Privacy Policy Regarding Confidentiality and Protection of Personal Information
Matthew House collects personal and sensitive information on clients, volunteers, staff, and board members. We are especially diligent about the confidentiality of this information and have policies in place which ensure that the data collected is used only for the business purposes intended and that it is not shared with any parties that are related to the transactions being made.
Matthew House complies with the Federal Privacy Information Protection and Electronic Documents Act (PIPEDA), which applies to the standards for personal information with respect to commercial activity. We also comply with the Social Housing Reform Act regulations that set the standards for the collection, use, disclosure and safeguarding of privacy of personal information and the individual right of access of their own information as it applies to rent-geared-to-income tenants.
This policy meets the requirements of the Social Housing Reform Act and the Privacy Information Protection and Electronic Documents Act.
For the purpose of this policy, “personal information” includes:
The personal address, telephone number, or email address of the individual.
Any identifying number assigned to an individual which can lead to their identification (e.g. Social Insurance Number)
Information about an individual’s income and assets
Bank account and credit card information
Information about rent payment history
Information regarding medical, criminal, or employment history
Information regarding race, national or ethnic origin, citizenship status, religion, age, sexual orientation, marital or family status of the individual
An individual’s blood type or fingerprints
Employment information including resumes, salary and benefits, disciplinary action, bank information, tenant complaints about the individual, and problems between staff.
Any information collected from client or staff intended for internal or business use that contains confidential or private information.
Collection of Information
Personal information will be collected only for the following purposes:
To approve tenancy and determine appropriate unit type and size
To determine income and assets for rent calculation
To demonstrate compliance with funding requirements
To protect the health and safety of the tenant
To evaluate service levels required for special housing needs
To assess client needs
To conduct reference and employment checks
To retain relevant information on employees for government reporting purposes.
Protection of Information
All staff and board members are required to sign a confidentiality agreement binding them to keep all information confidential.
Applicant, tenant, client, and employee files (including information on databases) will be secured against access by unauthorized persons.
Applicant/tenant information and employee information must be stored in a locked filing cabinet. Secure storage facilities must be provided for archived applicant/tenant/employees and accounting information.
Release of Information
No personal information will be released to third parties without the written consent of the individual (for example: credit references, tenant or personal reference). When responding to inquiries for references, staff should limit information provided to the questioner and only confirm the information already provided by the person who is making the inquiry. Staff will also take reasonable care to confirm the identity of the people to whom the information is released and that they are seeking access legitimately.
Access to and Correction of Personal Information
The Privacy Officer will respond to all requests for access to or correction of personal information. An individual who provides satisfactory identification will be informed of the existence, use and disclosure of his or her personal information and will be given access to that information. The privacy of others’ personal information must be protected when giving an individual access to his or her personal information. If the Privacy Officer believes that releasing personal information would prejudice the mental or physical health or security of any person, he or she will not release the information.
Procedure for Corrections or Handling Complaints
The Privacy Officer will respond to all requests for access to or correction of personal information or complaints regarding breeches of the privacy policy. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate. If the Privacy Officer is not in agreement with the individual’s request for correction, a counter-statement will be filed with the original information. The Privacy Officer will respond to all complaints about collection, use, disclosure, storage and disposal of personal information within 30 days of the request being made in writing and submitted to the Privacy Officer. The Privacy Officer’s determination will be submitted within 30 days.
Breach of Confidentiality
It is a breach of confidentiality to:
Discuss any confidential information within or outside the organization where it may be heard by individuals who are not authorized to have access to that information
The provision of confidential information or records to unauthorized individuals
Leave confidential information in written form or displayed on a computer terminal in a location where it may be viewed by unauthorized individuals.
A breach of confidentiality may be grounds for staff to be disciplined or terminated. A breach of his or his confidentiality obligation may be grounds for a board member to be removed as a director of the organization.
Matthew House is committed to privacy for our donors and the people we serve. We store all information securely, and we do not sell or share any identifying information about our supporters.
The HMIS Privacy Policy governs our use of participant data. To protect our participants’ privacy, we do not share any of their information without their written consent.
This Policy Lasted Updated on April 26, 2021.