Loading...
Agenda 01/14/2014 Item # 16D 5 1/14/2014 16.D.5. EXECUTIVE SUMMARY Recommendation to approve the"Agency HMIS Agreement" between Collier County and Catholic Charities Diocese of Venice, Inc. d/b/a Catholic Charities of Collier County, as the lead agency for the Homeless Management Information System web database ClientTrack and authorize the County Manager or designee to sign an HMIS Background Check Agreement with each County staff user. OBJECTIVE: To enter into this written agreement with Catholic Charities of Collier County to continue our service agreement and agree to the compliance that is required in the Agency HMIS Agreement. CONSIDERATIONS: Collier County government was the lead agency for the HMIS ClientTrack Subscription Agreement from April 27, 2006 to April 25, 2013. Collier County relinquished its role in April 26, 2013 which was approved by the Board of County Commissioners January 8, 2013, Item 16.D.5 to Catholic Charities Diocese of Venice for the specific purpose of continuing to utilize the database to further its mission as the lead agency in the Homeless Continuum of Care. Housing, Human and Veteran Services (HHVS) and the (Emergency Operations Center (EOC) currently utilize the HMIS system to register and track client information, and therefore have a relationship with Catholic Charities. As users of the HMIS system, HHVS and the EOC are bound by the Standard Operating Procedures of HMIS and all relevant HUD regulations. Users are bound by their agency policies set forth in the agreement. These policies include User Agency Policy, Agency and Personnel Responsibilities, Agency Code of Ethics, HMIS Background Check Agreement, Client Agreement, Compliance Checklist and Privacy Notice, all attached as back-up to this item. This item also authorizes the County Manager or designee to sign the HMIS Background Check Agreement for each user. FISCAL IMPACT: There will be no effect on ad valorem or general fund dollars. LEGAL CONSIDERATIONS: This item is approved as to form and legality and requires a majority vote for approval. -JAB GROWTH MANAGEMENT IMPACT: None RECOMMENDATION: To approve and authorize the Chairwoman to sign the Agency HMIS Agreement between Collier County and the Catholic Charities Diocese of Venice, Inc. d/b/a Catholic Charities of Collier County, the lead agency for HMIS and authorizes the County Manager or designee to sign the HMIS Background Check Agreement for each County staff user. Prepared By: Louise Pelletier, Case Management Supervisor Housing, Human and Veteran Services Packet Page -1046- 1/14/2014 16.D.5. COLLIER COUNTY Board of County Commissioners Item Number: 16.16.D.16.D.5. Item Summary: Recommendation to approve the "Agency HMIS Agreement" between Collier County and Catholic Charities Diocese of Venice, Inc. d/b/a Catholic Charities of Collier County, as the lead agency for the Homeless Management Information System web database ClientTrack and authorize the County Manager or designee to sign an HMIS Background Check Agreement with each County staff user. Meeting Date: 1/14/2014 Prepared By Name: PelletierLouise Title: Supervisor-Case Management,Housing, Human&Veteran Services 11/26/2013 8:44:09 AM Submitted by Title: Supervisor-Case Management,Housing, Human&Veteran Services Name: PelletierLouise 11/26/2013 8:44:11 AM Approved By Name: GrantKimberley Title: Interim Director Date: 12/9/2013 1:37:14 PM Name: AlonsoHailey Title: Operations Analyst,Public Service Division Date: 12/17/2013 5:04:36 PM Name: BelpedioJennifer Title: Assistant County Attorney,County Attorney Date: 12/20/2013 4:09:26 PM Name: CarnellSteve Title: Administrator-Public Services Packet Page -1047- 1/14/2014 16.D.5. Date: 12/23/2013 10:21:45 AM Name: KlatzkowJeff Title: County Attorney Date: 12/26/2013 9:35:48 AM Name: FinnEd Title: Senior Budget Analyst, OMB Date: 12/30/2013 3:16:23 PM Name: StanleyTherese Title: Management/Budget Analyst, Senior,Office of Manage Date: 1/6/2014 10:01:00 AM Name: OchsLeo Title: County Manager Date: 1/6/2014 11:12:15 AM Packet Page-1048- 1/14/2014 16.D.5. CATHOLIC AGENCY HMIS AGREEMENT CHARi �ES Diocese of Venice,inc. Coifler County The HMIS system used by the Catholic Charities Diocese of Venice,Inc.dba as Catholic Charities of Collier County(CCDOV-as HMIS Lead)Is an information system that maintains information regarding the characteristics and service needs of Clients(for purposes of the agreement a"client'is a person requesting services from the provider agency)for a variety of reasons,including the provision of more effective and streamlined services to Clients and the creation of Information which communities can use to determine the use and effectiveness of services. 