Frequently asked questions about information sharing and MARAM

An Information Sharing Entity (ISE) is an organisation or service that has been prescribed in regulations to request and share information under CISS and FVISS.

ISEs can request and share information under the information sharing schemes.

Please refer to Chapter 1 of the CISS Guidelines and Chapter 2 of the FVISS Guidelines for further guidance.

ISEs are prescribed under:

• the Family Violence Information Sharing Scheme by the Family Violence Protection (Information Sharing and Risk Management) Regulations 2018
• the Child Information Sharing Scheme by the Child Wellbeing and Safety (Information Sharing) Regulations 2018.

This means that organisations and services do not need to register as an ISE.

For a full list of the workforces prescribed as ISEs, see Who can share information under the information sharing and MARAM reforms.

An organisation or service who is an Information Sharing Entity (ISE) may also be classified as an RAE under FVISS.

ISEs can share information relevant for a family violence assessment purpose with RAEs only. Information can be shared with all ISEs for a family violence protection purpose.

ISEs that are also RAEs are:

• State funded specialist family violence services (including Men’s Behavioural Change Programs, refuges, family violence counselling services and therapeutic programs)
• Risk Assessment and Risk Management Panels (RAMPs)
• state funded sexual assault services
• Child Protection and Child FIRST
• The Orange Door
• Victims Support Agency
• Victoria Police.

Refer to Chapter 2 of the FVISS Guidelines for further guidance.

For a full list of the workforces prescribed as ISEs, see Who can share information under the information sharing and MARAM reforms.

No. Although most organisations are prescribed across all three reforms, there are some organisations that are only prescribed for some of the reforms.

For a list of workforces prescribed as ISEs, see Who can share information under the information sharing and MARAM reforms.

You can also refer to Chapter 1 of the CISS Guidelines and Chapter 2 of the FVISS Guidelines for guidance.

Information Sharing Entities (ISEs) are responsible for verifying whether an individual is from another ISE before they share any information.

You can search for contact details of organisations and services prescribed to share information on the online ISE List.

The ISE List is updated at regular intervals but is not a live list. If you cannot find an organisation or service on this list, they may still be an ISE. You can refer to the following resources for further guidance:

• Who can share information under the information sharing reforms and MARAM?
• Appendix 2 - Prescribed entities of the Child Information Sharing Scheme Ministerial Guidelines
• Chapter 2 – Information Sharing Entities in the Family Violence Information Sharing Scheme Ministerial Guidelines, available for download from the Family Violence Information Sharing Scheme webpage.
  

Please note that if you have received a request from an ISE, you must respond.

Access the ISE List

If contact information for an organisation does not appear on the ISE List, please check the organisation’s website for public contact details.

Once you have confirmed that an organisation is an ISE, you should take reasonable steps to verify the identity of the person you plan to share information with. This may include asking them to send an email from an organisational account or calling them back via their organisation's switchboard. The ISE List should not be solely relied on to verify ISEs.

Information Sharing Entities (ISEs) determine how the reforms are implemented in their organisation.

ISEs should identify those roles in the organisation or service that are appropriate to use the Schemes to make or respond to requests and voluntarily share information, on behalf of the ISE.

ISEs must be satisfied that any individual or role authorised to use the Schemes on their behalf are:

• employed or otherwise contracted (i.e. not a volunteer) by the ISE
• suitably trained and competent in use of the Schemes.

Each organisation will have been advised by the relevant department regarding what services within their organisation are prescribed. Where confirmation is required, we recommend contacting the relevant department directly.

For a list of the workforces prescribed as ISEs, see Who can share information under the information sharing and MARAM reforms.

Yes, in certain circumstances.

Under CISS, information can be shared with a child, a person with parental responsibility for the child or a person with whom the child is living to manage a risk to the safety of the child.

Under FVISS, Information Sharing Entities (ISEs) may share relevant information about a perpetrator with the victim survivor to manage their safety and/or that of their child. If a child is a victim survivor, information can be shared with them or their parent who is not a perpetrator.

Practitioners should use their professional judgement to determine when and how to share information with a victim survivor.

You may refuse to give an individual access to information about themselves if you believe on reasonable grounds that giving the individual access to the information would:

• increase a risk to the safety of a child or group of children
• increase family violence risk to a victim survivor.

When providing a person access to their information, you must do it in a way that does not unreasonably impact the privacy of other individuals. For example, you may need to redact part of a record to protect the privacy of another person whose information also appears in the record.

Refer to the CISS Guidelines and Chapter 3 of the FVISS Guidelines for more information.

To update an organisation’s name or contact details appearing on the online ISE List, please send an email to:

Education workforces:
cisandfvis@education.vic.gov.au

Health workforces:
infosharing@health.vic.gov.au

Families, Fairness and Housing workforces: infosharing@dffh.vic.gov.au

Specialist Family Violence Services: infosharing@familysafety.vic.gov.au

Justice workforces:
family.violence@justice.vic.gov.au

Child Information Sharing Scheme (CISS)

Under CISS, Information Sharing Entities (ISEs) can share confidential information with other ISEs for the purpose of promoting the wellbeing or safety of a child or group of children, if, in their view sharing the information could assist the receiving ISE to:

• make a decision, assessment or plan
• start or conduct an investigation
• provide a service, and/or
• manage any risk

relating to a child or group of children. This is known as the threshold.

For more information on information sharing for wellbeing, refer to Understanding child wellbeing.

If the threshold for sharing is met, ISEs can share information:

• in response to a request and/or
• proactively (‘voluntary sharing’)

in a manner consistent with the legislative principles.

Confidential information may only be shared to the extent necessary to promote the wellbeing or safety of a child or group of children, consistent with their best interests.

Information must be shared in a timely manner. As the purpose of the Schemes is to allow early identification and supports, you do not need to wait until you are sure of an issue or risk. You can and should share before that time, as long as the requirements of the Schemes are met.

ISEs can also share confidential information about any person, from any source, with a child, a person who has parental responsibility for the child, and/or a person with whom the child is living, to manage a risk to that child’s safety.

Please refer to Chapter 1 of the CISS Guidelines for more information about when information can be shared.

Family Violence Information Sharing Scheme (FVISS)

There are two purposes for which information can be shared between ISEs under FVISS:

• Family violence assessment purpose: to establish whether family violence risk is present, assessing the level of risk the perpetrator poses to the victim survivor, and correctly identifying the perpetrator and victim survivor (note that only Risk Assessment Entities [RAEs] can request information for this purpose – see Who can share and request information under the Schemes?)
• Family violence protection purpose: to manage the risk of the perpetrator committing family violence, or the risk of the victim survivor(s) being subjected to family violence. Managing risk involves removing, reducing or preventing the escalation of risk. This includes information sharing to support ongoing risk assessment.

All ISEs can also share information for a family violence assessment purpose with an RAE, including information about an alleged perpetrator. See 2. What is a Risk Assessment Entity (RAE)? under Who can share and request information under the Schemes?

All ISEs can share information for a family violence protection purpose with other ISEs either voluntarily or in response to a request.

Only information that is relevant to assessing or managing a risk of family violence can be shared under FVISS. In determining what information is relevant, practitioners should use their professional judgement and refer to the MARAM Framework to determine what constitutes family violence risk.

Risk should be understood as both:

• risk of harm to the victim survivor from past and future family violence incidents
• future risk of family violence occurring.

The MARAM Framework provides guidance on family violence risk and can be found on the MARAM practice guides and resources page.

If information is not relevant to the assessment and management of family violence, that information should not be shared under FVISS.

Refer to Chapter 1 of the FVISS Guidelines for further information about when you can share information under the Scheme.

Child Information Sharing Scheme (CISS)

Confidential information about any person that meets the threshold for sharing under CISS can be shared.

Information that can be shared is broad and may include:

• professional judgements
• case notes
• contact details
• health information
• sensitive information such as religious and political affiliation and beliefs
• plans and assessments
• information obtained from other sources.

This includes relevant historical information collected before the commencement of CISS, as well as information collected after the commencement of CISS. It also includes information from any source, including received from another service under the Schemes. However, where circumstances allow, requesting Information Sharing Entities (ISEs) should try to seek information from the primary source to ensure information is current.

The information being disclosed or requested must not be ‘excluded information’ under Part 6A of the Child Wellbeing and Safety Act 2005 and must not be restricted from sharing under another law.

Refer to Chapter 1 of the CISS Guidelines for further information.

Family Violence Information Sharing Scheme (FVISS)

ISEs are obliged to share (in response to a request) and permitted to voluntarily share information (including information collected prior to the commencement of the Scheme) about perpetrators (as well as alleged perpetrators for an assessment purpose), victim survivors and relevant third parties if relevant consent thresholds for sharing are met and:

• the information is relevant to assessing or managing risk of family violence
• it is not excluded information and the sharing of that information would not contravene another law.

For more information on these thresholds, see For what purposes can information be shared under the Schemes? You can also refer to Chapter 1 of the FVISS Guidelines for further information.

Information Sharing Entities (ISEs) can share information to promote the wellbeing or safety of a child whether or not family violence is present. Information can be shared:

• under CISS to promote the wellbeing or safety of a child
• under FVISS to assess or manage family violence risk.

