Using Cell Phones to Communicate with Survivors: Best Practices & Policy Recommendations
Many domestic and sexual violence programs are using cell phones to communicate with survivors. Cell phones offer a lot of convenience, but privacy and safety issues need to be thoroughly considered.
When implementing any specific type of technology within your program as part of regular service delivery, it’s important to have clear policies and procedures to outline proper use, as well as protocols for maintaining privacy for survivors and the confidentiality obligations of the agency. Additionally, the use of any technology should be thoroughly examined to ensure that it’s only used if necessary or beneficial to survivors and will not risk privacy, safety, or confidentiality. The following are some questions and points to consider if your program is looking at using cell phones to communicate with survivors.
Purpose of Cell Phone Use
Why is this being considered? What is the identified gap in services? Will providing work cell phones accomplish the goal or address the issue? It’s important to really walk through questions that analyze the purpose of using cell phones and the goals in offering services via this technology. The answers to these questions will be the groundwork to forming a policy around cell phone use.
Some common reasons for wanting to use cell phones to communicate with survivors may include the following:
Advocates are increasingly mobile and survivors often cannot immediately reach the person that they want to speak to.
Survivors are increasingly requesting the ability to text with their advocate.
In working with the community through trainings, outreach, or focus groups, teens have consistently noted that they would prefer to text an advocate with questions.
Advocates believe they can juggle their work better if they can communicate with survivors wherever they are.
Advocates want to be able to answer hotline calls from home.
Changes to services should be primarily for the benefit of survivors. It’s not uncommon to consider using technology with the assumption that it is what survivors want because it seems more convenient. Verifying that using a particular technology is what survivors want or need is a critical first step in deciding if and how to use the technology. This step can save on time and money, and can ensure that you’re focusing on the enhancements that survivors truly feel will be beneficial to them.
For example, it’s easy to assume that teens prefer to text because that’s generally their primary mode of communication. However, many teens have phones that are owned and monitored by their parents and may prefer to call rather than have a text messaging conversation seen by their parents. The lack of teens contacting for services may have less to do with the communication platform and more to do with the framing of your services and understanding what services are available.
Talk with survivors about their preferred methods of communication with advocates. This conversation should include discussing the various risks to privacy and safety with different communication methods. If a phone may be monitored by the abuser, then texting or calling from that may not be safe, and using a safe, unmonitored phone may be better.
Discuss with staff how using cell phones could change and enhance your work. Would it truly allow for better, more frequent communications? Are advocates finding themselves in positions where they need to use their personal cell phone or find a phone to contact survivors while away from the office? Will having individual cell phones increase the options for contact and lessen the burden for staff?
Hold focus groups or conduct surveys to find out if alternative methods of communication would be seen as beneficial to your community.
Agency Cell Phones or Advocates’ Personal Cell Phones
The first decision is who will provide the cell phone and what data will be available or stored on the phones.
It is best practice for agencies to purchase and provide cell phones to advocates rather than asking advocates to use their own personal phones to communicate with survivors.
The risks for advocates using their own cell phone to communicate with survivors include the following:
Advocate’s friends and family members could have access to the phone, and inadvertently see survivor information in the contacts, in email, or text messages. In addition, an advocate’s personal phone could also be part of a family plan, allowing account holders to have access to phone records and other information.
If the phone is lost or stolen, others could have access to the data in the phone. If the phone was owned by the agency, the policy could instruct that all the data on stolen or lost cell phones be remotely wiped immediately. If this was the advocate’s personal phone, mandating a remote wipe would mean that she/he would lose everything personal on that phone. Keep in mind that remote wipes do not delete data saved from data backups.
Some applications on phones automatically backup data and many phone users also backup their phones on their computer. But keep in mind that remote wipes won’t delete data that is backed up. Any identifying information about survivors saved in these would remain, despite a “wipe” of the physical phone.
Agencies may have less authority to demand that advocates use certain safety and security measures on their personal phones. For example, with an agency phone, the agency could set in their policy that unless needed for work purposes, cell phones should not be used to access certain accounts or websites that may be vulnerable to viruses. Agencies would not have the authority to limit what an advocate does on her/his personal device.
If the advocate leaves the agency, the agency will be unable to access the content on the phone. This could possibly leave the program in the position of being unable to pick up where that person left off and follow up with survivors.
Ultimately, the agency should have ownership over the content and the data that is stored in phones.
