A community action agency (CAA) cannot serve its clients without gathering important details about them. Information provided by clients forms the basis for key decisions about program eligibility and the provision of services, and allows the agency to communicate with them. The information shared with a CAA often includes sensitive and personal data that is not publicly available. Thus, the CAA must understand and respect the privacy rights that clients have in their information. The CAA’s processes for retaining that information and its policies governing the disclosure of such data must consider and safeguard these privacy rights.
CAPLAW developed this FAQ to assist CAAs as they navigate complex client privacy issues. It includes common questions on the topic and offers answers that CAAs can use to comply with applicable laws and regulations.