Reducing Housing Insecurity + Homelessness

Housing equity is the fair and just distribution of housing opportunities and outcomes for all people, regardless of race, ethnicity, income, or other protected characteristics. In the United States, achieving housing equity has been a challenging journey, with minority households disproportionately experiencing housing insecurity and homelessness.

To address the issue of housing equity in their communities, cities and towns have made the following breakthroughs: 

  • Increase the supply of affordable housing. This can be done through various strategies, such as inclusionary zoning, which requires developers to set aside a percentage of units in new developments for affordable housing, and by creating or expanding housing trust funds, which provide financial assistance to developers to build and preserve affordable housing.
  • Protect tenants from eviction. This can be done through enacting rent control measures, expanding access to legal aid for tenants facing eviction, and creating eviction diversion programs.
  • Invest in community development programs. These programs can help to improve the quality of life in low-income neighborhoods and make them more attractive places to live. This can include investments in parks, schools, libraries, and other public amenities.
  • Address the root causes of housing insecurity — poverty, unemployment, and discrimination. By addressing these underlying issues, cities and towns can help ensure everyone has a safe and affordable place to call home.

What other cities are doing to address housing equity?

  • Boston, Massachusetts, made history by becoming the inaugural major U.S. city to enact a fair housing amendment within its zoning code. This groundbreaking amendment mandates that prospective developments assess their potential impacts on residents who have historically faced discrimination. This proactive measure enables the implementation of strategies aimed at mitigating such effects, creating fresh housing prospects, and rectifying legacies of exclusion.
  • Minneapolis, Minnesota, has enacted a citywide inclusionary zoning ordinance that requires developers to set aside 20% of units in new developments for affordable housing.
  • Denver, Colorado, has created a housing trust fund that has helped to finance the construction or preservation of over 10,000 affordable housing units.
  • Seattle, Washington, has implemented a rent control ordinance that caps annual rent increases at 3%.
  • New York City has created an eviction diversion program that helps tenants facing eviction to stay in their homes.
  • San Francisco, California, has invested heavily in community development programs in low-income neighborhoods.
affordable housing unit

Housing equity programs 

The Continuum of Care (CoC) Program is a federal program that provides funding to local communities to support a range of housing and supportive services for people who are homeless or at risk of homelessness. The CoC Program is designed to serve people experiencing homelessness at all points on the spectrum, from those who are living on the streets to those who are transitioning from homelessness to permanent housing.

The Built for Zero movement is a national initiative to end chronic homelessness. Built for Zero communities are working to coordinate their efforts to identify and address the root causes of homelessness, such as poverty, unemployment, and lack of access to healthcare.

Cities and towns can use the CoC Program and the Built for Zero movement to help address housing equity in their communities. By coordinating their efforts and focusing on the root causes of homelessness, municipalities can make significant progress in ensuring everyone has a safe and affordable place to call home.

Here are a few specific ways that cities and towns can use the CoC Program and the Built for Zero movement to address housing equity:

  • Use CoC Program funding to support affordable housing development and preservation.
  • Implement Built for Zero principles to coordinate efforts to identify and address the root causes of homelessness.
  • Use data to track progress and identify areas where additional resources are needed.
  • Engage with community members and stakeholders to ensure that housing equity is a priority.

By taking these steps, cities and towns can help to create more equitable communities where everyone has a safe and affordable place to live.

Protecting your staff from getting “Hooked”

Small businesses face an ever-present threat: phishing attacks. These deceptive cyber schemes can wreak havoc, leading to data breaches, financial losses, and severe reputation damage. To safeguard your small business and ensure your team stays clear of phishing traps, it’s essential to implement robust security strategies and educate your staff about the dangers of these scams.

Unveiling the Phishing Menace

Phishing attacks involve cybercriminals sending convincing emails or messages that appear to be from trusted sources, often mimicking renowned companies, government entities, or colleagues. The sinister objective? To manipulate recipients into disclosing sensitive information, such as login credentials, credit card details, or personal data, or to dupe them into downloading malicious software.

