ANNUAL HMIS SECURITY TRAINING The Institute for Community Alliances.

Slides:



Advertisements
Similar presentations
Professional Development Management System (PDMS) A tutorial for professional development cluster Vendors, Providers and Instructors Charlie Michels PSB.
Advertisements

Meet Grace! Grace is our newest team member! She is here to make it easier to keep track of all your HR related documents digitally. Grace will always.
Choose and Book Archive New functionality from November 2012.
CREATED BY: HMIS Security Awareness Approved 1/10/2012 Revised 1/29/2013 Revised 3/15/2013.
Service Point 5 ReportWriter How to create and run reports in ReportWriter.
Members Only & Login Modules Members Only works with the Login module to provide password protection to Web pages and files. Login Groups may be created.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Supportive Services for Veteran Families (SSVF) Data Bigger Picture Updated 5/22/14.
HMIS Fundamentals HMIS Data Standards for VA Community Contract Programs.
Supportive Services for Veteran Families (SSVF) Data
Supportive Services for Veteran Families (SSVF) Data HMIS Beyond Data Collection Updated 9/14.
DEED WorkForce Center Reception and Resource Area Certification Program Module 2 Unit 1b: WorkForce Center System II Learning Objectives III.
Software Development Unit 2 Databases What is a database? A collection of data organised in a manner that allows access, retrieval and use of that data.
ShelterPoint™ Data-Entry Workflows. ShelterPoint v5.2.3.
ShelterPoint™ Data-Entry Workflows.
CSP Annual Security Training Miranda Gregory, CSP Analyst Carroll County Department of Citizen Services.
E-filing and e-service before the Hawai`i Supreme Court and the ICA John-Anderson L. Meyer.
SMART Agency Tipsheet Staff List This document focuses on setting up and maintaining program staff. Total Pages: 14 Staff Profile Staff Address Staff Assignment.
HIPAA PRIVACY AND SECURITY AWARENESS.
Electronic Banking Risk Assessment - Product Training
Hands-On Microsoft Windows Server 2008
HMIS Homeless Management Information System Part 1: Privacy & Ethics.
1.1 System Performance Security Module 1 Version 5.
Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.
Best Practices for Protecting Data. Section Overview Mobile Computing Devices Technical Procedures Data Access and Permissions Verbal Communication Paper.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
IIS Home Screen (Teacher) Copyright © 2011 Pearson Education, Inc. or its affiliates. All rights reserved.1.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
Supportive Services for Veteran Families (SSVF) Data HMIS Lead and Vendor Training Updated 9/14.
ClientPoint Data Entry Workflow for Outreach ServicePoint 5 1.
The right item, right place, right time. DLA Privacy Act Code of Fair Information Principles.
This tip sheet focuses on how to make client referrals and activate vouchers using SMART. Total Pages: 7 Client Consent and Referral Consent Referral Authorizations.
SAM 2003 The Student Experience. Initial Setup 1.Ensure you are connected to the Internet. 2.Launch IE (v. 5.0 or later). 3.Enter
Fred Berry (330) (330) Fax.
Registration Solutions for your Event Management.
1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.
Copyright © 2006, Infinite Campus, Inc. All rights reserved. User Security Administration.
Measuring the Power of Learning.™ California Assessment of Student Performance and Progress (CAASPP) TOMS Test Administration TOMS Test Administration.
The world leader in serving science Overview of Thermo 21 CFR Part 11 tools Overview of software used by multiple business units within the Spectroscopy.
Copyright © 2015 by Saunders, an imprint of Elsevier Inc. All rights reserved. Chapter 3 Privacy, Confidentiality, and Security.
Annual Performance Report ( APR ) Data Entry Workflow.
Page 1 of 42 To the ETS – Create Client Account & Maintenance Online Training Course Individual accounts (called a Client Account) are subsets of the Site.
Data Coordinators Conference – 2014 Laura Marroquin CASEWORKER/JCMS Specialist Everything New Data Coordinators Should Know.
Emergency Shelter and Housing Assistance Program Data Requirements 12/3/2015.
SMART Tip Sheets Maryland February 2008 IGSR Technical Support: Client Referral Consent Referral Accepting Referrals This tip sheet focuses.
Government Agency’s Name April  At the end of this course, the learner will be able to: ◦ Define personally identifiable information ◦ List examples.
Collaborate. Coordinate. Evaluate. Connecting Communities > Demonstrating Outcomes ™ / I&R Housing Youth & Family Services Older Adult Services ShelterPoint™
Complete Ordering System for Promotional Literature and Samples Quick Reference and Training Guide.
HMIS (HOMELESS MANAGEMENT INFORMATION SYSTEM) SECURITY AWARENESS TRAINING Revised: 05/11/2016 Created By :
How to CORRECTLY Complete a TEASE Access Request Form.
2014 HMIS Data Standards Overview HMIS Data Standards Background – Key resources – Implementation Timeline – Revision Process Overview of Key.
This tip sheet focuses on how to share client records and make client referrals using SMART. Total Pages: 6 Client Consent and Referral Consent Referral.
POLICIES & PROCEDURES FOR HANDLING CONFIDENTIAL INFORMATION NOVEMBER 5 TH 2015.
PIT/HIC Data Entry and Reporting
HMIS Privacy and Security
Standard Operating Procedure
Welcome! To the ETS – Create Client Account & Maintenance
Obligations of Educational Agencies: Parents’ Bill of Rights
Managing the IT Function
HIDTA’s Overdose Detection Mapping Application Program
The Smarter Balanced Assessment Consortium
The Smarter Balanced Assessment Consortium
Online Testing System Assessment Viewing Application (AVA)
HIPAA SECURITY RULE Copyright © 2008, 2006, 2004 by Saunders an imprint of Elsevier Inc. All rights reserved.
Confidentiality, Privacy & Security Annual Training
The Smarter Balanced Assessment Consortium
The Smarter Balanced Assessment Consortium
Mobile Registration App Training Guide for OPO Staffers
Protecting Student Data
Presentation transcript:

