How can Service Coordinators protect participants’ privacy?
Coordinators will often collect sensitive information about ROSS program participants and must make every effort to protect participants’ privacy. Specific steps include storing sensitive information in a physically secure place (or in a secure electronic format), obtaining a proper signed release from all clients before releasing sensitive information, and conducting operations consistent with organizational written policies to ensure confidentiality.
Even so, a few scenarios may affect residents’ privacy. Participants should be made aware of these when they join the program through verbal communications and relevant language in resident Confidentiality Agreements that explain when information may be shared:
- The Service Coordinator is required to inform the proper authorities if the resident threatens to harm him- or herself or someone else. The intention to inflict harm is the only information that the Service Coordinator may share without the participant’s consent.
- The Service Coordinator is required to notify the appropriate authorities if he or she suspects the resident is being neglected or abused. Service Coordinators should contact Adult Protective Services or the local police in extreme or urgent situations and notify a supervisor.
- Interns and other aides who assist the Service Coordinator may have access to client files. These individuals may access files to assist with operation of the ROSS program, or while meeting with the resident to help with needed social services.
- HUD field office staff may have access to client files for auditing/project monitoring purposes. During these reviews, HUD staff only examine whether the files are complete, and whether paperwork is in order and up-to-date. HUD will not seek specific information about individual clients.
- Client data may be shared with a provider as part of a data-sharing partnership. In this case, no information will be shared without the resident’s permission.
When creating participant files, Service Coordinators are encouraged to create unique identifiers (IDs) for each program participant. By replacing participants’ names in their files with ID numbers, Service Coordinators can protect personally-identifiable information, or PII, when participant files are accessed by other PHA staff (as described above) or HUD staff. Service Coordinators should use these identifiers rather than residents’ names when using HUD’s tool to report on individual and household outcomes or in the case of an audit or monitoring visit.
Personally identifiable information
"The term ‘personally identifiable information’ [often shortened to PII] refers to information which can be used to distinguish or trace an individual's identity, such as their name, social security number, biometric records, etc. alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual, such as date and place of birth, mother’s maiden name, etc."From M-07-16: Memorandum for the Heads of Executive Departments and Agencies on Safeguarding Against and Responding to the Breach of Personally Identifiable Information