What are the legal considerations for deciding who should have access to what information?

Table of Contents
You are here:
  • KB Home
  • User Management
  • What are the legal considerations for deciding who should have access to what information?
< Back

LEGAL CONSIDERATIONS 

Decisions about user roles should be guided by the need to protect privacy while maximizing the opportunity to work with the data to understand outcomes across projects and over a geographic area. This will vary with each implementation but there are common themes. 

Simtech Solutions requires legal protections in order to host the data that is provided to us.  This is described in detail in our End User License Agreement that users agree to when signing on to HomelessData.  In addition, privacy and legal issues are covered in contracts that we have with the HMIS vendor, CoC, and/or Organizations that we work with.  These contracts stipulate the scope of data that can be included and require that the party providing the data has the right to provide it.  The data can come from any source, organization, or project as long as the appropriate legal channels (and data “chain of custody”) are followed, starting with the releases that are signed by people receiving services.  Data sharing agreements should also be in place between organizations if the data is to be made accessible to others.   

What data can be shared depends on the type of arrangement that is in place.  For example, a large organization may have projects in several CoCs.  In this situation, if Simtech’s contract is with the CoCs and not with the particular organization then only data pertaining to the projects that are part of the CoC(s) that contract with Simtech can be submitted to HomelessData.  If Simtech also has a direct contractual agreement with an organization, then the organization can use the platform for all of its projects in order to look at data, outcomes, and performance across the entire organization. If Simtech has a direct contract with an HMIS vendor then this typically provides permission to share data for their entire customer base. If a region only has a contract with that vendor, then only the data from that source can be loaded into the system. If however, Simtech also has a contract with a CoC, then that CoC can upload data from any HMIS data source.  

Each community is structured differently, and we will work with you to make sure we are mutually protected.  The following chart depicts some of the key views into the data that may be desired and how HomelessData would be set up to support these various roles: 

 

Level  Who  What  Role  Accountability 
Project  Project Manager   Reviews data to manage DQ and performance  Org Reporting: Can view data and run reports    Internal to organization 
Organization  Agency Admin  Can upload data; view data from all projects within the organization  Org Admin: Can view data and run reports; Upload data;  create users @ org level  Internal to organization & to CoCs 
CoC  HMIS Lead  Can upload data; view data from all projects that are part of the CoC (not all projects in an org.)   Regional Admin  HUD; legal agreements with vendor(s) 
Multi CoC Region   Regional Network  Can run and view reports across the region. Option to not include client info.  (New Role – depending)  Other stakeholders; policy 
Previous I am an Administrator for HomelessData.com. How do I create new users?
Next What are the various user roles available within HomelessData.com and what access does each role have?