For more detail on information sharing for wellbeing, refer to Understanding child wellbeing.

ISEs should be mindful that sharing information in the context of family violence may pose particular and complex risks for children and other family members, and when considering sharing to promote child wellbeing or safety they should be alert to whether family violence risk may be present.

When sharing information in a family violence context, ISEs should therefore take all reasonable steps to plan for and maximise the immediate and ongoing safety of children and all family members at risk of family violence. Information sharing should occur in accordance with a relevant safety plan.

Risks related to information sharing are not always easily identified, so it is important to access relevant expertise. As set out in the MARAM Framework and relevant MARAM Practice Guides, ISEs should engage with services that are authorised and skilled to determine appropriate actions and promote collaborative practice around families and children.

Refer to Chapter 3 of the CISS Guidelines and Chapter 5 of the FVISS Guidelines for more information.

Under the information sharing schemes, provided the thresholds for sharing have been met, information about any person, including a child’s parent or guardian, can be shared if the purpose is to promote the wellbeing or safety of the child, or assess or manage the risk of family violence.

Consent is not required to share information about a child’s guardian or parent when assessing or managing a risk to a child victim survivor, or promoting child wellbeing or safety.

Information Sharing Entities (ISEs) should seek the views of the child and parent that are not perpetrators of family violence when sharing their information unless it is unsafe, inappropriate or unreasonable to do so.

We have developed resources to support you in these conversations, refer to:

• Child Information Sharing - information for parents, carers, children and young people
• Child Information Sharing - information for Aboriginal and Torres Strait Islander peoples
• Child Information Sharing Factsheet in your language
• Information sharing guides, templates and tools.

Refer to Chapter 1 and Chapter 2 of the CISS Guidelines and page 68 of the FVISS Guidelines for further information.

You can make a request under the Schemes verbally or in writing. Some services may have additional operational requirements for making a request, such as receiving the request via a form or email.

To access resources to help you make a request, refer to Information sharing guides, templates and tools.

Refer to Chapter 1 of the CISS Guidelines and Appendix A of the FVISS Guidelines for more information.

Under the Schemes, you can respond to a request either verbally or in writing. Please note that you should ensure relevant thresholds and purposes for sharing are met, and that you comply with record keeping requirements under the Schemes and the relevant privacy requirements for your organisation, including relevant data security standards.

You should respond to requests in a timely manner, in particular you should respond without delay where there is a risk to the safety of a person.

To access resources to help you respond to a request, refer to Information sharing guides, templates and tools.

Refer to Chapter 1 of the CISS Guidelines and Appendix B of the FVISS Guidelines for more information, or contact us at CISandFVIS@education.vic.gov.au or on 1800 549 646 with any questions.

Yes, Information Sharing Entities (ISEs) are permitted to share information with other ISEs voluntarily under the information sharing schemes as long as:

• the purpose and consent thresholds are met
• the information being shared is not excluded information, and
• sharing it would not contravene another law.

Under FVISS, all ISEs may proactively share relevant information with Risk Assessment Entities (RAEs) for a family violence assessment purpose and with all ISEs for a family violence protection purpose.

Refer to Chapter 1 of the CISS Guidelines and Chapter 1 of the FVISS Guidelines for more information about voluntary information sharing.

Yes, under both Schemes, information can be requested and shared either verbally (e.g. by telephone or at a case conference, so long as all participants taking part in the case conference are from ISEs) or in writing (e.g. in a standard form or report, letter, email or other form of electronic communication).

However, some services may prefer that requests take a particular form for operational reasons.

Existing data security standards will continue to apply, which may mean that certain information will have to be handled in a particular way.

A written record of information sharing, including through a verbal exchange, must be made and stored securely on file, consistent with an organisation’s policies and procedures and with record keeping requirements.

Refer to Chapter 2 of the CISS Guidelines and Chapter 1 of the FVISS Guidelines for more information.

Information Sharing Entities (ISEs) should make sure that the organisation they are sharing information with has been prescribed as an ISE under the Schemes. See 4. How can I identify an ISE? under Who can share and request information under the Schemes?

If you do not already know that the person requesting the information works for an information sharing entities (for example, through an existing relationship with or knowledge of that person), you should verify their identity prior to sharing any information. For example, you can ask them to send an email from their official work account or contact the information sharing entities’ switchboard.

Information Sharing Entities (ISEs) can refuse to provide information in response to a request under the Schemes:

• when the threshold for sharing is not met (see 1. For what purposes can information be shared under the Schemes?)
• where the information is not relevant to the purpose for which information is being requested (see 1. For what purposes can information be shared under the Schemes?)
• where the information is excluded information
• where sharing that information would contravene another law
• where sharing would be inconsistent with the legislative principles (as relevant under CISS only)
• where applicable consent thresholds have not been met (if required under FVISS only).

