Agenda 01/14/2014 Item # 16D 5 1/14/2014 16.D.5.
EXECUTIVE SUMMARY
Recommendation to approve the"Agency HMIS Agreement" between Collier County and Catholic
Charities Diocese of Venice, Inc. d/b/a Catholic Charities of Collier County, as the lead agency for
the Homeless Management Information System web database ClientTrack and authorize the
County Manager or designee to sign an HMIS Background Check Agreement with each County
staff user.
OBJECTIVE: To enter into this written agreement with Catholic Charities of Collier County to continue
our service agreement and agree to the compliance that is required in the Agency HMIS Agreement.
CONSIDERATIONS: Collier County government was the lead agency for the HMIS ClientTrack
Subscription Agreement from April 27, 2006 to April 25, 2013. Collier County relinquished its role in
April 26, 2013 which was approved by the Board of County Commissioners January 8, 2013, Item 16.D.5
to Catholic Charities Diocese of Venice for the specific purpose of continuing to utilize the database to
further its mission as the lead agency in the Homeless Continuum of Care.
Housing, Human and Veteran Services (HHVS) and the (Emergency Operations Center (EOC) currently
utilize the HMIS system to register and track client information, and therefore have a relationship with
Catholic Charities. As users of the HMIS system, HHVS and the EOC are bound by the Standard
Operating Procedures of HMIS and all relevant HUD regulations. Users are bound by their agency
policies set forth in the agreement. These policies include User Agency Policy, Agency and Personnel
Responsibilities, Agency Code of Ethics, HMIS Background Check Agreement, Client Agreement,
Compliance Checklist and Privacy Notice, all attached as back-up to this item.
This item also authorizes the County Manager or designee to sign the HMIS Background Check
Agreement for each user.
FISCAL IMPACT: There will be no effect on ad valorem or general fund dollars.
LEGAL CONSIDERATIONS: This item is approved as to form and legality and requires a majority
vote for approval. -JAB
GROWTH MANAGEMENT IMPACT: None
RECOMMENDATION: To approve and authorize the Chairwoman to sign the Agency HMIS
Agreement between Collier County and the Catholic Charities Diocese of Venice, Inc. d/b/a Catholic
Charities of Collier County, the lead agency for HMIS and authorizes the County Manager or designee to
sign the HMIS Background Check Agreement for each County staff user.
Prepared By: Louise Pelletier, Case Management Supervisor
Housing, Human and Veteran Services
Packet Page -1046-
1/14/2014 16.D.5.
COLLIER COUNTY
Board of County Commissioners
Item Number: 16.16.D.16.D.5.
Item Summary: Recommendation to approve the "Agency HMIS Agreement" between
Collier County and Catholic Charities Diocese of Venice, Inc. d/b/a Catholic Charities of Collier
County, as the lead agency for the Homeless Management Information System web database
ClientTrack and authorize the County Manager or designee to sign an HMIS Background Check
Agreement with each County staff user.
Meeting Date: 1/14/2014
Prepared By
Name: PelletierLouise
Title: Supervisor-Case Management,Housing, Human&Veteran Services
11/26/2013 8:44:09 AM
Submitted by
Title: Supervisor-Case Management,Housing, Human&Veteran Services
Name: PelletierLouise
11/26/2013 8:44:11 AM
Approved By
Name: GrantKimberley
Title: Interim Director
Date: 12/9/2013 1:37:14 PM
Name: AlonsoHailey
Title: Operations Analyst,Public Service Division
Date: 12/17/2013 5:04:36 PM
Name: BelpedioJennifer
Title: Assistant County Attorney,County Attorney
Date: 12/20/2013 4:09:26 PM
Name: CarnellSteve
Title: Administrator-Public Services
Packet Page -1047-
1/14/2014 16.D.5.
