Frequently asked questions about information sharing and MARAM

An information sharing entity is an organisation or service that has been prescribed in legislation to request and share information under CISS and FVISS.

Information sharing entities can request and share information under the information sharing schemes.

Please refer to Chapter 1 of the CISS Guidelines and Chapter 2 of the FVISS Guidelines for further guidance.

Information sharing entities are prescribed under:

• the Family Violence Information Sharing Scheme by the Family Violence Protection (Information Sharing and Risk Management) Regulations 2018
• the Child Information Sharing Scheme by the Child Wellbeing and Safety (Information Sharing) Regulations 2018

This means that organisations and services do not need to register as an information sharing entity.

An organisation or service who is an information sharing entity may also be classified as an RAE under FVISS.

Information sharing entities can share information relevant for a family violence assessment purpose with RAEs only. Information can be shared with all information sharing entities for a family violence protection purpose.

Information sharing entities that are also RAEs are:

• State funded specialist family violence services (including Men’s Behavioural Change Programs, refuges, family violence counselling services and therapeutic programs)
• Risk Assessment and Risk Management Panels (RAMPs)
• state funded sexual assault services
• Child Protection and Child FIRST
• The Orange Door
• Victims Support Agency
• Victoria Police

Refer to Chapter 2 of the FVISS Guidelines for further guidance.

No. Although most organisations are prescribed across all three reforms, there are some organisations that are only prescribed for some of the reforms.

You can visit the information sharing and MARAM website for further information on services and organisations prescribed under the Schemes and MARAM or refer to Chapter 1 of the CISS Guidelines and Chapter 2 of the FVISS Guidelines for guidance.

The information sharing and MARAM website provides guidance on workforces prescribed under the Child and Family Violence Information Sharing Schemes and MARAM.

All organisations and services prescribed as information sharing entities can also access the online ISE List. The online ISE List is a database that can be used to identify other organisations and services prescribed under the Child Information Sharing Scheme and the Family Violence Information Sharing Scheme.

Access the ISE List

Please note that the ISE List is updated at regular intervals but is not a live list. Information sharing entities are responsible for verifying whether an individual is from an Information sharing entity before they share any information. The ISE List should not be solely relied on to verify Information sharing entities.

If contact information for an organisation does not appear on the ISE List, please check the organisation’s website for public contact details.

Information sharing entities determine how the reforms are implemented in their organisation.

Information sharing entities should identify those roles in the organisation or service that are appropriate to use the Scheme to make or respond to requests and voluntarily share information, on behalf of the information sharing entity.

Information sharing entities must be satisfied that any individual or role authorised to use the Schemes on their behalf are:

• individuals using the Schemes on behalf of an information sharing entity must be employed or otherwise contracted (i.e. not a volunteer) by the information sharing entity
• be suitably trained and competent in use of the Schemes

Your organisation will have been advised by the relevant department regarding what services within your organisation are prescribed. Where confirmation is required, we recommend contacting the relevant department directly.

Learn more about what services are prescribed as information sharing entities.

Yes, in certain circumstances.

Under CISS, information can be shared with a child, a person with parental responsibility for the child or a person with whom the child is living to manage a risk to the safety of the child.

Under FVISS, information sharing entities may share relevant information about a perpetrator with the victim survivor to manage their safety and/or that of their child. If a child is a victim survivor, information can be shared with them or their parent who is not a perpetrator.

Practitioners should use their professional judgement to determine when and how to share information with a victim survivor.

You may refuse to give an individual access to information about themselves if you believe on reasonable grounds that giving the individual access to the information would:

• increase a risk to the safety of a child or group of children
• increase family violence risk to a victim survivor

When providing a person access to their information, you must do it in a way that does not unreasonably impact the privacy of other individuals. For example, you may need to redact part of a record to protect the privacy of another person whose information also appears in the record.

Refer to the CISS Guidelines and Chapter 3 of the FVISS Guidelines for more information.

To update an organisation’s name or contact details appearing on the online ISE List, please send an email to:

Education workforces:
cisandfvis@education.vic.gov.au

Health workforces:
infosharing@health.vic.gov.au

Families, Fairness and Housing workforces: infosharing@dffh.vic.gov.au

Specialist Family Violence Services: infosharing@familysafety.vic.gov.au

Justice workforces:
family.violence@justice.vic.gov.au

Child Information Sharing Scheme (CISS)

Under CISS, information sharing entities can share confidential information with other information sharing entities for the purpose of promoting the wellbeing or safety of a child or group of children, if, in their view sharing the information could assist the receiving information sharing entity to:

• make a decision, assessment or plan
• start or conduct an investigation
• provide a service, and/or
• manage any risk

relating to a child or group of children. This is known as the threshold.