Safeguarding Your Small Business

Employee Training: Your workforce is the first line of defense against phishing threats. Empower them with the knowledge to spot common phishing indicators, like unexpected emails requesting confidential data, misspelled website URLs, or generic greetings. Encourage a cautious approach and emphasize the importance of verifying unusual requests.

Implement Top-notch Security Software: Get strong antivirus and anti-malware software to protect your computers. Keep this software up to date to make sure it works properly.

Harness Email Filtering: Set up email filters to catch phishing emails before they reach your team. Filters can find and flag suspicious messages, making it harder for phishing attacks to succeed.

Activate Two-Factor Authentication (2FA): Activate Two-Factor Authentication (2FA) for important accounts. This means you’ll need to confirm your identity using a second method, like a text message or an authentication app. It adds a layer of protection.

Regular Updates: Make sure all your software, operating systems, and apps are always up-to-date. Cybercriminals often use weaknesses in outdated software to attack.

Create an Incident Response Plan: Create a plan for what to do if you suspect a phishing attack. The plan should include steps to stop the attack, tell the right people, and investigate what happened.

Embrace Encryption: Use encryption to keep your important information safe. Encrypting emails and files makes it very hard for cybercriminals to steal your data.

Check Your Vendors: If you rely on other companies for services or software, make sure they have strong security measures. A breach at one of your vendors could hurt your business too.

Stay Informed: Stay updated on the latest phishing tricks and trends. Cyber threats change, so it’s important to keep learning to stay safe.

Regular Testing: Regularly test your team with fake phishing emails to see if they can spot them. It helps find areas where more training is needed.

Conclusion

By prioritizing employee education, implementing robust security measures, and staying vigilant, your small business can protect its valuable data and reputation from cybercriminals aiming to get your staff “hooked” in their phishing schemes. Contact HCH Sales to access our support and expertise.

Navigating HIPAA Compliance: 10 Vital Pitfalls Health Stewards Must Sidestep

By Chelsea Levesque, Director, Marketing and Communications, HCH Enterprises

In the realm of healthcare, HIPAA (Health Insurance Portability and Accountability Act) stands as a cornerstone for safeguarding patient information. Health stewards, encompassing health insurance companies, HMOs, company health plans, and government programs like Medicare and Medicaid, share the responsibility of upholding HIPAA regulations to preserve patient privacy and maintain data integrity. This blog sheds light on 10 prevalent HIPAA blunders that Health Plans should evade to ensure compliance and cultivate patient confidence.

Neglecting Comprehensive Staff Training:
Mistake: Overlooking the imperative of comprehensive HIPAA training for staff members.
Solution: Implement consistent HIPAA education sessions for your Health Plans team, reinforcing awareness of HIPAA rules, patient privacy, and adept management of sensitive data.

Lax Access Control Measures:
Mistake: Permitting unauthorized personnel unrestricted access to patient records.
Solution: Set up stringent access controls that limit PHI access to authorized personnel exclusively. Regularly assess and refine access authorizations.

Skimming on Risk Assessments:
Mistake: Omitting regular risk assessments that identify potential vulnerabilities.
Solution: Conduct frequent risk assessments to identify potential security loopholes, subsequently applying robust safeguards.

Inadequate Data Storage Security:
Mistake: Storing patient information on unsecured platforms or devices.
Solution: Encrypt electronic PHI (ePHI), implement robust password practices, and adopt secure data storage protocols to thwart unauthorized access.

Poor Data Disposal Practices:
Mistake: Mishandling the disposal of patient data, both physical and digital.
Solution: Enforce secure data disposal techniques, such as shredding paper records and securely erasing electronic data, to prevent unauthorized access post-disposal.

Overlooking Business Associate Agreements:
Mistake: Failing to establish comprehensive agreements with third-party entities handling patient information.
Solution: Draft comprehensive business associate agreements to ensure third-party compliance with HIPAA regulations when handling patient data.

Absence of a Rigorous Incident Response Plan:
Mistake: Operating without a clearly defined plan to manage data breaches and security incidents.
Solution: Develop and regularly update an incident response plan that outlines steps to address potential breaches with prompt and effective measures.

