I. Our Commitment to Your Data Privacy
Multnomah County is a local government entity that conducts public business. We are committed to sound data stewardship and actively managing privacy risk.
This Policy explains your privacy rights and the steps Multnomah County takes to respect and protect your Personally Identifiable Information (PII) when you use County resources. This policy aligns with existing County policy, including; County Personnel Rules 3-10 Employee Responsibilities section 3-10-020 and 3-35 Use of Information Technology section 3-35-040.
This policy is written using common words and personal pronouns ("you," "we") and adheres to mandatory plain language principles. We commit to Web Content Accessibility Guidelines (WCAG) 2.1, Level AA criteria to ensure the policy is perceivable, operable, and understandable by all residents.
- We clarify the value exchange between you providing data and the County using it, and we explain how we protect you against potential risks associated with those uses.
- We formalize a commitment to an annual review of this policy.
- We reserve the right to change this Policy at any time. The latest version of the Policy will be posted on our website.
II. The Legal Foundation of Data Governance
The foundation of the County’s data governance is governed by the following legal frameworks:
2.1 Supremacy of Oregon Public Records Act
The Oregon Public Records Act (ORS 192.311 to 192.431) establishes a strong presumption of public access to information possessed by the state government. Most information collected by the County is assumed to be open to the public unless specifically exempted by State or federal law.
2.2 Mandatory Nondisclosure Right
Because the Public Records Act favors disclosure, we must prominently feature the mechanisms available to protect specific data points.
You have a legally mandated right to request that public officials not disclose a public record that contains your home address and telephone number under certain qualifying circumstances.
The procedure for requesting this nondisclosure is outlined in ORS 192.368.
2.3 Sensitive Data Regulations
This policy acts as a roadmap to specialized regulatory regimes that govern sensitive data.
| Regulatory Framework | Data Scope | Primary Mandate | Impact on You |
|---|---|---|---|
HIPAA Privacy Rule (Federal) | Protected Health Information (PHI) | Mandated Confidentiality and Safeguards | For PHI, disclosure rules override ORS 192. |
CJI (Federal) | Criminal Justice Information (CJI) | Mandated Confidentiality and Safeguards | For CJI, disclosure rules override ORS 192. |
OCIPA Principles | Oregon Consumer Information Protection Act (OCIPA) | High-Water Mark for Consumer Rights | We are required to comply with OCIPA. |
III. Information We Collect and Definition of PII
3.1 Definition of Personally Identifiable Information (PII)
PII is defined in ORS 646A.602 as Personal Information that could be linked to an individual, either directly or when combined with other data.
We collect direct identifiers (e.g., name, address, email address, phone number) when you voluntarily provide them to us (e.g., through email, forms, or service registration).
3.2 Data Minimization
We commit to the principle of data minimization, limiting the amount of personal information collected, accessed, used and disclosed to that which is "adequate, relevant and reasonably necessary" for the specified purposes.
County staff may access personal data stored in the County's information systems only for the purpose of performing their assigned duties. Staff will not use or disclose any personal data we collect from you to any other party except where permitted by law or to fulfill your service request. Our internal procedures limit access to personal data and prohibit those individuals with access from utilizing or disclosing the personal data for unauthorized purposes.
3.3 Web Tracking Technologies and Cookies
We use various technologies to monitor and improve our website's quality and services.
We use cookies, which are small text files placed on your device. Our servers use "per-session cookies" for technical purposes (like navigation verification), which disappear soon after your browser is closed. "Persistent cookies" may be used to track unique visitors.
- Opt-Out: You must configure your browser to reject cookies or to notify you when a cookie is being placed. Rejecting cookies may cause some features of the services to lose functionality.
- Do Not Track (DNT): We respect your preference and will not track user activity once "do not track" signals have been activated in your browser or mobile device.
- Analytics: We utilize third-party analytics services (e.g., Google Analytics or SiteImprove) to track and report activity, allowing us to find and fix any broken links or spelling errors. We use these services to understand and improve the user experience. We confirm that we employ standard IP address anonymization or masking techniques.
- Geopolitical Risk Disclosure: The use of standard U.S. analytics platforms (e.g., Google Analytics) creates a risk that foreign government authorities could compel disclosure of website visitor data via U.S. service providers under U.S. surveillance laws (such as the Foreign Intelligence Surveillance Act, FISA 702). We proactively disclose this assessed risk via this policy.