If the threshold for sharing is met, information sharing entities can share information:

• in response to a request and/or
• proactively (‘voluntary sharing’)

in a manner consistent with the legislative principles.

Confidential information may only be shared to the extent necessary to promote the wellbeing or safety of a child or group of children, consistent with their best interests.

Information must be shared in a timely manner. As the purpose of the Schemes is to allow early identification and supports, you do not need to wait until you are sure of an issue or risk. You can and should share before that time, as long as the requirements of the Schemes are met.

Information sharing entities can also share confidential information about any person, from any source, with a child, a person who has parental responsibility for the child, and/or a person with whom the child is living, to manage a risk to that child’s safety.

Please refer to Chapter 1 of the CISS Guidelines for more information about when information can be shared.

Family Violence Information Sharing Scheme (FVISS)

There are two purposes for which information can be shared between information sharing entities under the FVISS:

• Family violence assessment purpose: to establish whether family violence risk is present, assessing the level of risk the perpetrator poses to the victim survivor, and correctly identifying the perpetrator and victim survivor (note that only Risk Assessment Entities [RAEs] can request information for this purpose – see ‘Who can share and request information under the Schemes?’)
• Family violence protection purpose: to manage the risk of the perpetrator committing family violence, or the risk of the victim survivor(s) being subjected to family violence. Managing risk involves removing, reducing or preventing the escalation of risk. This includes information sharing to support ongoing risk assessment.

All information sharing entities can also share information for a family violence assessment purpose with an RAE, including information about an alleged perpetrator. (See the section, 'What is a Risk Assessment Entity [RAE]?').

All information sharing entities can share information for a family violence protection purpose with other information sharing entities either voluntarily or in response to a request.

Only information that is relevant to assessing or managing a risk of family violence can be shared under FVISS. In determining what information is relevant, practitioners should use their professional judgement and refer to the MARAM Framework to determine what constitutes family violence risk.

Risk should be understood as both:

• risk of harm to the victim survivor from past and future family violence incidents
• future risk of family violence occurring

The MARAM Framework provides guidance on family violence risk and can be found on the MARAM practice guides and resources page.

If information is not relevant to the assessment and management of family violence, that information should not be shared under FVISS.

Refer to Chapter 1 of the FVISS Guidelines for further information about when you can share information under the Scheme

Child Information Sharing Scheme (CISS)

Confidential information about any person that meets the threshold for sharing under CISS can be shared.

Information that can be shared is broad and may include:

• professional judgements
• case notes
• contact details
• health information
• sensitive information such as religious and political affiliation and beliefs
• plans and assessments
• information obtained from other sources

This includes relevant historical information collected before the commencement of CISS, as well as information collected after the commencement of CISS. It also includes information from any source, including received from another service under the Schemes. However, where circumstances allow, requesting information sharing entities should try to seek information from the primary source to ensure information is current.

The information being disclosed or requested must not be ‘excluded information’ under Part 6A of the Child Wellbeing and Safety Act 2005 and must not be restricted from sharing under another law.

Refer to Chapter 1 of the CISS Guidelines for further information.

Family Violence Information Sharing Scheme (FVISS)

Information sharing entities are obliged to share (in response to a request) and permitted to voluntarily share information (including information collected prior to the commencement of the Scheme) about perpetrators (as well as alleged perpetrators for an assessment purpose), victim survivors and relevant third parties if relevant consent thresholds for sharing are met and:

• the information is relevant to assessing or managing risk of family violence
• it is not excluded information and the sharing of that information would not contravene another law

The section 'For what purposes can information be shared under the Schemes?' on this page contains additional information on these thresholds. You can also refer to Chapter 1 of the FVISS Guidelines for further information.

Information sharing entities can share information to promote the wellbeing or safety of a child whether or not family violence is present. Information can be shared:

• under FVISS to assess or manage family violence risk
• under CISS to promote the wellbeing or safety of a child

Information sharing entities should be mindful that sharing information in the context of family violence may pose particular and complex risks for children and other family members, and when considering sharing to promote child wellbeing or safety they should be alert to whether family violence risk may be present.

When sharing information in a family violence context, information sharing entities should therefore take all reasonable steps to plan for and maximise the immediate and ongoing safety of children and all family members at risk of family violence. Information sharing should occur in accordance with a relevant safety plan.

