Although resources are the backbone of victim assistance, their management creates a lot of duplicative work for agencies. Many victim service agencies find that locating, compiling, screening, and organizing resources is extremely time consuming. Further, different agencies serving a particular geographic area or a particular victim group find that their hours of independent work performing resource collection and management tasks result in very similar products. Even more frustrating, service agencies find that by the time the resource findings are printed and distributed, they often are out of date.

Denver victim service providers decided to eliminate this duplication of effort and produce a shared, Internet-based directory of resources for use by all service providers as well as allied professionals, victims of crime, and other community members. Thirty-eight ProviderNet agencies created the VS2000 online Resource Directory based on a successful resource directory developed collaboratively in 1997 by three Denver victim service agencies. Available in Spanish and English, the Resource Directory comprises more than 800 records, each containing detailed information about a specific government- or community-based agency or resource. These records represent the combined information and referral sources of all 38 ProviderNet agencies.

An information specialist in one of the ProviderNet agencies administers the Resource Directory. She created the directory's original database and worked with all 38 ProviderNet agencies to design the directory's template, combine all agency referral sources, develop referral agreements with each referral source, develop and test the directory, and maintain directory data. This administrator works with each ProviderNet agency under a formal operating agreement that states that the agency will provide its information and referral resources for inclusion in the directory and advise about the directory's ongoing development and maintenance.

To access the Resource Directory, users may go to the VS2000 Web site and log on to the ProviderNet gateway. Comm-unity members may access the Resource Directory directly from the Web site without going through the ProviderNet gateway. Users and community members may then search for resources using any combination of the following categories: services provided; agency name; type of victim served; languages spoken; geographic area, age, and ethnicity served; fees for service; wheelchair accessibility; and ZIP code. Selecting more categories narrows the search. To enhance communication among ProviderNet members, each ProviderNet agency in the Resource Directory lists supplemental information, including staff names, positions, and contact information.

From a completed search, agencies can create a report of the search results. From this report, an agency can print one or several records and provide them to a victim. The Resource Directory also can be printed in full or by category to provide copies to victim advocates in the field who do not have access to the Internet.

The Resource Directory administrator is responsible for keeping the directory current. When ProviderNet users find an out-of-date record, they send a correction electronically to the administrator, who verifies the new information and updates the record. In another effort to keep information current, the administrator supervises a group of volunteers who contact, on a rotating monthly basis, the service providers listed in the directory to verify their information.

Training Center

Just as resources are the backbone of victim services, training is its foundation. An examination of how available training resources were used by various Denver victim service agencies revealed that changes were needed. Initial surveys, focus groups, and anecdotal evidence indicated that victim service agencies were each offering very similar training to staff and volunteers once or twice a year, often using the same trainers and speakers. In addition, cross-training among agency staff was identified as a critical need in establishing understanding, trust, and a basis for solid referrals among agencies. The creation of the online Training Center has answered these needs by streamlining training efforts, reducing duplicate training, and creating a framework to encourage cross-training.

The online Training Center provides many advantages. It allows ProviderNet users and community members to share training opportunities. Trainings may be searched by entering a keyword, a date, or a category such as child sexual abuse, criminal justice, cross-training, disability, diversity, domestic violence, elder abuse, gang violence, hate/bias crimes, homicide, restorative justice, secondary trauma, sexual assault, and youth violence.

ProviderNet users can enter the training events they are hosting and register for training events being offered by other agencies. The system also allows users to select the training categories in which they want to participate. If such training is entered into the system as available from another ProviderNet agency, the interested user is notified by e-mail when registration begins. This arrangement allows agencies to use existing resources to train new volunteers, staff, and board members.

Cross-training events also are posted on the online Training Center. Annually, each ProviderNet agency offers at least one event geared specifically to cross-train users from other community agencies. Such cross-training can include information about a particular type of victimization, the agency's services, or the agency's philosophy.

A VS2000 system administrator runs the online Training Center. In addition, each ProviderNet agency has assigned a staff member as the training contact for the online Training Center. The training contact is the point of contact within the agency for training in using and evaluating the center, suggesting enhancements to the center, and assuring appropriate use of the center.

Case Management System

To create a seamless network of services, VS2000 staff asked victim service providers how best to fill the current gaps in services. The responses of the victim service professionals echoed the responses of the crime victims in the focus groups and surveys conducted by VS2000 staff: all agreed that a Case Management System could help fill service gaps and bring appropriate services to victims.

When victims of crime must talk about their victimization over and over again, they feel revictimized. When victims of crime summon the courage to request services from one agency and are told they must call yet another agency, they feel revictimized. When victims of crime are offered a limited range of services instead of being asked what they need, they feel revictimized. These are problems CMS will address. Currently under development, CMS will be fully operational by December 2001.

The Case Management System operates on three principles:

• Victims should not have to undergo duplicative intake procedures when requesting services from different agencies for the same victimization incident.

• Victims should feel that services are being provided by a connected system or network.

• Sharing information among multiple service providers, with the consent of the victim, is a good way to achieve a connected system or network of services.

The CMS concept is an improvement over other case-tracking systems because it offers victim service providers a comprehensive tool for gathering and exchanging victim service information, including assessing and tracking critical, intermediate, and long-term needs of victims of crime across multiple agencies. Through CMS, victim advocates can use a standard intake and assessment process, make electronic referrals for service with other providers, ensure services were delivered, collect victim feedback, and prepare automated reports. This valuable exchange of information is possible because security was a top priority for the creators of CMS. They designed CMS to be a safe conduit for sharing information among community-based victim service providers.