The CISS Ministerial Guidelines set out 9 legislative principles to guide sharing. When sharing information under CISS, ISEs should use their professional judgement to apply these principles, for example, not sharing parts of the information that are not necessary to promote child wellbeing and safety in the best interests of the child.

If an ISE refuses a request for information, it must record the request and the reason it was refused and provide the reason to the requesting ISE in writing. However, ISEs are not required to provide reasons where it would be inappropriate to provide details of the specific ground for the particular exclusion (e.g. where it would prejudice a criminal investigation). It would then be sufficient to refuse on the grounds that the information is excluded.

Refer to Chapter 1 and Chapter 5 of the CISS Guidelines and Chapters 1 and 10 of the FVISS Guidelines for more information about refusing a request for information.

Requesting Information Sharing Entities (ISEs) are encouraged to appropriately skill and equip relevant staff to make requests that contain enough information to enable receiving ISEs to exercise their professional judgment to share information.

Responding ISEs are encouraged to discuss requests that they think do not meet the threshold with the requesting ISEs.

ISEs should assist each other (for example, by providing guidance on how they would like to receive requests, seeking further information and having follow-up conversations) to make actionable requests that meet the needs of the Scheme.

A refusal to share information must be provided in writing to the requesting ISE, with reasons stated. You are encouraged to discuss refusals with the responding ISE and work together to understand the exercise of professional judgement that each ISE is bringing to the request and the decision whether to share. The legislative principles require ISEs to work collaboratively while respecting their different expertise.

If you think a request to share information was incorrectly refused, you should raise this with the responding ISE. If you are unable to resolve the issue, a complaint may be made to the responding ISE. All ISEs are required to have a policy in place for handling complaints in relation to their use of the Schemes, and to keep records of complaints received and how they were resolved.

If an ISE forms a view that another ISE has repeatedly incorrectly applied the thresholds or principles of the Schemes in refusing to provide information, ISEs are encouraged to raise the matter with the service that funds the ISE and/or the department responsible for providing or funding the ISE or service.

Refer to Chapter 5 of the CISS Guidelines and Chapters 1 and 10 of the FVISS Guidelines for more information about refusing a request for information.

Refer to Chapter 5 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines for more information about complaints.

No, but Information Sharing Entities (ISEs) should respond in a timely manner to a request from another ISE; and must provide relevant information if the legal requirements of the Schemes are met.

Although no formal time limit is imposed for responding to requests under the Schemes, ISEs should ensure that they respond to requests in a timely manner, taking into account risk issues.

An ISE should prioritise requests for information that pertain to safety risks, including family violence. In particular, where a serious threat has been identified, ISEs should respond to those requests for information without delay.

Refer to Chapter 1 of the CISS Guidelines and Chapter 1 of the FVISS Guidelines for more information.

Where there is not sufficient information for an Information Sharing Entity (ISE) to form a reasonable belief that a person poses a risk of family violence, the person may be considered an ‘alleged perpetrator’. Information about an alleged perpetrator may be shared without consent with Risk Assessment Entities (RAEs) for a family violence assessment purpose, to determine if they are a perpetrator and assess the level of risk they pose.

Refer to Chapter 3 of the FVISS Guidelines for more information.

Where it is established that a person has been incorrectly identified as a perpetrator, an Information Sharing Entity (ISE) should stop sharing information about that person as a perpetrator under FVISS and should instead share their information in the same way as other victim survivors, which might mean seeking their consent.

A service should make their best efforts to correct their records and any information that has already been disclosed to other ISEs. The correction of records should occur in a timely manner to reduce any likelihood that incorrect information will continue to be shared. Individual officers will not be held liable for incorrectly sharing this information where it has been done in good faith and with reasonable care.

Refer to Chapter 3 of the FVISS Guidelines or Section 11 of the MARAM Framework Foundation Knowledge Guide for more information.

A number of organisations have established central units for receiving and responding to information sharing requests.

Victoria Police

If you are seeking to request information from the Victoria Police please visit VICPOL and complete the relevant online request form.

If you have any other enquiries in relation to information sharing under FVISS and CISS, please email INFORMATION-SHARING@police.vic.gov.au or phone (03) 8335 5902.

Magistrates’ Court of Victoria and Children's Court

Information Sharing Entities (ISEs) can now request information under the Family Violence Information Sharing Scheme and Child Information Sharing Scheme from the Magistrate’s Court and Children’s Court via the Courts Information Sharing (CIS) Portal.

