Implementing New DV Policies for Northern Nevada CoC: Training Insights

vsp dv provider confidentiality policies n.w
1 / 44
Embed
Share

Gain insights into the latest DV policies and procedures implemented by the Northern Nevada Continuum of Care (CoC) through comprehensive training sessions. Explore vital topics such as data privacy, intake procedures for DV clients, and background on special populations.

  • DV policies
  • Northern Nevada CoC
  • Training insights
  • Special populations
rayaanacharya
stellare Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. VSP & DV Provider Confidentiality & Policies Northern Nevada Continuum of Care 12-29-2021

  2. Introductions Homebase has been working with Continuums of Care and homeless service providers throughout the country for three decades on eradicating homelessness. We help CoCs design and implement Housing First, Coordinated Entry, and other major system changes. Katricia Stewart, PhD Senior Policy Analyst Melissa Hong, JD-MBA Senior Staff Attorney

  3. Todays Agenda New Policies and Procedures Background on Special Populations Baseline Privacy Requirements Data Privacy, Collection, and Uses DV Implications CE Mainstream Access for Survivors Implications for VSPs and Additional Implications

  4. Why this training? Review and updates to DV-related policies and procedures HUD requirement for annual training Opportunity to ask questions

  5. New Policies and Procedures

  6. New Policies & Procedures: Intake & Data for DV Clients What is the same? What is new: Immediate referral to DV DV survivors can have intake survivor access point done at their initial point of access (any CE agency) DV access points can refer to other access points if the client Agencies should plan to conduct cannot be accommodated by intake for any DV client the DV system Additional privacy and confidentiality considerations This process was covered in-depth in the 12/16/21 training, Client Confidentiality & HMIS. Please contact CES lead for materials.

  7. Background on Special Populations

  8. Domestic Violence For the purpose of Coordinated Entry, the Northern Nevada CoC defines domestic violence for an individual as: dating violence, sexual assault, stalking, or other dangerous or life-threatening conditions that relate to violence against the individual that has either taken place within the individual s primary nighttime residence, or has made the individual afraid to return to their primary nighttime residence; and the individual has no other residence; and lacks the resources or support network to obtain other permanent housing.

  9. Human Trafficking According to HUD, DV includes victims of human trafficking. For the purpose of Coordinated Entry, the Northern Nevada CoC defines Human Trafficking for an individual as: exploitation of a person for the purpose of compelled labor or commercial sex acts that has either taken place within the individual s primary nighttime residence, or made the individual afraid to return to their primary nighttime residence; and the individual has no other residence; or the individual lacks the resources or support network to obtain other permanent housing.

  10. Fleeing Domestic Violence, Dating Violence, Sexual Assault, or Stalking When a household experiencing homelessness is identified as needing domestic violence (DV) services: Immediately referred to an Access Point designated for survivors of domestic violence. Household will have full access to the Coordinated Access processes in place for youth, families with minor children, and adults unaccompanied by minor children If the household does not wish to seek DV services: DV Access Point determines household seeking DV services is not eligible for or cannot be accommodated with existing resources: DV Access Point will refer the participant to an appropriate Access Point for youth, families with minor children, or adults unaccompanied by minor children.

  11. Emergency Transfer Allows survivors to move to another safe and available unit if they face an imminent threat of harm by remaining in their current unit. If a participant requests and is eligible for an Emergency Transfer, the housing provider should first attempt to move the participant to another unit within their program. If this is not possible, the participant will be prioritized for the next available and appropriate housing opening through Coordinated Entry.

  12. Baseline Privacy Requirements

  13. Baseline Requirements & Standards HUD requirements for CE process applies to VSPs and serving DV survivors CoC s privacy standards should be communicated via: Required to follow the baseline HMIS privacy requirements for all methods of data collection, use, and disclosure, including electronic, paper and verbal disclosures 1. CoC s Coordinated Entry Policies and Procedures; and 2. Privacy Notice Reminder: CoCs (and providers within them) are prohibited from denying services to participants if they refuse their data to be shared, unless federal statute requires so as a condition of program participation (HUD Coordinated Entry Notice: Sections II.B.12.c and II.B.13)

  14. Privacy Notice A privacy policy should be made available to anyone that asks for it Requirements: Must be posted on website (if program has one) Description of participant rights Participant options Must include note that policy may change at any time, and changes may affect data collected before the change Provider s responsibilities to protect PII How the provider will use and disclose the participant s information

  15. Data Collection & Privacy

  16. Non-DV Client vs. DV Client Data CES Policies & Procedures Non-DV Client Normal HMIS Profile Baseline Data and Technical Standards DV Client De-Identified HMIS Profile VAWA and additional data protection standards that override the baseline ROI (specific, time-limited) at every step of sharing PII Consent needed for any sharing of data, regardless of Privacy Notice General ROI for CES purposes Consent not needed for sharing outlined in the Privacy Notice

  17. Data Collection Requirements Data may be collected only when appropriate to services provided or required by law. Consent to data collection may be inferred by the circumstances of the collection, which must include a notice that generally explains the reasons for collecting this information. When required by law to collect information, providers are not required to seek participant consent. Participants may refuse to provide the information and still receive services, but the provider must ask. In all circumstances, providers should make data collection transparent by providing participants with a written copy of the privacy notice.

  18. Personally Identifiable Information (PII) A provider must collect PII by lawful and fair means and, where appropriate, with the knowledge or consent of the individual. The CoC Program Interim Rule Section 578.103(b) requires that records containing personally identifiable information (PII) are kept secure and confidential and the address of any family violence project not be made public. Programs are required to keep PII that is accurate, complete and timely. Programs are required to dispose of or de-identify data in records that have not been in current use for 7 years.

  19. PII (cont.) PII must have some measure of accessibility. Programs must allow individuals to inspect and have a copy of any PPI about the individual. Must consider requests to correct or complete information on an individual (not required to change it at their request). Instead, they may mark the information as inaccurate or incomplete, and may supplement it with additional information. Accountability for data collection. Programs should establish procedures for considering complaints, and staff should annually sign confidentiality pledges and agreements to follow the privacy policy. Documentation. HUD requires that a CoC program participant provide appropriate documentation of the original incident of domestic violence, dating violence, sexual assault, or stalking, and any evidence of the current imminent threat of harm. Please see 24 CFR 578.103(a)(5).

  20. HMIS & Data Security Data needs to be stored and transmitted with some security. Users that access the HMIS system must do so with usernames and passwords. Computers must be staffed or have password protected screen savers. Data transmitted over public networks should be encrypted. Alternatives to HMIS. When a CoC uses a system other than HMIS to record information from a coordinated entry process, it must meet HUD s requirements regarding Coordinated Entry Systems (24 CFR 578.7(a)(8), Section II.A, and any subsequent HUD Notices on the topic) and be compliant with HUD s HMIS Privacy and Security Notice or any future regulations that update the requirements therein. If the recipient or subrecipient is a victim services provider, or a legal services provider, it may use Continuum of Care funds to establish and operate a comparable database that complies with HUD s HMIS requirements. Please see 24 CFR 578.57(a)(3).

  21. HMIS & Data Security (cont.) Refusal to have information entered into HMIS. All households, regardless of their DV status, have the right to refuse to share their information among providers within the CoC. However, some information may be required by the project, or by public or private funders to determine eligibility for housing or services, or to assess needed services, so it must be collected. In cases where a client does NOT consent to having their information shared, the information must still be collected by the service providers to determine whether the individual or family is eligible, but it must not be shared via the HMIS if the program participant objects. For instance, if a provider needs to verify the presence of a disability in the process of determining eligibility for PSH, the information itself must be collected but not shared via HMIS.

