Hold Team Meetings . Monitor and Evaluate Your Efforts . Sustain Your SART . Know Your Team . Critical Issues
Confidentiality
SART Recordkeeping
Nonprofit organizations and government agencies may embrace technology without thoroughly understanding the unintended consequences that may arise from it. As data systems become increasingly interconnected, it is vital that SART organizations anticipate and minimize the potential for harm to victims. Essentially, you need to secure the confidentiality of all communications and minimize any data about victims that are collected, stored, and shared. In addition, because some victims will request assistance or advocacy online, it is critical to think proactively through all safety, confidentiality, and monitoring possibilities in connection with electronic communications.
Carefully balance the benefits of recording information against the possible harm that the information could cause the victim or the criminal case if the information were released. Consider written policies on recordkeeping based on guiding principles. In other words, you should always know why information is being kept (e.g., for funders, for the victim's benefit, for reference).
There are benefits and burdens to recordkeeping. Making decisions about what to record and what not to record is easier if you have some underlying principles to guide the process.13 You'll need to decide—
- Who will have access to SART files.
- Who will be the designated custodian of SART records.
- What records will be kept following case reviews.
- What process will be used to maintain and destroy files.
In addition, you'll need to develop policies for electronically stored records, such as the following:14
- Choose passwords that are difficult or impossible to guess. Make the password at least eight characters long and use uppercase and lowercase characters, numbers, and punctuation.
- Regularly back up critical data.
- Use virus protection software.
- Use a firewall as a gatekeeper between SART computers and the Internet.
- Log off of the Internet after you're finished using it.
- Use screensavers with password protection.
- Physically secure computers (e.g., laptops should be secured, desktop PCs should not be publicly accessible).
- Position screens to prevent inadvertent viewing.
- Place servers in closed, properly ventilated rooms.
- Encrypt data.
- Do not e-mail victim-related information to anyone.