Induction
Professional conduct, privacy, and policy responsibilities

Privacy, confidentiality, and record keeping

Complete & Continue Next Lesson Learn More

QA1, QA2, QA4, QA6, and QA7

Privacy, confidentiality, and record keeping

Privacy and accurate records protect children, families, staff, and NERPSA. Information must be handled carefully, respectfully, securely, and only for proper service purposes.

Confidential information

Information must be treated with care

Staff may access information about children, families, colleagues, health needs, incidents, enrolments, learning, behaviour, child safety concerns, family circumstances, medical conditions, employment matters, and service operations.

This information must only be accessed, used, discussed, recorded, stored, or shared for a legitimate service, safety, legal, regulatory, or organisational reason.

Privacy

Only access what you need

Staff should only access information needed for their role or for a clear child safety, service, legal, regulatory, or organisational purpose.

Confidentiality

Do not share casually

Confidential information must not be discussed in public areas, with people who do not need to know, or outside approved NERPSA processes.

Records

Keep records factual

Records should be accurate, respectful, timely, objective, and stored in the correct place.

Before sharing or recording information

Think first

Privacy decisions happen in everyday moments

Staff may need to record or share information as part of daily work. This can include child information, family information, medical information, incident records, enrolment details, staff information, child safety concerns, learning documentation, attendance records, or service records.

Before information is shared, discussed, emailed, uploaded, printed, stored, recorded, or accessed, staff should check whether the action is necessary, appropriate, secure, and consistent with NERPSA procedure.

Is there a clear service, safety, legal, regulatory, or organisational reason?
Does this person need the information for their role?
Is the information accurate, necessary, and respectful?
Am I using an approved NERPSA system, form, platform, or pathway?
Could the information be shared more privately or securely?
Should I pause and ask before proceeding?

If you are unsure, pause

If you are unsure whether information can be shared, where it should be stored, who should access it, or how it should be recorded, seek guidance before proceeding.

Quick guide

Privacy and record keeping guide

Open this guide for practical checks before discussing, sharing, emailing, uploading, printing, storing, or recording information.

Open NERPSA Privacy Policy

Privacy and record keeping guide

Before sharing information, check

  • Is there a clear service, safety, legal, regulatory, or organisational reason?
  • Does this person need the information for their role?
  • Am I using an approved NERPSA system or pathway?
  • Is the information accurate and necessary?
  • Could this be shared in a more private or secure way?

Before recording information, check

  • Is the record factual and objective?
  • Have I recorded what was seen, heard, said, reported, and done?
  • Have I avoided assumptions, blame, gossip, emotion, and unnecessary personal detail?
  • Am I using the correct NERPSA form, platform, or record?
  • Does the record need to be made promptly?

Avoid informal sharing

Do not discuss private information in hallways, public areas, social settings, personal messages, social media, personal email, or with people who do not need to know.

Use approved systems

Do not store service information, child information, photos, records, or documents on personal devices, personal cloud storage, personal email, USBs, or informal messaging apps.

Privacy in practice

Use approved systems

Use NERPSA-approved systems, forms, platforms, and storage locations for service information, records, child information, family information, and staff information.

Limit access

Only access or share information where it is needed for your role, child safety, service operation, legal obligations, or approved organisational purposes.

Choose the right place

Do not discuss private information in public areas, shared spaces, hallways, social settings, or anywhere it may be overheard.

Be careful with digital information

Do not send child, family, staff, or service information to personal email, personal devices, personal cloud storage, or informal messaging apps.

Record keeping

Factual records

Records need to be accurate, timely, and clear

Records help NERPSA meet legal, regulatory, child safety, employment, service management, and quality requirements. They also help staff communicate clearly and make safe decisions.

Records should be factual, timely, objective, respectful, and stored in the correct place. Record what was seen, heard, said, reported, and done. Avoid assumptions, blame, gossip, labels, emotion, or unnecessary personal comments.

Child safety records

Records support child safety and lawful decision-making

Records are not just paperwork. They help protect children, families, staff, and NERPSA by showing what happened, what was known, what action was taken, who was told, and what needs to happen next.

Staff may need to complete or contribute to records about:

child attendance;
delivery and collection;
authorised nominees;
court orders or parenting arrangements;
incidents, injuries, trauma, and illness;
medication;
medical conditions;
sleep and rest;
child safety concerns;
disclosures;
complaints;
behaviour or supervision concerns;
excursions, transport, and safe arrival;
visitors, students, volunteers, and external providers;
staff records and training evidence.

Use the correct record

Staff must not keep informal child records in personal notebooks, personal phones, personal emails, private cloud storage, or messaging apps.

