Cal. Welf. & Inst. Code § 18961.5
(a) Notwithstanding any other law, any county may establish a computerized database system within that county to allow provider agencies, as defined in subdivision (h), to share identifying information, as specified in subdivision (c), regarding families at risk for child abuse or neglect for all of the following purposes:
(c) When a child or family has been identified as at risk for child abuse or neglect under this section, only the following information shall be entered into the system:
(h) For the purposes of this section, “provider agency” means any governmental or other agency that has as one of its purposes the prevention, identification, management, or treatment of child abuse or neglect. The provider agencies serving children and their families that may share information under this section shall include, but not be limited to, the following entities or service agencies:
(j)
(2)
(A) A computerized database system established pursuant to this subdivision may, in addition to the purposes specified in subdivision (a), share identifying information, as specified in subdivision (c), regarding families at risk for child abuse or neglect for research purposes, the intent of which is to identify ways to better serve these families and to prevent abuse and neglect. The counties may enter into a memorandum of understanding with a research entity for the research purposes. The memorandum of understanding shall include an information sharing agreement. Personal identifying information may only be shared upon approval by an institutional review board. The approval required under this paragraph shall include a review and determination that all of the following criteria have been satisfied:
(B) The institutional review board shall, at a minimum, accomplish all of the following as part of its review and approval of the research project for the purpose of protecting personal identifying information held in the databases established under this section: