Policy Title: Data Security and Privacy Protection
Effective Date: April, 2025
Approved By: Executive Director, BeMore Developmental Support Services Inc.

Purpose

This policy outlines BeMore’s commitment to safeguarding the privacy and security of all personal and sensitive data handled in the course of service delivery, employment, and community engagement.

Scope

This policy applies to all staff, contractors, volunteers, and systems that handle personal data, including client records, personnel files, electronic communications, and internal databases.

Policy Statement

• BeMore adheres to HIPAA, FERPA, and all applicable Maryland state data privacy laws to ensure confidentiality and integrity of protected information.
• Access to confidential client information is granted only to authorized personnel on a need-to-know basis.
• All staff are trained annually in data security and privacy best practices.
• BeMore uses secure servers, encrypted platforms, and password-protected systems for storing and transmitting data.
• Printed confidential documents must be stored in locked cabinets and disposed of through secure shredding protocols.

Data Breach Response

In the event of a suspected or confirmed data breach, the following actions will be taken:

• Notify the Executive Director immediately
• Secure the compromised systems
• Notify affected individuals as required by law
• Conduct an internal investigation and risk assessment
• Implement corrective actions and staff retraining

Reporting Concerns

Privacy or security concerns should be reported to:
Email: [privacy@bemoredss.com](mailto:privacy@bemoredss.com)
Phone: 973-510-8750