We may automatically collect technical identifiers when you access our website or use our services. This information is used to improve our delivery of services to the community and is not combined with other PII for reidentification purposes. Technical identifiers, such as IP addresses, are collected and treated as sensitive data when aggregated or linked to a specific service user.
Technical identifiers may include:
- Internet Protocol (IP) address and domain name used;
- The date, time, and web pages you visit;
- Browser type/version/plug-ins used or security levels;
- Operating system used;
- Media access control (MAC) address;
- Screen resolution;
- Date and time of the server request;
- Location-related data (such as the geographic location of the IP address);
- Volume of data transferred;
- Access status (“file transferred,” “file not found” and so on);
- The website you visited prior to coming to this site.
3.4 Monitoring
We reserve the right to monitor email and web traffic to the extent permitted by law. This monitoring is used to improve and protect the security of our services and the County network and to improve our delivery of services to the community.
3.5 Mobile Device Usage
We adhere to security standards for software and data collection which protect personal data accessed via mobile devices.
3.6 Location Information
We may provide services based on your geographic location (IP address, user profile data). We may monitor, collect and use your geographic location information, as well as other information obtained from our network and your device, to provide you with these services, and to maintain and improve our services.
3.7 Recognizing AI as an Evolving Data Risk
We recognize that the environment of data risk is constantly evolving due to new technologies (e.g., Artificial Intelligence), legislative and Federal actions. Relying on a static policy is insufficient for genuine data stewardship, therefore in section (I) we noted an annual review of the public-facing privacy policy will occur to incorporate statutory updates and address new technological challenges.
IV. How We Share Information and Contractual Controls
4.1 Sharing Limitations
We will not sell, license or disclose your personal information to any third party without your consent, unless we are legally permitted or required by law to do so, or if it is necessary to complete a transaction or fulfill your service request.
We will not collect information or create individual profiles for commercial marketing purposes.
When we share aggregate or de-identified information, we ensure that the data is stripped of PII. However, you acknowledge that in some instances, third-parties may be able to combine aggregate information with other data they possess to personally identify you.
4.2 Contractual Data Protection (Data Sharing Agreements - DSAs)
We enforce contractual controls to manage the risk of data leakage when PII flows to third-party agents, contractors, or cloud providers. We commit to utilizing robust Data Sharing Agreements (DSAs) that require third-parties to:
- Access, use and disclose the data only for the specified, contracted research or service purpose.
- Comply fully with all applicable laws and regulations relating to PII and data privacy.
- Promptly notify the County if they receive any legal request (subpoena, order, or demand) for the County’s data.
- Attempt to redirect the requestor to obtain the data directly from the County (Data Supplier) before complying with the request, unless legally prohibited from doing so.
V. Opt-Out and Correction Mechanisms
5.1 Opt-Out Mechanism
If we provide a service that lessens privacy protection (e.g., SMS or text notices via public networks), the County department providing this service will provide a privacy warning and will make it possible for you to "opt-in" or "opt-out" of the service.
5.2 Correction and Amendment Procedure
To request the correction or amendment of a factual PII record, you must follow this process:
- The request must be made in writing and addressed to the department maintaining the record.
- You must clearly identify the record, state the correction sought, and provide justification that the information is inaccurate or incomplete.
- We require verification of your identity to prevent unauthorized access to your data.
VI. Data Lifecycle and Accountability
6.1 Data Retention and Disposal
Data retention periods are tied to legal requirements, regulatory compliance, or documented business necessity.
We protect PII by securely disposing of data (electronically purging or manually shredding) once it is legally permissible to do so and the record is no longer needed for business purposes.
6.2 Data Protection and Governance
County policy underpins our efforts to protect and govern data. These protections include:
County staff may access personal data or PII only for the purpose of performing their assigned duties. Staff must not access, use or disclose this data for unauthorized purposes.
All external systems are secured using Multifactor Authentication (MFA). PII data stored on servers is encrypted and inaccessible from unauthorized connections.
6.3 Contact Information
If you have questions about this Policy, our policies, or wish to file a privacy inquiry, please contact the County at webmaster@multco.us. We will respond in a timely manner and may conduct a privacy investigation or review of practices and procedures.