JAIBG Bulletin: Legal Issues

Legal Issues

Most agencies that collect data on juveniles must follow Federal, State, and local statutes, ordinances, resolutions, regulations, court orders, and legal opinions (Etten and Petrone, 1994). These laws, policies, and procedures address the collection, maintenance, and release of information. Before any interagency information-sharing program can begin operating, it is imperative that all parties to the partnership reveal anything that they think might interfere with their ability to share information. For example, potential partners should identify any laws that they think might impede their ability to share information between or among agencies. In some cases, both Federal and State legal barriers will limit the sharing of certain types of information without consent or a court order. It is important to stress that in most cases, however, there are no legal barriers to sharing information. Rather, policies associated with these laws, or the lack thereof, may have interfered with the sharing of information between agencies. Many of the legal or ethical concerns associated with the informal information sharing that is already taking place in many communities also can be overcome through the development of a simple consent procedure or a discussion with clients of the need to sometimes share limited amounts of confidential information (Soler, Shotton, and Bell, 1993).

The Federal and State statutes discussed below should be considered as information-sharing partnerships are being developed. However, it must be emphasized that all of these laws allow programs to share information. There are ways to appropriately share vital information within the legal limitations that exist, and policies can be changed to encourage interagency information sharing.

Federal Laws

Privacy Act of 1974.¹ This Act applies to all records regarding individuals that are collected by Federal agencies. It prohibits any Federal agency from disclosing, without consent, individually identifiable records maintained in a records system that can be retrieved by a person's name or identification number. Although the law does allow for disclosure of records without consent under limited circumstances, it does not authorize the parent or guardian of a minor to consent to disclosure of a minor's medical records. However, the minor can give consent to release records, and disclosure without consent is allowed to other government agencies for civil or criminal law enforcement purposes, in instances where the health or safety of the person is endangered, or by court order. Because information-sharing partnerships are intended to address civil or criminal law enforcement purposes and circumstances where the health and safety of the juvenile is endangered, information can be shared between government agencies. Where nongovernment agencies are part of the partnership or where none of the above-mentioned exceptions exist, a court order will allow for the sharing of this information. Thus, this Act need not present a major impediment to appropriate information sharing.

Correction of Youthful Offenders (1984).² This Act requires that records of juvenile delinquency proceedings in Federal district courts be safeguarded from disclosure to unauthorized persons except under a variety of circumstances that fit directly into the needs of an information-sharing program. These include inquiries from another court of law, agencies preparing presentence reports, investigative law enforcement agencies, treatment agencies assigned by a court, or a victim regarding disposition of his or her case. Thus, it is unlikely that this law will pose a barrier to the appropriate sharing of information.

Family Educational Rights and Privacy Act of 1974.³ The Family Educational Rights and Privacy Act (FERPA), also known as the "Buckley Amendment," applies to "educational agencies and institutions" that receive funds under any program administered by the U.S. Secretary of Education. This includes virtually every public elementary and secondary school and school district and also most postsecondary institutions in the United States. FERPA protects parents' and students' privacy interests in "education records" maintained by the agency or institution. ⁴ Parents or eligible students (those who are 18 years of age or attending postsecondary institutions) must provide a signed and dated written consent before an educational agency or institution may release personally identifiable information from a student's education records, except in conditions specified by statute.

There are several specific exceptions to the prior written consent rule under FERPA that may permit educational agencies and institutions to share information from the education records of at-risk or delinquent juveniles as part of a properly constructed information-sharing network. The most pertinent of these, the Juvenile Justice System Exception, permits nonconsensual disclosure to State and local officials or authorities to whom the information is specifically allowed to be reported or disclosed pursuant to a State statute if the reporting or disclosure concerns the juvenile justice system and its ability to effectively serve the student whose records are released.

Educational agencies and institutions may also release without consent personally identifiable information that has been designated as "directory information" in accordance with FERPA requirements. Directory information includes the student's name, address, date of birth, dates of attendance ("from and to" dates of enrollment), and other general information that is not considered an invasion of privacy if disclosed. However, directory information does not include a student's Social Security or other identification number. Also, parents and students have the right to refuse to allow agencies and institutions to disclose directory information without consent.

FERPA contains other exceptions for nonconsensual disclosure that may be of value in establishing an information-sharing program, including disclosures in connection with a health and safety emergency and in compliance with a judicial order or lawfully issued subpoena. Also, records of the law enforcement unit of an educational agency or institution that were created and maintained for the purpose of enforcing any Federal, State, or local laws are excluded from FERPA's definition of education records and, therefore, from the Act's protections against nonconsensual disclosure.