Insecure Communication Channels:
Mistake: Transmitting patient data via unencrypted emails or other insecure modes of communication.
Solution: Employ secure communication methods, such as encrypted email services, to fortify patient data protection during transmission.

Disregarding Patient Rights:
Mistake: Ignoring patients’ rights to access, amend, and request copies of their health records.
Solution: Establish streamlined processes to promptly fulfill patient requests for their health information, respecting their rights diligently.

Insufficient Documentation:
Mistake: Failing to maintain meticulous records of HIPAA compliance efforts.
Solution: Keep detailed records of training sessions, risk assessments, policies, and procedures, ensuring comprehensive documentation to demonstrate compliance when required.

Conclusion
Health stewards bear the onus of upholding patient privacy and adhering to HIPAA regulations. By avoiding these prevalent HIPAA pitfalls and adopting proactive compliance measures, they can secure patient data, bolster patient trust, and shield themselves from potential legal and financial repercussions. Embrace the continuous commitment to HIPAA OSHA compliance, fortifying patient-provider relationships and cultivating a secure environment that benefits both patients and healthcare providers.

We specialize in providing comprehensive OSHA and HIPAA compliance solutions, including certification, tailored to the unique needs of your business. Stay ahead in the compliance game and fortify your commitment to #patient-centric care with us today!

#PublicSectorConsulting #HIPAACompliance #HealthcareIntegrity #PatientPrivacy #HealthPlans #Medicare #Medicaid #HealthInsurance #HMOs #DataSecurity #OSHA

SecurityBeat: Software Security Needs Validating

By Donald Borsay, Director of Security Solutions, HCH Enterprises

Software Security: A Critical Concern for Businesses in 2023

In March, HCH strongly recommended that clients prioritize addressing the Top 8 Cybersecurity Challenges of 2023. Among these, Software Security emerged as a critical concern, particularly for businesses undergoing Digital Transformation.

The complexity of Software Security is intensified when dealing with Outdated Security Technologies and inadequate responses to Zero Day Events. A valuable approach to bolster Software Security confidence is through Web Application Penetration Testing (WAPT).

Our trusted partner, Cobalt, a ‘platform-as-a-service’ WAPT provider, has recently unveiled The State of Pentesting 2023. In response, HCH is issuing this advisory to provide actionable insights into Software Security, leveraging the insights from this newly released report.

Resource Allocation is a Key Concern

A significant overarching concern is resource allocation. Clients with established Software Security processes are striving to achieve more with limited resources. This often involves outsourcing, deferring remediation efforts, and compromising validation processes. Conversely, clients without existing Software Security measures face challenges in securing adequate resources for software development, let alone validation.

HCH acknowledges this dilemma and has chosen to collaborate with Cobalt due to their innovative delivery model, which optimizes Return on Investment (ROI) and cost savings for clients.

Instill a Software Security Mindset

Instilling a Software Security mindset within your organization can be transformational. Unlike functional requirements, Security is largely non-functional. While system design, infrastructure configuration, and software coding address functional needs, they might not inherently ensure security. At the very least, development teams should familiarize themselves with the OWASP Top Ten vulnerabilities. Cobalt’s assessments have revealed critical vulnerabilities like SQL Injection, Remote Code Execution, and the use of Default Credentials. To effectively address these threats, HCH suggests implementing a comprehensive checklist within your software release process.

Get the Most Out of Your Penetration Testing

To derive maximum value from your investment in penetration testing, it’s essential to empower your penetration tester. Collaborate with HCH to enhance your preparedness, or alternatively, utilize the Pentest Preparation Checklist outlined in the Cobalt report. Avoid potential hindrances during testing, such as:

  • Testers lacking necessary credentials or access prior to the test initiation.
  • Misalignment of the testing scope.
  • Insufficient ongoing collaboration throughout the testing process.
  • Inadequate brief or asset information.

Remediate and Retest Critical Findings

While Cobalt offers free retesting for resolved findings, less than 25% of identified issues undergo retesting. Although this might be reasonable for lower-severity findings, it’s concerning that 61% of critical vulnerabilities remain untested again, likely due to unresolved issues or a decision to forgo validating crucial fixes. HCH firmly advocates for the remediation and retesting of critical findings. Moderate findings should not be accepted without formal documentation of compensatory controls.

Conclusion

Trust in your Software Security demands verification. Make security a cornerstone of your software release strategy. Prioritize thorough testing of your software application and adequately prepare for the testing process to maximize its value. Lastly, prioritize the rectification and retesting of significant findings. HCH is dedicated to assisting you throughout this journey. Contact HCH Sales to access our support and expertise.

Grant Opportunity: Connect Your Community

By Chelsea Levesque, Director, Marketing and Communications, HCH Enterprises

In a groundbreaking move, the Broadband Equity, Access, and Deployment (BEAD) program has allocated a staggering $42.45 billion in grants to states, the District of Columbia, and territories. This monumental investment, a key component of the “Investing in America” agenda put forth by the Biden-Harris Administration, aims to provide affordable and reliable high-speed internet access to every American. By bridging the digital divide, this initiative, aptly named “Internet for All,” will reshape our digital landscape, unlocking new opportunities and enhancing competitiveness on a nationwide scale.

Today, high-speed internet is no longer a luxury but a necessity, indispensable for work, education, and healthcare. The “Internet for All” program will enable communities to connect, fostering economic growth and empowering individuals across the country.

Through the allocation of funds, states, the District of Columbia, and territories can establish grant programs specifically designed to deploy or upgrade broadband networks. This critical step ensures that affordable and dependable internet service becomes accessible to everyone.

For comprehensive information on funding allocations tailored to each state, as well as further details on the Biden Administration’s high-speed internet portfolio, we invite you to visit InternetForAll.gov. Stay tuned for the formal allocation notice, which Eligible Entities will receive on June 30, 2023.

At HCH, we are proud to be a part of this transformative initiative. Our organization champions equity and facilitates the grant process for communities. From acquisition to disbursement, we are dedicated to unlocking the full potential of our nation through the power of high-speed internet.

Join us on this journey as we pave the way towards a more connected and inclusive America. Together, we can harness the transformative power of high-speed internet, bringing us closer to a future where opportunities know no bounds.

#InternetForAll #NTIA #InvestingInAmerica #BroadbandEquity #PublicSectorConsulting #ConstituentsFirst #GrantHelp

Building Inclusive Government Policies: A Roadmap to Equity

Leaders in Government and Critical Infrastructure

Today, we would like to explore how government leaders can champion diversity, equity, and inclusion (DEI) as foundational principles in their decision-making processes. By prioritizing these principles, leaders can create policies that better reflect the needs of all people and build trust among their constituents.

Diversity

Inclusion and representation from various backgrounds, including race, ethnicity, gender, age, abilities, etc.

Equity

Fairness, ensuring that everyone has equal access to opportunities and resources, regardless of their background.

Inclusion

Creating an environment where everyone feels valued, respected, and has a voice in decision-making processes.

Employee Resource Groups (ERGs)

ERGs stand as valuable assets in cultivating inclusive and equitable work environments and communities. They provide a platform for underrepresented employees to connect, gain insights, and advocate for their needs.

ERGs play a pivotal role in DEI initiatives:

Fostering Inclusion: ERGs promote belonging and authenticity among employees, increasing visibility for underrepresented groups and fostering acceptance.

Improving Diversity: ERGs actively participate in talent attraction, showcasing organizations as welcoming communities and communicating the needs of underrepresented groups to leadership.

Promoting External Impact: ERGs assist in recruiting diverse talent pools, diversifying the workforce, and participating in government-led talent attraction events.

Training

Training acts as a catalyst for creating inclusive and equitable environments, addressing individual and institutional aspects.

Key aspects of training in government:

Mitigating Implicit Biases: Training empowers employees to recognize and mitigate unconscious biases in decision-making.