Date: 12/23/2013 10:21:45 AM
Name: KlatzkowJeff
Title: County Attorney
Date: 12/26/2013 9:35:48 AM
Name: FinnEd
Title: Senior Budget Analyst, OMB
Date: 12/30/2013 3:16:23 PM
Name: StanleyTherese
Title: Management/Budget Analyst, Senior,Office of Manage
Date: 1/6/2014 10:01:00 AM
Name: OchsLeo
Title: County Manager
Date: 1/6/2014 11:12:15 AM
Packet Page-1048-
1/14/2014 16.D.5.
CATHOLIC AGENCY HMIS AGREEMENT
CHARi �ES
Diocese of Venice,inc.
Coifler County
The HMIS system used by the Catholic Charities Diocese of Venice,Inc.dba as Catholic Charities of Collier County(CCDOV-as
HMIS Lead)Is an information system that maintains information regarding the characteristics and service needs of Clients(for
purposes of the agreement a"client'is a person requesting services from the provider agency)for a variety of reasons,including
the provision of more effective and streamlined services to Clients and the creation of Information which communities can use to
determine the use and effectiveness of services. 54_
t subdidiS�ur
S4 4'�C a-F V-10 i
C.ol t ier CoarVy,a a►�tioa
,('Agency User')has been designated by Catholic Charities of Collier
County("Lead Agency")as a representative able to use the HMiS.
User Agency and CCDOV(HMIS lead)agree as follows:
Partner User Agencies who use HMIS and each User within any Agency are bound by the Standard.Operating Procedures
(SOPs)of HMiS and all relevant HUD regulations and the regulations of any other local,state,and federal authority by statute or
order. By signing this agreement,you are agreeing to read the SOPs(as they are provided),realize their Importance In the
HMIS,and to conduct your agency's work according to what is described in these SOPs.All SOPs(new and revised)must be
read within 10 working days of the notice of revision. All SOPs should be re-read at least annually.Agency staff should also be
encouraged to read and re-read applicable policies as they are provided. Failure to comply with the HMIS policy and procedures
may result in disciplinary action from the Lead Agency,including being de-barred from the system.Users are bound by their
Agency policies in addition to the policies set forth in this agreement.
Client Release
It is a Client's decision about which information,if any,Is to be shared with any other Partner Agencies.Notice of Uses&
Disclosures shall be signed by each Client and fully reviewed with the Client in a manner to insure that the Client fully
understood the information(e.g.securing a translator If necessary)before any identifiable Client information is designated in
HMIS for sharing with any Partner Agencies or the Continuum of Care(CoC that is agencies participating in the Continuum of
Care and members of the CoC).User agencies shall insure that the HMIS Notice of Uses and Disclosures was reviewed with
the Client.
� t t A s aTL r 9 3'`�i" "3a�'° T it b 7 r' . W'72277:f.� r. ;7 K Y�� 3o- r5 . T .. c1 x ',_s 7.
s� r�€a.:�v,,. M�,i�.J�--"'. tom_.��:,�-.ii .. ,��F ,a?��w.4.a=_.....�.. ,__.___z�._..�x.._::��.n?r..;��
Your individual usemames and passwords give you access to HMIS. These will be assigned to you and your agency personnel
in the very near future.
As an agency,you agree to maintain the confidentiality of Client information in HMIS in the following manner:
• My agency and Its personnel will not allow sharing of usemames and passwords and will take all necessary means to
maintain security within my agency. i understand any employee found using another's password or log in credentials
will be barred from use from the HMiS system.
• My agency and its personnel will not allow use of the browser capacity to remember passwords:my personnel will
enter the password each lime they log on to HMIS.
Revised 12/12/2013 Page 1
0
Packet Page-1049-
1/14/2014 16.D.5.
• My agency and its personnel will not disclose,view or obtain the database information other than what is necessary to
perform my agency's job.
• My agency and its personnel understands that the only Individuals who may directly access HMIS Client information
are authorized users with a signed user agreement on file,and we will take the necessary steps to prevent casual
observers from seeing or hearing HMIS Client Information within my agency.