54_ t subdidiS�ur S4 4'�C a-F V-10 i C.ol t ier CoarVy,a a►�tioa ,('Agency User')has been designated by Catholic Charities of Collier County("Lead Agency")as a representative able to use the HMiS. User Agency and CCDOV(HMIS lead)agree as follows: Partner User Agencies who use HMIS and each User within any Agency are bound by the Standard.Operating Procedures (SOPs)of HMiS and all relevant HUD regulations and the regulations of any other local,state,and federal authority by statute or order. By signing this agreement,you are agreeing to read the SOPs(as they are provided),realize their Importance In the HMIS,and to conduct your agency's work according to what is described in these SOPs.All SOPs(new and revised)must be read within 10 working days of the notice of revision. All SOPs should be re-read at least annually.Agency staff should also be encouraged to read and re-read applicable policies as they are provided. Failure to comply with the HMIS policy and procedures may result in disciplinary action from the Lead Agency,including being de-barred from the system.Users are bound by their Agency policies in addition to the policies set forth in this agreement. Client Release It is a Client's decision about which information,if any,Is to be shared with any other Partner Agencies.Notice of Uses& Disclosures shall be signed by each Client and fully reviewed with the Client in a manner to insure that the Client fully understood the information(e.g.securing a translator If necessary)before any identifiable Client information is designated in HMIS for sharing with any Partner Agencies or the Continuum of Care(CoC that is agencies participating in the Continuum of Care and members of the CoC).User agencies shall insure that the HMIS Notice of Uses and Disclosures was reviewed with the Client. � t t A s aTL r 9 3'`�i" "3a�'° T it b 7 r' . W'72277:f.� r. ;7 K Y�� 3o- r5 . T .. c1 x ',_s 7. s� r�€a.:�v,,. M�,i�.J�--"'. tom_.��:,�-.ii .. ,��F ,a?��w.4.a=_.....�.. ,__.___z�._..�x.._::��.n?r..;�� Your individual usemames and passwords give you access to HMIS. These will be assigned to you and your agency personnel in the very near future. As an agency,you agree to maintain the confidentiality of Client information in HMIS in the following manner: • My agency and Its personnel will not allow sharing of usemames and passwords and will take all necessary means to maintain security within my agency. i understand any employee found using another's password or log in credentials will be barred from use from the HMiS system. • My agency and its personnel will not allow use of the browser capacity to remember passwords:my personnel will enter the password each lime they log on to HMIS. Revised 12/12/2013 Page 1 0 Packet Page-1049- 1/14/2014 16.D.5. • My agency and its personnel will not disclose,view or obtain the database information other than what is necessary to perform my agency's job. • My agency and its personnel understands that the only Individuals who may directly access HMIS Client information are authorized users with a signed user agreement on file,and we will take the necessary steps to prevent casual observers from seeing or hearing HMIS Client Information within my agency. • My agency and its management will encourage agency employees to log off of HMIS before leaving their work area,or make sure that the HMIS database has'timed our before leaving their work area. My agency and its management wiU not allow unattended computers that have HMiS"open and running". • My agency and its personnel will apply my agency's privacy and confidentiality requirements for all Information entered In or obtained from HMIS whether transmitted by oral,written,or digital means. • My agency and its personnel will keep unauthorized persons and those not authorized to use HMIS from viewing it within my agency. • My agency and its personnel will store hard copies of HMIS information in a secure file(or upload to CtientTrack) and not leave such hard copy information in public view on a desk,or on a photocopier,printer or fax machine. • My Agency and its personnel will properly destroy hard copies(i.e.secure shredding)of HMIS information when they are no longer needed unless they are required to be retained in accordance with applicable law. • My Agency and its personnel will not discuss HMIS confidential Client information with staff,Clients,or Client family members in a public area. • My Agency and its personnel will not leave messages on answering machines or voicemail systems that contain HMIS confidential Client information. • My Agency and its personnel will keep speaker volumes low so that HMIS confidential information left by callers Is not overheard by the public or unauthorized persons. • As the agency representative,I understand that a failure to follow these security steps appropriately may result in a breach of Client HMIS confidentiality and HMiS security.If such a breach occurs,my agency's access to HMIS may be terminated and i may be subject to further disciplinary action as defined in the Lead Agency's personnel policy. • If I notice or suspect any security breach,t will Immediately notify CCDOV(HMIS Lead). • I give CCDOV and its employees,delegates,assigns,or contractor's access to the data entered by my agency on behalf of our clients