Child Protection Records

The Department of Education and Skills has developed Procedures on Child Protection for both primary and post-primary schools. A copy of these Procedures can be downloaded from  All schools are required to adhere in full to the Child Protection Procedures for Primary and Post-Primary Schools. The school management bodies are recommending the following practices in relation to ensuring that child protection records are maintained in compliance with data protection legislation:

Where a child protection issue arises in a school, the school management bodies advise that the school should always seek legal advice. It should be noted that the Child Protection Procedures state that legal advice should always be sought in any case involving an allegation against an employee. Any data protection implications that arise from a particular child protection matter should be considered with legal advice sought on the matter and the legal advice should include specific data protection advice. Any child protection reports made in good faith to a designated officer of the Tusla and An Garda Síochána will not breach data protection law as they are protected disclosures under Protection for Persons Reporting Child Abuse Act 1998. Anyone making a child protection report in good faith may have a defence to a claim of defamation where the report was made to a person who had a duty to receive (or interest in receiving) the information contained in the child protection report and the person making the report had a corresponding duty to communicate the information to such persons. This is called the defence of “qualified privilege” under the Defamation Act 2009.

Schools/ETBs are reminded of the provisions of the Criminal Justice (Withholding of Information on Offences Against Children and Vulnerable Persons) Act 2012, which creates the criminal offence of failing to report certain offences against children and vulnerable persons to An Garda Síochána.

All records relating to specific child protection issues (in other words records that involve specific individuals as distinct from general information) must (in the case of hard copy physical documents) be securely stored in a special purpose storage facility and in the case of soft copy/electronic records be kept in a password protected computer system using encryption. An appropriate level of encryption should be used for records relating to child protection and encryption is vital where such documentation is stored on laptops or other portable devices. Access should be restricted to those who need to have access to these records owing to their child protection role, (e.g.. the Designated Liaison Person (DLP) and in the absence of the DLP, the Deputy Designated Liaison Person (DDLP)).

While the control of these records should be confined to the above personnel, it is appreciated that others, such as the chairperson of the board of management or the CEO of the ETB may need to access or store additional documents in the secure storage facility/password protected computer system using an appropriate level of encryption, where such persons are addressing employment related matters that involve a child protection dimension.

School management should consult with their individual management body for recommended protocols which should be observed in relation to the storage of child protection records in a school.