Last revised 07/20/2016
Multnomah County is a government entity that conducts public business. Under Oregon's Public Records Law, all writings that contain information relating to the conduct of the public’s business are considered public records and are generally available for public review, though certain records are conditionally or unconditionally exempt from public review. Multnomah County protects the privacy and confidentiality of all personal information contained in county records to the fullest extent allowable by law.
Our commitment to your privacy and confidentiality has deep roots not only in the law but also in the ethics and practices of governance.
This privacy statement explains your privacy and confidentiality rights and responsibilities, the steps Multnomah County takes to respect and protect your privacy when you use county resources, and how we deal with personally identifiable information we collect from our users.
II. Privacy and Confidentiality Practices
Notice and Openness
We post publicly the county's privacy and information-gathering practices. Whenever practices change we notify our users.
We avoid creating unnecessary records, we avoid retaining records not needed for county business purposes, and we do not engage in practices that might place information on public view.
Choice and Consent
We will not collect or retain your private and personally identifiable information without your consent. We may track the use of our website to ensure its quality and improve our services; however, this information cannot be linked to a specific individual. Other than the information you voluntarily provide to Multnomah County, we will not collect data from you allowing you to be personally identified. If you consent to give us your personally identifiable information, we will take steps to ensure the use of your information is limited to the stated purpose for which it was collected and to keep it confidential. We will not sell, license or disclose your personal information to any third party, except an agent working under contract to the county, without your consent, unless we are required by law to do so.
We never use or share the personally identifiable information provided to us in ways unrelated to the ones described above without also providing you an opportunity to prohibit such unrelated uses, unless we are required by law to do so.
If we make a service available for your convenience that may in some way lessen our ability to protect the privacy of your personally identifiable information or the confidentiality of information about your use of county services, we will: 1.) Provide you with a privacy warning regarding that service; and 2.) Make it possible for you to "opt in" or "opt out" of that service.
User Access and Responsibility
You are entitled to view your personally identifiable information and are responsible for keeping your information accurate and up-to-date. The county will explain the process for accessing or updating your information.
Data Integrity and Security
We take reasonable steps to assure data integrity.
We protect personally identifiable information by electronically purging or manually shredding data once it is no longer needed for business purposes.
We have invested in appropriate technology to protect the security of any personally identifiable information while it is in the county's custody.
We ensure that aggregate, summary data is stripped of personally identifiable information.
We regularly remove cookies, Web history, cached files, or other computer and Internet use records and other software code that is placed on our computers or networks.
Third Party Security
We ensure that the county's contracts, licenses, and offsite computer service arrangements reflect our policies and legal obligations concerning user privacy and confidentiality. Our agreements address appropriate restrictions on the use, aggregation, dissemination, and sale of that information, particularly information about minors.
Users must be aware, when accessing remote sites, that there are limits to the privacy protection the county can provide.
Some users may choose to take advantage of RSS feeds from the site, notices via e-mail or text message, and similar services that send personal information related to county use via public communication networks. These users must also be aware that the county has limited ability to protect the privacy of this information once it is outside our control.
Our procedures limit access to data and ensure that those individuals with access do not utilize the data for unauthorized purposes. We limit access through use of passwords and storage of data on secure servers or computers that are inaccessible from a modem or network connection.
Staff Access to Personal Data
County staff may access personal data stored in the county's computer system only for the purpose of performing their assigned duties. Staff will not disclose any personal data we collect from you to any other party except where required by law or to fulfill your service request.
Enforcement and Redress
If you would like to review or update the personal information that we maintain about you, please contact the County at firstname.lastname@example.org. Likewise, if you have a question, concern, or complaint about our handling of your privacy and confidentiality rights you may file written comments with the county by emailing email@example.com. We will respond in a timely manner and may conduct a privacy investigation or review of practices and procedures.