribed as an information sharing entity under Family Violence Information Sharing Scheme (Part 5A of the Family Violence Protection Act 2008), in relation to the assessment and management of family violence risk. For more information, see the Family Violence Information Sharing Guidelines, published by Family Safety Victoria in 2021.
Child Link User access
Child Link has been designed to provide Child Link Users with access to information relevant to their professional role or function. Most Child Link Users may only access the entries of children attending their school or service and the entries of a child’s siblings, where the sibling is under the age of 18 years old. This type of access applies to roles such as Maternal and Child Health nurses, early childhood teachers, school principals and registered teachers.
Some Child Link Users can access the entries of all children in Victoria. This access is applied to a limited group of Child Link roles, which includes Child Protection practitioners, the Commissioner for Children and Young People (CCYP), authorised CCYP staff and authorised DE staff. These Child Link Users can only access a child’s entry on Child Link by completing a search for the specific child and providing key information to identify that child before the child’s entry is accessible. All searches are logged and may be subject to monitoring and auditing. Where such a Child Link User has accessed a child’s entry, they may also access the entries of the child’s siblings, where the sibling is under the age of 18 years old.
Becoming a Child Link User
Holding a role that is prescribed in the Child Wellbeing and Safety Act and associated regulations does not mean a professional will automatically become a Child Link User. To become a Child Link User and get access to Child Link, an eligible person must:
- be authorised by the relevant Child Link Authoriser7
- complete mandatory training
- accept terms and conditions for access to Child Link which acknowledge the Child Link User’s role and responsibilities in accessing Child Link.
For schools and early childhood services, there are limits on the number of Child Link Users allowed per school/service. Up to 3 registered early childhood teachers per service and up to 7 registered teachers or staff providing health or welfare services per school (in addition to the school principal) may be authorised as Child Link Users.
Training and guidance for Child Link Users
A Child Link User must complete mandatory Child Link training before they can access Child Link, as well as mandatory refresher training when required. Child Link training is provided by DE. Completion of Child Link training ensures Child Link Users have adequate knowledge, skills, and capability to access and use Child Link as a tool to improve children’s wellbeing and safety.
Training will cover a variety of topics against clear learning objectives, such as:
- how to use and navigate Child Link
- responsibilities and obligations when using Child Link
- how Child Link can add value to professional practice
- key cultural safety considerations when using Child Link
- requirements for accessing Child Link safely and appropriately, and
- where to go for more support and resources.
Child Link Users can also access resources to support their use of Child Link. Along with the Secretary’s Guidelines, there is specific user practice guidance to use Child Link safely and appropriately including on topics such as:
- Interpreting information on Child Link
- How to use and disclose information on Child Link
- Information management and data security
- Child Link Authorisers and Users
- Child Link User purposes.
Child Link Users’ system usage
Child Link is subject to user monitoring and auditing. Investigation may occur when access or usage by a Child Link User is detected that varies from anticipated behaviour, which may prompt auditing activities. Auditing may require the Child Link User to verify usage behaviour against their purpose for access and associated professional activities.
Using and disclosing Child Link information
A Child Link User may access Child Link and:
- use confidential information contained in Child Link for a purpose specified in Schedule 6 to the Child Wellbeing and Safety Act in relation to that Child Link User; and
- disclose confidential information contained in Child Link:
- to persons employed or engaged by the organisation at which the Child Link User is employed or engaged for a purpose specified in Schedule 6 of the Child Wellbeing and Safety Act in relation to that Child Link User; and
- in accordance with Part 6A of the Child Wellbeing and Safety Act (CISS).
Using Child Link information
Child Link Users may use confidential information contained in Child Link for a purpose specified in relation to that Child Link User. For example:
- a Child Protection practitioner may access Child Link for the purpose of performing their functions under the Children, Youth and Families Act 20058. A Child Protection practitioner working in intake will be able to use Child Link to identify key relationships and services that the child and their siblings are involved with quickly and efficiently.
Sharing in their organisation
Child Link Users may disclose information contained in Child Link to persons employed or engaged by the organisation at which the Child Link User is employed or engaged, for the purpose specified in Schedule 6 to the Child Wellbeing and Safety Act in relation to that Child Link User. For example:
- An early childhood teacher may access Child Link to provide education and care and related services to children enrolled at their service9. An early childhood teacher may look up the child on Child Link to see the child’s previous history with childhood services and work with other staff in their service to make better plans for the child.