If you have any other enquiries in relation to information sharing under CISS and FVISS, please contact the Information Sharing Team at informationsharing@courts.vic.gov.au.

Child Protection

If you are seeking to request information from Child Protection, please visit Department of Families, Fairness and Housing Family Violence and Child Information Sharing Schemes · Requests for Child Protection Information and complete the webform. ISEs can email info.exchange@dffh.vic.gov.au for general enquiries.

Other organisations

For all other organisations please visit the online ISE List for available contact details.

Access the ISE List

Under the Schemes, consent means both express and implied consent.

‘Express consent’ is when a person has expressly, either verbally or in written form, given their consent to their information being shared.

‘Implied consent’ is not expressly given but can be inferred through a victim survivor or third party’s conduct or behaviour and the facts of a given situation.

Child Information Sharing Scheme (CISS)

Under CISS, Information Sharing Entities (ISEs) do not require consent from any person to share relevant information. However, it is important to note that a professional should seek and take into account the views of the child and their relevant family members where it is appropriate, safe and reasonable to do so. As supported by the legislative principles, it is critical to maintain constructive and respectful engagement with children and their families.

Refer to Chapter 2 of the CISS Guidelines and Chapter 9 of the FVISS Guidelines for further guidance on consent.

Family Violence Information Sharing Scheme (FVISS)

Under FVISS, there are circumstances in which information can only be shared with the consent of the person to whom the information relates.

Alleged perpetrators and perpetrators: no consent required

Consent is not required from an alleged perpetrator (for a risk assessment purpose) or a perpetrator (for a risk assessment purpose or protection purpose), including adolescents who use violence in the home, when sharing information under FVISS to assess or manage risk of family violence to a child or adult victim survivor.

Child victim survivors: no consent required

When assessing or managing a risk to a child victim survivor, consent is not required from any person (including the child, a parent who is not a perpetrator or any other person) to share their information if it is relevant to assessing or managing the risk of family violence for a child victim survivor. However, ISEs must seek the views of child and adult victim survivors when sharing their information unless it is not safe, appropriate or reasonable to do so.

For more information refer to:

• Chapter 5 of the FVISS Guidelines for further information on seeking the views of adult and child victim survivors
• 'Tips for a conversation with a child victim survivor or parent who is not a perpetrator' under the heading 'Share Information' on the Information sharing guides, templates and tools webpage.

Adult victim survivors and third parties: consent required

When assessing or managing risk to an adult victim survivor (where there is no child at risk), consent will be required from the victim survivor or a third party before their information can be shared under FVISS. However, their information may be shared without consent where the sharing of that information is necessary to lessen or prevent a serious threat to an individual’s life, health, safety or welfare.

Consent is also required to share information about a third party. A third party is any person whose confidential information is relevant to assessing or managing family violence risk who is not a victim survivor, perpetrator or alleged perpetrator. This could include previous partners of either party, friends, acquaintances, neighbours or associates of a victim survivor, perpetrator or alleged perpetrator.

You may also refer to:

• Chapter 4 of the FVISS Guidelines for more information on sharing information about adult victim survivors and third parties (where there is no child at risk)
• an example 'Information sharing consent form' (for adult victim survivors only) and 'Tips for a conversation for obtaining consent from an adult victim survivor' under the heading 'Share Information' on the Information sharing guides, templates and tools webpage.

Refer to Chapter 1 of the FVISS Guidelines for more information on consent thresholds.

Where consent is not required, ISEs should seek and take into account the views of child and adult victim survivors about information sharing if appropriate, safe and reasonable to do so.

It is a matter for Information Sharing Entities (ISEs) to determine a process for obtaining consent and sharing with implied consent under FVISS.

This might include consent being obtained from the requesting ISE where the responding ISE is not directly working with a person whose consent is required to share information.

Refer to Chapter 9 of the FVISS Guidelines for more information.

The information sharing schemes are designed to complement each other, to enable services to share information to respond to the range of needs and risks facing children and families. The Schemes align in a number of ways, including:

• broadly consistent Information Sharing Entities (ISEs) and record keeping requirements
• similar protections for professionals who share information in good faith and with reasonable care
• prioritising the safety of children and victim survivors over the privacy of any individual.

Information can be shared:

• under FVISS to assess and manage family violence risk, including to children
• under CISS to promote the wellbeing or safety of a child.

ISEs should be mindful that sharing information in the context of family violence may pose particular and complex risks for children and other family members. When considering sharing to promote child wellbeing or safety, ISEs should be alert to whether family violence risk may be present. When sharing information in a family violence context, ISEs should therefore take all reasonable steps to plan for and maximise the immediate and ongoing safety of children and all family members at risk of family violence. Information sharing should occur in accordance with a relevant safety plan.

When sharing under one Scheme, ISEs should consider whether sharing under the other Scheme may also be beneficial. For example, when sharing to assess or manage family violence risk, if there are children in the family the ISE should consider whether additional information should be shared with other ISEs for child wellbeing or safety purposes beyond the assessment and management of family violence risk.

Refer to Chapter 3 of the CISS Guidelines for further information on the intersection between the two Schemes.

No, Commonwealth agencies and wholly interstate organisations are not prescribed under the Schemes.

Where Information Sharing Entities (ISEs) share or request information from interstate or Commonwealth organisations, the Schemes will not be relevant. When sharing cross-border, ISEs should continue to use existing permissions for sharing information as well as their current practices for working with agencies in the neighbouring state. Interstate or Commonwealth entities should respond to requests for information in accordance with the laws of their own jurisdiction.

Refer to Chapter 4 of the CISS Guidelines and Chapter 2 of the FVISS Guidelines for more information.

All organisations and services should continue to share information as appropriate in accordance with other laws. The information sharing schemes do not impact on these other permissions to share, including privacy laws, workplace safety laws and the Children, Youth and Families Act 2005, for example.

The Schemes provide additional permissions for Information Sharing Entities (ISEs) to share information with other ISEs for the purpose of family violence risk assessment and management or to promote the wellbeing or safety of a child or group of children, provided the relevant requirements are met.

Refer to Chapter 4 of the CISS Guidelines and Chapter 11 of the FVISS Guidelines.

Secrecy and confidentiality provisions continue to apply unless expressly overridden by the information sharing schemes. If another Act contains legal restrictions on the sharing of information and these provisions have not been expressly overridden under the Schemes, these restrictions will continue to apply to the sharing of that information.

Refer to Chapter 4 of the CISS Guidelines and Chapter 11 of the FVISS Guidelines for further information on the secrecy and confidentiality provisions in other laws that have been overridden by the Schemes.

Refer to MARAM for determining whether a family violence risk is serious.

The Office of the Victorian Information Commissioner and the Health Complaints Commissioner have also prepared guidance to assist services to determine whether information should be shared to lessen or prevent a serious risk under privacy laws. Please refer to the guidance from the Office of the Victorian Information Commissioner for further information.

Refer to Chapter 4 of the FVISS Guidelines for more information about the serious threat exception to victim survivor consent when sharing under FVISS.

The role of disability services in supporting the wellbeing and safety of children and families is recognised, however, neither the NDIS nor NDIA are prescribed as Information Sharing Entities (ISEs).

State provided and funded specialist forensic disability accommodation services are prescribed under the information sharing schemes. The Victorian Disability Worker Commission and the Disability Worker Registration Board of Victoria are also prescribed.

Offences and penalties may apply where information is shared unlawfully under the Schemes. However, a person who is authorised to share information under the Schemes, who acts in good faith and with reasonable care when sharing information will:

• not be held liable for any criminal, civil or disciplinary action for providing the information
• not be in breach of any code of professional ethics or considered to have departed from any accepted standards of professional conduct

This protection from liability applies only to individuals, not organisations.

Refer to Chapter 6 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines for further information.

Individuals should make any complaints about how the Schemes have been applied to them (including but not limited to breaches of their privacy) directly to the relevant Information Sharing Entity (ISE) in the first instance.

ISEs should have procedures in place for dealing with complaints about the use of the Schemes and are required to keep records of complaints received, how they were resolved, and action taken if any.

If the individual is unsatisfied with the response of the ISE, privacy complaints can be made to the relevant privacy regulator:

• The Office of the Victorian Information Commissioner (OVIC) when the complaint is related to personal information
  Website: www.ovic.vic.gov.au
  Telephone: 1300 006 842
• The Health Complaints Commissioner (HCC) when the complaint is related to health information.
  Website: www.hcc.vic.gov.au
  Telephone: 1300 582 113

When Commonwealth privacy law applies, complaints can be made to:

• The Office of the Australian Information Commissioner (OAIC)
  Website: www.oaic.gov.au
  Telephone: 1300 363 992

For further information on complaints, refer to Chapter 6 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines.

Information Sharing Entities (ISEs) should have procedures in place for dealing with complaints made in relation to the Schemes and should make these available. ISEs should also keep records of any complaints.

If a complaint is received, the ISE must record:

• the date the complaint was made and received
• the nature of the complaint
• any action that was taken to resolve the complaint
• any necessary action that has been taken to prevent or lessen the risk of further similar complaints by addressing the reasons for the complaint
• time taken to resolve the complaint
• if the ISE was unable to resolve the complaint, any further action (if any) that was taken

For further information on complaints, refer to Chapter 6 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines.

The Family Violence Multi-Agency Risk Assessment and Management Framework (MARAM) has been developed in response to recommendations 1-3 of the Royal Commission into Family Violence.

The MARAM Framework is embedded in law and policy, establishing the system architecture and accountability mechanisms required for a system-wide approach to and shared responsibility for family violence risk, including:

• MARAM Framework legislative instrument, established at Part 11 of the Family Violence Protection Act 2008
• Family Violence Protection (Information Sharing and Risk Management) Regulations 2018 prescribe Framework Organisations to the MARAM Framework.
• MARAM Framework policy document complements and provides further detail on the legislative instrument.

The MARAM Framework is structured through four ‘pillars’ that aim to establish a system-wide approach and shared responsibility for family violence risk assessment and management. These include:

• Shared understanding of family violence.
• Consistent and collaborative practice.
• Responsibilities for risk assessment and management.
• Systems, outcomes and continuous improvement.

A set of practice guides and supporting resources have been developed alongside the MARAM Framework to better support professionals. These can be found on the MARAM practice guides and resources page.

Find more information on the MARAM Framework.

Organisations will have been notified if they are prescribed to MARAM.

Organisations that are not prescribed in regulations are not precluded from using the MARAM Framework. The MARAM Framework is recommended to be used by all services that come into contact with individuals and families experiencing family violence.

Organisations due to be prescribed can begin aligning to the MARAM Framework and do not have to wait for the date of prescription.

Organisations and services prescribed under MARAM are required to align their policies, procedures, practice guidance and tools to MARAM. This is a legal obligation as recommended by the Royal Commission into Family Violence to support consistent and widespread use of the MARAM Framework across the many sectors involved in family violence risk assessment and management.

Implementation of MARAM will require significant culture change and system reform. This will take time and effort at all levels of the service system. As such, it is recognised that MARAM alignment is progressive and will take time.

Family Safety Victoria has developed alignment guidance materials to support organisations to determine what alignment activities to prioritise in their first year of prescription. This includes an organisational embedding guide and responsibilities decision guide available at the MARAM practice guides and resources page.

Useful starting documents for organisational leaders are:

• Organisation self-audit tool:

• MARAM responsibilities guide
• Executive briefing slides:

• MARAM alignment checklist:

• Decision guide for organisational leaders:

The MARAM Framework outlines four pillars, each with a description of a Framework requirement for organisations to align their policies, procedures, practice guidance and tools.

Framework Organisations are not expected to have aligned their policies, procedures, practice guidance and tools to the MARAM Framework from day one. Instead, it is acknowledged that MARAM alignment is progressive and will take time.

Guidance to support organisations to start aligning to MARAM can be found at the MARAM practice guides and resources page. This includes an organisational embedding guide that supports organisations to understand the MARAM responsibilities for risk assessment and management and MARAM practice guides including the victim survivor focused practice guides and the perpetrator focused practice guides.

A maturity model provides a set of stepped benchmarks against which organisations can compare their alignment progress. The maturity model was proposed early in the development of the MARAM Framework in recognition of the need to provide guidance to prescribed organisations as to their expected alignment pathway, noting that this would vary considerably across different sectors.

A maturity model recognises the importance of flexibility given the diverse group of prescribed organisations, each of whom have their own distinct challenges, levels of understanding of family violence, cultural attitudes, and workforce capability to respond to family violence risk. Whilst the maturity model will include measurable progress markers of alignment, the pathways toward these remain with the organisations themselves.

The maturity model is in development.

The MARAM practice guides support professionals to understand their relevant responsibilities under the MARAM Framework towards the identification, assessment and ongoing management of family violence risk as it relates to their specific roles. The MARAM Framework sets out 10 responsibilities for practice, and as such there are 10 responsibilities guide for each of these. There is also a Foundational Knowledge Guide. The practice guides are currently available by responsibility to work with victim survivors; practice guides for working with people who use violence are due for release in 2021.

Different practitioners will have different MARAM responsibilities. Organisations have a responsibility to determine which responsibilities apply and advise their staff members. Please refer to the MARAM responsibilities: decision guide to determine which responsibility applies to your organisation:

Foundation knowledge guide

The Foundation Knowledge Guide underpins all MARAM Responsibilities for practice. It outlines key elements of the MARAM Framework, the service system, the evidence-based family violence risk factors that underpin all levels of risk assessment practice and presentations of risk across different age groups and Aboriginal and diverse communities.

• Responsibility 1: Respectful, sensitive and safe engagement
• Responsibility 2: Identification of family violence risk
• Responsibility 3: Intermediate risk assessments
• Responsibility 4: Intermediate risk management
• Responsibility 5: Secondary consultation and referral
• Responsibility 6: Information sharing with other services
• Responsibility 7: Comprehensive risk assessment
• Responsibility 8: Comprehensive risk management and safety planning
• Responsibility 9: Contribute to coordinated risk management
• Responsibility 10: Collaborate for ongoing risk assessment and risk management

For more information on the MARAM practice guides, visit the MARAM practice guides and resources page.

MARAM tools have been developed for use in practice which are underpinned by the MARAM Framework evidence-based risk factors. The MARAM Framework assessment tools cover different stages and levels of assessment and build on each other.

Each tool asks more detailed questions or contains prompts to get more information about the behaviour used by the perpetrator, level of risk and protective factors. The questions in the tools are designed to identify if risk factors are present.

For adult victim survivors the tools available include:

• identification and screening
• brief risk assessment (which is for time-critical interventions and includes only serious risk factors associated with an increased likelihood of the victim survivor being killed or nearly killed, to assess the seriousness of risk and inform short term risk management)
• intermediate risk assessment
• comprehensive risk assessment

Each tool asks questions about risk specific to children and young people.

Tools for assessing perpetrator behaviour and an assessment tool for adolescents who use violence are also in development for 2021.

It is expected that professionals will use the tool that matches their level of training, expertise, and relevant MARAM Framework responsibilities. For example, the comprehensive tool will be used by specialist family violence practitioners.

Organisations may have embedded tools into existing processes, or may be use MARAM tools as designed.

All tools are available online at the MARAM practice guides and resources page.

An online system to host the MARAM assessment tools (Tools for Risk Assessment and Management or TRAM) is also available. Framework Organisations interested in using TRAM can contact the TRAM team at: tram@familysafety.vic.gov.au.

Information about training to support implementation can be found on the Training for the information sharing and MARAM reforms webpage.

Information about MARAM training is available on the Training for information sharing and MARAM reforms webpage.

Professionals should select the most appropriate training for their level of responsibility in responding to family violence risk based on their organisation and sector.

Government schools are expected to follow the Department of Education’s policy and guidance on requesting and sharing information under CISS and FVISS, and aligning to the MARAM framework. The relevant policies are:

• Child and Family Violence Information Sharing Schemes: Policy
• Family Violence Support: Policy.

Government schools may need to develop local processes or procedures to manage information sharing requests. They may also refer to the Information Sharing and Family Violence Reforms: Guidance and Tools for helpful guidance, interactive templates and tools such as decision making trees.

Catholic schools should refer to their Diocese for guidance on policies and procedures.

Catholic schools may also refer to the Information Sharing and Family Violence Reforms: Guidance and Tools. This resource is designed to help education workforces embed the information sharing schemes and align to the MARAM framework. It includes helpful guidance, interactive templates and tools such as decision making trees.

Independent schools can refer to the Information Sharing and Family Violence Reforms: Guidance and Tools. This resource is designed to help education workforces embed the information sharing schemes and align to the MARAM framework. It includes guidance, interactive templates and tools.

Early Childhood services should continue to follow provider level policies and procedures regarding sharing of information.

If you a member of a peak body such as Early Learning Association Australia or Community Child Care Association, these organisations may be able to assist in providing policy guidance and advice related to the information sharing schemes.

Early Childhood services should also refer to the Information Sharing and Family Violence Reforms: Guidance and Tools. This resource is designed to help education workforces embed the information sharing schemes and align to the MARAM framework. It includes guidance, interactive templates and tools.

The Department of Health and the Royal Australian College of General Practitioners (RACGP) have developed the following resources to support general practitioners to use the information sharing schemes.

• Family Violence Multi-Agency Risk Assessment and Management Framework and information sharing
• Sharing information to support patients’ health and wellbeing - infographic
• RACGP - Implementing Victorian information sharing schemes in primary care.

For any queries related to policy, implementation or training, or for technical issues with the online learning modules, please email CISandFVIS@education.vic.gov.au or contact us on 1800 549 646.

Please note our staff are not prescribed Information Sharing Entities (ISEs) under CISS or FVISS and therefore cannot share or receive identifiable information through these schemes

The CISS Guidelines and FVISS Guidelines are on the Information sharing guides, templates and tools page, under 'Familiarise yourself with the Ministerial Guidelines'.

Find resources related to the MARAM Framework on the MARAM practice guides and resources page.

Refer to the Information sharing schemes and the MARAM framework website for further resources and guidance.