IRIS Data Privacy - Information for Clients

What is IRIS?

The Integrated Referral and Intake System (IRIS) is a web-based communication tool used for sending, receiving, and updating information about referrals. IRIS is managed by the Center for Public Partnerships and Research at the University of Kansas. Each IRIS network is made up of a group of organizations and their staff (users) who send and receive referrals to one another. Each network is supported by one or more local user(s) with access to all referral information, known as the Data Manager.

What information is shared in IRIS?

Information entered and stored in IRIS includes client contact information (first and last name, birth date, phone number, and/or email address), other details needed to make a referral, and referral results. Client contact information can be seen by all users in the IRIS network. Details about each referral can only be seen by the Data Manager(s) and the users at the organization sending or receiving the referral. All IRIS users must treat personal data in IRIS as private and clients must consent to each referral.

How is data privacy managed?

The IRIS tool meets applicable law to reasonably maintain the privacy and security of personal information. Safety measures include regular audits, mandatory IRIS staff training, policies requiring appropriate handling of secure information, encrypting data while at rest and during transmission, housing data on HIPAA-compliant cloud storage solutions, and single-user logins.