This notice describes the privacy policy of the Symbify Unified Referral System (“Symbify”). Symbify is administered by We Are IT, operating on behalf of Ngage New Mexico (“Ngage”). We Are IT administers Symbify on behalf of participating organizations and programs that are listed in the Share New Mexico resource directory - located at https://sharenm.org. We Are IT may amend this Symbify Privacy Policy at any time, and will maintain record of any changes made, as well as post new versions on the Symbify website located at https://www.symbify.net/privacy-policy.
This notice applies to the personal information of individuals whose personal data is collected or maintained in electronic formats on Symbify.
In relation to this personal information, users entering data in Symbify:
Each person providing personal information may:
This notice describes the privacy policy and practices of Symbify, administered by We Are IT, which is a social enterprise of Ngage New Mexico. We Are IT’s main office is located at 3880 Foothills Rd, Ste A, Las Cruces NM 88011. We Are IT’s phone number for purposes of Symbify is (575)521-0111. Information about Symbify is on the Symbify website located at: https://www.symbify.net
The policy and practices in this notice cover the processing of protected personal client information by users of Symbify within participating agencies. This notice covers all personal information policies set forth by We Are IT in its role as the administrator of Symbify. Symbify participating agencies may have additional privacy policies on information entered and accessed by users.
Protected Person Information (PPI) is any information Symbify maintains about a client that:
Allows identification of an individual directly or indirectly; and
Can be manipulated by a reasonably foreseeable method to identify a specific individual; Or
Can be linked with other available information to identify a specific client.
When this notices refers to personal information, it means PPI.
We Are IT (including We Are IT’s contractors), Ngage programs and partner agencies, and Symbify participating agencies may collect and/or maintain personal information for some or all of the following purposes:
To provide or coordinate services to clients;
To locate other programs that may be able to assist clients;
To carry out administrative functions, including legal, audit, personnel, oversight, contract monitoring, program evaluation, and other management functions;
To comply with government and Funder reporting obligations;
For research, data analysis, and community reporting purposes, including reporting to the SUCCESS Partnership In Education to inform policy decisions; and
When required by law.
We Are IT (including We Are IT’s contractors), Ngage, and Symbify participating agencies use only lawful and fair means to collect and/or maintain personal information.
By seeking assistance at one of the Symbify participating agencies and providing personal information, it is assumed that a person consents to the collection of information as described in this notice and that the collected information may be entered into Symbify.
We Are IT (and We Are IT’s contractors), Ngage, and Symbify participating agencies may also obtain information about those seeking services from:
Other individuals who are accompanying the person seeking services, such as a guardian, caretaker, or advocate;
Referring organizations and/or service providers (with proper consent);
We Are IT’s contractors, Ngage, and/or Symbify participating agency users that are providing services.
Symbify participating agencies are required to post a sign at their intake desks or offices explaining the reasons personal information is requested. Symbify participating agencies may have additional policies not required by We Are IT that they must follow, but at a minimum, they must adhere to this Notice. While Symbify participating agencies are required to adopt their own privacy policies and postings for data collection unrelated to Symbify, We Are IT provides a posting template to Symbify participating agencies which reads:
Symbify Unified Referral System
**This agency is a participant in the Symbify Unified Referral System, a computerized system that collects and stores basic information about the persons who receive services from this Agency. The goal of Symbify is to assist us in meeting your needs and to provide a record for evaluating the effectiveness of referrals made through the system. **
We only collect information that is needed to provide you services, or that we consider relevant to helping us understand the scope and dimensions of your needs during the referral process in order to design effective service delivery. We do not use or disclose your information without your consent, except when required by our funders or by law, or for specific administrative or research purposes outlined in our privacy policy. By requesting and accepting referral services from this project, you are giving consent for us to enter your personal information into Symbify.
The collection and use of all personal information is guided by strict standards of confidentiality as outlined in our privacy policy. A copy of our agency’s Privacy Policy and a copy of the Symbify Privacy Policy is available upon request for your review.
We Are IT (and We Are IT’s contractors), Ngage, and Symbify participating agencies may use or disclose personal information for the following purposes:
To provide or coordinate services for individuals to help them meet certain needs. Symbify may be used to share portions of client records (with consent) with Symbify participating agencies that, at a minimum, must adhere to this notice and may have additional privacy policies and that may allow different uses and disclosures of the information;
To carry out administrative functions, such as legal, audit, personnel, oversight, contract monitoring, program evaluation, and other management functions;
When required by law to the extent that use or disclosure complies with and is limited to the requirements of the law;
To avert a serious threat to health or safety if:
It is believed in good faith that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of an individual or the public, and
The use or disclosure is made to a person reasonably able to prevent or lessen the threat, including the target of the threat.