  22. Data Uses & Disclosures Uses and disclosures are either: Required (e.g., providing a copy) Permitted (to provide services, reporting to funders, etc.), or Prohibited by other federal, state or local law (e.g., VAWA). The provider s uses (internal) and disclosures (external) of collected information must be stated in the Privacy Notice. Uses and disclosures not listed in the privacy notice require the participant s consent. VSPs and those serving DV clients have prohibited disclosures based on VAWA that override HUD permitted disclosures. Clients who are DV survivors require ROIs for any release of information, regardless of HUD-allowed sharing of PII or data, and regardless of what is listed in the Privacy Notice.

  23. Data Uses & Disclosures (cont.) HUD gives mainstream providers authority for the following uses and disclosures (no consent needed*, must be in Privacy Notice). Providing or coordinating services to an individual Creating de-identified client records from PII Carrying out administrative functions (e.g., legal, audit, personnel, oversight, management) Functions related to payment or reimbursement for services Providers are allowed (or required) to disclose information in the following ways (no consent needed*, must be in Privacy Notice). Uses and disclosures required by law Uses and disclosures to avert a serious threat to health or safety Uses and disclosures for research purposes Uses and disclosures for law enforcement purposes. *Please note, entities covered by VAWA have stricter protections for sharing PII.

  24. CES Uses & Disclosures Specific CE activities can be enhanced if PII is disclosed among CE providers these are covered under the permitted use and disclosure: to provide or coordinate services to an individual. Disclosing information to multiple CE providers that are assisting to connect the individuals to appropriate resources and services. Use and disclosure for coordinating care. Disclosing assessment data can help staff determine the placement of an individual on a prioritization list and if needed develop a safe sheltering plan while the individual is waiting for placement into permanent housing. Use and disclosure to determining client prioritization for housing. Disclosing client information can help match a person to the right resource and potentially create multiple referral options. Use and disclosure for making referrals. HMIS can be used to build a single participant record that contains information through the CE process from access to project enrollment. Use and disclosure for determining participant progress.

  25. Uses & Disclosures Requiring Consent Authorization Forms are required for both uses and disclosures of PII that are (1) not required or permittedper HUD s 2004 HMIS Data and Technical Standards, OR (2) if the client is a DV survivor and does not have PII in HMIS. This should occur if the CoC identifies uses or disclosures that are necessary to make the CE process operate effectively and efficiently, yet those uses and disclosures are not permitted without consent per HUD s 2004 HMIS Data and Technical Standards. Release of Information (ROI) ROIs are commonly used as an authorization form to gain consent for disclosures, but they might not include uses. Use ROIs as required by the CoC.

  26. Non-DV Client vs. DV Client Data CES Policies & Procedures Non-DV Client Normal HMIS Profile Baseline Data and Technical Standards DV Client De-Identified HMIS Profile VAWA and additional data protection standards that override the baseline ROI (specific, time-limited) at every step of sharing PII Consent needed for any sharing of data, regardless of Privacy Notice General ROI for CES purposes Consent not needed for sharing outlined in the Privacy Notice

  27. Domestic Violence / Survivor Considerations for CE Access

  28. VAWA & Data Entry into the CES raises serious privacy concerns for those fleeing domestic violence. Legal confidentiality could be compromised by turning over information. A system that tracks people as they move from shelter to shelter would allow an abuser to locate a fleeing victim. Identifying or demographic information being leaked could allow for the leak of the identities of those seeking services in domestic violence shelters. Implication: Risk to survivors if abusers gain access to the personal information of clients. Domestic violence advocates have noticed the phenomenon of "separation violence" -- meaning that an abuser is more dangerous and likely to lash out when a survivor is taking steps towards independence. Flight from an abusive home into a shelter is such a separation. Therefore, confidentiality is paramount.

  29. VAWA & Data (cont.) Confidentiality of the data can be breached in various ways. The rules permit disclosures to oral law enforcement requests, which facilitates impostors pretexting the data. The technical standards do not require that data disclosures be logged, which limits the ability to track these impostors. Insider fraud in law enforcement agencies. Data is shared among other programs in the CoC. An insider in another program can thus also breach confidentiality innocently -- if they fall prey to pretexting -- or maliciously via fraud.

  30. VAWA & Data (cont..) Identification in supposedly de-identified data may create risks that data collectors do not see. Though the clarification exempts submission of name, SSN and address, other universal data elements can serve to identify individuals, a birthday, zip code and gender may be enough to identify someone. Please see the training from 12/16/21 on what de-identified information goes into HMIS. Identification via demographics could be even easier in certain contexts. In some small communities, a demographic description including gender, children's information, zip code, ethnicity and age may be able to identify an individual. They may not identify the individual to a statistician, or an employee of the program, but an abuser searching for their victim will know what patterns to look for.

  31. VAWA & Data (cont) The baseline privacy standards permit data collection under a model of "inferred consent." The practice of inferring consent to data collection means that domestic violence survivors will be giving up data in fear that if they do not, they will not receive shelter, and thus their data will be entered into the HMIS. VAWA 2005 included changes to the collection of data from domestic violence service providers for HMIS. e.g., Survivor PII cannot be entered directly into HMIS. Based on VAWA, PII can only be disclosed if: (1) When the victim provides written, informed, and reasonably time- limited consent to the release of information ( a release ) (2) When a statute compels that the information be released (3) When a court compels that the information be released.

  32. VAWA & ROIs With a signed ROI from a survivor, what information can a VSP share with the COC? (Continued on next slide) A VSP may share personally identifying information of a survivor if it has obtained consent from the survivor. The consent must be informed, written, and reasonably time-limited. This requirement is provided in both VAWA 42 U.S.C. 13925(b)(2)and FVPSA 42 USC 10406(c)(5). The language in both statutes parallel one another. This release of information is distinct from the ROI used for other clients. VSPs must obtain consent from the client when sharing their PII instead of using a blanket ROI to share their information anytime. It is best practice to obtain a new ROI when new information is being shared or information is shared with a new agency.

  33. VAWA & ROIs (cont.) With a signed ROI from a survivor, what information can a VSP share with the COC? (Continued from previous slide) The consent must be informed. This means that the VSPs must let the client know what specific information is being shared and the method for sharing the information (e.g., email, phone, dropbox, etc.). By sharing the method of communication with the survivor, they are made aware of the risks associated with each method. Survivors may choose to allow one method and deny another based on their comfort level. The consent must be reasonably time-limited. The ROI should have an expiration date. What is reasonable will depend on the specific circumstances. In general, a release should not be more than 15-30 days. The survivor may authorize that the release is extended.

  34. Non-DV Client vs. DV Client Data CES Policies & Procedures Non-DV Client Normal HMIS Profile Baseline Data and Technical Standards DV Client De-Identified HMIS Profile VAWA and additional data protection standards that override the baseline ROI (specific, time-limited) at every step of sharing PII Consent needed for any sharing of data, regardless of Privacy Notice General ROI for CES purposes Consent not needed for sharing outlined in the Privacy Notice

  35. CES Mainstream Access for Survivors Through an informed consent process, the VSP should ensure the survivor understands the related risks and potential benefits of having their name listed in the system and how this may impact their safety plan. It is also important for the mainstream coordinated entry point to have cross-training from VSPs so that they can establish trauma-informed protocols that support domestic violence survivors who opt-into mainstream coordinated entry and HMIS. Informed Consent Mainstream agencies and CoCs can request trainings from VSPs or their state domestic violence coalitions on trauma-informed domestic violence screening, assessments, and safety planning while assisting DV survivors with their housing search. This is recommended to address any safety concerns that may arise for a domestic violence survivor who was referred by a VSP or who came directly from the community at large. Training

  36. CES Mainstream Access (cont.) Individuals and families who are fleeing, or attempting to flee, domestic violence, dating violence, sexual assault, or stalking must have access to referrals to the CoC s coordinated entry system and to an alternative coordinated entry system operated by victim service providers if both exist in the CoC. Access to Alternate Systems If a household is determined to be at risk of harm when an assessment is being conducted, then CES staff should refer the household to a VSP using referral criteria established for that community based on system design, program capacity, resource limitations, and placement and geography considerations. Entry and Assessment The CES should ensure that, at any CES access point, survivors have options for safe assessment, including: full privacy, confidentiality, and being immediately referred to DV services if that is what the survivor wants. Safe Assessment Options

  37. CES Mainstream Access (cont..) If a victim chooses to be enrolled in a CoC- or ESG-funded non- victim services provider program, that victim must be asked to consent to the waiving of their VAWA rights to having all of their data exempt from HMIS data entry. Consent to Data Entry Per continued guidance set forth by HUD, any individual has a right to refuse to share personally identifying information and must still have access to homelessness and housing resources. If the individual chooses this option, the CE intake worker should be able to work with the individual to enter an anonymous entry. Opt-out Options

  38. Implications for VSPs and Additional Considerations

  39. VSP Implications DV providers are prohibited from entering PII into HMIS Must follow the new process for entering de-identified information. DV survivors must have SAFE access to the coordinated entry process. May be through a separate access point and assessment tool Safety and confidentiality are essential when sharing data or referring clients All data use and disclosure policies and procedures should be developed to ensure that regardless of where the household fleeing domestic violence presents for service, safe and equal access to homeless services and housing programs is provided while protecting their information. NNEDV resource: https://nnedv.org/mdocs-posts/coordinated-entry-confidentiality-requirements-in-practice

  40. Considerations Some Victim Service Providers (VSP) in the community have a more specific definition of Domestic Violence that impacts their eligibility criteria. For any client identifying as fleeing or a survivor of DV, the provider must uphold all privacy and confidentiality guidelines and follow all policies and procedures related to DV survivors outlined in the Coordinated Entry Policies and Procedures.

  41. Key Takeaways Review the CoC Privacy Notice and your agency s Privacy Notice to ensure they include all required elements. Place a sign at data collection points explaining why information is being collected and how to obtain the CoC s privacy notice. Include the participant s rights, the ways in which information may be used or disclosed (without written consent), a list of situations in which consent is required, the provider s responsibility to protect and secure participant information, and how the notice can be amended. Be proactive and give the participant a copy of the privacy notice. Ensure your agency and all staff are up-to-date on protections and safety for DV survivors. Review the extra resources provided in this presentation (last two slides). Review the CES Policies and Procedures to ensure you are compliant. Give feedback to your CES Lead about what is or isn t working and how the CoC can better protect DV survivor safety.

  42. Key Rules, Regulations, and Privacy Fundamentals HUD HMIS Data Technical Standards Establishes standards for collecting, using, and disclosing data in HMIS Violence Against Women Act (VAWA), Family Violence Prevention Services Act (FVPSA), and Victims of Crime Act (VOCA) VAWA contains strong, legally codified confidentiality provisions that limit Victim Service Providers from sharing, disclosing, or revealing personally identifying information (PII) into shared databases like HMIS Serving survivors through Coordinated Entry Safe and confidential access to the CE process Safety planning Emergency transfer services Trauma-informed care Health Insurance Portability and Accountability Act (HIPAA) Governs how health care providers, health care clearinghouses, and health plans disclose data Privacy Act (5 U.S.C. 552a) Requires written consent to disclose client records

  43. Resources HUD CE Management and Data Guide (See chapter 2) HUD s VAWA Notice Privacy and DV Survivors National Network to End Domestic Violence (NNEDV) CE Confidentiality Requirements in Practice Coordinated Entry (CE) and Victim Service Providers FAQ. This FAQ responses to questions about the coordinated entry process and how it relates to victim service providers for CoCs. Coordinated Entry Process FAQ: A Resource for Domestic Service Providers. This FAQ has been developed by the Domestic Violence and Housing Technical Assistance Consortium to respond to questions received from domestic violence service providers regarding CE. NASH: Safety and Coordinated Entry with Domestic ViolenceSurvivors. Presentation from the National Alliance for Safe Housing that reviews the federal requirements for coordinated entry related to serving survivors of domestic violence. DVHTAC Presentation: Coordinated Entry, What DV and SA Programs Need to Know. Presentation that reviews: the federal requirements for CES related to serving survivors of domestic violence; the types of CE, including parallel DV CE; shares resources; and discusses how to ensure safety and confidentiality for survivors accessing CE. Frequently Asked Questions (FAQs) on the VAWA Confidentiality Provision (34 U.S.C. 12291(b)(2)) FAQ on Confidentiality Releases

  44. Questions?

Related


Safeguarding Focal Point Training: Person-Centered Approach and Confidentiality

Safeguarding Focal Point Training: Person-Centered Approach and Confidentiality

simone
Equal Opportunity and Title IX Hearing Panel Training

Equal Opportunity and Title IX Hearing Panel Training

colm
Provider Training Programs for Event Management Alignment

Provider Training Programs for Event Management Alignment

krish
New York State Address Confidentiality Program: Application Assistance Provider Tutorial

New York State Address Confidentiality Program: Application Assistance Provider Tutorial

maxim
Entry-Level Driver Training (ELDT) Requirements

Entry-Level Driver Training (ELDT) Requirements

kitty
Importance of Confidentiality in Shelter Monitoring Committee Training

Importance of Confidentiality in Shelter Monitoring Committee Training

teal
Atholton Elementary - Parent Volunteers and Confidentiality Training

Atholton Elementary - Parent Volunteers and Confidentiality Training

valley
Ensuring Client Privacy and Confidentiality in Antiretroviral Therapy Distribution

Ensuring Client Privacy and Confidentiality in Antiretroviral Therapy Distribution

issac
ACBCYW Provider Ad Hoc Workgroup Report - February 2020

ACBCYW Provider Ad Hoc Workgroup Report - February 2020

esa
Information Security Policies for Effective Cybersecurity

Information Security Policies for Effective Cybersecurity

ritenour_s
Health Records Confidentiality and Legal Protections

Health Records Confidentiality and Legal Protections

macint
Informed Consent and Confidentiality in Research

Informed Consent and Confidentiality in Research

berntsen_p
Confidentiality and Disputant Participation in NSW Legal Culture

Confidentiality and Disputant Participation in NSW Legal Culture

brud773
Legal Privilege and Confidentiality in the Legal System

Legal Privilege and Confidentiality in the Legal System

abub_3
Medical Confidentiality and Ethics

Medical Confidentiality and Ethics

lewi_5
Confidentiality in Information Sharing

Confidentiality in Information Sharing

duwayne
Information Security and Confidentiality Measures

Information Security and Confidentiality Measures

aitz556
MIYHS Teacher Training: Importance of Confidentiality and Consent

MIYHS Teacher Training: Importance of Confidentiality and Consent

alis_35
Revsyntech Managed Service Provider, IT Solutions, Best Managed Service Provide

Revsyntech Managed Service Provider, IT Solutions, Best Managed Service Provide

Roger1
Medical Confidentiality and Ethics

Medical Confidentiality and Ethics

ravenell_k
The Role of Unlicensed Assistive Personnel in School Health Rooms

The Role of Unlicensed Assistive Personnel in School Health Rooms

mmayn
Parent Volunteer Training at Running Brook Elementary School

Parent Volunteer Training at Running Brook Elementary School

ehad

More Related Content