Audit Objective
In this follow-up audit, we assessed whether the Department of Child Safety, Youth and Women has effectively implemented the recommendations we made in Managing child safety information (Report 17: 2014–15) to improve information sharing and security. We also assessed whether the actions taken have addressed the underlying issues that led to our recommendations in that report.
Overview
All organisations that provide services to vulnerable children and their families collect, record, maintain, and share a range of personal and sensitive information.
To provide the right services at the right time, organisations must collaborate and share information quickly, easily, and securely. However, they must also balance making information accessible when it is needed, to effectively protect and care for children and promote their wellbeing, with keeping it secure at all times.
Audit conclusions
The department has not effectively implemented all of the recommendations we made in Managing child safety information (Report 17: 2014–15). It has taken steps to implement the recommendations and to address some of the underlying issues. They have made progress in improving access to information but not in a holistic manner and security is still an area needing further work.
Through several initiatives, including implementing new information systems for collecting, recording, maintaining and sharing child safety information, the department has made accessing some information easier and more user-friendly for its own staff, non-government service providers and carers.
However, child safety information held across various parts of the family support and child protection system is still almost completely unintegrated. Automated information exchange between stakeholders, where it does occur, is limited. There are plans for making the most significant child safety system change—replacing the Integrated Client Management System (ICMS)—but it has not happened yet. This will involve considerable effort and investment.
The department has implemented more secure means of information exchange, but they are not well used by department staff. It needs to do more to safeguard the security of information in its systems and in how it exchanges information with non-government service providers.
At present, the considerable information available across organisations within the family support and child protection system is still not used as effectively as it could be to provide insights and improve outcomes for children in Queensland.