1 / 80

FFY2013 EAP Annual Training

FFY2013 EAP Annual Training Part 7: Data Practices; Local Plan; Communication, Information & Reports; Self Monitoring; State Monitoring. Data Practices. Data Practices. Highlights Third Parties Under Contract E-Mail Data Privacy Record Retention Requirements Destruction of Records

aislin
Télécharger la présentation

FFY2013 EAP Annual Training

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FFY2013 EAP Annual Training Part 7: Data Practices; Local Plan; Communication, Information & Reports; Self Monitoring; State Monitoring

  2. Data Practices

  3. Data Practices Highlights • Third Parties Under Contract • E-Mail Data Privacy • Record Retention Requirements • Destruction of Records • Penalty for Violations of the Minnesota Government Data Practices Act (MGDPA)

  4. Third Parties Under Contract • Third parties under contract with a government agency must also follow the MGDPA. Government entities may contract with private parties to fulfill government functions (Minn. Stat §13.05, subd. 11). • In that capacity, a private party will likely create, collect, receive, store, use, maintain or disseminate government data • If a government entity contracts with a private contractor, all of the government data are subject to the classifications in the MGDPA and other state and federal laws

  5. E-Mail Data Privacy Maintain Data Privacy on E-mails • Use only household numbers for identification when possible, including any reference in the subject line or attachments • Use secure e-mail practices when private household data is included • Use secure e-mail practices to send new energy vendor information containing Tax IDs or Social Security Numbers

  6. E-Mail Data Privacy To Maintain Data Privacy on E-mails (cont.) • Remind energy vendors to use only household numbers and account numbers when communicating via e-mail about a customer • Contact DOC for help if an energy vendor does not cooperate with data privacy requirements, as required by the energy vendor agreement • Violation will result in EAP program finding

  7. Record Retention Requirements • Energy Programs records must be maintained for at least six years after the program has been closed out and audited • Upon written notice from the state or federal agency, retain records for the period of time stated in the written notice • Should a Service Provider be required to keep these records for a longer period of time, the DOC will send written notice to do so

  8. Destruction of Records When disposing of records containing private data, the records must be destroyed in a way that prevents their contents from being determined, under Minn. Stat. §138.17

  9. Penalty for Violations of the MGDPA • Government entities and their contractors may be subject to penalties when violations of the MGDPA occur • Minn. Stat. §13.08 states: “… a responsible authority or government entity which violates any provision of this chapter is liable to a person or representative of a decedent who suffers any damage as a result of the violation, and the person damaged or a representative in the case of private data on decedents…may bring an action against the responsible authority or government entity to cover any damages sustained, plus costs and reasonable attorney fees.”

  10. Penalty for Violations of the MGDPA • “In the case of a willful violation, the government entity shall, in addition, be liable to exemplary damages of not less than $1,000, nor more than $15,000 for each violation” • There may be additional penalties including suspension without pay or dismissal • If in doubt, check with your agency’s data practices compliance official • Ask DOC EAP staff

  11. Roles and Responsibilities SP Security Administrator Authorization Includes • Editing existing users as duties change • Disabling eHEAT administrators and users: • Immediately upon permanently leaving a position requiring eHEAT access • Immediately upon administrative leave, suspension, etc. • Immediately when no longer employed by the Service Provider • If on other leave, laid off, on extended vacation, or temporarily reassigned to non-EAP duties for 30 days or longer • Re-enabling users when they return to work • Editing existing roles as new functions are assigned or no longerperformed Note: Failure to disable eHEAT access as required is a violation of data security policy and will result in an EAP compliance finding

  12. Chapter 13 Data Practices Q&A

  13. FFY2013 EAP Local Plan

  14. FFY2013 EAP Local Plan 2. Risk Assessment Local Plan question Does the Service Provider have the capacity to identify, prioritize and mitigate program risks to maintain the continuity of EAP?

  15. FFY2013 EAP Local Plan 2. Risk Assessment (4 parts) 2.1. Risk Management 2.2. Incident Management 2.3. Conflicts of Interest 2.4. Disaster Planning 2013 Updates • External and Internal Risk occurrences are in one form • List of 19 possible risk occurrences are provided

  16. FFY2013 EAP Local Plan 2.1. Risk Management /Analysis (6 activity areas) Risk Competence • Risk occurrence: Identify risk events that occur when things are different than planned • Result of occurrence: Assess the impact of the risk occurrence • Probability of occurrence: Determine the likelihood of the risk occurrence • Severity of the impact: Determine the level/degree of the impact of the risk occurrence • Response: Mitigate or contain risk to an acceptable level • Indicators: Describe how the event becomes known

  17. FFY2013 EAP Local Plan 2.2. Incident Management (how to identify, review, process, respond, follow-up) 2.3. Business Conflicts of Interest (SP, employee, vendors, contractors) 2.4. Disaster (uncontrolled circumstances) Planning 2.4.1. Community Disaster (participation in community emergency response and services) 2.4.2. Service Provider Disaster Plan (continuity of the program)

  18. FFY2013 EAP Local Plan Q&A

  19. Chapter 14 Communication, Information and Reports

  20. Chapter 14 Communication, Information and Reports Key Points • Timely reporting is critical • Accurate reporting is critical • Timely and accurate reporting prevents larger problems • EAP Coordinators communication role within their SP • Stakeholders • SP Outreach--we have limited funding so target

  21. FFY2013 EAP Local Plan

  22. FFY2013 EAP Local Plan 4. Communication & Information Local Plan question Does the SP have a system in place to communicate EAP policies and procedures to staff and stakeholders so they understand what is expected of them? 2013 Updates 4.4.6. Website standard question removed WACT questions removed 5.1.2 List of 9 Self Monitoring activities are provided 5.2 Energy Vendor Management is improved

  23. FFY2013 EAP Local Plan 4. Communication & Information (4 parts) 4.1. Phone Service 4.1. Household Access to Energy Assistance Applications 4.1. Equal Access to Services 4.1. Outreach and Collaboration 4.1.1. Community Assessment 4.1.1. Targeted Populations and Veterans Outreach 4.1.1. New Outreach to Targeted Populations and Veterans 4.1.1. Successful Outreach 4.1.1. Collaboration

  24. FFY2013 EAP Local Plan Q&A

  25. Self-Monitoring

  26. Self-Monitoring Outline • What we mean and how it fits • Expectations • Best practices

  27. Self-Monitoring Objective Monitoring is an ongoing activity meant to assess program processes and activities and ensure that funds are being spent according to policy EAP Service Providers have a responsibility to monitor and be monitored for compliance with program requirements

  28. Self-Monitoring Internal Controls Framework • Control Environment • Risk Assessment • Control Activities • Information & Communication • Monitoring

  29. a

  30. Self-Monitoring

  31. Self-Monitoring Intentions • Assure proper implementation of EAP • Address problems early before they become critical • Assure program integrity and audit-ability • Assure quality customer service including timely service • Assure equitable use of funds through fiscal and program controls • Assure consistent statewide program delivery • Assure health and safety of applicant households

  32. Self-Monitoring Performance Measures and Quality Assurance Service Providers should have systems in place to assure: • Monitoring applications for timeliness • Weekly Targets and Rate of Incidence goals • Checking applications for accuracy • Verification of accuracy and completeness • Coordination for after hours emergencies • Accurate and timely reports to the DOC

  33. Self-Monitoring Monitoring Applications for Timeliness • HHS considers EAP a health and safety program • Processing application in timely fashion is not only important, but is also required in emergency situations Best Practices (from FFY12 Local Plans): • “Applications are date stamped and logged in upon arrival. They are also signed and dated by workers upon certification and approval for payment. Application timeliness is monitored via eHEAT data analysis.” • Random sample verification (10%)

  34. Self-Monitoring Check Applications for Accuracy & Completeness • Accurate applications + accurate data entry = accurate benefits • Ensures that benefits are preserved for truly eligible households • Ensures program integrity and conserves resources Best Practices: • “Applications are certified and approved for payment or denial by two different employees. Data is analyzed periodically for anomalies.” (validation) • Random sample verification (10%) • Encourage employees to double-check if they are unsure

  35. Self-Monitoring Weekly Targets and Rate of Incidence Goals • Each SP works with a unique mix of households • WACTs and ROIs are meant to help you assess whether or not you are reaching your households Best Practices: • WACTs: Check eHEAT on a weekly basis to see if weekly application targets are achieved. If not, identify possible reasons and adjust accordingly. • ROIs: Check eHEAT monthly to determine if targeted groups are represented in applicant pool. If not, focus outreach towards underrepresented groups.

  36. Self-Monitoring Coordination for After Hours Emergencies • EAP is required to resolve life threatening emergencies within 18 hours and non-life threatening emergencies within 48 hours Best Practices: • Enter into eHEAT immediately; use to check timeliness • Keep a log of emergency requests with date/time of request and resolution, as well as name of respondent • Regularly (weekly) evaluate if timelines are being met • When not met, determine why and act accordingly

  37. Self-Monitoring Accurate and Timely Reports to DOC Quality & Performance Controls reporting focuses on: • Timeliness, consistency and accuracy • Continuous improvement • Program Resource Management Best Practices: • “Timely reporting to DOC is assured with the use of Outlook and staff coordination” • Submit in the proper format • Enter notes in eHEAT

  38. Self-Monitoring Accurate and Timely Reports to DOC Best Practices (Continued): • Mark your calendars (set an alarm) & have a second person verify report accuracy • Evaluate performance • Identify strengths and weaknesses • Develop procedures to improve

  39. Self-Monitoring Performance Measures and Quality Assurance

  40. Self-Monitoring What Other Performance Measures Do You Use? From the Local Plans • “eHEAT data and DOC-supplied reports are utilized to track agency accuracy and staff productivity” To consider • Customer service: quality as well as quantity/timeliness • Community needs assessments • Outreach: Go beyond inputs/outputs (e.g., # of events, # of fliers, etc.) and focus on outcomes • Want help with demographic (population) info? Contact me.

  41. Self-Monitoring: SP Best Practices Electric Mismatch Search • To assure that consumption is based on information accurately reflecting the household’s situation (daily) Data Entry Check • To assure that data entry is being done correctly (10% daily per specialist) Aging Application Search • To ensure timely application processing/payment (monthly)

  42. Self-Monitoring: SP Best Practices Certification Check • To assure that files are being completed correctly (10% daily per specialist) Review Denials • For accuracy, missed info, over-income (monthly) Refund Search • To assure that refunds are being processed in a timely, accurate manner (weekly)

  43. Self-Monitoring: SP Best Practices Payment Search • To assure that payments are being made in timely, accurate manner (weekly) In-Progress Crisis Report • To assure that all HH events are complete and Crisis is applied to prevent disconnections (every other day) Direct Payment Certify Batch • Review for accuracy, third party vendors (daily)

More Related