Related Tools

Safeguarding personal information

Last edited: September 14, 2012

This content is available in


General considerations

  • Information gathered during the intake process and the provision of services is sensitive as it contains details about a women's personal history and needs.
  • Depending on the nature of services provided at the shelter, various forms of records may need to be stored safely to ensure a woman’s confidentiality and security.
  • Programmes can prevent unauthorized disclosure of this information by:
    • Only disclosing information (including intake and service provision records) the woman has consented to have released.
    • Sharing information only with organization staff who have a need to know (e.g. not to Board members, volunteers, administrative personnel). Access to individual files should be strictly limited to persons working directly with the woman in the shelter to ensure rights to privacy and confidentiality are respected. Sharing information from paper files or computer databases must adhere to privacy and freedom of information legislation in the shelter’s jurisdiction.
    • Maintaining confidentiality of information indefinitely, including after the client has left the programme.

Physical security of women's personal records at the shelter

Whether using paper or electronic records, it is important to take steps to prevent unauthorized access, duplication or theft by:

  • Consider using unique identifiers (codes numbers or letters) rather than the individual's name.
  • Keeping paper files locked in fireproof cabinets (where available) and limiting access to them.
  • Activating a security system (with personal or electronic monitoring), especially if the facility is at high-risk for theft.
  • Managing the storage, availability and use of electronic files and recordings to prevent unauthorized access (as described in the section Using information technology to store and transmit personal information).
  • Keeping all records (paper and electronic) on the premises and/or establishing protocols and advising staff regarding safety of records that need to be taken offsite, which are at greater risk for unauthorized access. Protocols to protect records removed from the premises should advise staff to:
    • Avoid travelling with women's personal information unless absolutely necessary (e.g. outreach workers travelling to provide services to women in the community).
    • Take the least amount of information needed offsite.
    • When large volumes of information need to be moved, use a courier or other secure source.
    • Take copies and leave all originals on the premises.
    • Carry all documents and electronic sources of women's personal information (i.e. paper files, laptops, notebooks, smart phones), or lock them in a secure location at all times.
    • Store women's records in a car only if absolutely necessary. In such cases, the car should be parked in a secure location with information locked in the trunk and where possible, with an alarm installed in the car.

Working from an alternate location or home

  • Where possible, the following measures should be taken when staff work from home or another location away from the shelter:
    • Install an effective internet security system on any computers used to access women's personal information.
    • Install a separate phone line and password-controlled voicemail box for use off-site.
    • Use a secure wireless internet connection when telecommuting or working off premises.
    • Avoid storing women's personal information on the hard drive of home computers.
    • Do not access women's personal information on computers shared with anyone else (e.g. family members, friends).
  • To prevent unauthorized access to information when working in public spaces, staff should avoid:
    • Viewing or discussing women's personal information in public (e.g. on public transportation, in restaurants, on the street, including on mobile phones since conversations can easily be overheard and intercepted).
    • Sending women's personal information by email or fax from public locations, including internet cafes.

Using information technology to store and transmit personal information

  • Limit access to computer systems or networks containing personal records of women.
  • Set computers and laptops to automatically logoff within a short period of idleness and logoff manually when not using them.
  • Use a password to restrict access to all laptops, computers and other electronic/digital devices used both on and offsite.
  • Return documents and digital records to their original storage place upon returning to the office.
  • Notify the supervisor immediately if any personal information is lost or stolen.
  • Protect personal information that is stored on a computerized database:
    • Client names, if they exist in unprotected computer files, must be replaced with unique identifiers in the form of a code to ensure data remains non-identifiable.
    • Use encryption, such as password-protected documents or files, to prevent protect women's personal information.
    • Use a separate password to restrict access to women's personal information kept on electronic storage devices (i.e. USB devices, disks, etc.) both on and offsite.
    • Install anti-virus and firewall protection on all computers.
    • Use software designed to provide differential access to staff, based on their responsibility and relative need for access to women's personal information.
    • Implement a policy on the use of laptops and storage of personal information on them.
    • Install a system that automatically backs up computerized records.
    • Maintain backup copies of computerized records and other files (i.e. discs, audio recordings) in a secure and confidential location offsite.
    • Develop a disaster recovery strategy for personal information which is lost or damaged (i.e. by flood, fire, etc.).
    • Implement strategies for safe storage of information on computers:
      • If there is a computer network, store women's personal information on the main server, rather on individual workstations to prevent unauthorized access to personal information if the computer is stolen;
      • Locate servers in a secure area, such as behind locked doors;
      • Use databases that accommodate the creation of audit trails to facilitate monitoring of file updates; and
      • Adapt software to meet local privacy laws and programme protocols as needed (e.g. change software prompts so that personal information that is not needed is not collected).
  • Although it is preferred to avoid sending sensitive personal information (e.g. history of physical and mental, violence) by email or fax, which can easily be sent to the wrong person, take steps to secure the information if fax or email must be used:
    • confirm the intended recipient;
    • confirm that the intended recipient will be waiting to receive the information;
    • confirm the fax number or email address; and
    • ask the intended recipient to confirm receipt of the fax/email.
  • Respond to concerns quickly and fairly if a complaint is made regarding how information has been handled. To assist with this, consider having a staff member designated to be responsible for developing and implementing policy and processes for protection of privacy that assists staff and management if a complaint is made to respond in a manner that is informed by respect for women's rights related to privacy and legal requirements of the organization (Office of the Information and Privacy Commissioner for British Columbia, 2005, cited in Ruebsaat, 2006).

