Open randelbrot opened 1 year ago
Created this Google doc for documentation
Hey @ju1es , picking up the HMIS conversation from earlier, I created this issue to track database considerations and assumptions.
One of the assumptions in the doc is that Host Home orgs want to integrate with HMIS by default. This would make sense because Host Homes need to integrate to receive funding from HUD and for data security + sharing purposes.
I have come across a few articles expressing concern about HMIS integration, specifically regarding data privacy and positioning host homes as "non-institutional" services, "outside the system", and inconsistent usage of HMIS across host home programs.
tldr my take on the way forward here is to 1) For Engineering: continue learning about how to integrate with HMIS as this is the expected path, and 2) For PM: get validation from some host home orgs to get a gutcheck on any concerns to be mindful of with respect to HMIS.
Let me know what you think,
Bryce
@brycelednar , thank you for creating this! before jumping into researching more about HMIS, I want to verify that we're actually required to integrate. I just read Service providers that receive Federal funding and some State funding are required to participate in local HMIS
here.
Same thing applies to the other privacy frameworks in the doc. I'm thinking that once we know which frameworks we need to use, you get validation from stakeholders, then I can go ahead and look up the architectural and design requirements for each framework. We'd also have a clear goal of how we can be privacy compliant? This is all new to me but just my initial thoughts.
I guess my question is how did y'all derive the list of compliance frameworks?
Overview
We need to document considerations for data hosting and relevant privacy regulations so that we can build do a make or buy decision on hosting that is legally compliant with our partners and jurisdictions
Action Items
Resources/Instructions