I am amazed as to how disfunctional the GDPR have become. So I welcome your roray into getting people to focus on reducing this as a barrier.
Why was GDPR brought in? When the regulations came in there was a fear that data in the public and private domain was going to be used commercially, and IT was causing data to be moved around in ways that were new. Then when it was written, people seem to regard the wording as some type of rule that must be obeyed to the letter of the extreme.
The reality is that people expect public sector services to share data about them that is relevant to each other. But we dont see it that way.
Also, lets take to Police as an example, its not so much bout data sharing that the public services need, its more to do with knowledge. So with the Police, in a shared hub, the sharing was not the data, but the answer to the question —
“I am going to this house tomorrow, what is your feedback?”
The answer could be one of,
“Two of you should go”
“There is something ongoing, cold you just write to them?”
“Dont go, leave them be”
So, I would suggest focus on knowledge and information.
So, in my work in the public sector, this legislation has been the cause of untold barriers to joined up working. None of what I see is anything to do with the original intent of the legislation, but the interpretation by people who see it as a rule on its own. Its not, and should not stop integrated working. Use risk analysis, and ask yourselves what the intention of the legislation is in this situation. Oh yes, and getting consent is very easy to do — it can be verbal and does not need signatures, etc.