Examples

Records may include

  • enrolment and authorisation information;
  • attendance, delivery, and collection records;
  • incident, injury, trauma, and illness records;
  • medication and medical condition records;
  • child safety concerns, complaints, and related actions;
  • staff, volunteer, and student records where required.
Storage

Store records securely

Records must be stored safely and securely. Staff should not leave records where they can be accessed by people who do not need them.

Printed records, digital files, forms, photos, and notes must be handled according to NERPSA procedure.

Factual language

Objective records

Write what was seen, heard, said, reported, and done

Good records are clear, respectful, and factual. They separate observable information from assumptions, opinions, explanations, or blame.

This is especially important for child safety concerns, incidents, complaints, illness, injuries, behaviour, family communication, medical information, and staff or service matters.

Less helpful

“The parent was angry and rude and did not care about the policy.”

More factual

“The parent raised their voice and said, ‘I do not agree with this process.’ The educator asked the parent to speak with the Nominated Supervisor.”

Information sharing and child safety

Need to know

Confidentiality does not mean keeping safety concerns secret

Confidentiality is important, but it must not prevent staff from reporting child safety concerns, family violence concerns, reportable conduct concerns, unsafe practice, incidents, legal matters, or regulatory matters through the correct pathway.

Child safety information must be shared carefully, respectfully, and only with people who need it for child safety, legal, regulatory, reporting, investigation, service management, or support purposes.

Escalate promptly

Do not keep child safety concerns to yourself

If information relates to a child safety concern, disclosure, suspected harm, family violence, concerning adult behaviour, serious incident, privacy breach, or immediate risk, follow the correct NERPSA reporting pathway promptly.

Escalation guide

When information must be escalated

Some information needs to be escalated promptly so the right people can respond, support, report, investigate, or manage risk.

When information must be escalated

Escalate promptly if information relates to:

  • child safety;
  • suspected harm, abuse, neglect, or family violence;
  • concerning adult conduct;
  • injury, illness, trauma, or medical concern;
  • privacy breach;
  • unauthorised collection or court order issue;
  • missing child or unaccounted-for child;
  • supervision or ratio concern;
  • unsafe environment;
  • complaint or family concern;
  • behaviour that may breach the Code of Conduct.

Share only with people who need it

Information must only be shared with people who need it for child safety, legal, regulatory, service management, investigation, reporting, or support purposes.

Do not investigate yourself

If the matter relates to harm, abuse, family violence, reportable conduct, or concerning adult behaviour, follow NERPSA pathways. Do not investigate, confront, promise secrecy, or delay reporting.

Keep records factual

Record what was seen, heard, said, reported, and done. Avoid assumptions, opinions, unnecessary detail, or blame.

If you are unsure

Pause and check

Ask before sharing or storing information in the wrong place

If you are unsure whether to access, share, record, store, print, email, upload, retain, or delete information, pause and check the correct process.

Do not create your own records, save information to personal devices, forward information to personal accounts, or share information informally because it feels quicker.

NERPSA policies connected to this section

Policy connection

Policies that support privacy and records

Key connected policies include Privacy and Confidentiality, Child Safe Environment and Wellbeing, Code of Conduct, Safe Use of Digital Technologies and Online Environments, Compliments and Complaints, Incident, Injury, Trauma and Illness, Delivery and Collection of Children, Safe Arrival of Children, Excursions and Service Events, Dealing with Medical Conditions, Medication Administration, and Staffing.

These policies support decisions about confidential information, child and family records, staff information, digital files, photos, complaints, incidents, child safety information, attendance, authorised nominees, court orders, delivery and collection, excursions, transport, safe arrival records, and staff records.

Useful resources

NERPSA Privacy and Confidentiality

Current NERPSA Privacy and Confidentiality Policy.

Open policy

NERPSA Safe Use of Digital Technologies

Current NERPSA policy for digital technologies and online environments.

Open policy

NERPSA Child Safe Environment

Current NERPSA child safe environment and wellbeing policy.

Open policy

NERPSA policies

Current NERPSA service policies and procedures.

Open policies
Required induction activity

Think before sharing information

Choose one type of confidential information you may come across in your role, such as child information, family information, medical information, incident records, enrolment details, staff information, child safety concerns, or learning documentation.

Think about where it should be stored, who should access it, how it should be recorded, and what you would do if you were unsure whether it could be shared.

Optional extension activities

  • Think about why accurate, factual, respectful, and confidential records matter. Consider the risks of informal sharing, personal devices, personal email, assumptions, unnecessary detail, or discussing private information with someone who does not need to know.
  • Rewrite a hypothetical record from informal language into factual language. Remove assumptions, blame, emotion, unnecessary detail, and opinions. Keep only what was seen, heard, said, reported, and done.

Privacy is part of professional trust

Careful handling of information protects children, families, staff, and NERPSA. Access information only when needed, keep records factual, use approved systems, and ask before sharing or storing information in the wrong place.