Code for America
Help Organization with Org-Wide Privacy Policy Analysis and Development
We believe government can work for the people, by the people, in the digital age. To reach people and build their trust, we need to ensure our policy protects both individuals and CFA.
Posted February 16, 2021
Background & Context
We work on projects focused on helping individuals most impacted by government systems. Some of our programs include:
Integrated Benefits-Simplifying how Americans access safety net services when they need them most
GetCalFresh-Improving how government delivers food assistance to families in need
ClearMyRecord-Giving people a second chance to get jobs and housing by clearing past convictions
GetYourRefund-Closing the Earned Income Tax Credit participation gap and providing free tax help
Plus, we have a nationwide network of brigades working locally on issues that matter most to their communities.
We recently worked with an amazing attorney here on WTA on a site specific privacy policy for GetYourRefund. Her recommendation was to have a unified privacy policy for the whole organization (including programmatic sites). We want to explore this possibility.
Immediate Problem
We have multiple sites that are under the umbrella of services supported by our organization, plus we have our main site and brigade specific projects. We are required to be HIPAA compliant for some programs, and looking into SOC2 compliance for our tax benefits work. We want to ensure we are on the right side of our security and privacy requirements.
In many ways, I expect this will be a "start from scratch" project, and the commitment may be over the next few months.
Work & Deliverables
Given some of the complex nature of the work, we'd like to start by:
1. meeting to discuss current systems, policy, and concerns
2. explore recommendations, options, timelines, and general Q/A
3. CFA and Attorney consult to determine if we should pursue this route.
If we do decide to pursue single org-wide policy, we'd like to:
4. Review all current privacy policies currently in use and timeline out when the best time for change would be (for instance, not changing tax policy until end of tax season)
5. Edit/Review/Draft Org-Wide Privacy Policy
6. Determine if individual sites need any special or site specific language, and how that language may need to be integrated or addressed
Code for America
Code for America uses the principles and practices of the digital age to improve how government serves the American public, and how the public improves government. We are a network of people making government work for the people, by the people, in the digital age. How do we get there? With government services that are simple, effective, and easy to use, working at scale to help all Americans, starting with the people who need them most.
Code for America
Code for America uses the principles and practices of the digital age to improve how government serves the American public, and how the public improves government. We are a network of people making government work for the people, by the people, in the digital age. How do we get there? With government services that are simple, effective, and easy to use, working at scale to help all Americans, starting with the people who need them most.