for the purposes of administration,backup,security,necessary reporting,transition,training and any other needs as defined by funders or grantors to meet grant agreement conditions. . • Agencies and their personnel must be prepared to answer Client questions regarding HMIS. • Agencies and their personnel must faithfully respect Client preferences with regard to the sharing of Client Information within HMIS.Users must accurately record Client's preferences by making the proper designations as to sharing of Client information and/or any restrictions on the sharing of Client information. • Agencies and their personnel must allow Clients to change Information sharing preferences at the Client's request. • Agencies and their personnel must not decline services to a Client or potential Client if that person refuses to allow sharing of information within HMIS • Agencies and their personnel have primary responsibility for Information entered by the User.information Users enter must be truthful,accurate and complete to the best of User's knowledge. Revised 12/12/2013 Page 2 d0 Packet Page-1050- 1/14/2014 16.D.5. • Agencies and their personnel will not solicit from or enter information about Clients into HMiS unless the information is required for a legitimate business purpose such as to provide services to the Client. • Agencies and their personnel will not use the HMIS database for any violation of any law,to defraud any entity or to conduct any illegal activity. Support—Data Accuracy and Verification I,or a designated employee,agree to verify data reports as provided to my agency by CCDOV. My agency is ultimately responsible for correcting errors within data. CCDOV and the administrative users In my agency have access to run APR, AHAR,or other data reports and will routinely verify data. CCDOV will,from time to time,send data reports to my agency for verification. 1 or a designated employee will work with agency staff and CCDOV staff to correct any data errors. Client Data Upon Client written request,agency and its personnel must allow a Client to inspect and obtain a copy of the Client's own information maintained within HMIS.Information compiled in reasonable anticipation of or for use in a civil,criminal or administrative action or proceeding need not be provided to the Client. Agencies and their personnel must permit Clients to file a written complaint regarding the use or treatment of their information within HMIS. Complaints must be submitted in writing to the Agency HMIS Administrator:Michael Porpora HMIS Administrator,2210 Santa Barbara Blvd.Naples,Florida 34116.The Agency will bring the Client's complaint to the HMIS Steering Committee,which will attempt a voluntary resolution of the complaint. Renewability This Agreement and the Information contained in the accompanying addendum A will be renewable each year contingent upon the agency completing any required recertification requirements. The agreement requires that your agency is a member in good standing of the CoC with all member fees paid,if any are required. This Agreement may be terminated by Agency or CCDOV (due to but not limited to termination of employment,security violation,etc.). If this Agreement is terminated,the agency and Its users will no longer have access to HMIS.This agreement will be renewed automatically where appropriate. Signed, Agency Authorized Signature Print Name Date HMIS Lead Authorized Signature Print Name Date Approved as to form and legality ATTEST: DWIGHT E. BROCK, Clerk Assistant County Attomey By: Revised 12/12/2013 Page 3 Packet Page-1051- 1/14/2014 16.D.5. Addendum A This addendum provides additional guidance for managing HMIS within each partner agency.This addendum provides guidance addressing the roles and responsibilities of partner agencies within the HMIS network. Partner Agency Partner Agency is ultimately responsible for ensuring all users within the agency abide by all policies stated In this agreement. Agrees to: • Take full responsiblllty for data entered and for all users entering data within their agency. • Have active users attend update trainings and stay current with the HMIS Policies&Procedures. • Have a designated user or trainer communicate updated HMIS information to all staff and volunteer users at its agency. • Select an executive level representative to attend 100%of the HMIS Steering Committee meetings. • Be responsible for maintaining all records and files for 7 years after last update. of aging file records(anything over 7 • Be responsible for archiving or properly disposing (according to agency policy) ( yth 9 years). • Be responsible for system cleansing when decommissioning computers that have accessed HMiS. • Be responsible for prohibiting the transfer of data to external media(such as:cd,thumb drive,external hard drive,etc.). • Notify the HMIS Administrator within 24 hours in the event of a breach of system security or client confidentiality. • Complete the technology profile form(Executive/IT) • Complete the Agency Profile form(Executive) • Provide HMIS System Administrator with a copy of the agency's policies and procedures to protect hard copy PPi information generated. 