Menu Close

CONFIDENTIALITY AND PRIVACY POLICY

PURPOSE

The First Responders Foundation (“the Foundation”) is committed to protecting the privacy, dignity, and confidentiality of all first responders who participate in our therapy dog program. This policy outlines the procedures and principles we follow to safeguard sensitive information while maintaining the operational effectiveness of our mission.

SCOPE

This policy applies to all Foundation staff, volunteers, board members, trainers, veterinary partners, donors, and any third parties who may have access to participant information.

GUIDING PRINCIPLES

1. Respect for Privacy

We recognize that first responders seeking support for PTSD and anxiety deserve the highest level of privacy protection. Their decision to seek assistance should never result in unwanted disclosure or compromise their professional standing or personal dignity.

2. Minimal Necessary Information

We collect only information that is directly relevant to the successful matching, training, and ongoing support of therapy dog placements. Information collected is limited to what is necessary for program operations.

3. Informed Consent

All information is collected with explicit informed consent. Participants will be clearly informed about what information is being collected, how it will be used, stored, and protected, and their rights regarding their personal data.

CONFIDENTIALITY MEASURES

Participant Identity Protection

  • All participants are assigned a unique identification code for internal communications
  • Public communications about the program never identify specific participants without explicit written permission
  • No photographs of participants are taken or shared without separate, specific consent
  • Media releases require separate authorization and are never presumed
  • Program participation lists are secured and access-restricted

Medical Information Safeguards

  • Diagnostic information is stored separately from identifying information
  • Mental health details are accessible only to designated staff members with direct program responsibilities
  • Medical documentation is secured with enhanced encryption and protection
  • References to specific conditions in reports use coded language

Operational Security

  • All staff and volunteers sign enhanced confidentiality agreements
  • Training on privacy protocols is mandatory and conducted quarterly
  • Regular privacy audits ensure compliance
  • Physical files are stored in locked, fire-resistant cabinets
  • Digital records utilize end-to-end encryption
  • Remote access to participant databases requires multi-factor authentication

DISCLOSURE LIMITATIONS

Strict Non-Disclosure Policy

Information about a participant will not be disclosed to any party, including:

  • Other emergency service agencies or departments
  • Insurance companies or healthcare providers not directly involved in care
  • Other program participants
  • Donors or supporters of the Foundation
  • Media organizations
  • General public inquiries

Limited Exceptions

Disclosure may occur only under the following circumstances:

  1. Direct written consent from the participant specifying exactly what information may be shared and with whom
  2. Legal obligation through valid court order or subpoena (participant will be notified unless legally prohibited)
  3. Imminent danger situation where disclosure is necessary to prevent serious harm (limited to relevant information only)

PARTNER ORGANIZATION REQUIREMENTS

Third-party organizations working with the Foundation (trainers, veterinarians, evaluators) must:

  • Sign our confidentiality agreement
  • Demonstrate robust privacy protocols of their own
  • Agree to data handling standards consistent with this policy
  • Remove identifying information from their records when no longer actively serving a participant

COMMUNICATIONS AND PUBLIC RELATIONS

  • Success stories shared in promotional materials use pseudonyms and altered non-essential details
  • Statistics about the program are presented in aggregate form only
  • Public events featuring the program will never require participant attendance or visibility
  • Volunteers acting as program ambassadors receive specialized training on privacy protection

TECHNOLOGY AND DATA SECURITY

  • All participant data is stored on secure, encrypted servers
  • Regular security updates and vulnerability assessments are conducted
  • Data breach response protocols are established and tested
  • Data retention policies limit storage of sensitive information to the minimum necessary time period

PARTICIPANT RIGHTS

All program participants have the right to:

  • Review their personal information held by the Foundation
  • Request corrections to inaccurate information
  • Withdraw consent for specific uses of their information
  • Request deletion of their data after program completion (subject to minimal record-keeping requirements)
  • Receive notification of any data breaches that may affect their information

POLICY ENFORCEMENT

  • A designated Privacy Officer oversees implementation of this policy
  • Regular compliance audits are conducted
  • Violations of this policy by staff or volunteers are grounds for immediate dismissal
  • Annual review and updates to the policy ensure ongoing effectiveness

TRAINING AND AWARENESS

All Foundation personnel receive:

  • Initial comprehensive training on privacy procedures
  • Regular refresher training
  • Updates on any policy changes
  • Guidance on responding to inquiries without compromising confidentiality

This policy is reviewed annually by the Board of Directors and updated as necessary to ensure it maintains the highest standards of privacy protection for the first responders we serve.

Last updated: March 2025