Confidentiality and related issues

  • Women seeking shelter and related services have a right to privacy and confidentiality of the information shared with service providers. They may choose to give permission for their information to be shared or keep this information limited to the individual staff member or person in which the information was originally shared.
  • Accommodation and other services should not be contingent on women providing permission for information to be shared, in line with guiding principals of service delivery and practices related to consent.
  • Shelters should develop specific policies for protecting the information provided by women using their services. These policies should secure individual privacy, while empowering women to have control over what information is shared, who may access their information and how it can be used by the shelter that determine the limitations of confidentiality.
  • Responding appropriately to women's needs might involve maintaining confidentiality of some personal information (e.g. related to health history or status), while supporting them to share other information (e.g. related to child custody or housing requests).
  • There may be additional legal requirements regarding privacy of information, for example, in regards to court mandates or mandatory reporting in cases of child abuse or neglect, which need to be considered carefully when designing policies and protocols related to confidentiality.
  • Some considerations in developing confidentiality protocols include:
    • Confidentiality of women's personal information in group-based services is more difficult to maintain when services are provided collectively. Such services should:
      • Ask women participating in the group to provide verbal or written agreement to maintain confidentiality of personal information shared by individual participants.
      • In the process of accessing consent to receive services, inform group participants of the steps taken to maintain the privacy of their information while in groups, but that there is no guarantee that confidentiality will be maintained by group members; and
      • Document any notes specific to individuals participating in the group separately so that access to information regarding the group does not facilitate access to personal information of individuals.
    • Organizing information recorded for different purposes. Information collected will vary depending on the services provided. Confidentiality and efficiency of information can be maintained by separating information in files according to the information’s purpose. For example, when engaging in external collaboration and coordinated service delivery (health, including mental health, addiction services, housing services, financial assistance, etc.), it might be useful to keep justice-related information separate from counseling information to ensure that records provided to external sources do not include information that external sources do not need to know.
    • Court orders, search warrants and subpoenas
      • Legal warrants authorize a named person (generally the police) to enter a specified place (i.e. shelter) in order to search or seize property expected to provide evidence related to a crime. In case a shelter receives a warrant:
                      - Read the warrant and provide access only to the information or property specified

 - In consultation with the woman, consider contacting a lawyer at the earliest opportunity   to discuss the implications of the warrant and determine whether it is in the woman's interest to attempt to have the warrant set aside or voided.

      • A subpoena of records may be made through a court order requiring that a file is produced to the court. Subpoenas may be ordered for various purposes including criminal prosecution of a sexual or non-sexual offence (e.g. spousal assault). A subpoena does not mean that information contained in the record will necessarily be admissible as evidence in court. If a subpoena of records is received for the file of a woman accessing services:

- Inform the woman of the subpoena and steps that will be taken in response.

- Advise and support the woman to access legal advice.

- Consider accessing legal advice for the organization in order to understand and pursue all possible measures to maintain the woman's confidentiality.

- Consider informing the woman’s legal counsel or the legal counsel representing the state of the subpoena, particularly if the woman does not have a lawyer, to ensure that correct legal procedures are used that maximize protection of her confidentiality and interests.

      • It is important to be familiar with the legal requirements in each community. For example, in some countries, sections of the Criminal Code provide that:

-        The accused must establish the relevance of documents requested.

-        The judge must consider the potential effects of producing the records (positive and negative).

-        The accused must serve a Notice of Motion to Subpoena a record prior to serving the subpoena.

-        Such requirements may provide the woman and her lawyer with opportunity to argue for modified, limited or no access to the record.

      • Consider adopting a policy stating that records will not be released without a court order (or otherwise legally required to do so), and only provide a records if a court order (or other legal requirement) is provided.
      • In cases where the woman consents to the release of records or wishes them released for her purposes without a court order or other legal requirement, and organizational policy allows for release of records with the woman's consent:

-        Inform her that there may be legal implications to releasing the records.

-        Recommend that she obtain independent legal advice prior to consenting to release the record.

-        Have her provide written consent to release the record.

-        Document that each of these steps has been completed.

      • If a court orders the release of records as evidence, consider making an argument that:

-        Only part of the record should be released.

-        Only a limited number of copies should be made.

-        Identifying information of people named in the record should be deleted (Rubensaat, 2006; NNEDV; 2007).

Tools and Resources:

FAQ's on Survivor Confidentiality Releases (National Network to End Domestic Violence Safety Net Project, 2008). This resource responds to questions commonly asked about confidentiality provisions in the U.S. federal Violence Against Women Act and clarifies best practices for obtaining informed consent related to protecting or sharing a survivor's information. Included is information regarding NNEDV's template release-of-information form; how to address confidentiality in partnerships between agencies; considerations around age, consent and guardians; emergencies, hotlines and written consent; databases and confidentiality, etc. Available in English.

Data Security Checklist to Increase Victim Safety (National Network to End Domestic Violence, 2008). The checklist highlights steps that local domestic violence and rape crisis programmes and other community service providers can take to promote victimsurvivor safety and data security. It includes steps to consider: before undertaking data collection; when designing a data system; and during ongoing data system maintenance,audits and trainings. Available in English.

Survivor Confidentiality and Privacy: Releases and Waivers AtAGlance (Julie Field, Esq. in partnership with the Safety Net Project of NNEDV, 2008). This resource provides a quick review of good practices in maintaining privacy and confidentiality of survivors. Available in English.

Model Protocol on Confidentiality when Working with Battered Women (Washington State Coalition against Domestic Violence, 2007). This protocol is for shelter managers and staff, and provides a detailed overview of confidentiality considerations in regards to legal obligations, based on the context in the United States. The protocol includes recommendations and sample language for policies and procedures in managing confidentiality issues, as well as templates for informing staff and women using shelter services of the policy. Available in English.

The Sexual Assault Response Team (SART) Toolkit offers advice on setting up an inter-agency information sharing process. Available in English.

Multi-Agency Domestic Violence Information Sharing Protocol Guidance (GreaterLondon Domestic Violence Project, 2007). This guidance is designed to inform professionals working in multi-agency partnerships develop information-sharing protocols for the sharing of personal information in domestic violence cases. Available in English.

Safety and Justice: Sharing Personal Information in the Context of Domestic Violence – An Overview (Douglas, N., Lilley, S.J., Kooper, L. and Diamond, A., 2004), Development and Practice Report 30, London: Home Office. This short report provides guidance about key aspects of information sharing for agencies and practitioners responding to intimate partner violence, including: definitions of personal and sensitive information; when and how to obtain consent from survivors; key elements of an information sharing protocol; and a suggested process for drawing up a protocol with partner agencies. Although framed within the provisions of law in England and Wales, the guidance can be used as a basis and adapted to other contexts. Available in English.

Confidentiality & Information Sharing Systems for Domestic Violence Advocates Working with Child Protection and Juvenile Court Systems (Davies, J., undated), San Francisco: Family Violence Prevention Fund. Although particularly focused on information sharing with child protection and juvenile court systems in the context of intimate partner violence, this guide contains considerations and approaches that are applicable across forms of VAW and sectors. It includes a discussion of legal and advocacy approaches to information sharing and a framework for developing effective information sharing policy and practice. Available in English.

Advocacy Challenges in a CCR: Protecting Confidentiality While Promoting a Coordinated Response (Tibbets Murphy, S., 2011), Minneapolis: Battered Women’s Justice Project. This paper discusses challenges and offers guidance on confidentiality and information sharing for domestic violence advocates. Available in English.