1-Due to the live'aspect of the system,partner agencies must agree to consistently enter information Into the HMIS database and shall strive for real-time, or close to real-time data entry. 'Close to real-time data entry', defined in Agency Partner Agreement 9e as'within 5 business days of data collection'is now revised to be defined as'within three working days of seeing the client'. 2-Any Agency found to have had breathes of system security and/or client confidentiality shall enter a period of probation,during which technical assistance shall be provided to help the Agency prevent further breaches. Probation shall remain in effect until fi , the HMIS System Administrator has evaluated the Agency's security and confidentiality measures and found them compliant with the policies stated in this Agreement and the Agency Agreement Subsequent violations of system security may result in suspension from the system. The HMIS Administrator can be reached at HMIS @Outlook.com. Agency's Responsibilities Responsible for defining the necessary data elements as determined by their funder(s) for their particular program(s) and communicating that information to CCDOV. Agrees to: • Designate the Agency Administrator for their program • Assign and register Basic Users • Notify CCDOV of any reporting program change • Notify CCDOV of any bed inventory change • Notify CCDOV of system use for non-homeless clients • Work with CCDOV to determine program specific data elements • Maintain data quality at satisfactory level(99%)Universal/Program • Maintain bed lists(including actual bed count and clients in beds) • Notify CCDOV IMMEDIATELY(before end of same day)when a user is terminated or willingly leaves their position or takes a leave of absence (including maternity leave). If agency has an Agency Administrator in place, Agency Administrator is responsible for notifying CCDOV. • Submit special projects in writing • Review agency technology for compliance—ensuring they meet HUD HMIS standards • Notify the CCDOV when program is not compliant with standards • Notify CCDOV of APR due dates(if applicable) • Initiate APR assistance(if applicable) • Generate APR periodically and verify information • Sign off and be compliant with the CCDOV Privacy Notice Revised 12/12/2013 Page 4 omai. CD Packet Page-1052- 1/14/2014 16.D.5. • Adhere to the Program Compliance Checklist • HMIS Readiness Profile for each program • Act as initial HMIS contact for CCDOV • Document HMIS and escalation issues to System Administrator when applicable • Be knowledgeable of basic ClientTrack workflow flow • • Update agency's Information within the HMIS system • Generate monthly Bed list Reports(if applicable) • Comprehend monthly reports(including data quality)for data cleanup • Initiate data cleanup with appropriate agency staff • Notify CCDOV of data issues associated with monthly reports • Notify CCDOV when an employee leaves the agency(termination or willingly). • Work with agency/program data entry staff to address data entry/data security issues • Enforce data quality and completeness as determined by funding sources • Responsible for co-administering Provider and Program set-up with CCDOV • Responsible for co-administering and maintaining Bedlist(s) • Maintain,review,administer Provider and Program security • Run outstanding referral report daily Revised 12/12/2013 Page 5 Packet Page -1053- 1/14/2014 16.D.5. HMIS BACKGROUND CHECK AGREEMENT As an authorized representative of my agency, I certify to Collier County HMIS that the above employee has a background check on file that complies with my agency's requirements and shows this employee(user)to have no convictions on record that show any violations of the crimes described in Florida Statutes in this or any state for: • Fraudulent Practices-Chapter 817 ▪ Computer-Related Crimes-Chapter 815 • Forgery and Counterfeiting-Chapter 831 . Violations Involving Checks and Drafts-Chapter 832 . Defamation;Libel;Threatening Letters and Similar Offenses-Chapter 836 • Perjury-Chapter 837 . Offenses Concerning Racketeering and Illegal Debts-Chapter 895 . Offenses Related to Financial Transactions-Chapter 896 • Any other Felony offense that,in a reasonable person's mind would create a security risk for the HMIS system. Agencies that have employees with background offenses can obtain permission for them to use HMIS as a 'read-only' system. Agencies may also request a compliance variance on a case by case basis for any employee whose felony conviction is more than 10 years old. For the purposes of this provision, no felony record with a disposition where the record has been sealed or expunged or where there was any other disposition where adjudication of guilt was withheld shall be considered to violate the above requirements. Agency must maintain a current background check on file at the agency. Signed, Aufhonzed Agency Signature Print Name Hate Approved: HMIS Representative Signature Print Name Date Approved as to form and legality c.