Sharing under CISS
Child Link Users may disclose information contained in Child Link in accordance with CISS under Part 6A of the Child Wellbeing and Safety Act. For example:
- A school wellbeing coordinator may access Child Link to provide education and care and related services to children enrolled at the school or monitor and plan services for children enrolled at the school. Sharing under CISS allows the school wellbeing coordinator to request and share pertinent information with other agencies and Child Link will help to do this quickly and easily by providing the names and contact details of the other services with which the child has engaged.
CISS encourages information sharing entities to share information and collaborate with each other to better promote the wellbeing and safety of children in partnership with children and their families. Engaging children and their families with appropriate support services is an important aspect of promoting children’s wellbeing and safety.
All Child Link Users will be in an information sharing entity. Under CISS an information sharing entity can share confidential information with other information sharing entity of:
- the information sharing entity is requesting or disclosing confidential information about any person for the purpose of promoting the wellbeing or safety of a child or group of children; and
- the disclosing information sharing entity reasonably believes that sharing the confidential information may assist the receiving information sharing entity to carry out one or more of the following activities:
- making a decision, an assessment or a plan relating to a child or group of children
- initiating or conducting an investigation relating to a child or group of children
- providing a service relating to a child or group of children
- managing any risk to a child or group of children; and
- the information being disclosed or requested is not known to be ‘excluded information’ under Part 6A of the Child Wellbeing and Safety Act (and is not restricted from being shared by another law).
When sharing information under CISS, a Child Link User should use their expertise and exercise their professional judgement to identify:
- the range of needs and risks that impact on a child’s life to inform a decision as to whether the information meets the threshold under CISS to share information
- what and how much information to share
- who to share with to support improved service delivery and promote the wellbeing or safety of the child or children.
A Child Link User will also consider the identity and circumstances of each child and their family, including their unique needs such as cultural safety and any risks of discrimination or stigma they may be facing, and be respectful of, and have regard to, a child’s social, individual, and cultural identity, the child’s strengths and abilities and any vulnerability relevant to the child’s safety or wellbeing.
More information on using CISS can be found in the Child Information Sharing Scheme Ministerial Guidelines.
Sensitivity flags
In Child Link, sensitivity flags may be attached to items where the child’s relationship or location information has been flagged as particularly sensitive in nature and might indicate that disclosure of a child’s location could place the child in harm. The sensitivity flag indicates to the Child Link User to be aware that additional discretion must be applied before sharing the information that has been flagged. For example, as the recording of the location of the organisation, or name of a carer, are each indicators of where a child may be located or live, Child Link Users must exercise additional caution before sharing this information if it is marked with a sensitivity flag.
Child Link, sharing under CISS and the intersection with other schemes
Intersection of CISS and the Family Violence Information Sharing Scheme
CISS and the Family Violence Information Sharing Scheme (FVISS) share a similar model and are designed to complement each other, to enable services to share information to respond to the range of needs and risk facing children and families. The schemes align in a number of ways, including:
- broadly consistent information sharing entities and record keeping requirements
- similar protections for professionals who share in good faith and with reasonable care
- prioritising children’s safety over any individual’s privacy.
The key difference between the two schemes is the purpose for sharing. FVISS permits sharing for the purpose of assessing or managing family violence risk, while CISS permits information sharing to promote the wellbeing or safety of a child or group of children. These purposes do have substantial overlap.
Family violence has significant impacts on children’s wellbeing and safety and is likely to co-exist with other wellbeing and safety issues for children. In the context of family violence, information sharing entities must use the Multi-Agency Risk Assessment and Management Framework (MARAM Framework) to guide:
- information sharing under FVISS to identify, assess and manage family violence risk to children and adults; and
- information sharing under CISS to promote the wellbeing or safety of children more broadly, supported by relevant best interests and developmental frameworks.
Information sharing entities must plan for and maximise the immediate and ongoing safety of children and other family members, being mindful that sharing information in the context of family violence may pose particular and complex risks.
Intersection of CISS with other legal obligations
Sharing information for children’s safety is permitted under other laws, such as the Privacy and Data Protection Act 2014, the Health Records Act 2001 and the Children, Youth and Families Act 2005. Organisations and services, including those not prescribed under CISS, can and should share information as permitted under other laws. Secrecy and confidentiality provisions in other laws still apply unless they have been expressly overridden by CISS.
Child safety reporting and information sharing obligations continue to apply, including:
- mandatory reporting obligations, which means reporting to child protection if there is a significant risk of harm, and information sharing with child protection under the Children, Youth and Families Act 2005
- obligations created by the ‘Failure to Protect’ and ‘Failure to Disclose’ offences under the Crimes Act 1958
- sharing information about Reportable Conduct Scheme allegations and investigations under the Child Wellbeing and Safety Act.
[3] Child Link User types specified under section 46K of the Child Wellbeing and Safety Act are roles in information sharing entities.
[4] Child Link User types are specified under section 46K of the Child Wellbeing and Safety Act. See Appendix B for a list of Child Link Users.
[5] Under the Working Screening Act 2020.
[6] Under the Education and Training Reform Act 2006.
[7] Except for the Secretary to the Department of Education, the Secretary to the Department of Health, the Secretary to the Department of Fairness, Families and Housing, and the Principal Commissioner for Children and Young People, who are authorised by the Child Wellbeing and Safety Act.
[8] Schedule 6 to the Child Wellbeing and Safety Act.
[9] Schedule 6 to the Child Wellbeing and Safety Act.
4. Restrictions and offences
Restrictions and offences in the Child Link Secretary's Guidelines.
Removal of access by the DE Secretary
A key safeguard in protecting the security and integrity of the Child Link system is the power of the DE Secretary to remove access.
Under section 46N of the Child Wellbeing and Safety Act, the DE Secretary can remove access to Child Link or information on Child Link where access would pose an unacceptable risk of harm to a person or would be otherwise inappropriate in the circumstances. The DE Secretary can:
- remove a Child Link User’s access to Child Link (in whole or in part)
- remove access to a child’s entry from all Child Link Users.10
Removal of access is at the DE Secretary’s discretion. The DE Secretary may remove access on their own initiative or on the written request of any person.
For any restriction made by the DE Secretary (or delegate), a review process for Child Link Users and Child Link Authorisers is available. Reviews of restrictions may be requested by the relevant Child Link User (or government agency where appropriate and only when the restriction is in relation to information on Child Link). The review process will be completed at Deputy Secretary level or above for the Department. The review process will be independent and separate from the initial restrictions process, ensuring natural justice objectives. A restriction request can be made by any person, including members of the public or government agencies. Any review request must be made and submitted to DE within 20 business days from the date the requester is notified of the relevant restriction, DE does have discretion to accept late review requests on a case-by-case basis.
Mandatory removal of access to Child Link
There are some specific instances of unacceptable risk of harm where removal of access to Child Link is mandatory and immediate. These include if a Child Link User:
- is the subject of a substantiated investigation under the Reportable Conduct Scheme (Part 5A of the Child Wellbeing and Safety Act)
- is currently charged with or has been convicted or found guilty of an offence under the Child Wellbeing and Safety Act
- has a Working with Children exclusion or interim exclusion, or their Working with Children Clearance has been suspended, revoked, or expired in Victoria or an equivalent finding in another jurisdiction
- has had Victorian Institute of Teaching registration suspended, cancelled, or expired in Victoria or an equivalent finding in another jurisdiction
- has raised a serious concern through Child Link auditing and/or monitoring process notifications
- is currently charged with, or has been convicted or found guilty of, an offence involving the following: physical or sexual harm or threats of physical or sexual harm, violence or threats of violence, dishonesty, or neglect in Victoria or an equivalent offence in another jurisdiction.
Considered removal of access to Child Link
In circumstances where mandatory removal does not apply but there is a risk of harm, these are assessed on a case-by-case basis. Access to Child Link is suspended immediately while the case and circumstances are considered by the DE Secretary or their delegate to establish whether an unacceptable risk of harm is present.