Risks related to information sharing are not always easily identified, so it is important to access relevant expertise. As set out in the MARAM Framework and relevant MARAM Practice Guides, information sharing entities should engage with services that are authorised and skilled to determine appropriate actions and promote collaborative practice around families and children.

Refer to Chapter 3 of the CISS Guidelines and Chapter 5 of the FVISS Guidelines for more information.

Yes, under the information sharing schemes, provided the thresholds for sharing have been met, information about any person, including a child’s parent or guardian, can be shared if the purpose is to assess or manage the risk of family violence, or to promote the wellbeing or safety of the child.

Consent is not required to share information about a child’s guardian or parent when assessing or managing a risk to a child victim survivor, or promoting child wellbeing or safety.

Information sharing entities should seek the views of the child and parent that are not perpetrators of family violence when sharing their information unless it is unsafe, inappropriate or unreasonable to do so.

Refer to Chapter 1 and Chapter 2 of the CISS Guidelines page 68 of the FVISS Guidelines for further information.

You can make a request under the Schemes verbally or in writing. Some services may have additional operational requirements for making a request, such as receiving the request via a form or email.

Resources to help you make a request are on the information sharing website.

Refer to Chapter 1 of the CISS Guidelines and Appendix A of the FVISS Guidelines for more information.

Under the Schemes, you can respond to a request either verbally or in writing. Please note that you should ensure relevant thresholds and purposes for sharing are met, and that you comply with record keeping requirements under the schemes and the relevant privacy requirements for your organisation, including relevant data security standards.

You should respond to requests in a timely manner, in particular you should respond without delay where there is a risk to the safety of a person.

Access resources to help you respond to a request are on the information sharing website.

Refer to Chapter 1 of the CISS Guidelines and Appendix B of the FVISS Guidelines for more information, or contact us at CISandFVIS@education.vic.gov.au or on 1800 549 646 with any questions.

Yes, information sharing entities are permitted to share information with other information sharing entities voluntarily under the information sharing schemes as long as:

• the purpose and consent thresholds are met
• the information being shared is not excluded information, and
• sharing it would not contravene another law

Under FVISS, all information sharing entities may proactively share relevant information with Risk Assessment Entities (RAEs) for a family violence assessment purpose and with all information sharing entities for a family violence protection purpose.

Refer to Chapter 1 of the CISS Guidelines and Chapter 1 of the FVISS Guidelines for more information about voluntary information sharing.

Yes, under both Schemes, information can be requested and shared either verbally (e.g. by telephone or at a case conference, so long as all participants taking part in the case conference are from information sharing entities) or in writing (e.g. in a standard form or report, letter, email or other form of electronic communication).

However, some services may prefer that requests take a particular form for operational reasons.

Existing data security standards will continue to apply, which may mean that certain information will have to be handled in a particular way.

A written record of information sharing, including through a verbal exchange, must be made and stored securely on file, consistent with an organisation’s policies and procedures and with record keeping requirements.

Refer to Chapter 2 of the CISS Guidelines and Chapter 1 of the FVISS Guidelines for more information.

Information sharing entities should make sure that the organisation they are sharing information with has been prescribed as an information sharing entities under the Schemes. You can access the ISE List online.

If you do not already know that the person requesting the information works for an information sharing entities (for example, through an existing relationship with or knowledge of that person), you should verify their identity prior to sharing any information (e.g. you can ask them to send an email from their official work account or contact the information sharing entities’ switchboard).

Information on what services are prescribed as information sharing entities can be found in Chapter 2 of the FVISS Guidelines and Appendix 2 of the CISS Guidelines, as well as the webpage Who can share information under the information sharing and MARAM reforms.

Yes, information sharing entities can refuse to provide information in response to a request under the Schemes:

• when the threshold for sharing is not met (see the section, 'For what purposes can information be shared under the Schemes?')
• where the information is not relevant to the purpose for which information is being requested (see the section, 'For what purposes can information be shared under the Schemes?')
• where the information is excluded information
• where sharing that information would contravene another law
• where sharing would be inconsistent with the legislative principles (as relevant under CISS only)
• where applicable consent thresholds have not been met (if required under FVISS only)

The CISS Ministerial Guidelines set out nine legislative principles to guide sharing. When sharing information under CISS, information sharing entities should use their professional judgement to apply these principles, for example, not sharing parts of the information that are not necessary to promote child wellbeing and safety in the best interests of the child.

If an information sharing entities refuses a request for information, it must record the request and the reason it was refused and provide the reason to the requesting information sharing entities in writing. However, information sharing entities are not required to provide reasons where it would be inappropriate to provide details of the specific ground for the particular exclusion (e.g. where it would prejudice a criminal investigation). It would then be sufficient to refuse on the grounds that the information is excluded.

Refer to Chapter 1 and Chapter 5 of the CISS Guidelines and Chapters 1 and 10 of the FVISS Guidelines for more information about refusing a request for information.

Requesting information sharing entities are encouraged to appropriately skill and equip relevant staff to make requests that contain enough sufficient information to enable receiving information sharing entities to exercise their professional judgment to share information.

Responding information sharing entities are encouraged to discuss requests that they think do not meet the threshold with the requesting information sharing entities.

Information sharing entities should assist each other (for example, by providing guidance on how they would like to receive requests, seeking further information and having follow-up conversations) to make actionable requests that meet the needs of the Scheme.

A refusal to share information must be provided in writing to the requesting information sharing entities, with reasons stated. You are encouraged to discuss refusals with the responding information sharing entities and work together to understand the exercise of professional judgement that each information sharing entities is bringing to the request and the decision whether to share. The legislative principles require information sharing entities to work collaboratively while respecting their different expertise.

If you think a request to share information was incorrectly refused, you should raise this with the responding information sharing entity. If you are unable to resolve the issue, a complaint may be made to the responding information sharing entity. All information sharing entities are required to have a policy in place for handling complaints in relation to their use of the Schemes, and to keep records of complaints received and how they were resolved.

If an information sharing entity forms a view that another information sharing entity has repeatedly incorrectly applied the thresholds or principles of the Schemes in refusing to provide information, information sharing entities are encouraged to raise the matter with the service that funds the information sharing entity and/or the department responsible for providing or funding the information sharing entity or service.

Refer to Chapter 5 of the CISS Guidelines and Chapters 1 and 10 of the FVISS Guidelines for more information about refusing a request for information.

Refer to Chapter 5 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines for more information about complaints.

No, but information sharing entities should respond in a timely manner to a request from another information sharing entity; and must provide relevant information if the legal requirements of the Schemes are met.

Although no formal time limit is imposed for responding to requests under the Schemes, information sharing entities should ensure that they respond to requests in a timely manner, taking into account risk issues.

An information sharing entity should prioritise requests for information that pertain to safety risks, including family violence. In particular, where a serious threat has been identified, information sharing entities should respond to those requests for information without delay.

Refer to Chapter 1 of the CISS Guidelines and Chapter 1 of the FVISS Guidelines for more information.

Where there is not sufficient information for an information sharing entity to form a reasonable belief that a person poses a risk of family violence, the person may be considered an ‘alleged perpetrator’. Information about an alleged perpetrator may be shared without consent with Risk Assessment Entities (RAEs) for a family violence assessment purpose, to determine if they are a perpetrator and assess the level of risk they pose.

Refer to Chapter 3 of the FVISS Guidelines for more information.

Where it is established that a person has been incorrectly identified as a perpetrator, an information sharing entity should stop sharing information about that person as a perpetrator under FVISS and should instead share their information in the same way as other victim survivors, which might mean seeking their consent.

A service should make their best efforts to correct their records and any information that has already been disclosed to other information sharing entities. The correction of records should occur in a timely manner to reduce any likelihood that incorrect information will continue to be shared. Individual officers will not be held liable for incorrectly sharing this information where it has been done in good faith and with reasonable care.

Refer to Chapter 3 of the FVISS Guidelines or Section 11 of the MARAM Framework Foundation Knowledge Guide for more information.

A number of organisations have established central units for receiving and responding to information sharing requests.

Victoria Police

If you are seeking to request information from the Victoria Police please visit VICPOL and complete the relevant online request form.

If you have any other enquiries in relation to information sharing under FVISS and CISS, please email INFORMATION-SHARING@police.vic.gov.au or phone (03) 8335 5902.

Magistrates’ Court of Victoria

If you are seeking to request information from the Magistrates’ Court of Victoria, please visit information sharing schemes for more information.

If you have any other enquiries in relation to information sharing under CISS and FVISS, please contact the Information Sharing Team at informationsharing@courts.vic.gov.au.

Child Protection

If you are seeking to request information from Child Protection, please visit Department of Families, Fairness and Housing Family Violence and Child Information Sharing Schemes · Requests for Child Protection Information and complete the webform. ISEs can email info.exchange@dffh.vic.gov.au for general enquiries.

Other organisations

For all other organisations please visit the online ISE List for available contact details.

Access the ISE List

Under the Schemes, consent means both express and implied consent.

