• TCA Confidentiality Agreement for Level 1 and Level 2 Data

    • Click for the Data Use Policy (highlights) 

    • Full Data Use Policy Statement here

      As a global, virtual organization, the vast majority of TCA's records are stored virtually, with a tiered system that delineates the level of sensitivity. 

      The Google Administrator is responsible for tracking and providing data access as listed below. The current Google Administrator is Paul Sakamoto (paul@taikocommunityalliance.org)

      • Level 1:  Personally identifiable information (PII) that requires the highest level of security and limited access.  This includes information deemed by the TCA Board of Directors as private or classified.  Examples include planning documents, financial reports, un-approved meeting minutes, and personnel, payment, and contractual information.
      • Level 2: Personal contact information (phone numbers, email and mailng addresses), "back end" access (website, social media), and TCA administrative functions (Zoom, Google Drive).
      • Level 3: Publicly available information

      Approving authority:

      • Level 1: TCA Executive Committee
      • Level 2: Committee Chairs
      • Level 3: no approval needed

      Information Retention
      Documents will be securely stored for the indicated amount of time as stated below.  Additionally, hard copies of financial documents will be maintained by the TCA Treasurer.

      • 1 year - W9 forms, Title VII Records.
      • 2 years - Equal Pay
      • 3 years - I-9 forms (additional 1 year after termination)
      • 4 years - W4 forms, Personnel files (after termination), Payroll and tax withholding records.
      • 5 years - Program attendeed registration/agreements
      • 6 years - Board applications and agreements
      • 7 years - Call logs, meeting minutes, financial records

      Deletion
      When ready for deletion, hard copies will be shredded, burned, or thrown away (w/ PII redacted).

      Soft copies will be electronically deleted.

      Non-essential email should be reviewed and deleted annually.  Non-essential email is defined as any message not deemed necessary for archival record keeping or future planning purposes.

      More information
      Further policy statements can be found here, including:

      • E-Mail address procedures
      • E-Mail lists
      • Sharing policy
      • Personnel Change Process
      • Systems access
      • Password Best Practices
      • Information Security Requirements for 3rd-party users

       

    •  

    • Confidentiality Statement

      1. It is the policy of TCA that board members, employees, and volunteers of TCA will not disclose Level 1 or Level 2 information as defined in the TCA Data Use Policy, belonging to, or obtained through their affiliation with TCA to any person, including their relatives, friends, and business and professional associates, unless TCA has authorized disclosure or use. This policy is not intended to prevent disclosure where disclosure is required by law.
         
      2. Board members, volunteers and employees are cautioned to demonstrate professionalism, good judgment, and care to avoid unauthorized or inadvertent disclosures of confidential information and should, for example, refrain from leaving confidential information contained in documents or on computer screens in plain view.

      3. Upon separation of employment, service, and at the end of a board member’s term, he or she shall return or destroy, all documents, papers, and other materials, that may contain confidential information. Failure to adhere to this policy will result in discipline, up to and including separation of employment or service with TCA.

      4. Violation of the state statutes regarding confidentiality of records is punishable upon conviction by fines or by imprisonment or by both.
    • Should be Empty: