Surrey authorities publicly named a five-month-old baby who died and his mother in a safeguarding review due to “human error”.
The LDRS* can exclusively reveal Surrey Safeguarding Children Partnership breached the anonymity of three family members by revealing their names, including the baby who died, in a document that was publicly available for nine months.
It outlined the tragic events leading up to the death of baby Acer (not his real name), a twin who was found lifeless in his baby bouncer in January 2021, after social services had been involved with his family for 14 years.
Simon Hart, independent chair of the Surrey Safeguarding Children Partnership, said the breach was “totally unacceptable” and that the partnership “sincerely apologises to those impacted by this error”.
He said the family had been informed, and were being supported.
The publicly-available review pointed to “a short-sighted decision”, “a lost opportunity” and “a lack of a coordinated approach by professionals” at various points in the family’s history. Near the end of the 32-page document, an appendix outlining the terms of reference broke the anonymity of the family and named the mother, the father and the baby.
LDRS found mother’s public Facebook profile from safeguarding report. The LDRS alerted Surrey County Council, one of three statutory safeguarding partners along with Surrey Police and NHS Surrey Heartlands Integrated Care Board, to the breach, leading to an urgent review of all other published reports.
The document had a date of August 2022, meaning the family’s details could have been in the public domain for as long as nine months by the time the breach was identified.
Mr Hart added an investigation had identified that despite going through a “thorough review process”, human error meant identifiable information was missed in the document appendices.
The LDRS was able to find a public Facebook profile appearing to belong to the mother in the family, in which she named her children, shared pictures of the twins and shared posts comparing social workers to snakes.
On alerting the county council to the breach, the LDRS made clear that no article would be published while the report was still in the public domain, in order to protect the identity of the family.
The partnership confirmed no other breaches had been found in published reports, and that staff were working “at pace” to add more steps to the review process for such documents before publication. Mr Hart also confirmed the partnership had referred itself to the Information Commissioner’s Office.
‘No other identifiable information in published reports’
Mr Hart’s full statement to the LDRS said: “On 26 May, we were notified of a data breach within a Surrey Safeguarding Children Partnership Local Child Safeguarding Practice Review report. Regrettably, the report – which should have been entirely anonymous – named three individuals in its appendices. This is totally unacceptable and the partnership sincerely apologises to those impacted by this error.
“As soon as we became aware of the data breach, we informed the affected family and will continue to provide them with appropriate support. We have urgently reviewed the SSCP website and can confirm that we have not found any other identifiable information in published reports. We have also referred ourselves to the Information Commissioner’s Office as per due process.
“We take this matter extremely seriously and a thorough investigation has identified that, although the document went through a thorough review process, human error resulted in identifiable information being missed in the document appendices. We are working at pace to add additional steps to our review processes to prevent this happening again.”
*[Epsom and Ewell’s BBC Partner – Local Democracy Reporting Service]
The full background story is HERE Child victim of Co-Vid constraints?