Devices and Plans
Picking the right phone and device requires thinking about the goal and need of this service.
Only buy devices that meet the needs of the program and the survivors. Buying smartphones with many features that are not needed will only add more privacy and confidentiality challenges. The simpler the phone, the simpler the issue and policy. Only use more phones that have many features if you need it to accomplish your overall goal. The following are some questions to consider.
Does the advocate need internet and email or just a voice service to receive/send calls? Will they be using text messaging as well? Do they sometimes need to email with other staff or community members? Is that something that is necessary to do from the phone while they’re on the road or can that wait until they’re back in office?
What is the agency policy on emailing with or about survivors and will doing so through an email program on the phone open up additional privacy and security concerns? Using email programs via a phone could introduce additional privacy concerns, including the fact that the email is now stored in multiple places: the agency server, the desktop/laptop computer, and in the cell phone. You will need to ensure that data retention policies take emails in cell phones into consideration.
Consider other ways that will meet the needs of survivors without incurring too much cost.
Virtual phone services and voicemail options could expand your services and availability without the need for cell phone contracts and the cost of purchasing a new cell phone. If an advocate needs to call a survivor on rare occasions and must use her or his personal cell phone, using a virtual phone number could allow the advocate to reach out but still maintain the privacy of her/his actual phone number. This should be used in rare cases, and it should be understood that call logs and text message logs should be deleted immediately from the advocate’s phone.
Who Gets a Phone?
Part of your policy should address what positions require the use of a work cell phone.
Knowing the purpose and goal of needing a cell phone will help clarify the expectations of how the cell phone should be used for work purposes.
For example, there may be one advocate who primarily works out of the office, another advocate who travels throughout the county to meet with survivors, and another advocate who does not work directly with survivors, other than some respite shifts, and whose primary role is doing outreach in the community. These three advocates have very different roles. The first will probably not need an additional phone to communicate effectively with survivors, while the second advocate may be more available to survivors by having one, and the third advocate may require access to work email.
The advocate’s role should determine the type of phone, features, and plan to reduce both costs and risks to confidentiality.
Privacy & Security
The policy should outline the steps that staff are required to take to ensure that the information on the work phone remains secure and private. Staff should then be trained on each step. The following are our recommendations for what should be included.
Passwords: Work phones should be password protected to prevent anyone else outside of the agency from accessing it.
Passwords should be different for each phone.
Supervisors and directors should always know the password.
Location: Advocates should minimize the location sharing on their phone. Even if they are not being abused or stalked, advocates are often with survivors and are sometimes targeted by abusers.
GPS should be turned to “911” or “e-911” only.
Location features of apps should be turned off.
Geotags of photos taken with the phone should be turned off.
Call & Text Logs: All logs of incoming and outgoing calls and texts should be purged regularly. If the phone uses both an internal memory and a memory card, save to only one and regularly delete from that.
Saving to a memory card offers greater protection since you can remove and destroy a memory card if you need to get a new phone.
If using the internal memory of the phone, be sure to reset the phone to factory settings to clear that memory better than by just “deleting” content when getting rid of the old phone.
Backups: If the phone is being used only for calling and texting with survivors, backing up the phone is not recommended.
Backing up is more work for advocates because they’ll need to purge the backup.
This level of information with survivors should not be retained for long and therefore should not need to be backed up.
Syncing Calendars: This feature syncs one calendar on multiple devices so you can access to your calendar on your phone. Schedule survivor information in calendars in a way that reduces the likelihood of it being identifying. Do not sync information that is not necessary.
Some calendar programs allow users to create multiple calendars. Consider creating a calendar for only appointments that you want to sync to the phone and delete information from that calendar when no longer needed.
Email Accounts: Decide if work phones should have email access based on the advocate’s role and work needs.
Smartphones make it very easy to access email without necessarily inputting a password every time. If someone should have access to the phone, it would be very easy to access email.
In addition, some virtual phone services and VoIP services allow a voicemail message to be delivered in an email. Email is not always a secure method of communications and many callers might not be aware of how the service is being used and are therefore not making an informed choice regarding if they leave a message. If used, the message to callers should make clear the technology being used and privacy risks.
Personal Accounts on Work Phones: Policies should address whether or not staff are allowed to also sync their personal accounts to their work phones.
This is not recommended since it could lead to accidentally mixing survivor information in with personal information or accounts. (For example, creating a new calendar event for a meeting with a survivor could inadvertently be added to the personal calendar).