When considering whether an unacceptable risk of harm exists, elements to be considered include but are not limited to:
- what the risk of harm is, whether the risk of harm is to a person and whether the risk of harm is directly connected to information on, or access to, Child Link
- if the risk of harm is in relation to a specific Child Link User’s access, whether the Child Link User would have access to such information in their day-to-day role without access to Child Link
- the likelihood of the risk of harm occurring, the consequence of the risk of harm were it to occur, and the seriousness of these potential consequences
- any mitigation factors or safeguards in place for Child Link relevant to the risk of harm
- the benefit and rationale of removing access to Child Link or information on it
- the objectives of Child Link.
Inappropriate circumstances
If an unacceptable risk of harm to a person does not exist, a restriction can also be made in relation to access to Child Link, or information on it, based on an assessment of inappropriate circumstances. Removal of access due to inappropriate circumstances is broad in nature and includes instances such as human rights considerations, conflicts of interest, privacy issues, and misconduct.
Offences and penalties
There are offences and penalties under the Child Wellbeing and Safety Act for unauthorised access, use and disclosure of information from Child Link. These are:
- Unauthorised access to Child Link (under section 46T) is an offence where a person accesses Child Link and is not a Child Link User or person otherwise authorised to access Child Link.
- Access to Child Link for unauthorised purpose (under section 46U), is an offence for a Child Link User or a person who is otherwise authorised to access Child Link, who accesses Child Link for an unauthorised purpose (which means accessing Child Link for a purpose other than the purpose for which the Child Link User was granted access to Child Link).
- Unauthorised use and disclosure of confidential information contained in Child Link (under section 46V), is an offence for a Child Link User or a person who is otherwise authorised to access Child Link, to use or disclose confidential information contained in Child Link other than in accordance with the Child Wellbeing and Safety Act.
- Intentional or reckless unauthorised use and disclosure of confidential information contained in Child Link (under section 46W), is an offence for a Child Link User or a person who is otherwise authorised to access Child Link, to use or disclose confidential information contained in Child Link in a manner that is unauthorised, and that person (a) knows this use or disclosure is unauthorised, or (b) where the person is reckless as to whether the use or disclosure is authorised.
For the offences under sections 46T, 46U, and 46V, there is a defence if the person can show they used or disclosed the confidential information in good faith and with reasonable care.
The offences under sections 46V and 46W do not apply to the following uses and disclosures of confidential information:
- a use or disclosure made with the consent of the person to whom the information relates
- if the information relates to a person who is incapable of giving consent to the use of disclosure, a use or disclosure made with the consent of the person's authorised representative
- a disclosure made to a court or tribunal in the course of legal proceedings
- a use or disclosure made pursuant to an order of a court or tribunal
- a use or disclosure made to the extent reasonably required to enable the investigation or the enforcement of a law of this State (Victoria) or of any other State or of a Territory or of the Commonwealth
- a disclosure made to an Australian legal practitioner for the purposes of obtaining legal advice or representation
- a use or disclosure made as required or authorised by or under the Child Wellbeing and Safety Act or any other Act.
Offences also apply under CISS for unauthorised and intentional or reckless use or disclosure of confidential information and for impersonating an information sharing entity.11
[10] A person who is authorised under section 46H of the Child Wellbeing and Safety Act to access Child Link for the purposes of data management can also have their access to Child Link restricted. The same principles apply as per Child Link Users, except that if removal of access is required in relation to part of a child’s information, the child’s total information will be removed from their access.
[11] For more information, see the Child Information Sharing Scheme Ministerial Guidelines, published by the Department of Education in 2021.
5. Information management
Information management in the Child Link Secretary's Guidelines.
Identifiable information
Creating and maintaining entries
The information in Child Link is firstly extracted from the legislated source systems into the Master Data Management layer of the Child Link system. The information is then matched and merged through a sophisticated process which involves taking data from the source systems, finding possible duplicates or identical matches, and then merges these records (where required) to create an aggregated copy of the record. Once this record is completed, the information is displayed on Child Link in the form of the child’s entry.
When updates to relevant information are made in source systems, Child Link is also updated in accordance with Part 7A of the Child Wellbeing and Safety Act. The information that may be displayed on Child Link is set out in Section 1 and any restrictions which may apply to the information is set out in Section 4.
There may be instances where a decision is made that information about a child or person with parental responsibility or day-to-day care of a child, is not to be recorded on Child Link. The DE Secretary (or a delegate of the DE Secretary) may determine that information is not to be recorded on Child Link for any reason. It is anticipated that the DE Secretary (or a delegate of the DE Secretary) would only exercise this power in exceptional circumstances, such as where the recording of information on Child Link would cause a risk of harm to the wellbeing and safety of children and the recording of the information would not be in accordance with the objectives of Child Link.
Security and privacy
Security and privacy are core to the design of Child Link, and safeguards are in place to protect information. The information on Child Link is managed and stored in accordance with strict security protocols. Child Link adheres to relevant privacy and data security law in Victoria, including the Privacy and Data Protection Act 2014, the Health Records Act 2001 and the Victorian Protective Data Security Standards.
Intersections with the Privacy and Data Protection Act 2014
Child Link and CISS operate in conjunction with privacy law. Child Link Users are required to handle personal information and unique identifiers in accordance with the Privacy and Data Protection Act 2014, or in accordance with the Privacy Act 1988 where that Act applies to them.
Certain exemptions apply to the Information Privacy Principles and Health Privacy Principles in relation to Child Link, as provided in section 15B of the Privacy and Data Protection Act 2014. Specifically:
- Child Link and Child Link Users are not obliged to collect personal or health information about an individual directly from that person (as might otherwise be required under Information Privacy Principle 1.4 or Health Privacy Principle 1.3). Child Link extracts information directly from existing source systems and provides this in a consolidated manner to Child Link Users.
- Child Link is not obliged to notify a person that their information has been collected from a source system, and Child Link Users are not obliged to notify a person that their information has been collected from Child Link (as might otherwise be required under Information Privacy Principle 1.5 or Health Privacy Principle 1.5).
- Child Link and Child Link Users are not obliged to obtain consent from any person before collecting information, including ‘sensitive information’ for the purposes of Information Privacy Principle 10.1 (such as information about a person’s racial or ethnic origin), if the collection, use and/or disclosure of the information is in accordance with the purpose of Child Link. The purposes in which a Child Link User may collect, use and/or disclose information on Child Link is summarised at Appendix B.
Secure access
Access to confidential information about Victorian children on Child Link must be accompanied by a degree of responsibility and thoughtful consideration of information security and data management. Child Link features strong security measures to ensure only authorised users access Child Link. In addition to a service-based email address and password required for log in, Child Link uses Multi-Factor Authentication. This is the process where a Child Link User is required to provide an additional piece of evidence to verify their identity to gain access to Child Link. It is the responsibility of each Child Link User to ensure Child Link is accessed and used safely and appropriately at all times.
Access to personal information
People may seek access to information held about them under privacy and freedom of information (FOI) laws. Under Information Privacy Principle 6, Health Privacy Principle 6 or the Privacy Act 1988, an organisation that holds personal information about an individual, such as a child or parent, must provide the individual with access to their information on request.
Information on how to contact Child Link can be found under the heading Contact Us below. More information on Child Link can be found at Child Link.
There are a range of exemptions that apply under Information Privacy Principle 6 and Health Privacy Principle 6 that may limit access to personal information. The DE Secretary may also refuse to give an individual access to their own confidential information on Child Link if they believe on reasonable grounds that giving the individual access to the information would increase a risk to the safety of a child or group of children.
Similar exemptions and limitations to the access of personal information apply to information sharing entities under CISS.
Any person may make a request to access information under the Freedom of Information Act 1982. However, a document does not have to be disclosed if it would involve the unreasonable disclosure of information relating to the personal affairs of a person (including a deceased person).
When deciding whether providing a document to a person would meet this exemption, the DE Secretary (in relation to Child Link) and/or relevant information sharing entity (on behalf of the Child Link User) must take into account whether disclosure of that information would increase the risk to the safety of a child or group of children. Organisations and services should ensure that relevant business areas responding to FOI requests are aware of the child safety risk exemption and are trained to identify child safety risk.
De-identified information
De-identified information is confidential information that no longer relates to an identifiable individual or an individual who can be reasonably identified. Only the information that can be included in Child Link in relation to a child (set out in section 46D of the Child Wellbeing and Safety Act) may be used for de-identified information.
Under section 46O of the Child Wellbeing and Safety Act, de-identified information derived from Child Link may be provided for the purposes of developing, planning, and reviewing policies, programs, and services to:
- an employee of, or person engaged by the Secretary to DE
- an employee of, or person engaged by the Secretary to the Department of Health
- an employee of, or person engaged by the Secretary to the Department of Families, Fairness and Housing.
De-identified information from Child Link will enable longitudinal studies to inform effective and responsive policy and program design, evaluation, and planning. This information will be made available through specific de-identified reports which will be developed in coordination with the relevant departments noted above, and their requirements in developing, planning, and reviewing future policies, programs, and services.
Managing information held on Child Link
Access to a child’s information on Child Link will be removed from all Child Link Users if the child dies, or after the child has turned 18 and is no longer enrolled in a registered school or registered for home schooling. The Public Records Act 1973 applies to the disposal and archiving of information on Child Link, including information about children and adults.
Contact us
For more information on Child Link, please contact the Department of Education via:
- email at childlink@education.vic.gov.au; or
- the Enquiry line at 1800 549 646 (Available: 9am to 5pm, Monday to Friday).
Appendix A: Definitions
Appendix A in the Child Link Secretary's Guidelines.
Child Information Sharing Scheme
Refers to the information sharing scheme established under Part 6A of the Child Wellbeing and Safety Act 2005. The Child Information Sharing Scheme permits the requesting and disclosure of confidential information between prescribed organisations for the purpose of promoting the wellbeing or safety of a child or group of children.
Child Link
Refers to the web-based platform, which is accessible by a Child Link User or a person who is otherwise authorised to access Child Link under Part 7A of the Child Wellbeing and Safety Act 2005.
Child Link Authoriser
Is a person, as specified by their role, who may authorise a Child Link User to access Child Link under section 46K of the Child Wellbeing and Safety Act 2005, or any other person who under section 46L of that Act is delegated the power from section 46K to authorise a Child Link User.
Child Link User
Is a person who is authorised to access Child Link, specified in section 46K of the Child Wellbeing and Safety Act 2005.
Child entry
Is an entry for a child that is created in Child Link for a child in accordance with Part 7A of the Child Wellbeing and Safety Act 2005 at the occurrence of the specified events, and contains information, as is permitted by that Act.
Information sharing entity
Refers to an organisation or service prescribed under the Child Wellbeing and Safety (Information Sharing) Regulations 2018 and for the purpose of Part 6A of the Child Wellbeing and Safety Act 2005.
Wellbeing
Is a term commonly understood by many of the practitioners in the delivery of services for children and families to encompass factors that contribute to a child’s physical, social, cultural, emotional, ethical, educational, and cognitive development.
Appendix B: Child Link Users under the Child Wellbeing and Safety Act 2005
Appendix B in the Child Link Secretary's Guidelines.
Appendix B: Child Link Users under the Child Wellbeing and Safety Act 200512
Child Link User | Child Link User’s purpose of access, use and disclosure | Authorised by |
---|---|---|
The Secretary to the Department of Education | To identify children who are not participating in services for which they may be eligible and to assist in the provision of education, care, and services to those children. | n/a |
The Secretary to the Department of Health | To identify children who are not participating in services for which they may be eligible. | n/a |
The Secretary to the Department of Families, Fairness and Housing | To identify children who are not participating in services for which they may be eligible. For the purpose of the performance of the Secretary’s functions, and the exercise of the Secretary's powers, under the Children, Youth and Families Act 2005 | n/a |
The Principal Commissioner for Commission for Children and Young People | To perform the Principal Commissioner's statutory functions. | n/a |
A person employed by the Secretary to the Department of Education or otherwise engaged by the Secretary | To identify children who are not participating in services for which they may be eligible and to assist in the provision of education, care and services to those children. To perform functions relating to systems administration of the Register. For the purpose of data management in accordance with section 46H. For the purpose of de-identifying confidential information and to provide that de-identified information under section 46O. | Secretary to the Department of Education |
A person employed by the Secretary to the Department of Health or otherwise engaged by the Secretary | To identify children who are not participating in services for which they may be eligible. | Secretary to the Department of Health |
A person employed by the Secretary to the Department of Families, Fairness and Housing or otherwise engaged by the Secretary | To identify children who are not participating in services for which they may be eligible. For the purpose of the performance of the Secretary to the Department of Families, Fairness and Housing’s functions, and the exercise of the Secretary's powers, under the Children, Youth and Families Act 2005. | Secretary to the Department of Families, Fairness and Housing |
A person employed or engaged by a council in relation to childhood services implementation or policy | To identify children in the municipal district who are not participating in services for which they may be eligible and to assist in the provision of education, care and services to children in the municipal district who may be eligible to participate in services. To monitor and plan council services for children residing in the municipal district. | Chief Executive Officer of the council |
A nurse employed or engaged by a council to provide maternal and child health programs for a Maternal and Child Health service | To provide care and services to children attending the Maternal and Child Health service. | Chief Executive Officer of the council |
A nurse employed or engaged by an entity that provides maternal and child health programs on behalf of a council for a Maternal and Child Health service | To provide care and services to children attending the Maternal and Child Health service. | Person who has overall management and control of the Maternal and Child Health service |
A nurse employed or engaged by the Secretary to provide maternal and child health advice through a state-wide telephone service | To provide care and services to children or families who access the state-wide telephone service. | Secretary to the Department of Health |
A person employed or engaged by the Victorian Aboriginal Health Service Co-operative Limited in relation to childhood services implementation or policy | To identify children enrolled with the Service or entitled to services provided by the Service who are not participating in services for which they may be eligible and to assist in the provision of education, care and services to those children. To monitor and plan services for all children enrolled with the Service. | Chief Executive Officer of the Service |
A registered medical practitioner, nurse or midwife employed or engaged by the Victorian Aboriginal Health Service Co-operative Limited engaged in providing maternal and child health programs | To provide care and services to children attending the maternal and child health program. | Chief Executive Officer of the Service |
A registered early childhood teacher providing education and care to children at an approved education and care service | To provide education and care and related services to children enrolled at the education and care service. | Approved provider of the service |
A school nurse manager | To assist in the monitoring, planning and provision of care and services to children enrolled in schools within the geographic region for which the school nurse manager is responsible. | Secretary to the Department of Education |
A school nurse | To provide care and services to children enrolled at the school to whom the nurse provides school nurse services | Secretary to the Department of Education |
A principal of a government school | To provide education and care and related services to children enrolled at the school. To monitor and plan services for children enrolled at the school. | Secretary to the Department of Education |
A registered teacher employed or engaged by a Government school to provide instruction or other education services to students at the school Any other person employed or engaged by a non-Government school to provide health or welfare services for students at the school | To provide education and care and related services to children enrolled at the school. To monitor and plan services for children enrolled at the school. | Principal of the Government school |
A principal of a non-Government school | To provide education and care and related services to children enrolled at the school. To monitor and plan services for children enrolled at the school. | Person or body responsible for the governance, conduct or management of the school |
A registered teacher employed or engaged by a non-Government school to provide instruction or other education services to students at the school Any other person employed or engaged by a non-Government school to provide health or welfare services for students at the school | To provide education and care and related services to children enrolled at the school. To monitor and plan services for children enrolled at the school. | Principal of the non-Government school |
A person employed by the Commission for Children and Young People or otherwise engaged by the Commission | To perform the functions of the Principal Commissioner for or on behalf of the Commissioner. | Principal Commissioner for Commission for Children and Young People |
A prescribed person in accordance with the regulations | The purpose prescribed in relation to the person. | In accordance with the regulations |
A person who is employed or engaged by an entity to provide maternal and child health programs for a non-council Maternal and Child Health provider | To provide care and services to children attending the non-council Maternal and Child Health provider. | Person who has overall management and control of the non-council Maternal and Child Health provider |
[12] The Disability Services Commissioner is listed as a Child Link User and Child Link Authoriser under the Child Wellbeing and Safety Act; however, the Disability Services Commissioner has been decommissioned following the transfer of Victorian disability services to the National Disability Insurance Scheme and as such is not listed here.