‘Express consent’ is when a person has expressly, either verbally or in written form, given their consent to their information being shared.

‘Implied consent’ is not expressly given but can be inferred through a victim survivor or third party’s conduct or behaviour and the facts of a given situation.

Child Information Sharing Scheme (CISS)

Under CISS, information sharing entities do not require consent from any person to share relevant information. However, it is important to note that a professional should seek and take into account the views of the child and their relevant family members where it is appropriate, safe and reasonable to do so. As supported by the legislative principles, it is critical to maintain constructive and respectful engagement with children and their families.

Refer to Chapter 2 of the CISS Guidelines and Chapter 9 of the FVISS Guidelines for further guidance on consent.

Family Violence Information Sharing Scheme (FVISS)

Under FVISS, there are circumstances in which information can only be shared with the consent of the person to whom the information relates.

Alleged perpetrators and perpetrators: no consent required

Consent is not required from an alleged perpetrator (for a risk assessment purpose) or a perpetrator (for a risk assessment purpose or protection purpose), including adolescents who use violence in the home, when sharing information under FVISS to assess or manage risk of family violence to a child or adult victim survivor.

Child victim survivors: no consent required

When assessing or managing a risk to a child victim survivor, consent is not required from any person (including the child, a parent who is not a perpetrator or any other person) to share their information if it is relevant to assessing or managing the risk of family violence for a child victim survivor. However, information sharing entities must seek the views of child and adult victim survivors when sharing their information unless it is not safe, appropriate or reasonable to do so.

• Refer to Chapter 5 of the FVISS Guidelines for further information on seeking the views of adult and child victim survivors.
• Tips for a conversation with a child victim survivor or parent who is not a perpetrator can be found on the information sharing website.

Adult victim survivors and third parties: consent required

When assessing or managing risk to an adult victim survivor (where there is no child at risk), consent will be required from the victim survivor or a third party before their information can be shared under FVISS. However, their information may be shared without consent where the sharing of that information is necessary to lessen or prevent a serious threat to an individual’s life, health, safety or welfare.

Consent is also required to share information about a third party. A third party is any person whose confidential information is relevant to assessing or managing family violence risk who is not a victim survivor, perpetrator or alleged perpetrator. This could include previous partners of either party, friends, acquaintances, neighbours or associates of a victim survivor, perpetrator or alleged perpetrator.

• Refer to Chapter 4 of the FVISS Guidelines for more information on sharing information about adult victim survivors and third parties (where there is no child at risk).
• An example information sharing consent form (for adult victim survivors only) and Tips for a conversation for obtaining consent from an adult victim survivor can be found on the information sharing website.

Refer to Chapter 1 of the FVISS Guidelines for more information on consent thresholds.

Where consent is not required, information sharing entities should seek and take into account the views of child and adult victim survivors about information sharing if appropriate, safe and reasonable to do so.

It is a matter for information sharing entities to determine a process for obtaining consent and sharing with implied consent under FVISS.

This might include consent being obtained from requesting information sharing entities where the responding information sharing entity is not directly working with a person whose consent is required to share information.

Refer to Chapter 9 of the FVISS Guidelines for more information.

The information sharing schemes are designed to complement each other, to enable services to share information to respond to the range of needs and risks facing children and families. The Schemes align in a number of ways, including:

• broadly consistent information sharing entities and record keeping requirements
• similar protections for professionals who share information in good faith and with reasonable care
• prioritising children’s safety and victim survivor’s over any individual’s privacy

Information can be shared:

• under FVISS to assess and manage family violence risk, including to children
• under CISS to promote the wellbeing or safety of a child

Information sharing entities should be mindful that sharing information in the context of family violence may pose particular and complex risks for children and other family members. When considering sharing to promote child wellbeing or safety, information sharing entities should be alert to whether family violence risk may be present. When sharing information in a family violence context, information sharing entities should therefore take all reasonable steps to plan for and maximise the immediate and ongoing safety of children and all family members at risk of family violence. Information sharing should occur in accordance with a relevant safety plan.

When sharing under one Scheme, information sharing entities should consider whether sharing under the other Scheme may also be beneficial. For example, when sharing to assess or manage family violence risk, if there are children in the family the information sharing entity should consider whether additional information should be shared with other information sharing entities for child wellbeing or safety purposes beyond the assessment and management of family violence risk.

Refer to Chapter 3 of the CISS Guidelines for further information on the intersection between the two Schemes.

No, Commonwealth agencies and wholly interstate organisations are not prescribed under the Schemes.