• My agency and its management will encourage agency employees to log off of HMIS before leaving their work area,or
make sure that the HMIS database has'timed our before leaving their work area. My agency and its management wiU
not allow unattended computers that have HMiS"open and running".
• My agency and its personnel will apply my agency's privacy and confidentiality requirements for all Information entered
In or obtained from HMIS whether transmitted by oral,written,or digital means.
• My agency and its personnel will keep unauthorized persons and those not authorized to use HMIS from viewing it
within my agency.
• My agency and its personnel will store hard copies of HMIS information in a secure file(or upload to CtientTrack) and
not leave such hard copy information in public view on a desk,or on a photocopier,printer or fax machine.
• My Agency and its personnel will properly destroy hard copies(i.e.secure shredding)of HMIS information when they
are no longer needed unless they are required to be retained in accordance with applicable law.
• My Agency and its personnel will not discuss HMIS confidential Client information with staff,Clients,or Client family
members in a public area.
• My Agency and its personnel will not leave messages on answering machines or voicemail systems that contain HMIS
confidential Client information.
• My Agency and its personnel will keep speaker volumes low so that HMIS confidential information left by callers Is not
overheard by the public or unauthorized persons.
• As the agency representative,I understand that a failure to follow these security steps appropriately may result in a
breach of Client HMIS confidentiality and HMiS security.If such a breach occurs,my agency's access to HMIS may be
terminated and i may be subject to further disciplinary action as defined in the Lead Agency's personnel policy.
• If I notice or suspect any security breach,t will Immediately notify CCDOV(HMIS Lead).
• I give CCDOV and its employees,delegates,assigns,or contractor's access to the data entered by my agency on
behalf of our clients for the purposes of administration,backup,security,necessary reporting,transition,training and
any other needs as defined by funders or grantors to meet grant agreement conditions.
.
• Agencies and their personnel must be prepared to answer Client questions regarding HMIS.
• Agencies and their personnel must faithfully respect Client preferences with regard to the sharing of Client Information
within HMIS.Users must accurately record Client's preferences by making the proper designations as to sharing of
Client information and/or any restrictions on the sharing of Client information.
• Agencies and their personnel must allow Clients to change Information sharing preferences at the Client's request.
• Agencies and their personnel must not decline services to a Client or potential Client if that person refuses to allow sharing
of information within HMIS
• Agencies and their personnel have primary responsibility for Information entered by the User.information Users enter
must be truthful,accurate and complete to the best of User's knowledge.
Revised 12/12/2013 Page 2
d0
Packet Page-1050-
1/14/2014 16.D.5.
• Agencies and their personnel will not solicit from or enter information about Clients into HMiS unless the information is
required for a legitimate business purpose such as to provide services to the Client.
• Agencies and their personnel will not use the HMIS database for any violation of any law,to defraud any entity or to
conduct any illegal activity.
Support—Data Accuracy and Verification
I,or a designated employee,agree to verify data reports as provided to my agency by CCDOV. My agency is ultimately
responsible for correcting errors within data. CCDOV and the administrative users In my agency have access to run APR,
AHAR,or other data reports and will routinely verify data. CCDOV will,from time to time,send data reports to my agency for
verification. 1 or a designated employee will work with agency staff and CCDOV staff to correct any data errors.
Client Data
Upon Client written request,agency and its personnel must allow a Client to inspect and obtain a copy of the Client's own
information maintained within HMIS.Information compiled in reasonable anticipation of or for use in a civil,criminal or
administrative action or proceeding need not be provided to the Client. Agencies and their personnel must permit Clients to file a
written complaint regarding the use or treatment of their information within HMIS. Complaints must be submitted in writing to the
Agency HMIS Administrator:Michael Porpora HMIS Administrator,2210 Santa Barbara Blvd.Naples,Florida 34116.The
Agency will bring the Client's complaint to the HMIS Steering Committee,which will attempt a voluntary resolution of the
complaint.
Renewability
This Agreement and the Information contained in the accompanying addendum A will be renewable each year contingent upon
the agency completing any required recertification requirements. The agreement requires that your agency is a member in good
standing of the CoC with all member fees paid,if any are required. This Agreement may be terminated by Agency or CCDOV
(due to but not limited to termination of employment,security violation,etc.). If this Agreement is terminated,the agency and Its
users will no longer have access to HMIS.This agreement will be renewed automatically where appropriate.
Signed,
Agency Authorized Signature Print Name Date
HMIS Lead Authorized Signature Print Name Date
Approved as to form and legality ATTEST:
DWIGHT E. BROCK, Clerk
Assistant County Attomey By:
Revised 12/12/2013 Page 3
Packet Page-1051-
1/14/2014 16.D.5.
Addendum A
This addendum provides additional guidance for managing HMIS within each partner agency.This addendum provides guidance
addressing the roles and responsibilities of partner agencies within the HMIS network.
Partner Agency
Partner Agency is ultimately responsible for ensuring all users within the agency abide by all policies stated In this agreement.
Agrees to:
• Take full responsiblllty for data entered and for all users entering data within their agency.
• Have active users attend update trainings and stay current with the HMIS Policies&Procedures.
• Have a designated user or trainer communicate updated HMIS information to all staff and volunteer users at its
agency.
• Select an executive level representative to attend 100%of the HMIS Steering Committee meetings.
• Be responsible for maintaining all records and files for 7 years after last update. of aging file records(anything over 7
• Be responsible for archiving or properly disposing (according to agency policy) ( yth 9
years).
• Be responsible for system cleansing when decommissioning computers that have accessed HMiS.
• Be responsible for prohibiting the transfer of data to external media(such as:cd,thumb drive,external hard drive,etc.).
• Notify the HMIS Administrator within 24 hours in the event of a breach of system security or client confidentiality.
• Complete the technology profile form(Executive/IT)
• Complete the Agency Profile form(Executive)
• Provide HMIS System Administrator with a copy of the agency's policies and procedures to protect hard copy PPi
information generated.
1-Due to the live'aspect of the system,partner agencies must agree to consistently enter information Into the HMIS database
and shall strive for real-time, or close to real-time data entry. 'Close to real-time data entry', defined in Agency Partner
Agreement 9e as'within 5 business days of data collection'is now revised to be defined as'within three working days of seeing
the client'.
2-Any Agency found to have had breathes of system security and/or client confidentiality shall enter a period of probation,during
which technical assistance shall be provided to help the Agency prevent further breaches. Probation shall remain in effect until fi ,
the HMIS System Administrator has evaluated the Agency's security and confidentiality measures and found them compliant with
the policies stated in this Agreement and the Agency Agreement Subsequent violations of system security may result in
suspension from the system. The HMIS Administrator can be reached at HMIS @Outlook.com.
Agency's Responsibilities
Responsible for defining the necessary data elements as determined by their funder(s) for their particular program(s) and
communicating that information to CCDOV.
Agrees to:
• Designate the Agency Administrator for their program
• Assign and register Basic Users
• Notify CCDOV of any reporting program change
• Notify CCDOV of any bed inventory change
• Notify CCDOV of system use for non-homeless clients
• Work with CCDOV to determine program specific data elements
• Maintain data quality at satisfactory level(99%)Universal/Program
• Maintain bed lists(including actual bed count and clients in beds)
• Notify CCDOV IMMEDIATELY(before end of same day)when a user is terminated or willingly leaves their position or
takes a leave of absence (including maternity leave). If agency has an Agency Administrator in place, Agency
Administrator is responsible for notifying CCDOV.
• Submit special projects in writing
• Review agency technology for compliance—ensuring they meet HUD HMIS standards
• Notify the CCDOV when program is not compliant with standards
• Notify CCDOV of APR due dates(if applicable)
• Initiate APR assistance(if applicable)
• Generate APR periodically and verify information
• Sign off and be compliant with the CCDOV Privacy Notice
Revised 12/12/2013 Page 4 omai.
CD
Packet Page-1052-
1/14/2014 16.D.5.
• Adhere to the Program Compliance Checklist
• HMIS Readiness Profile for each program
• Act as initial HMIS contact for CCDOV
• Document HMIS and escalation issues to System Administrator when applicable
• Be knowledgeable of basic ClientTrack workflow flow
• • Update agency's Information within the HMIS system
• Generate monthly Bed list Reports(if applicable)
• Comprehend monthly reports(including data quality)for data cleanup
• Initiate data cleanup with appropriate agency staff
• Notify CCDOV of data issues associated with monthly reports
• Notify CCDOV when an employee leaves the agency(termination or willingly).
• Work with agency/program data entry staff to address data entry/data security issues
• Enforce data quality and completeness as determined by funding sources
• Responsible for co-administering Provider and Program set-up with CCDOV
• Responsible for co-administering and maintaining Bedlist(s)
• Maintain,review,administer Provider and Program security
• Run outstanding referral report daily
Revised 12/12/2013 Page 5
Packet Page -1053-
1/14/2014 16.D.5.
HMIS BACKGROUND CHECK AGREEMENT
As an authorized representative of my agency, I certify to Collier County HMIS that the
above employee has a background check on file that complies with my agency's
requirements and shows this employee(user)to have no convictions on record that show any
violations of the crimes described in Florida Statutes in this or any state for:
• Fraudulent Practices-Chapter 817
▪ Computer-Related Crimes-Chapter 815
• Forgery and Counterfeiting-Chapter 831
. Violations Involving Checks and Drafts-Chapter 832
. Defamation;Libel;Threatening Letters and Similar Offenses-Chapter 836
• Perjury-Chapter 837
. Offenses Concerning Racketeering and Illegal Debts-Chapter 895
. Offenses Related to Financial Transactions-Chapter 896
• Any other Felony offense that,in a reasonable person's mind would create a security risk
for the HMIS system.
Agencies that have employees with background offenses can obtain permission for them to
use HMIS as a 'read-only' system. Agencies may also request a compliance variance on a
case by case basis for any employee whose felony conviction is more than 10 years old.
For the purposes of this provision, no felony record with a disposition where the record has
been sealed or expunged or where there was any other disposition where adjudication of
guilt was withheld shall be considered to violate the above requirements. Agency must
maintain a current background check on file at the agency.
Signed,
Aufhonzed Agency Signature Print Name Hate Approved:
HMIS Representative Signature Print Name Date
Approved as to form and legality
c.■()) S2
Assistant County At4ey
Revised 12/12/2013 Page 6
Packet Page-1054-
1/14/2014 16.D.5.
r t m
t N
3 .
o
1
a, i." '".
Z
❑ o
o
y
11 i A"
w i ill g
1 , e
ri i s i
1 ti
1
4' a
N a z
4.
_� s� Aga
v g 115..'%b vl: 1
//Q�p , . a _ 111 2 ..65 .
C ig. 2 6_ Z, a
c
o
a.
E
o 'a ,. �
t.) '�
dz°Q
c
Packet Page -1055-
1/14/2014 16.D.5.
,.µms
0
s 3
N
•
•
W • 0 _
o.
— tr.-
c
Packet Page-1056-
1/14/2014 16.D.5.
a o a
3
I t i1 j
� �
I
e
E
rz
. Zz° 8
• 3
2 13 o
o °
°
1g
z Ago Iogait CI
5
P S ltgiti2 g
4� JHuh 2
I
t
ti •e
li s
VII .61 ,,' . - ,
311 "1
i i Fl
I r
glip. � o it: 1 �z
..
ai , . .....
a z ac z
i
0
Packet Page-1057-
1/14/2014 16.D.5.
i . 1 _
•
•-•„„
d
i 1 5 , .
a
G
. i ffi 1.
1
t
U-
- 7\
Packet Page-1058-
1/14/2014 16.D.5.
•
il 171 m
c
I
go o E V "
m — O o c
c. $ = � Q 2 V 4:
Li• tftil-0- 4,..,- 2 g.!sf Si CiP) en . u, a
� ' T € c E co
3 .- f ›.. -Wig >- a
•
X c a) W C =I
cu :° gb' go $
011111101 ' `°
�• acs
O eil $- c m Q2 �
kilo
m
«s c i
ia ca , >- S 'ca
. 0 E a) sal a) f, E A
- ti) E ›.. =Ego 0E
as ts= •
0 10. g t-, ,(6) -5- .G Øfl$
Z CD
M
RI-. $
>11 >.■ CD 0.-
U a a$ 0 le g =
o� �, a) 8
43 , Ca. 8V -
> 2 a . b. 8 § •- •
I. 8 w a
i2 0 c
•
(--,---1
:•, ,
._ ,
__•
Packet Page -1059-
1/14/2014 16.D.5.
afhc Charities
fot!#er County
MOVY14oM
Privacy Notice - HMIS
i. This notice describes the privacy policy and practices of Catholic Charities of Collier County,specifically in regard to the
Homeless Management information Network program.
2. The policy and practices in this notice cover the processing of protected personal Information for clients participating in the
Homeless Management information Network for Collier County.
3. Protected Personal information(PPI)is any information we maintain about a client that:
a. allows identification of an individual directly or indirectly •
b. can be manipulated by a reasonably foreseeable method to identy a specific Individual,or
c. can be linked with other available information to Identify a specific client When this notice refers to personal
information,It means PPi.
4. We adopted this policy because of standards for Homeless Management Information Systems issued by the Department of
Housing and Urban Development. We intend our policy and practices to be consistent with those standards. See 69
Federal Register 45888(July 30,2004).
5. This notice tells our clients,our staff,and others how we process personal information. We follow the policy and practices
described In this notice.
6. We may amend this notice and change our policy or practices at any lime. Amendments may affect personal information
that we obtained before the effective date of the amendment
7. We give a written copy of this privacy notice to any individual who asks.
•
8. We maintain a copy of this policy on our website at www. •
•
1. We collect personal Information only when appropriate to provide services or for another spedfic purpose of our
organization or when required by law. We may collect Information for these purposes:
a. to provide or coordinate services to clients
b. to locate other programs that may be able to assist clients
c. for functions related to payment or reimbursement from others for services that we provide
d. to operate our organization,including administrative functions such as legal,audits,personnel,oversight,and
management functions
e. to comply with government reporting obligations
f. when required by law
2. We only use lawful and fair means to collect personal information.
3. We normally collect personal information with the knowledge or consent of our clients. If you seek our assistance and
provide us with personal information,we assume that you consent to the collection of information as described In this notice
4. We may also get information about you from:
a. Individuals who are with you
b. Other private organizations that provide services(Idendy)
c. Government agencies(identify)
d. Telephone directories and other published sources
5. We post a sign at our intake desk or other location explaining the reasons we ask for personal information. The sign says:
We collect persona/information only when appropriate. We may use or disclose your information to provide
you with services. We may also use or disclose it to comply with legal and other obligations. We assume that
Packet Page-1060-
1/14/2014 16.D.5.
you agree to allow us to collect information and b use ordisdose It as described in this notice. You can Inspect
personal information about you that we maintain. You can also ask us to correct inaccurate or Incomplete
information. You can ask us about our privacy policy or practices. We respond to questions and complaints.
Read the full notice for more details. Anyone can have a copy of the full notice upon request'
I. We use or disclose personal information for activities described In this part of the notice. We mayor may not make any of
these uses or disclosures with your Information. We assume that you consent to the use or disclosure of your personal
Information for the purposes described here and for other uses and disclosures that we determine to be compatible with
these uses or disclosures:
a. to provide or coordinate services to individuals We share client records with other organizations that may have
separate privacy policies and that may allow different uses and disclosures of the information.
b. for functions related to payment or reimbursement for services
c. to carry out administrative functions such as legal,audits,personnel,oversight,and management functions
d. to create de-Identified(anonymous)Information that can be used for research and statistical purposes without
identifying clients
e. when required by law to the extent that use or disclosure complies with and is limited to the requirements of the law
f. to avert a serious threat to health or safety if
(1) we believe that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the
health or safety of an individual or the public,and
(2) the use or disclosure Is made to a person reasonably able to prevent or lessen the threat,including the target of
the threat
g. to report about an individual we reasonably believe to be a victim of abuse,neglect or domestic violence to a
governmental authority(including a social service or protective services agency)authorized by law to receive reports
of abuse,neglect or domestic violence
(1)under any of these circumstances:
(a) where the disclosure is required bylaw and the disclosure compiles with and Is limited to the requirements
of the law
(b) If the individual agrees to the disclosure,or
(c) to the extent that the disclosure is expressly authorized by statute or regulation,and
(I) we believe the disclosure is necessary to prevent serious harm to the individual or other potential
victims,or
(II) if the Individual is unable to agree because of incapacity,a taw enforcement or other public official
authorized to receive the report represents that the PPI fur which disclosure Is sought Is not intended
to be used against the individual and that an immediate enforcement activity that depends upon the
disclosure would be materially and adversely affected by waiting until the individual is able to agree to
the disclosure.
and
(2) when we make a permitted disclosure about a victim of abuse,neglect or domestic violence,we will promptly
inform the Individual who is the victim that a disclosure has been or will be made,except it
(a) we,in the exercise of professional judgment,believe informing the individual would place the individual at
risk of serious harm,or
(b) we would be informing a personal representative(such as a family member or friend),and we reasonably
believe the personal representative is responsible for the abuse,neglect or other injury,and that informing
the personal representative would not be in the best interests of the individual as we determine In the
exercise of professional judgment.
h. for academic research purposes
(1) conducted by an individual or institution that has a formal relationship with the CHO If the research Is conducted
either:
(a) by an individual employed by or affiliated with the organization for use in a research project conducted under
a written research agreement approved in writing by a designated CHO program administrator(other than
the individual conducting the research),or
(b) by an institution for use in a research project conducted under a written research agreement approved in
wilting by a designated CHO program administrator.
Packet Page-1061-
1/14/2014 16.D.5.
and
(2)any written research agreement:
(a) must establish rules and limitations for the processing and security of PPI in the course of the research
(b) must provide for the return or proper disposal of all PPI at the conclusion of the research •
(c) must restrict additional use or disclosure of PPI,except where required by law
(d) must require that the recipient of data formally agree to comply with all terms and conditions of the
agreement,and"
(e) is not a substitute for approval(if appropriate)of a research project by an Institutional Review Board,Privacy
Board or other applicable human subjects protection institution.
L to a law enforcement official for a law enforcement purpose(if consistent with applicable law and standards of ethical
conduct)under any of these circumstances:
(1) in response to a lawful court order,court-ordered warrant,subpoena or summons issued by a judicial officer,or a
grand jury subpoena
(2) if the law enforcement official makes a written request for PP!that
(a) Is signed by a supervisory official of the law enforcement agency seeking the PPi
(b) states that the information is relevant and material to a legitimate law enforcement investigation
(c) Identifies the PPI sought
(d) is specific and Punned In scope to the extent reasonably practicable in fight of the purpose for which the
information is sought and
(e) states that de-Identified information could not be used to accomplish the purpose of the disclosure.
(3) if we believe in good faith that the PPI constitutes evidence of criminal conduct that occurred on our premises
(4) in response to an oral request for the purpose of identifying or locating a suspect,fugitive,material witness
or missing person and the PPI disclosed consists only of name,address,date of birth,place of birth,Social
Security Number,and distinguishing physical characteristics,or
(5) if
(a) the official is an authorized federal official seeldng PPI for the provision of protective services to the
President or other persons authorized by 18 U.S.C.3056,or to foreign heads of state or other persons
authorized by 22 U.S.C.2709(a)(3),or for the conduct of Investigations authorized by 18 U.S.C.871 and 879
(threats against the President and others),and
(b) the information requested is specific and limited in scope to the extent reasonably practicable in light of the
purpose for which the information is sought
and
. j. to comply with government reporting obligations for homeless management information systems and for oversight
of compliance with homeless management information system requirements.
2. Before we make any use or disclosure of your personal information that is not described here,we seek your consent first.
1. You may inspect and have a copy of your personal information that we maintain. We will offer to explain any Information
that you may not understand.
2. We will consider a request from you for correction of inaccurate or incomplete personal information that we maintain about
you. If we agree that the information is inaccurate or incomplete,we may delete k or we may choose to mark it as
inaccurate or incomplete and to supplement it with additional Information.
• 3. To Inspect,get a copy of,or ask for correction of your information,ask any staff member for access.
4. We may deny your request for inspection or copying of personal information if:
a. the information was complied In reasonable anticipation of litigation or comparable proceedings
b. the information is about another individual(other than a health care provider or homeless provider)
Packet Page -1062-
1/14/2014 16.D.5.
c. the information was obtained under a promise or confidentiality(other than a promise from a health care provider or
homeless provider)and if the disclosure would reveal the source of the Information,or
d. disclosure of the information would be reasonably likely to endanger the life or physical safety of any indhridual.
5. If we deny a request for access or correction,we will explain the reason for the denial. We will also include,as part of the
persona!information that we maintain,documentation of the request and the reason for the denial
6. We may reject repeated or harassing requests for access or correciion.
1. We collect only personal information that is relevant to the purposes for which we plan to use It To the extent necessary for
those purposes,we seek to maintain only personal information that is accurate,complete,and timely.
2. We are developing and implementing a plan to dispose of personal information not in current use seven years after the
Information was created or last changed. As an alternative to disposal,we may choose to remove identifiers from the
information.
3. We may keep information for a longer period if required to do so by statute,regulation,contract,or other requirement.
•
We accept and consider questions or complaints about our privacy and security policies and practices. Complaints must be
submitted in writing to this Agency and to:
HMiS Administrator
The Administrator will attempt to resolve your complaint. Should further review be required your complaint will be escalated to
the HMIS Steering Committee to determine a voluntary resolution of the complaint.Resolution of the complaint will be provided
—in-wn sg-bo-tfie-agencl rand-the-individual-flung-ihe-comP1aint-This-Agency-arrd-Catholic Charities as the HMIS lead are
prohibited from retaliating against you for filing a complaint.
1. All members of our staff(including employees,volunteers,affiliates,contractors and associates)are required to comply with
this privacy notice. Each staff member must receive and acknowiedge receipt of a copy of this privacy notice. •
1. Version 1.0. June 1,2013. Initial Policy
•
•
Packet Page -1063-
1/14/2014 16.D.5.
Catholic Charities
of Coi IerCounty COLLIER COUNTY HMIS PROJECT
REPORT REQUEST FORM
Organization Name:
Contact Information:
Name:
Phone Number:
E-mail Address:
General Information:
Report Name:
Purpose of the Report:
Program(s)included in the report:
Time Period: From (MM/DD/YY)to (MM/DD/YY)
One time only
Monthly
Quarterly
Bi-annual
Annual
Requested Completion Date:
(Specify the date on which the report is needed)
Report Content:
State in detail what you want in your report. (Write Below or Attach)
Signature Date
Agency Administrator Signature
Send request to the following address:HMIS@Outlook.com &Armando @a,,CatholicCharitiesCC.org
411
Packet Page -1064-