Information Sharing With Families in Supported Living: Consent, Confidentiality and the MCA
Information sharing with families in supported living is one of the most common sources of operational risk. Providers must balance transparency and partnership with families against people’s legal rights to privacy, autonomy and control over their own information. This article sits within Working With Families, Advocates & Representatives and links directly to Supported Living Service Models & Best Practice, focusing on how lawful, consistent information-sharing is embedded in day-to-day delivery.
Where information sharing is poorly managed, providers face complaints, safeguarding escalation, placement instability and regulatory scrutiny. Where it is done well, families feel appropriately involved, people retain control, and staff have clear guidance they can apply confidently on shift.
Why information sharing requires a structured operational approach
Information sharing cannot be left to individual staff judgement alone. In supported living, multiple staff, shift patterns and emotional family relationships create high risk of inconsistency. Providers therefore need clear frameworks that translate legal principles into practical, repeatable actions.
The core risks include over-disclosure that breaches confidentiality, under-disclosure that damages trust or safety, and informal agreements that are not recorded or defensible. Inspectors and commissioners expect to see that information sharing is governed, reviewed and auditable.
Legal foundations staff must understand
Consent and autonomy
If a person has capacity to decide who their information is shared with, their wishes must be followed, even if families disagree. Consent should be specific, recorded and revisited rather than assumed.
Decision-specific capacity
Under the Mental Capacity Act, capacity is decision-specific and time-specific. Someone may have capacity to decide about routine updates but not about complex medical disclosures. Providers must evidence this reasoning.
Best interests and least restrictive practice
If a person lacks capacity, information sharing decisions must be made in their best interests, considering the least restrictive option and involving relevant people appropriately.
Operational controls that make information sharing safe
Information-sharing plans
Each person should have an information-sharing plan that clearly sets out who can be informed, what can be shared, how often updates occur and when escalation is required. This plan must be accessible to staff and reviewed regularly.
Defined roles and escalation
Providers should define which staff roles can share what information. Routine updates sit with keyworkers, while safeguarding, complaints or disputed consent decisions are escalated to management.
Recording and audit trails
Every significant information-sharing decision should be recorded with the rationale, consent or best-interests basis, and outcome. This protects both the person and the service.
Operational example 1: Managing frequent family update requests
Context: A parent requests daily updates about their adult child’s routines and decisions, despite the person expressing a wish for limited family involvement.
Support approach: Staff explore the person’s wishes and confirm capacity. An information-sharing plan is agreed, setting out weekly updates only.
Day-to-day delivery: Staff provide updates only at agreed times, log all contact attempts, and escalate repeated pressure to the manager.
Evidence of effectiveness: Reduced conflict, consistent staff responses, and clear records showing respect for the person’s autonomy.
Operational example 2: Withdrawal of consent following family conflict
Context: A person withdraws consent for a sibling to receive information after a dispute.
Support approach: Capacity is assessed and consent updated. Staff are briefed on revised boundaries.
Day-to-day delivery: Staff use agreed wording when declining to share information and log all interactions.
Evidence of effectiveness: Complaint responses reference clear consent decisions and consistent practice.
Operational example 3: Safeguarding and necessary disclosure
Context: A safeguarding concern arises where family involvement may increase risk.
Support approach: Managers assess capacity and best interests before sharing limited information.
Day-to-day delivery: Safeguarding procedures are followed with proportionate family notification.
Evidence of effectiveness: Safeguarding records demonstrate lawful, justified information sharing.
Commissioner expectation
Commissioner expectation: Providers must evidence structured, lawful information-sharing arrangements that support stable placements and reduce avoidable escalation.
Regulator expectation
Regulator / Inspector expectation (CQC): Inspectors expect clear consent processes, MCA-compliant decision-making and consistent staff understanding of confidentiality boundaries.
Latest from the knowledge hub
- Governance of Objects of Reference in Learning Disability Services
- Objects of Reference for Safeguarding in Learning Disability Services
- Objects of Reference for Positive Behaviour Support in Learning Disability Services
- Objects of Reference for Mealtime Communication in Learning Disability Services