Twenty agencies use CMS to provide services to meet the specific needs of crime victims in a culturally sensitive manner. Eighteen of these are community-based agencies that share case information through CMS. Two agencies are based in the criminal justice system and operate in a stand-alone context, using CMS only to track services and provide case management within their own agencies. This is to protect victim confidentiality because any information about victims received by them is open to discovery by defense attorneys. Another agency, Denver's largest hospital, has a sophisticated case management system in place and uses CMS only to track the success of referrals made to ProviderNet agencies.

Sharing case records among organizations was a new and innovative idea in victim services and further development was required before it could be automated. The Case Managers' Committee was formed to help the technology project manager and software developers define the standard forms, rules, policies, and procedures to be used in this project. This joint work became the basis for the design and operations of CMS.

All 20 CMS agencies agreed to use the standard intake and assessment forms that were generated for CMS based on each agency's actual intake and assessment procedures. In addition, forms were customized for each agency to collect information specific to the agency, such as community education, funding reports, and service delivery assessment.

Under CMS, when a victim requests services from one community-based ProviderNet CMS agency, a CMS staff member asks the victim whether he or she is currently receiving services from another ProviderNet agency. If the victim is receiving services from another community-based ProviderNet agency, the CMS staff member, with the victim's consent, electronically acquires the completed intake information. Or, if the victim is receiving services from a criminal justice agency, the CMS staff member identifies a criminal justice contact for coordinating advocacy for the victim. If the victim is not receiving services elsewhere, the intake and assessment are completed at that time. From the assessment, a service plan is developed for the service provider and victim to follow as they work together. The service plan also provides a way to follow up on referrals for service with other agencies. During their work together, the service provider may identify additional referrals for the victim and use the online Resource Directory to search for, print, and electronically record these referrals. When such referrals are made within CMS agencies, the CMS provider can again use the Resource Directory to search for, print, and electronically record and forward the victim's intake, assessment, and service information. It is up to the victim whether to share his or her case record with one or many ProviderNet agencies. Written consent forms are printed individually for each referral agency. Advocates' confidential case notes are never shared among agencies; they are kept separate and are not attached to the intake, assessment, or service history documents.

The Case Management System makes administrative tasks much easier for victim service agencies. Agencies can generate a client satisfaction survey at any point in a case. Cases can be stored on CMS and retrieved immediately for up to 10 years. For periods longer than 10 years, cases are archived and can be retrieved by the system administrator upon request. Data in CMS allow agencies to electronically generate grant reports for the Victims of Crime Act (VOCA), the Domestic Abuse Assistance Program Act (DAAP), and local victim assistance program funders.

Security has been a primary concern in developing the VS2000 technology system. Although very little information in the Resource Directory and Training Center needs high security, CMS does contain confidential information that is secured through measures at the user and system design levels.

Security at the User Level

All victim service providers who are part of the VS2000 ProviderNet have access to the Resource Directory, the Training Center, and CMS. A technology contact within each agency is responsible for notifying the VS2000 system administrator when staff members join or leave the agency. When a new staff member is added to the user database, he or she is assigned a login identity by the system administrator. Then, the new employee enters the system using three levels of password protection known only to the individual and administrator. The password is composed of a portion of the new employee's social security number, the new employee's mother's maiden name, and an alphanumeric combination chosen by the new employee. When a staff member leaves an agency, the system administrator can immediately remove his or her access to the system.

CMS also has user security levels within the system to ensure that staff members in victim service agencies use CMS only within the parameters of their job duties. For example, intake/data users can only enter data into the system and cannot access existing case data. Service provider users can enter and edit data in their own cases and run reports. Supervisor users can delete records and reassign cases. The system administrator is a super user and controls access for all users.

In addition, victim service providers in criminal justice agencies never share case records with other providers. These advocates use CMS only as a stand-alone application within their own agencies. Their case data do not reside on the VS2000 server but on the servers physically located within their own agencies.

Security at the System Design Level

Security was factored into the design of CMS. Although any computer with an Internet connection can access the Resource Directory and the Training Center, this is not the case for CMS, which relies on user location to verify legitimate users. Like using a file cabinet in an agency, where one must be in the file room and have the correct key to get into the cabinet, a CMS user has to be at a computer terminal inside one of the 20 ProviderNet agencies and have a valid login identity and password to gain access to CMS information.

CMS runs on a network server maintained by the system administrator. When agencies share case records, a specific user at one agency sends a message to the server to share certain data with a specific user at another agency. Supervisor users can reassign cases when a user on their staff is on vacation or leaves the agency. All records entered into the system by a particular agency are the property of that agency and cannot be accessed by other users outside the process designed for sharing. Case notes, which may contain confidential information, are never shared with another agency, even when a case record is shared. However, case notes can be shared among staff within an agency.

Sharing case information is permitted only with the victim's informed, written consent. The computer process for sharing case information mirrors the paper process that has historically been used by victim advocates. When an advocate wants to make a referral or get information from another ProviderNet agency from which the client is currently receiving services, the advocate provides the client a written consent to release information form that is generated by CMS for each referral agency. Once the victim signs the consent to release information form, it is entered into CMS and allows sharing of case information. The originating agency keeps a copy of the signed form on file.

CMS affords further protection to its users. Data are not sent over the World Wide Web, where others could gain access to them. Rather, VS2000 agencies use digital subscriber lines (DSL) to connect to the server that runs CMS. DSL is a highly secure, "always-on" Internet connection that allows case records to be shared via a private network, or intranet. In addition, the system has a sophisticated firewall between the VS2000 server and the Internet that blocks unauthorized users or "hackers."

The physical security of the VS2000 server is maintained at all times. The server is located in a community agency in a locked room to which only the system administrator and backup administrator have access. Operational procedures require that all system administrator candidates undergo a criminal history check.

The combination of these procedures has assured victim advocates in Denver VS2000 that victims and their case records can be kept safe.