Child welfare professionals face a daunting array of privacy, confidentiality, and security rules. Too often, the answer to the question, “May I share this vital information with a colleague who is also working with this family?” is a frustrated shrug and an exasperated, “Better not, just to be safe.” Conflicting guidance, misinterpretations, and uncertainty abound, and this is a significant barrier to achieving client-centric interoperability, fully informed decision-making, and evidence-based practices.
Agencies struggle to comply with the privacy provisions in CAPTA, HIPAA, FERPA, SAMHSA’s 42 C.F.R. part 2, and those laws’ state and local counterparts. Staff attends regular training sessions and signs numerous acknowledgements that their legal obligations are understood. But, have we gotten to the point where a normal human being with a complex and demanding “day job” can no longer reasonably be expected to comprehend (and, therefore, flawlessly abide by) the patchwork of data-access rules?
Technology can help. A new generation of applications, built with national standards, can manage a user’s credentials and access to multiple systems in an information-sharing environment, and can maintain, calculate, and enforce privacy policies. The task for child welfare’s subject-matter experts is to express applicable privacy policies in a format that a computer can consume. Let’s look at a hypothetical example to illustrate the Global Privacy Policy Technical Framework.
Imagine that a local school district wants to share periodic grade reports and any school disciplinary events with a student’s foster parents, caseworker, and CASA volunteer. However, FERPA is often considered a prohibition to sharing this kind of information. An interdisciplinary team works hard to tackle the problem and creates a detailed intergovernmental agreement that states the following data-access policy:
- The student’s caseworker will seek to secure the educational parent’s written, signed consent to the disclosure of academic and school-discipline data. If the caseworker is unable to secure such consent, then the matter will be brought before the family court judge, who will make a case-by-case determination and enter appropriate orders. Either a signed consent or a court order will be secured for every school-aged child within 60 days of out-of-home placement, and a copy will be provided to the school’s liaison.
- Within 30 days of the school liaison’s receipt of a signed consent or a court order, the school district will grant the following persons access to the student’s academic and school-discipline records:
- The student’s caseworker,
- The student’s foster parent(s), and
- The student’s CASA volunteer.
- The child welfare agency agrees to notify the school’s liaison within 30 days of any change in the child’s assigned caseworker, foster-care placement, or assigned CASA volunteer, so that the school district can update the access to the student’s records.
From this detailed privacy policy, the technologists tasked with implementing the information-sharing service extract these essential criteria:
Source Subject = School (the custodian of the data)
Target Subject = Caseworker, Foster Parent, or CASA Volunteer (the requestor of the data)
Target Object = Grade Report or Discipline Report (the data that are requested)
Action = View (the type of operation the requestor seeks to perform on the requested data)
Condition = Student Foster Care Flag
Condition = Consent or Court Order
Technical components of the information-sharing service are then configured to retrieve the data that are required to calculate whether a request will be granted or denied.
This technical framework has been tested against many, many privacy policies, and it has been shown to possess both the flexibility and the granularity to accommodate all of them. Thus, it is anticipated that any privacy policy applicable to child welfare can be expressed in a machine-enforceable format. The essential components to be identified for each information-sharing endeavor are these:
- Who is requesting the information?
- What information is being requested?
- Who is the information’s custodian?
- What operation will be performed on the information?
- What conditions must be satisfied?
The information-sharing service can also create an audit log of all requests and their outcomes, so that the appropriateness of “grant” and “deny” decisions can be tested periodically. An information-sharing service can also be configured to notify particular stakeholders of particular events – for example, an e-mail could be sent to a data custodian when a request for access is denied.
The National Resource Center for Child Welfare Data and Technology is committed to assisting state and local practitioners with the application of technical solutions that enable information sharing and ensure that children’s, parents’, and caregivers’ privacy rights are protected. Indeed, the NRCCWDT is developing an easy-to-use, web-based tool that can help guide your interdisciplinary team in its creation of a detailed, structured privacy policy – a policy that can be handed to technologists for implementation. Please contact nrccwdt@cwla.org for more information.
Download the PDF