ANNUAL HMIS SECURITY TRAINING The Institute for Community Alliances

TRAINING OVERVIEW 1. Training Purpose 2. User Responsibilities 3. Security and Privacy Essentials 4. WISP System Security Features 5. WISP Policies 6. Data Visibility Explained

TRAINING PURPOSE 1. All users are required to attend annual security training to retain their WISP license (Page 7 of HMIS Policies and Procedures Manual updated 5/15/2014.) 2. Training is based on privacy and security standards set forth in the HUD Data Standards and by the Wisconsin HMIS Advisory Board. 3. Forthcoming changes from HUD will be incorporated in the near future. Resources: WI Policies: data-and- reports/pit/doc_download/559-hmis- policy-and-procedure-may-2014http:// data-and- reports/pit/doc_download/559-hmis- policy-and-procedure-may-2014 HUD HMIS Data Standards/Data Dictionary: uments/HMIS-Data-Dictionary.pdfhttps:// uments/HMIS-Data-Dictionary.pdf

USER RESPONSIBILITIES  Take appropriate measures to prevent unauthorized data disclosure.  Report any security violations.  Comply with relevant policies and procedures.  Input required data fields in a current and timely manner.  Ensure a minimum standard of data quality by accurately answering all the HUD Universal Data Elements for every person entered into HMIS.  Inform clients about the agency’s use of HMIS.  Take responsibility for any actions undertaken with one’s username and password.  Complete required training.  Read the WISP News newsletter.

SECURITY AND PRIVACY ESSENTIALS  NEVER share your username and password with anyone.  NEVER share your password with HMIS System Administrators.  NEVER rely on Post-It Note security.  Do not set your internet browser to save your WISP password.  Do not access WISP client data on a public computer (i.e. library.)  Do not access WISP client data in a public setting (i.e. coffee shops.)  Do not access WISP client data over unsecured public wi fi (i.e. free city wi fi.)  Do not access WISP on computers that do not have locking screens.

WISP SYSTEM SECURITY FEATURES  User passwords are a minimum of 8 characters long, with a minimum of 2 numbers.  Strong passwords are important:  Passwords expire every 45 days.  Passwords can be alternated, meaning only two distinct passwords are necessary.  WISP System Admins do NOT know your passwords.  WISP is equipped with an audit trail tool that tracks all successful and unsuccessful log-in attempts, including user, IP Address, date and time, and client data access (adds, deletes, views.)  WISP is encrypted and secure:

WISP POLICIES WISP Privacy and Security standards are set forth in Section 3 (pages 16-21) of Wisconsin Statewide HMIS Policies and Procedures Manual. Key Items (Not an Inclusive List:)  Client level data/personally identifiable information (PII) should be extracted from HMIS only in very limited and specific cases (3.1).  Hard copies of client data should be extremely rare and destroyed immediately after it has been used. Hard copies must never be left unattended or unsecured (3.1).  Electronic copies must be stored securely and accessible only via password protected means (3.1).  ICA does not generate ART reports with client names or SSNs and will not do so in the future (3.1, 3.2).

WISP POLICIES, CONTINUED  Only de-identified aggregate data will be released by ICA, with limited exceptions (3.2).  Grantors and funders are not granted automatic access to WISP. Access by funders is only allowed when agreed upon in writing by both parties and must be a voluntary agreement. That is, funding must not be contingent upon access to client level WISP data (3.3).  All persons subject to data collection in WISP must be able to access the Baseline Privacy Policy upon request (3.4).  All persons subject to data collection in WISP have the right to inspect their data in the system for accuracy and request changes where evidence is provided that data are inaccurate or incomplete (3.4).  WISP users found in violation of any security protocols will be sanctioned after a review of the violation (3.7).

WISP DATA VISIBILITY EXPLAINED Access to client level data and information is determined by the structure of two primary system elements:  User Access Level  Provider Setup

WISP DATA VISIBILITY EXPLAINED - USERS Your user access level will have an impact on what elements of the system you can see.

WISP DATA VISIBILITY EXPLAINED - PROVIDER

WISP DATA VISIBILITY EXPLAINED – PROVIDER

WISP DATA VISIBILITY RULES 1.The user can always see the data the parent provider has entered (i.e. a Level 3 provider can see data entered at the Level 2 provider.) 2.The user can always see their own provider’s data (including data entered while using Enter Data As function.) 3.An agency administrator can always see the provider data entered. 4.System Admin IIs (ICA staff) can see every provider’s data, even closed data. 5.Data visibility changes are not retroactive. 6.If the item has a lock icon attached, it has its own distinct security settings that can be set and adjusted. 7.Each data element has its own security setting, determined by its assessment security:

WISP DATA VISIBILITY – THE LOCKS 1. Open Information is available/visible to all providers. Known also as “Global” sharing. 2. Open with Exceptions Information is available/visible to all, EXCEPT those listed in the Deny Groups section of Provider Admin. 3. Closed with Exceptions Information is not available/visible to anyone, EXCEPT those listed in the Visibility Groups section of Provider Admin. 4. Closed Information is not available to anyone outside that specific provider.

WISP DATA VISIBILITY – CHANGING THE LOCKS  Client data visibility can be changed on a client by client basis.  Changes can be made from the default to another desired setting.  Changes made at a client level do NOT alter or change the Provider visibility setting defaults.

WISP DATA VISIBILITY – GREEN OR RED? Common* Green Lock/Open Items  Profile  Household  Demographics  Universal Data Elements  Shelter Stays  Services  Referrals  Program Entry/Exit** Common* Red Lock/Closed Items  Case Notes  File attachments  Case Plans/Goals  Program/Agency Specific Data Elements *Denotes the typical settings, will vary by agency and program type

QUESTIONS? General Help Desk: Northeast Region Coordinator: Northwest Region Coordinator: Southern Region Coordinator: Milwaukee CoC: Racine CoC:

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.