Where information sharing entities share or request information from interstate or Commonwealth organisations, the Schemes will not be relevant. When sharing cross-border, information sharing entities should continue to use existing permissions for sharing information as well as their current practices for working with agencies in the neighbouring state. Interstate or Commonwealth entities should respond to requests for information in accordance with the laws of their own jurisdiction.

Refer to Chapter 4 of the CISS Guidelines and Chapter 2 of the FVISS Guidelines for more information.

All organisations and services should continue to share information as appropriate in accordance with other laws. The information sharing schemes do not impact on these other permissions to share, including privacy laws, workplace safety laws and the Children, Youth and Families Act 2005, for example.

The Schemes provide additional permissions for information sharing entities to share information with other information sharing entities for the purpose of family violence risk assessment and management or to promote the wellbeing or safety of a child or group of children, provided the relevant requirements are met.

Refer to Chapter 4 of the CISS Guidelines and Chapter 11 of the FVISS Guidelines.

Secrecy and confidentiality provisions continue to apply unless expressly overridden by the information sharing schemes. If another Act contains legal restrictions on the sharing of information and these provisions have not been expressly overridden under the Schemes, these restrictions will continue to apply to the sharing of that information.

Refer to Chapter 4 of the CISS Guidelines and Chapter 11 of the FVISS Guidelines for further information on the secrecy and confidentiality provisions in other laws that have been overridden by the Schemes.

Refer to MARAM for determining whether a family violence risk is serious.

The Office of the Victorian Information Commissioner and the Health Complaints Commissioner have also prepared guidance to assist services to determine whether information should be shared to lessen or prevent a serious risk under privacy laws. Please refer to the guidance from the Office of the Victorian Information Commissioner for further information.

Refer to Chapter 4 of the FVISS Guidelines for more information about the serious threat exception to victim survivor consent when sharing under FVISS.

The role of disability services in supporting the wellbeing and safety of children and families is recognised, however, neither the NDIS nor NDIA are prescribed as information sharing entities.

State provided and funded specialist forensic disability accommodation services are prescribed under the information sharing schemes. The Victorian Disability Worker Commission and the Disability Worker Registration Board of Victoria are also prescribed.

Offences and penalties may apply where information is shared unlawfully under the Schemes. However, a person who is authorised to share information under the Schemes, who acts in good faith and with reasonable care when sharing information will:

• not be held liable for any criminal, civil or disciplinary action for providing the information
• not be in breach of any code of professional ethics or considered to have departed from any accepted standards of professional conduct

This protection from liability applies only to individuals, not organisations.

Refer to Chapter 6 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines for further information.

Individuals should make any complaints about how the Schemes have been applied to them (including but not limited to breaches of their privacy) directly to the relevant information sharing entity in the first instance.

Information sharing entities should have procedures in place for dealing with complaints about the use of the Schemes and are required to keep records of complaints received, how they were resolved, and action taken if any.

If the individual is unsatisfied with the response of the information sharing entity, privacy complaints can be made to the relevant privacy regulator:

• The Office of the Victorian Information Commissioner (OVIC) when the complaint is related to personal information
  Website: www.ovic.vic.gov.au
  Telephone: 1300 006 842
• The Health Complaints Commissioner (HCC) when the complaint is related to health information.
  Website: www.hcc.vic.gov.au
  Telephone: 1300 582 113

When Commonwealth privacy law applies, complaints can be made to:

• The Office of the Australian Information Commissioner (OAIC)
  Website: www.oaic.gov.au
  Telephone: 1300 363 992

For further information on complaints, refer to Chapter 6 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines.

Information sharing entities should have procedures in place for dealing with complaints made in relation to the Schemes and should make these available. Information sharing entities should also keep records of any complaints.

If a complaint is received, the information sharing entity must record:

• the date the complaint was made and received
• the nature of the complaint
• any action that was taken to resolve the complaint
• any necessary action that has been taken to prevent or lessen the risk of further similar complaints by addressing the reasons for the complaint
• time taken to resolve the complaint
• if the information sharing entities was unable to resolve the complaint, any further action (if any) that was taken

For further information on complaints, refer to Chapter 6 of the CISS Guidelines and Chapter 12 of the FVISS Guidelines.

The Family Violence Multi-Agency Risk Assessment and Management Framework (MARAM) has been developed in response to recommendations 1-3 of the Royal Commission into Family Violence.

