Privacy Policy & Information Management

Client, staff, board and volunteer files managed by the agency will follow guidelines for collection, management, securing, destruction and transfer of information according to the standards employed by F.O.I.P. and individual contracts with funders. Completeness of Persons Served files will be monitored through the Quarterly File Reviews conducted by the Executive Director or designate and the data collection system tools. All files are monitored at least annually to complete licensing requirements and ensure data on file is up to date.  A tracking system tool to ensure compliance has been developed and must be utilized.  Staff files are reviewed annually based on the staff members anniversary date as the review is conducted in conjunction with the completion of the annual evaluation.

Access to Files/Data:

All file information is kept double locked (cabinet and office) in the designated office.  No information may be placed on employee personnel files that an employee would not have access to.  Employees are permitted access to their personal file by request to the Executive Director.   The Executive Director is permitted access to his or her personal file by request to the Board Chair.

Persons served files are also kept double locked in the designated office.  Persons served files may be accessed by all staff.  Current clients may have access to any information that is not 3rd party information.  FOIP procedures will be followed.  Requests must be made to the Executive Director.  Any discharged clients requesting information from agency files may make this request to the Executive Director if they were served within 7 years.  All client files will be destroyed after 7 years.

Should information need to be corrected or changed, the old information must be scratched through with one single line.  The author of the changes must initial at the beginning and end of the line.  Any changed or corrected information should also be highlighted on an Agency contact note. Blue or black pens are only to be used when making professional documentations.

It is Agency policy not to release any person served information to any other person(s) or institutions without the expressed written consent of persons served.

Maintenance of Data:

Client and staff files managed by the agency will follow guidelines for collection, management, securing, destruction and transfer of according to the standards employed by F.O.I.P.  Under no circumstances does this agency use audio or video recordings of clients. There will be a dedicated computer for professional use that is password protected and in a secured office. Electronic storage of client files is temporary and this information is transferred to memory sticks and kept with the hard copy of the client file.  The use of email with client related information must be password protected.  All file cabinets are locked and/or in a secured room.

Protection of Files/Data:

All client information is to be locked and secured both physically and electronically. It is agency policy that all documentation and records be reviewed by a supervisor to ensure accurate, consistent and complete data collection. Intake forms are used to compile accurate and complete information. By agency policy the dedicated work computer is equipped with a functioning fire wall and up-to-date anti-virus software. Client information on the hard drive is consistently backed up on memory sticks to protect the information from being lost. The dedicated computer is password protected.

Electronic Technologies:

By agency policy the dedicated work computers are equipped with a functioning fire wall and up-to-date anti-virus software. Client information on the hard drive is consistently backed up on memory sticks to protect the information from being lost. The dedicated computers are password protected. All electronic client content such as emails are stored on the dedicated password protected computers. Cell phones are utilized extensively; however, there is never any person served or confidential data stored on these devices. Text messages are deleted immediately after being read and at the conclusion of the cell phones life (contract) the device is destroyed by hammer and disposed of.  Only non-identifying data may be used in text messages.

Monitoring Equipment:

It is agency policy not to use audio or visual equipment in any circumstance at any time with clients of this agency.