■()) S2 Assistant County At4ey Revised 12/12/2013 Page 6 Packet Page-1054- 1/14/2014 16.D.5. r t m t N 3 . o 1 a, i." '". Z ❑ o o y 11 i A" w i ill g 1 , e ri i s i 1 ti 1 4' a N a z 4. _� s� Aga v g 115..'%b vl: 1 //Q�p , . a _ 111 2 ..65 . C ig. 2 6_ Z, a c o a. E o 'a ,. � t.) '� dz°Q c Packet Page -1055- 1/14/2014 16.D.5. ,.µms 0 s 3 N • • W • 0 _ o. — tr.- c Packet Page-1056- 1/14/2014 16.D.5. a o a 3 I t i1 j � � I e E rz . Zz° 8 • 3 2 13 o o ° ° 1g z Ago Iogait CI 5 P S ltgiti2 g 4� JHuh 2 I t ti •e li s VII .61 ,,' . - , 311 "1 i i Fl I r glip. � o it: 1 �z .. ai , . ..... a z ac z i 0 Packet Page-1057- 1/14/2014 16.D.5. i . 1 _ • •-•„„ d i 1 5 , . a G . i ffi 1. 1 t U- - 7\ Packet Page-1058- 1/14/2014 16.D.5. • il 171 m c I go o E V " m — O o c c. $ = � Q 2 V 4: Li• tftil-0- 4,..,- 2 g.!sf Si CiP) en . u, a � ' T € c E co 3 .- f ›.. -Wig >- a • X c a) W C =I cu :° gb' go $ 011111101 ' `° �• acs O eil $- c m Q2 � kilo m «s c i ia ca , >- S 'ca . 0 E a) sal a) f, E A - ti) E ›.. =Ego 0E as ts= • 0 10. g t-, ,(6) -5- .G Øfl$ Z CD M RI-. $ >11 >.■ CD 0.- U a a$ 0 le g = o� �, a) 8 43 , Ca. 8V - > 2 a . b. 8 § •- • I. 8 w a i2 0 c • (--,---1 :•, , ._ , __• Packet Page -1059- 1/14/2014 16.D.5. afhc Charities fot!#er County MOVY14oM Privacy Notice - HMIS i. This notice describes the privacy policy and practices of Catholic Charities of Collier County,specifically in regard to the Homeless Management information Network program. 2. The policy and practices in this notice cover the processing of protected personal Information for clients participating in the Homeless Management information Network for Collier County. 3. Protected Personal information(PPI)is any information we maintain about a client that: a. allows identification of an individual directly or indirectly • b. can be manipulated by a reasonably foreseeable method to identy a specific Individual,or c. can be linked with other available information to Identify a specific client When this notice refers to personal information,It means PPi. 4. We adopted this policy because of standards for Homeless Management Information Systems issued by the Department of Housing and Urban Development. We intend our policy and practices to be consistent with those standards. See 69 Federal Register 45888(July 30,2004). 5. This notice tells our clients,our staff,and others how we process personal information. We follow the policy and practices described In this notice. 6. We may amend this notice and change our policy or practices at any lime. Amendments may affect personal information that we obtained before the effective date of the amendment 7. We give a written copy of this privacy notice to any individual who asks. • 8. We maintain a copy of this policy on our website at www. • • 1. We collect personal Information only when appropriate to provide services or for another spedfic purpose of our organization or when required by law. We may collect Information for these purposes: a. to provide or coordinate services to clients b. to locate other programs that may be able to assist clients c. for functions related to payment or reimbursement from others for services that we provide d. to operate our organization,including administrative functions such as legal,audits,personnel,oversight,and management functions e. to comply with government reporting obligations f. when required by law 2. We only use lawful and fair means to collect personal information. 3. We normally collect personal information with the knowledge or consent of our clients. If you seek our assistance and provide us with personal information,we assume that you consent to the collection of information as described In this notice 4. We may also get information about you from: a. Individuals who are with you b. Other private organizations that provide services(Idendy) c. Government agencies(identify) d. Telephone directories and other published sources 5. We post a sign at our intake desk or other location explaining the reasons we ask for personal information. The sign says: We collect persona/information only when appropriate. We may use or disclose your information to provide you with services. We may also use or disclose it to comply with legal and other obligations. We assume that Packet Page-1060- 1/14/2014 16.D.5. you agree to allow us to collect information and b use ordisdose It as described in this notice. You can Inspect personal information about you that we maintain. You can also ask us to correct inaccurate or Incomplete information. You can ask us about our privacy policy or practices. We respond to questions and complaints. Read the full notice for more details. Anyone can have a copy of the full notice upon request' I. We use or disclose personal information for activities described In this part of the notice. We mayor may not make any of these uses or disclosures with your Information. We assume that you consent to the use or disclosure of your personal Information for the purposes described here and for other uses and disclosures that we determine to be compatible with these uses or disclosures: a. to provide or coordinate services to individuals We share client records with other organizations that may have separate privacy policies and that may allow different uses and disclosures of the information. b. for functions related to payment or reimbursement for services c. to carry out administrative functions such as legal,audits,personnel,oversight,and management functions d. to create de-Identified(anonymous)Information that can be used for research and statistical purposes without identifying clients e. when required by law to the extent that use or disclosure complies with and is limited to the requirements of the law f. to avert a serious threat to health or safety if (1) we believe that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of an individual or the public,and (2) the use or disclosure Is made to a person reasonably able to prevent or lessen the threat,including the target of the threat g. to report about an individual we reasonably believe to be a victim of abuse,neglect or domestic violence to a governmental authority(including a social service or protective services agency)authorized by law to receive reports of abuse,neglect or domestic violence (1)under any of these circumstances: (a) where the disclosure is required bylaw and the disclosure compiles with and Is limited to the requirements of the law (b) If the individual agrees to the disclosure,or (c) to the extent that the disclosure is expressly authorized by statute or regulation,and (I) we believe the disclosure is necessary to prevent serious harm to the individual or other potential victims,or (II) if the Individual is unable to agree because of incapacity,a taw enforcement or other public official authorized to receive the report represents that the PPI fur which disclosure Is sought Is not intended to be used against the individual and that an immediate enforcement activity that depends upon the disclosure would be materially and adversely affected by waiting until the individual is able to agree to the disclosure. and (2) when we make a permitted disclosure about a victim of abuse,neglect or domestic violence,we will promptly inform the Individual who is the victim that a disclosure has been or will be made,except it (a) we,in the exercise of professional judgment,believe informing the individual would place the individual at risk of serious harm,or (b) we would be informing a personal representative(such as a family member or friend),and we reasonably believe the personal representative is responsible for the abuse,neglect or other injury,and that informing the personal representative would not be in the best interests of the individual as we determine In the exercise of professional judgment. h. for academic research purposes (1) conducted by an individual or institution that has a formal relationship with the CHO If the research Is conducted either: (a) by an individual employed by or affiliated with the organization for use in a research project conducted under a written research agreement approved in writing by a designated CHO program administrator(other than the individual conducting the research),or (b) by an institution for use in a research project conducted under a written research agreement approved in wilting by a designated CHO program administrator. Packet Page-1061- 1/14/2014 16.D.5. and (2)any written research agreement: (a) must establish rules and limitations for the processing and security of PPI in the course of the research (b) must provide for the return or proper disposal of all PPI at the conclusion of the research • (c) must restrict additional use or disclosure of PPI,except where required by law (d) must require that the recipient of data formally agree to comply with all terms and conditions of the agreement,and" (e) is not a substitute for approval(if appropriate)of a research project by an Institutional Review Board,Privacy Board or other applicable human subjects protection institution. L to a law enforcement official for a law enforcement purpose(if consistent with applicable law and standards of ethical conduct)under any of these circumstances: (1) in response to a lawful court order,court-ordered warrant,subpoena or summons issued by a judicial officer,or a grand jury subpoena (2) if the law enforcement official makes a written request for PP!that (a) Is signed by a supervisory official of the law enforcement agency seeking the PPi (b) states that the information is relevant and material to a legitimate law enforcement investigation (c) Identifies the PPI sought (d) is specific and Punned In scope to the extent reasonably practicable in fight of the purpose for which the information is sought and (e) states that de-Identified information could not be used to accomplish the purpose of the disclosure. (3) if we believe in good faith that the PPI constitutes evidence of criminal conduct that occurred on our premises (4) in response to an oral request for the purpose of identifying or locating a suspect,fugitive,material witness or missing person and the PPI disclosed consists only of name,address,date of birth,place of birth,Social Security Number,and distinguishing physical characteristics,or (5) if (a) the official is an authorized federal official seeldng PPI for the provision of protective services to the President or other persons authorized by 18 U.S.C.3056,or to foreign heads of state or other persons authorized by 22 U.S.C.2709(a)(3),or for the conduct of Investigations authorized by 18 U.S.C.871 and 879 (threats against the President and others),and (b) the information requested is specific and limited in scope to the extent reasonably practicable in light of the purpose for which the information is sought and . j. to comply with government reporting obligations for homeless management information systems and for oversight of compliance with homeless management information system requirements. 2. Before we make any use or disclosure of your personal information that is not described here,we seek your consent first. 1. You may inspect and have a copy of your personal information that we maintain. We will offer to explain any Information that you may not understand. 2. We will consider a request from you for correction of inaccurate or incomplete personal information that we maintain about you. If we agree that the information is inaccurate or incomplete,we may delete k or we may choose to mark it as inaccurate or incomplete and to supplement it with additional Information. • 3. To Inspect,get a copy of,or ask for correction of your information,ask any staff member for access. 4. We may deny your request for inspection or copying of personal information if: a. the information was complied In reasonable anticipation of litigation or comparable proceedings b. the information is about another individual(other than a health care provider or homeless provider) Packet Page -1062- 1/14/2014 16.D.5. c. the information was obtained under a promise or confidentiality(other than a promise from a health care provider or homeless provider)and if the disclosure would reveal the source of the Information,or d. disclosure of the information would be reasonably likely to endanger the life or physical safety of any indhridual. 5. If we deny a request for access or correction,we will explain the reason for the denial. We will also include,as part of the persona!information that we maintain,documentation of the request and the reason for the denial 6. We may reject repeated or harassing requests for access or correciion. 1. We collect only personal information that is relevant to the purposes for which we plan to use It To the extent necessary for those purposes,we seek to maintain only personal information that is accurate,complete,and timely. 2. We are developing and implementing a plan to dispose of personal information not in current use seven years after the Information was created or last changed. As an alternative to disposal,we may choose to remove identifiers from the information. 3. We may keep information for a longer period if required to do so by statute,regulation,contract,or other requirement. • We accept and consider questions or complaints about our privacy and security policies and practices. Complaints must be submitted in writing to this Agency and to: HMiS Administrator The Administrator will attempt to resolve your complaint. Should further review be required your complaint will be escalated to the HMIS Steering Committee to determine a voluntary resolution of the complaint.Resolution of the complaint will be provided —in-wn sg-bo-tfie-agencl rand-the-individual-flung-ihe-comP1aint-This-Agency-arrd-Catholic Charities as the HMIS lead are prohibited from retaliating against you for filing a complaint. 1. All members of our staff(including employees,volunteers,affiliates,contractors and associates)are required to comply with this privacy notice. Each staff member must receive and acknowiedge receipt of a copy of this privacy notice. • 1. Version 1.0. June 1,2013. Initial Policy • • Packet Page -1063- 1/14/2014 16.D.5. Catholic Charities of Coi IerCounty COLLIER COUNTY HMIS PROJECT REPORT REQUEST FORM Organization Name: Contact Information: Name: Phone Number: E-mail Address: General Information: Report Name: Purpose of the Report: Program(s)included in the report: Time Period: From (MM/DD/YY)to (MM/DD/YY) One time only Monthly Quarterly Bi-annual Annual Requested Completion Date: (Specify the date on which the report is needed) Report Content: State in detail what you want in your report. (Write Below or Attach) Signature Date Agency Administrator Signature Send request to the following address:HMIS@Outlook.com &Armando @a,,CatholicCharitiesCC.org 411 Packet Page -1064-