To report about an individual that We Are IT (and We Are IT’s contractors), Ngage, or a Symbify participating agency reasonably believes to be a victim of abuse, neglect, or domestic violence to a governmental authority (including a social service or protective services agency) authorized by law to receive reports of abuse, neglect, or domestic violence under any of the following circumstances:
Where the disclosure is required by law and the disclosure complies with and is limited to the requirements of the law;
If the individual agency agrees to the disclosure; or
To the extent that the disclosure is expressly authorized by statute or regulation; and
We Are IT (and We Are IT’s contractors), Ngage, or a Symbify participating agency believes the disclosure is necessary to prevent serious harm to the individual or other potential victims; or
If the individual is unable to agree because of incapacity, then a law enforcement or other public official authorized to receive the report must represent that the PPI for which disclosure is sought is not intended to be used against the individual, and must represent that an immediate enforcement activity that depends upon the disclosure would be materially and adversely affected by waiting until the individual is able to agree to the disclosure; and
When We Are IT (and We Are IT’s contractors), Ngage, or a Symbify participating agency makes a permitted disclosure about a victim of abuse, neglect, or domestic violence, We Are IT, Ngage, or the Symbify participating agency will promply inform the individual who is the victim that a disclosure has been or will be made, except if:
To a law enforcement official for a law enforcement purpose (if consistent with applicable law and standards of ethical conduct) under the following circumstances:
In response to a lawful court order, court-ordered warrant, subpoena or summons issued by a judicial officer, or a grand jury subpoena;
If the law enforcement official makes a written request for PPI that:
Is signed by a supervisory official of the law enforcement agency seeking the PPI;
States that the information is relevant and material to a legitimate law enforcement investigation;
Identifies the PPI sought;
Is specific and limited in scope to the extent reasonably practicable in light of the purpose for which the information is sought; and ;
States that de-identified information could not be used to accomplish the purpose of the disclosure.
If it is believed in good faith that the PPI constitutes evidence of criminal conduct that occurred on the premises of a Symbify participating agency;
In response to a written request as described above for the purpose of identifying or locating a suspect, fugitive, material witness or missing person and the PPI disclosed consists only of name, address, date of birth, and distinguishing physical characteristics; or
If the official is an authorized federal official seeking PPI for the provision of protective services to the president or other persons authorized by 18 U.S.C. 3056, or to foreign heads of state or other persons authorized by 22 U.S.C. 2709(a)(3), or for the conduct of investigations authorized by 18 U.S.C. 871 and 879 (threats against the President and others); and if the information requested is specific and limited in scope to the extent reasonably practicable in light of the purpose for which it is sought.
We Are IT and Ngage may use or disclose personal information for activities set forth below and for activities We Are IT determines to be compatible with such activities. We Are IT assumes that you consent to the use or disclosure of your personal information for such purposes.
To carry out maintenance and operation of Symbify;
To create de-identified (anonymous) information that can be used for research and statistical purposes without identifying clients.
For academic research purposes, release of PPI will be allowed if research is:
Conducted by an individual or institution that has or enters into a formal relationship with We Are IT and/ or with Ngage, if the research is conducted by either:
The formal relationship is contained in a written research agreement that must:
The written research agreement is not a substitute for approval (if appropriate) of a research project by an Institutional Review Board, Privacy Board, or other applicable human subjects protection institution
Before We Are IT, Ngage, or the Symbify participating agencies make any use or disclosure of your personal information that is not described herein and above, we will seek your consent.
Clients may inspect and have a copy of their PPI that is maintained in Symbify, with the exception of case notes. We Are IT, Ngage, and/or the Symbify participating agency, will respond to any such request made by a client within a reasonable time frame, usually 2-3 business days. Symbify participating agency staff will offer to explain any information in the file. For data that is maintained by We Are IT as the administrator of Symbify but was not entered by the We Are IT staff or contractors, We Are IT may require that the request for inspection be managed through the Symbify participating agency that entered the information.
We Are IT, Ngage, and/or the Symbify participating agency will consider requests for correction of inaccurate or incomplete personal information from clients. If We Are IT, Ngage, and/or the Symbify participating agency agrees that the information is inaccurate or incomplete, the personal information may be deleted or supplemented with additional information.
To inspect, get a copy of, or ask for correction of personal information, a client can contact any Symbify participating agency staff member at the Symbify participating agency at which he or she received services. The appropriate Symbify participating agency staff member will be located to assist with the review and/or correction of the file within a reasonable time period, usually 2- 3 business days.
We Are IT, Ngage, and/or the Symbify participating agency may deny a direct request for inspection or copying of personal information if:
The information was compiled in reasonable anticipation of litigation or comparable proceedings;
The information is about another individual;
The information was obtained under a promise of confidentiality and if the disclosure would reveal the source of the information; or
Disclosure of the information would be reasonably likely to endanger the life or physical safety of any individual.
If a request for access or correction is denied, the organization that denies the request (We Are IT, Ngage, and/or the Symbify participating agency) will explain the reason for the denial. We Are IT, Ngage, and/or the Symbify participating agency will also include, as part of the personal information that is maintained, documentation of the request and the reason for the denial.
We Are IT, Ngage, and/or the Symbify participating agency may reject repeated or harassing requests for access or correction
We Are IT, on behalf of Symbify, accepts and considers questions or complaints about Symbify’s privacy and security policies and practices. To file a complaint or question, a person should do the following:
If the complaint is about one of the Symbify participating agencies using Symbify, the client should first follow the questions and/or grievance procedure of that organization. If the grievance cannot be resolved at the Symbify participating agency level, the question/complaint should be addressed to We Are IT in writing or in person for resolution. We Are IT’s main office is located at 3880 Foothills Rd, Ste A, Las Cruces NM 88011. We Are IT’s phone number for purposes of Symbify is (575) 521-0111;
If the complaint is received by We Are IT, in writing or in person, about a Symbify participating agency or about an internal program, it will be reviewed by the staff responsible for administering Symbify first. If the question or complaint cannot be resolved at that level it will be brought to the attention of Symbify’s General Counsel;
All members of We Are IT (including employees, volunteers, affiliates, contractors and associates), Ngage, and Symbify participating agencies are required to comply with this notice. Each individual with access to Symbify must receive and acknowledge receipt of a copy of this notice and pledge to comply with this notice in writing.
Each copy of this notice will have a history of changes made to the document. This document’s change history is as follows: