Updated Forms: HMIS Client Consent to Release Information and Notice of Privacy Practices (Effective November 1, 2019)
The HMIS Client Consent to Release Information and the Notice of Privacy Practices have been updated to provide clients with a better understanding of how their information is shared and more descriptive language about who may access it. These adjustments are intended to provide clarity, but do not change the purpose or intent of the documents.
Effective November 1st, please use the revised HMIS Client Consent to Release Information and Notice of Privacy Practices (dated 10-22-2019), when you discuss HMIS data collection and sharing with clients. Because the revisions are not substantial, you will only need to use the updated form with new clients or when the current HMIS Consent you have in place for the client expires.
- The form has been expanded to two pages, with the data-sharing preference options listed at the bottom of the first page and the signature page on the second page. Be sure to upload both pages when you record the ROI in HMIS.
- Clients are informed that a current list of HMIS partner organizations are maintained on the Alliance website, and they may request a copy of this list from your agency or the Alliance.
- Additional clarifying language has been added to explain that their information may be used by Alliance staff and its designees for administrative purposes, such as checking data quality and identifying service eligibility for Coordinated Entry.
- For service providers who take client photos for HMIS purposes, a statement has been added to the Consent preferences for “Profile Plus” and “Profile Only” that informs clients that their photo will be shared, where applicable.
Prior to making these updated forms available within your organization, you will need to add your agency logo, agency name, and agency contact information to the Consent and Privacy Notice.
- Placeholders for agency-specific information (such as “[Agency Name]” and “[Agency Name Here]”) are distributed throughout the two documents, indicating where to make these changes.
- The default expiration period is listed as "[three (3)]" years. If your organization uses a shorter period expiration period, you will need to change this information.