Privacy and Poverty:
Why The Proposed Federal and Local Homeless Tracking System Raises Serious Privacy Concerns

By ANITA RAMASASTRY

Wednesday, Sep. 03, 2003

Recently, Congress directed the federal Department of Housing and Urban Development (HUD) to work with local jurisdictions to gather data relating to the homeless by 2004. To do so, HUD will implement a new computerized data collection program known as the Homeless Management Information System (HMIS).

At the local level, networks of service providers, shelters, and other local bodies that serve, plan for, and coordinate homeless services - known as "continuums of care" (CoCs) - will be required to track data and provide it to HMIS. According to HUD, one goal of HMIS is "knitting together service providers in a more coordinated and effective service delivery system for the benefit of homeless client" - obviously a worthy objective.

As HUD notes, given relevant data on a particular homeless person, HMIS software can calculate the person's eligibility for multiple programs, and generate ready-to-sign applications. More effective and streamlined referrals should result, as should better interagency coordination. HUD will also be able to use the data to figure out, for example, how well the system as a whole is responding to the needs of a given subpopulation of the homeless.

At the same time, however, the proposed HMIS data collection system raises some very serious privacy concerns. These concerns should, at a minimum, cause the government to add a number of further safeguards to control when private information is disclosed, and to ensure it is not misused.

As it is, the current proposal is not quite the same as putting a GPS device on homeless persons, but in some ways, it comes quite close. Congress did ask for statistical information from HUD; it did not, however, ask for a tracking system - which is what is currently being proposed.

How HMIS Will Work, and the Data It Will Collect

Under the current proposal, all local HMIS systems will be required to ask homeless clients who seek housing or services for personal identifying information - including their name, date of birth, Social Security number, ethnicity or race, veteran status, last place of residence, and last known address.

Moreover, to the extent relevant, particular programs will also ask for data on topics such as income, physical disabilities, behavioral health status, HIV/AIDS status, pregnancy status, and whether the client is currently at risk of domestic violence.

HUD has said that no one will be turned away for refusing to provide a Social Security number. But it has left unclear whether refusal to provide other information will lead to denial of needed services.

Even if it will not, the reality is that homeless clients will doubtless feel compelled to provide any data asked for - because of fear that they will lose access to essential, and often life-saving, necessities such as food, shelter and clothing.

Once gathered, where will the information be stored? It will be held in centralized databases within a state or region, and there, it will be identifiable by name. Sharing of HMIS data among providers within a CoC is at the discretion of each network or community - which may choose to share all data, or only some. Each must share at least the name, Social Security number (if provided), and birth date of the persons served, so that a service provider can determine whether an individual who is applying for services was previously served within the same CoC.

The data will also be sent on a regular basis to various central data storage facilities within each region. Records will linger there for 7 years, and be accessible by numerous different organizations.

However, there will be no federal database. Instead, non-identifiable data (in aggregate form) will be sent to HUD for statistical purposes.

Because data will be identifiable only at the local level, that is where the main privacy concerns about HMIS exist. To address these concerns, local CoCs will be required to establish firm policies and procedures to protect against unauthorized disclosure of personal information. But that may not be enough to truly safeguard privacy.

The Privacy Costs of the HMIS System, and How to Minimize Them

To fully see the privacy costs of HMIS, imagine the outcry if the government were to ask those of us who were not homeless where we sleep each night, when we last visited a doctor, and if so, what the diagnosis was - and then to make that information available to a large number of organizations.

As citizens, we provide such data to many organizations such as hospitals, schools, and employers on a daily basis. But we expect that information to be protected, not widely shared with a variety of organizations, private and public.

First, the regulations should make clear that homeless clients will receive services even if they do not consent to giving over their personal data.

Second, the current HUD regulations should be revised to discuss how service providers can obtain genuine consent from those homeless clients who want to give it. For one thing, written consent should be required.

A related issue is the types of disclosures given concerning requests for Social Security numbers. Under the federal Privacy Act, a local, state, or federal government must give a specific disclosure to an individual before requesting the SSN. There is no mention of this in the HUD notice.

Currently, HUD says that only oral assent will be necessary before information can be recorded and shared with others. Specifically, according to HUD, for so-called permitted uses, "[a]n HMIS user or developer may use or disclose protected personal information without the written consent of the individual in situations specified in this notice. . .." For these uses, oral assent will be sufficient as long as "if the individual has been advised how he or she could benefit by providing the requested information, how the data will be protected, and how the data will be used."

Third, the regulations should also be revised to specify exactly what disclosures should be made before clients decide whether to consent. One disclosure that plainly should be made at that juncture, is the disclosure that information may be shared with other agencies.

Fourth, the regulations should be revised to more carefully limit the circumstances in which disclosures can be made. Currently, the standards are very vague. For example, disclosures can occur "to avert a serious threat to health or safety."

Disclosures relating to health and safety threats can occur "consistent with applicable law and standards of ethical conduct . . . if the HMIS user or developer, in good faith, believes the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public and is made to a person or persons reasonably able to prevent or lessen the threat, including the target of the threat."

"Good faith," of course, is a malleable and subjective standard. It will boil down to the individual judgment of each service provider whether emergency circumstances are truly present, and some have lower standards than others. Some might read this provision to allow, for instance, private medical data to be disclosed to a known sexual partner without the patient's consent - something that cannot be done with respect to non-homeless persons.

Fifth, the regulations should be revised so that this personal data - supposedly collected to benefit the homeless persons themselves - is not accessible to law enforcement authorities without any procedural safeguards being put in place. Currently, it appears that National Security and Secret Service Agents can get the information by merely asking for it.

And while the police will typically have to obtain a subpoena or warrant before accessing individual records, access to sensitive information may now be easier for law enforcement to get - since it is stored in one database. HUD does not require that a warrant or court order be obtained.

The Current Regulations Unreasonably Violate the Privacy of the Poor

In today's society, poor people have less of everything—less mobility and increasingly, less privacy.

Homeless people, in particular, suffer: They often must live out in the open or in group situations, and often are thought to lack the Fourth Amendment protections against unreasonable searches and seizures that those of us with homes and cars take for granted. The only privacy they had left was that of their immediate person, and that of their identity and whereabouts.

Unless HMIS is revised, they may effectively lose informational privacy, so that the only privacy shield they have left, may literally be the clothes on their back. And this could happen to anyone who, down on his or her luck, even once visits a shelter.

Technology brings with it the promise of efficiency and better management of government programs. To this extent, HUD's HMIS proposal is not without merit. At the same time, the downsides must be considered and mitigated against.

The current HMIS regulations are insufficient to protect the privacy of the homeless. They must be revised - or we must explain why we've taken the position of "Privacy for me, but not for thee."


Anita Ramasastry is an Associate Professor of Law at the University of Washington School of Law in Seattle and the Co Director of the Shidler Center for Law, Commerce & Technology. For more information on this topic, Ramasastry directs the reader to EPIC's Privacy and Poverty Page

FindLaw Career Center

    Select a Job Title


      Post a Job  |  Careers Home

    View More