The MARAM Framework is embedded in law and policy, establishing the system architecture and accountability mechanisms required for a system-wide approach to and shared responsibility for family violence risk, including:

• MARAM Framework legislative instrument, established at Part 11 of the Family Violence Protection Act 2008
• Family Violence Protection (Information Sharing and Risk Management) Regulations 2018 prescribe Framework Organisations to the MARAM Framework.
• MARAM Framework policy document complements and provides further detail on the legislative instrument.

The MARAM Framework is structured through four ‘pillars’ that aim to establish a system-wide approach and shared responsibility for family violence risk assessment and management. These include:

• Shared understanding of family violence.
• Consistent and collaborative practice.
• Responsibilities for risk assessment and management.
• Systems, outcomes and continuous improvement.

A set of practice guides and supporting resources have been developed alongside the MARAM Framework to better support professionals. These can be found on the MARAM practice guides and resources page.

Find more information on the MARAM Framework.

Organisations will have been notified if they are prescribed to MARAM.

Organisations that are not prescribed in regulations are not precluded from using the MARAM Framework. The MARAM Framework is recommended to be used by all services that come into contact with individuals and families experiencing family violence.

Organisations due to be prescribed can begin aligning to the MARAM Framework and do not have to wait for the date of prescription.

Organisations and services prescribed under MARAM are required to align their policies, procedures, practice guidance and tools to MARAM. This is a legal obligation as recommended by the Royal Commission into Family Violence to support consistent and widespread use of the MARAM Framework across the many sectors involved in family violence risk assessment and management.

Implementation of MARAM will require significant culture change and system reform. This will take time and effort at all levels of the service system. As such, it is recognised that MARAM alignment is progressive and will take time.

Family Safety Victoria has developed alignment guidance materials to support organisations to determine what alignment activities to prioritise in their first year of prescription. This includes an organisational embedding guide and responsibilities decision guide available at the MARAM practice guides and resources page.

Useful starting documents for organisational leaders are:

• Organisation self-audit tool:

• MARAM responsibilities guide
• Executive briefing slides:

• MARAM alignment checklist:

• Decision guide for organisational leaders:

The MARAM Framework outlines four pillars, each with a description of a Framework requirement for organisations to align their policies, procedures, practice guidance and tools.

Framework Organisations are not expected to have aligned their policies, procedures, practice guidance and tools to the MARAM Framework from day one. Instead, it is acknowledged that MARAM alignment is progressive and will take time.

Guidance to support organisations to start aligning to MARAM can be found at the MARAM practice guides and resources page. This includes an organisational embedding guide that supports organisations to understand the MARAM responsibilities for risk assessment and management and MARAM practice guides including the victim survivor focused practice guides and the perpetrator focused practice guides.

A maturity model provides a set of stepped benchmarks against which organisations can compare their alignment progress. The maturity model was proposed early in the development of the MARAM Framework in recognition of the need to provide guidance to prescribed organisations as to their expected alignment pathway, noting that this would vary considerably across different sectors.

A maturity model recognises the importance of flexibility given the diverse group of prescribed organisations, each of whom have their own distinct challenges, levels of understanding of family violence, cultural attitudes, and workforce capability to respond to family violence risk. Whilst the maturity model will include measurable progress markers of alignment, the pathways toward these remain with the organisations themselves.

The maturity model is in development.

The MARAM practice guides support professionals to understand their relevant responsibilities under the MARAM Framework towards the identification, assessment and ongoing management of family violence risk as it relates to their specific roles. The MARAM Framework sets out 10 responsibilities for practice, and as such there are 10 responsibilities guide for each of these. There is also a Foundational Knowledge Guide. The practice guides are currently available by responsibility to work with victim survivors; practice guides for working with people who use violence are due for release in 2021.

Different practitioners will have different MARAM responsibilities. Organisations have a responsibility to determine which responsibilities apply and advise their staff members. Please refer to the MARAM responsibilities: decision guide to determine which responsibility applies to your organisation:

Foundation knowledge guide

The Foundation Knowledge Guide underpins all MARAM Responsibilities for practice. It outlines key elements of the MARAM Framework, the service system, the evidence-based family violence risk factors that underpin all levels of risk assessment practice and presentations of risk across different age groups and Aboriginal and diverse communities.

Responsibility 1: Respectful, sensitive and safe engagement

Responsibility 2: Identification of family violence risk

Responsibility 3: Intermediate risk assessments

Responsibility 4: Intermediate risk management

Responsibility 5: Secondary consultation and referral

Responsibility 6: Information sharing with other services

Responsibility 7: Comprehensive risk assessment

Responsibility 8: Comprehensive risk management and safety planning

Responsibility 9: Contribute to coordinated risk management

Responsibility 10: Collaborate for ongoing risk assessment and risk management

For more information on the MARAM practice guides, visit the MARAM practice guides and resources page.

