"Institutional sharing of information requires that agencies establish memoranda of understanding or legal agreements among agencies to confirm what and how data will be exchanged and used, and that they maintain records of what information has been shared and the authorization for sharing it. In addition, agencies must adequately train the staff who use the information and specify how they secure both electronic and paper files. The following examples are strategies for protecting the confidentiality of information used across agencies:

• Agencies that collaborate for in-take procedures, direct service, or research explicitly spell out procedures for obtaining informed consent and define in advance what data will be shared, how they are used, and the means of ensuring privacy if they are released from the originating agency.

• When research studies are to be conducted, information from several agencies can be analyzed within the education agency, following adequate privacy safeguards, so that no identifiable information is available to individual researchers or analysts.

• Data are matched electronically so that personally identifiable information from several data sources is connected within the computer and not actually seen. In these cases, personal information is only used to produce aggregate results for groups and programs." (p. 84)