As numerous policy statements in this Report explain in detail, appropriate and effective information sharing facilitates (among other things) continuity of care, the effective screening and assessment of people admitted to prison, smart release decision-making, and strategic community supervision. It also maximizes the value of resources developed or commissioned by one system but of use to another (such as information about employment markets). Thoughtful program and policy design, as well as the evaluation of a re-entry initiative, also usually depend on the ability to draw upon, synthesize, and analyze information from multiple systems. In short, the quality and impact of a re-entry initiative invariably depends at least in part on the extent to which organizations are sharing information appropriately and effectively.

Plans to ensure that information about people involved in the criminal justice system is shared typically turn to the issue of information systems and the possibility of integrating them. A number of obstacles, however, typically stymie such plans. Laws and regulations governing the confidentiality of certain information are cited, sometimes accurately and other times inaccurately, as prohibiting a person working for one organization from exchanging information about a client to a person working for another organization. In other cases, policymakers and practitioners make information sharing dependent on quixotic plans to integrate entire information systems-initiatives so ambitious and grand in scope that they end up collapsing under their own weight. For these reasons, developing a system ensuring that a sufficient, but realistic, level of information is available to decisionmakers in the criminal justice system and service providers begins with an appreciation of the issues that typically thwart efforts to develop a comprehensive information management system.

First, understanding the role of information sharing laws and regulations, in addition to knowing how to work within these parameters, is essential. ^[1]   Federal confidentiality laws, such as the Health Insurance Portability and Accountability Act (HIPAA), regulate the use and release of medical records and individually identifiable health data. ^[2]   Under HIPAA, patients must be informed as to how their personal information may be used, and they are allowed to control certain disclosures of their personal information. Similarly, individuals in substance abuse treatment are protected from disclosure of "patient identifying" information without informed patient consent by federal rules on substance abuse patient records. ^[3]   Additional state regulations and professional ethical obligations make health, mental health, and substance abuse treatment providers reluctant to share clinical information without consent. ^[4]   Generally speaking, written consent is needed if information is to be shared beyond the clinical team providing services, though provisions exist for sharing information in a health care emergency. Some states also have specific provisions for sharing information with a law enforcement officer or agency if doing so will benefit the patient. (See Policy Statement 10, Physical Health Care, and Policy Statement 8, Development of Intake Procedure, for more on how corrections, health care, and substance abuse program administrators can share information without violating privacy regulations.) Education records are similarly protected from dissemination without the consent of the student by the Family Educational Rights and Privacy Act (FERPA), though these protections are limited. ^[5]  

Second, recognizing the extraordinary quantity of resources needed to finance the design and implementation of the grandiose vision that a single, integrated information system presents could help to pre-empt an initiative that, in the worst case scenario, could become a boondoggle. The technology required for such a system-including contracting with people who have the expertise to create and implement it-is likely to be extremely expensive. Costs associated with hiring and/or training staff to use the new system present additional expenses. Convincing policymakers about the merits of making such an investment, while it may have obvious merits, can be a tough sell, as it is unlikely to generate savings for any one agency.

Third, appreciating the extent to which existing information systems are distinct (and the reasons for these distinctions) makes people more realistic about the practicability of integrating multiple information systems. Just as criminal justice and community-based organizations may use different terminology to refer to an individual released from prison or jail, they likely use different criteria for evaluations they conduct and different methods to conduct assessments. Accordingly, deciding upon standardized data identifiers is not a simple matter; organizations may be committed to their measurements based upon long-developed experience, legislative requirement, or funder expectations. Preparing staff to use a dramatically different information system does not mean simply training them on the use of the new system, but rather confronting a major shift in the culture of entire organizations.

With an appreciation of the challenges described above, administrators of different agencies and organizations may appropriately decide to narrow the initial objectives of an integrated information system. For those state and local government officials seeking measured degrees of information system integration, some options, which vary in their degree of ambitiousness, are presented below.

Information-systems managed by one agency

State and local government officials should consider focusing initially on information systems used by offices or divisions that are administered by one agency or are under one umbrella organization. For example, a department of correction may be responsible not only for prisons in the state, but also correctional health and parole- each of which uses different information systems, making it difficult to transfer files and share treatment plans among the divisions to streamline and make more effective the release and re-entry process. Because the chiefs of these divisions report to the same executive, integrating their information systems should be a realistic, albeit challenging, goal.

Non-justice agencies, likewise, are more likely to integrate data systems internally than to integrate with justice agencies. Health agencies sometimes find it useful to link treatment data through integrated, electronic records and standardized documentation. In some states, the state department of health or mental health licenses and oversees providers who operate within the jail or prison system; in these states, corrections-based providers are treated no differently than community-based providers as far as information sharing is concerned. States in which the department of corrections maintains its own health services may find information sharing with community-based providers to be less transparent. (See Policy Statement 10, Physical Health Care, Recommendation e, for more on the importance of linking health data for an individual gathered while incarcerated for postrelease treatment; and Policy Statement 20, Planning Continuity of Care, Recommendation a, for more on employing standardized documentation and summary health records for the purpose of integrating data.)

Information systems managed by multiple agencies or jurisdictions

Integrating information systems among different jurisdictions, such as a case tracking system of the parole agency and databases managed by state or local employment assistance agencies, can be particularly challenging. As indicated earlier in this recommendation, independent agencies (whether they are distinct agencies at the state level, or agencies, such as probation, that are administered distinctly by each county) are accountable to different constituencies and sometimes are competing with each other for resources. Although efficiencies could justify integration of information systems among different jurisdictions, these projects face many obstacles that may require careful planning and consensus before proceeding. Only when multiple jurisdictions see the benefit of integration, and take their own initiatives to cooperate, are these projects likely to succeed.

Example: Common Integrated Justice System Project, Texas Conference of Urban Counties

The Texas Conference of Urban Counties, a collaborative organization comprising 37 member counties which represent over 80 percent of Texas's population, is coordinating the development of a Common Integrated Justice System (CIJS) across multiple agencies in 13 participating counties. The CJIS plan will integrate justice information in two ways: within a single jurisdiction among multiple justice-related and law enforcement agencies; and among justice-related and law enforcement agencies at the local, county, state, and federal levels. CJIS recognizes that costs can be reduced dramatically through the coordination and leveraging of efforts, standardization of work products, and cooperative oversight structure among the multiple counties and agencies.

Agencies that recognize their interdependence also have clear incentives to integrate information systems. For example, Houston police departments conduct background fingerprint checks through an electronic database at jail intake; with immediate access to the individual's arrest and jail records, the district attorney's office can quickly determine whether to prosecute, and a public defender can be appointed within three days of arrest. Integrated, electronic data systems in this instance allows the law enforcement and court systems to quickly move an individual through the jail intake and adjudication processes, which has positive cost implications for both agencies. Releasing authorities and community supervision offices lack this obvious cost incentive or direct operational imperative to integrate data systems.

Sharing "frozen" data

State and local government officials who had envisioned information systems whose data are integrated (both within justice systems and between justice and non justice systems) in "real time," may consider compromising on this objective. Real time information system integration means that authorized personnel in each agency have electronic access to certain records (or certain aspects of those records). They can access a record during the day, and they can transfer, change, or add information to it following established operational procedures. ^[6]   In the event that state and local government officials determine that such a level of information system integration is unrealistic (at least at the present time), they should assess the possibility of linking information systems to match and cross-analyze data on a "frozen," non–real-time basis. In such a system, an agency could ask another agency for specific data, and then analyze it to facilitate the design, operation, or evaluation of programs and policies that target overlapping populations. Such a system could also facilitate information sharing on even a daily basis to improve service delivery.

Example: Community Re-Entry Program, Veterans Administration and Los Angeles Sheriff's Department (CA)

The Los Angeles Sheriff's Department sends the names of inmates who report during screening that they are veterans to the Community Re-Entry Program, allowing outreach staff from the Veterans Administration to identify and offer assessment and service linkages to eligible inmates.

Compared to data integration on a real-time basis, the cost of this form of integration is insubstantial. Agencies can also tap staff in the partnering organization to collect data. Community-based health agencies, for example, can use jail-based treatment staff to record information acquired during screening, which could then be used to inform treatment plans that community-based providers develop.

Policymakers whose authority spans agencies wishing to integrate their information systems should push these organizations to narrow the scope of their initial plans without losing sight of their overarching goal: designing processes to ensure appropriate and effective information sharing. To that end, they should make clear the purposes for which data are needed, identify the data that would address these needs, and commission an assessment of the extent to which such data are already available in a particular system. Once gaps in information sharing are identified, the agency-spanning authority should establish a team of expert staff who report directly to agency directors to address these gaps. Funded by resources contributed by both agencies, the team should isolate the obstacles to integration, explore alternatives to live data integration, and assess whether these alternatives meet each organization's needs.

Example: Integrated Justice Program, Virginia Department of Criminal Justice Services

The Integrated Justice Program (IJP), a fully operational project managed by the Department of Criminal Justice Services (DCJS), was established by DCJS and the Secretary of Public Safety to improve criminal justice information processing, information sharing and decision-making across multiple justice agencies and jurisdictions. IJP staff members are charged with management and technical implementation of the project; they receive strategic guidance from, and cultivate interagency buy-in with, a project steering committee and other interagency committees and workgroups.