MARAM tools have been developed for use in practice which are underpinned by the MARAM Framework evidence-based risk factors. The MARAM Framework assessment tools cover different stages and levels of assessment and build on each other.

Each tool asks more detailed questions or contains prompts to get more information about the behaviour used by the perpetrator, level of risk and protective factors. The questions in the tools are designed to identify if risk factors are present.

For adult victim survivors the tools available include:

• identification and screening
• brief risk assessment (which is for time-critical interventions and includes only serious risk factors associated with an increased likelihood of the victim survivor being killed or nearly killed, to assess the seriousness of risk and inform short term risk management)
• intermediate risk assessment
• comprehensive risk assessment

Each tool asks questions about risk specific to children and young people.

Tools for assessing perpetrator behaviour and an assessment tool for adolescents who use violence are also in development for 2021.

It is expected that professionals will use the tool that matches their level of training, expertise, and relevant MARAM Framework responsibilities. For example, the comprehensive tool will be used by specialist family violence practitioners.

Organisations may have embedded tools into existing processes, or may be use MARAM tools as designed.

All tools are available online at the MARAM practice guides and resources page.

An online system to host the MARAM assessment tools (Tools for Risk Assessment and Management or TRAM) is also available. Framework Organisations interested in using TRAM can contact the TRAM team at: tram@familysafety.vic.gov.au.

Information about training and resources to support implementation can be found on the training page of the information sharing website.

MARAM training is being rolled out and has been revised to enable online delivery. Professionals are to select the most appropriate training for their level of responsibility in responding to family violence risk based on their organisation and sector.

For more information on how to access MARAM training modules and what training to undertake, please see the training page of the information sharing and MARAM website.

Updates have been made to the Department of Education’s central Policies. To find more information, access the Child and Family Violence Sharing Schemes topic in the Policy Advice Library.

Government schools are expected to follow the Department of Education’s policy and guidance on requesting and sharing information under the Schemes.

Minor updates have been made to the following templates relating to government school policies:

• Health Care Needs Policy
• Child Safety Policy

Please refer to the School Policy Templates Portal for further information.

Government schools are expected to use the new Health Care Needs Policy and Child Safety Policy templates when they next review and update their local policies. Government schools may need to develop local processes or procedures to manage information sharing requests and should refer to the preparing for implementation section in the Policy Advice Library guidance for further information.

Catholic schools should refer to their Diocese for guidance on policies and procedures.

Independent schools can adapt the guidance from Policy Advice Library, the Information Sharing and Family Violence Reforms Toolkit and the Information Sharing and Family Violence Reforms Contextualised Guidance which are available on the Department of Education's PROTECT website.

These resources provide information to support the implementation of the information sharing schemes by education providers.

Early Childhood Education and Care Services should continue to follow provider level policies and procedures regarding sharing of information.

If you a member of a peak body such as Early Learning Association Australia or Community Child Care Association, these organisations may be able to assist in providing policy guidance and advice related to the Information Sharing Schemes.

If you are not a member of one of these organisations, you may wish to look at the advice available for Government Schools on the Policy Advice Library specifically for the Child and Family Violence Information Sharing Schemes.

The Library contains information regarding relevant policy updates, guidance documentation and resources to support the implementation of the reforms – while these policies are written with government schools in mind, they may provide a basis for adapted policies for education.

The Information Sharing and Family Violence Reforms Toolkit and the Information Sharing and Family Violence Reforms Contextualised Guidance, available on the Department of Education’s PROTECT website, provide information to support the implementation of the Schemes by education providers.

The Department of Health and the Royal Australian College of General Practitioners (RACGP) have developed the following resources to support general practitioners to use the information sharing schemes.

• Frequently Asked Questions – information sharing schemes
• Sharing information to support patients’ health and wellbeing - infographic

For any queries related to policy, implementation or training, or for technical issues with the online learning modules, please email CISandFVIS@education.vic.gov.au or contact us on 1800 549 646.

Please note our staff are not prescribed Information Sharing Entities (ISEs) under CISS or FVISS and therefore cannot share or receive identifiable information through these schemes

The CISS Guidelines and FVISS Guidelines are on the Information sharing guides, templates and tools page, under 'Familiarise yourself with the Ministerial Guidelines'.

Find resources related to the MARAM Framework on the MARAM practice guides and resources page.

Refer to the Information sharing schemes and the MARAM framework website for further resources and guidance.