Juvenile Justice System Exception to FERPA

Under the Juvenile Justice System Exception, State legislators may authorize the sharing of student information between educational institutions and other youth-serving agencies without parental consent or the consent of an eligible student if four conditions are met:

The disclosure or reporting of the records must be to a State or local juvenile justice system agency (to be defined by the State legislation).
The disclosure must be based on a State statute authorizing the disclosure.
The State law was passed after November 19, 1974, and the allowed reporting or disclosure concerns the juvenile justice system's ability to effectively serve, prior to adjudication, the student whose records are released.
The State or local officials and authorities to whom such information is disclosed must certify in writing to the educational agency or institution that the information will not be disclosed to any other party except as provided under State law without the prior written consent of the parent of the student.

Once a State has authorized information sharing, FERPA requires that:

Schools maintain a record, kept with the education records of each student, that will indicate all individuals, agencies, or organizations that have requested or obtained access to a student's education records maintained by such educational agency or institution and that will indicate specifically the legitimate interest that each such person, agency, or organization has in obtaining this information.
Any agency that violates the disclosure limitations shall be prohibited from obtaining access to information from education records for a period of not less than 5 years.

Thus, FERPA allows for the sharing of information under a variety of circumstances—with parental or eligible student consent, by judicial order or subpoena, in accordance with a State statute that allows for sharing, or in a health and safety emergency—and should not pose a problem for the sharing of information from schools to other agencies participating in an information-sharing program. Furthermore, FERPA does not impede, in any way, a school from receiving information from any other participant in such a program.⁵

Computer Matching and Privacy Protection Act of 1988.⁶ This Act mandates that computer records can be disclosed only to a Federal agency in a computer-matching program except pursuant to a written agreement specifying the purpose for collection of the information and procedures for ensuring its security. This includes any item, collection, or grouping of information—educational, financial, medical, criminal, or occupational—identifying an individual that is maintained by a Federal agency. Other communications are allowable, including those pursuant to a court order, those for a government agency for civil or criminal law enforcement activity, and those for a person showing compelling circumstances of a risk to health or safety (Soler, Shotton, and Bell, 1993). Thus, as with the other Federal laws described here, this Act does not present a significant barrier to sharing information in an interagency partnership.

Comprehensive Alcohol Abuse and Alcoholism Prevention, Treatment and Rehabilitation Act (1970)⁷ and Drug Abuse and Treatment Act (1972).⁸ These Acts specifically apply to the confidentiality of patient records in alcohol or drug abuse programs receiving Federal assistance. The programs and practitioners covered by these Acts include but are not limited to treatment or rehabilitation programs, programs within general hospitals, school-based programs, and private practitioners who hold themselves out as providing alcohol or drug abuse diagnosis, treatment, or referral for treatment (42 CFR 2.12, 1998). These laws prohibit the release of patient record information, either verbally or in writing, except under limited circumstances.

Generally speaking, a program or practitioner cannot release any information, directly or indirectly, that identifies a person in the program and cannot acknowledge the presence of an individual in the program. But patient record information can be released under the following exceptions:

It will be used in internal communications between or among those with a legitimate interest who need the information in connection with their duties that arise out of the provision of diagnosis, treatment, or referral for treatment of alcohol or drug abuse if the communications are within the program or between a program and an entity that has direct administrative control over the program.

It relates to a medical emergency requiring assistance.

It relates to research or an audit of the program or service.

It relates to a crime on the premises involving drug use or a mental condition.

It relates to reports of suspected child abuse and neglect.

A court order has been obtained.

It will be used by qualified organizations providing services to the program.

Proper consent, by way of a criminal justice consent form, has been obtained from the individual in the program (in the case of a minor, the consent must be obtained from either the patient, the parents, or both). This consent must be in writing and must contain each of the following items:

The name and general description of the program(s) making the disclosure.
The name of the individual or organization that will receive the disclosure.
The name of the patient who is the subject of the disclosure.
The purpose or need for the disclosure.
How much and what kind of information will be disclosed.
A statement regarding revocation of consent.
The date, event, or condition upon which the consent will expire.
The signature of the patient.
The date on which the consent is signed.

The requirements regarding consent for the sharing of information among treatment programs and criminal justice agencies are somewhat unusual and strict but must be carefully followed. A general medical release form, or any consent form that does not contain all of the elements listed above, is not acceptable. Whenever possible, it is best to have a proper criminal justice system consent form signed by the defendant before he or she is referred to the treatment program. All disclosures, and especially those made pursuant to a consent form, must be limited to information that is necessary to accomplish the purpose for the disclosure (§ 2.13(a)). It would be improper to disclose everything in a defendant's file if the recipient of the information needs only one piece of information.

It is important to note that these two laws and regulations prohibit the use of information obtained from patient records to initiate or substantiate any criminal charges against a patient or to conduct any criminal investigation of a patient, regardless of the status of the person obtaining the information or of whether the information was obtained in accordance with these regulations (42 CFR § 2.12, 1998). Finally, if a patient's alcohol or drug abuse diagnosis, treatment, or referral for treatment is not provided by a program that is federally conducted, regulated, or supported, that patient's record is not covered by these regulations. It is, therefore, possible for an individual patient to benefit from Federal support yet not be covered by these confidentiality regulations, because the program in which the patient is enrolled is not federally assisted. The above-mentioned special exemptions for information under these Acts (especially the court order) should provide information-sharing programs with the tools necessary to obtain the information they need. Thus, these laws should not present a barrier to such a partnership.

Child Abuse Prevention and Treatment and Adoption Reform Act (1977). ⁹ This Act protects the confidentiality of children's records listed in the child protective services files of agencies that want to remain eligible for Federal funds. Under this Act, the right to confidentiality must be balanced with the need to ensure the accuracy and currency of the information. States may draft legislation complying with this Act that provides records access by (Etten and Petrone, 1994):

Local child protective services.
Law enforcement officers investigating reports of abuse or neglect.
Persons legally authorized to place children in protective custody.
Physicians, parents, guardians, or supervisory agencies.
Courts, so long as the review is limited to an in camera inspection.
Grand juries.

Moreover, consent by the child would also allow the release of this information.

In general, juvenile records relating to court dispositions, school information, child abuse, and drug/alcohol treatment can be released under specific circumstances to interested parties. In fact, almost all of these laws permit the sharing of information by obtaining the consent of the individual to whom the information pertains. Thus, Federal statutes provide sufficient flexibility to permit interagency information sharing in appropriate circumstances while protecting the confidentiality of juveniles and their families.

State Laws

In addition to Federal statutes that may impact the establishment and maintenance of interagency information-sharing networks, State statutes also must be considered. Each agency group interested in establishing this type of network will need to identify State laws that govern the collection, use, and dissemination of juvenile records by juvenile justice and other juvenile-related agencies. Specifically, these laws will include but may not be limited to those governing law enforcement records, school records (a State-level codification of FERPA), juvenile court records (legal and social), child protective services and other youth-serving agency records, and mental health records.

Some States treat juvenile court records as public information (see, for example, Washington Revised Code 12.50.050; 13.50.010). Other States permit access to court records only by the juvenile and agencies directly involved in the juvenile justice system. Most States use a method of conditional disclosure of juvenile court records in which a judge issues a court order that permits access to agencies that are not part of the juvenile justice system (see, for example, Pennsylvania Revised Code 6307; 6308). Most State codes do not address procedures for verbal exchanges of information and, for the most part, recognize the right of service providers to share confidential information verbally (Etten and Petrone, 1994).

In the past several years, many State legislatures have reconsidered their laws concerning juvenile records, making them more flexible in order to allow youth-serving agencies to comprehensively address juveniles who have committed serious or violent offenses. In fact, since 1992, 40 of the 50 State legislatures and the District of Columbia have made substantive changes to their laws relating to the confidentiality of juvenile records or proceedings (Torbet et al., 1996). Relevant statutes can be identified in a number of ways. The most efficient approach is to access either a Lexis/Nexis or Westlaw database¹⁰ in order to identify relevant State statutes through a keyword search. Alternatively, each State's codes are available in any law library. It will likely be most effective to assign a representative from the juvenile justice side of the partnership to determine which laws are relevant to the partnership.

Finally, in addition to identifying the statutes that impose legitimate constraints on establishing and maintaining interagency information-sharing programs, each group will need to identify policies that restrict or limit information sharing. Policies, while often based on laws, are much easier to change. After determining the applicable State laws in each of these areas, it is important to assess implementation policies and practices related to or derived from these laws to see if they inappropriately hinder the ability of agencies to share information with each other. In many instances, policy and practice, not laws, may impede the sharing of information. In either case, both law and policy may need to be changed to increase access to information.

1. 5 U.S.C. § 522 (a); 1 CFR § 425.1 et seq.

2. 18 U.S.C. �5038.

3. 20 U.S.C. § 1232g; 34 CFR Part 99.

4. Education records are defined as any information recorded in any way—including
    handwriting, print, computer media, video or audio tape, microfilm, and microfiche—that is
    directly related to a student and maintained by an educational agency or institution or by a
    party acting for the agency or institution.

5. OJJDP has published a guide to FERPA called Sharing Information: A Guide to the Family
Educational Rights and Privacy Act and Participation in Juvenile Justice Programs
(NCJ 163705).

6. 6 5 U.S.C. § 552a.

7. 42 U.S.C. § 4541 et seq.

8. 42 U.S.C. § 290dd-2; 42 CFR § 2.1 et seq.

9. 42 U.S.C. § 510a(b)(4); 45 CFR § 1350.14(j)

10. Lexis/Nexis and Westlaw are comprehensive online legal databases that provide access to
State and Federal legislation and case law and also other law-related documents.

Contents

Establishing and Maintaining Interagency Information Sharing

JAIBG Bulletin · March 2000