Ongoing Education and Awareness: Training programs keep employees updated on DEI best practices and emerging issues, fostering a culture of continuous improvement.

Interpersonal Relationship Building: Training addresses attitudes, stereotypes, and microaggressions, promoting a respectful workplace.

Institutional Transformation: Training empowers core groups to champion equity initiatives and addresses institutional and structural racism.

Community Engagement

Building connections with diverse community organizations and stakeholders provides invaluable insights into the unique needs and concerns of various populations.

Community engagement is essential for:

Building Relationships and Understanding: Engaging with diverse stakeholders informs policies that truly serve and represent communities.

Enhancing Trust and Transparency: Active listening and collaboration foster trust between government and constituents.

Inclusive Decision-Making: Involving stakeholders in discussions ensures fair and equitable policies.

Effective Service Delivery: Understanding community needs allows for more efficient and equitable service allocation.

Conflict Resolution and Prevention: Open communication helps address issues proactively.

Promoting Civic Participation: Engaging the public encourages active participation in local governance.

State Government Examples

Rhode Island (RI) is known for its community-focused racial justice initiatives, including DEI task forces, diversity celebrations, outreach strategies, criminal justice reform, and leadership pipelines.

Community-focused racial justice initiatives include: 

Transparency

Transparency and Accountability

Transparency and accountability are vital in DEI efforts, driving trust, progress measurement, and positive examples.

Public Trust: Openly sharing DEI goals and progress builds trust with the public.

Stakeholder Engagement: Involving the public and organizations invites collaboration and feedback.

Positive Example: Prioritizing transparency sets an example for other organizations.

The journey towards inclusive government policies involves breaking down barriers, embracing diversity, and promoting fairness at all levels. By implementing ERGs, training, community engagement, and transparency, leaders in government and critical infrastructure can forge a more equitable future for all.

Contributors:

Kathryn Peterson, Technical Writer

Chelsea Levesque, Director, Marketing

References:

Gain a comprehensive grasp of effective grant writing and management, along with a deep appreciation for the pivotal role of broadband connectivity, through our enlightening webinar. Designed for professionals in both public and private sectors, this engaging session aims to enhance your knowledge and confidence in navigating the intricacies of grants while fostering the well-being of all communities.

Our interactive webinar delves into the fundamental elements of excelling in grant applications, navigating grant administration, and harnessing the transformative potential of broadband access for community advancement. Whether you’re a dedicated government official, a passionate nonprofit leader, or a knowledgeable private sector consultant, this informative webinar equips you with the essential insights to drive tangible impact within your community and professional sphere.

Webinar Highlights:
– Unveiling the Importance of Grants in Fostering Community Growth
– Exploring the multifaceted benefits of grant funding for nurturing vibrant community development projects
– Real-world case studies illuminating successful, grant-supported projects
– Crafting an Effective Grant Proposal: The Basics
– Navigating Optimal Grant Management Strategies
– Showcasing Achievements of Grant-Supported Broadband Initiatives
– Engaging Q&A Session to Address Your Inquiries

Don’t miss this invaluable opportunity to enhance your grant writing skills, gain insightful perspectives on streamlined grant management tactics, and recognize the life-changing potential of broadband connectivity for diverse communities. Secure your spot today and actively contribute to our mission of empowering communities and fostering sustainable progress.

Register now to embark on a journey towards understanding community empowerment and facilitating enduring growth!


Register Here

Spending ARPA funds. Does your city have a plan?

It’s been nearly two years since the passage of the American Rescue Plan Act (ARPA) — a $1.9 trillion economic stimulus bill including an allocation of $350 billion to help state, local, and tribal governments to address economic and health impacts of the COVID-19 pandemic. While ARPA’s State and Local Fiscal Recovery Fund (SLFRF) dollars offer flexibility, it is important for all municipalities to have a plan in place, and the time to act is now — as cities and towns must obligate their funding by December 31, 2024.

How can municipalities spend SLFRF funds?

Cities and towns have many options for using their ARPA dollars. According to the U.S. Department of the Treasury, there are four separate eligible use categories. Local governments may use SLFRF funds to:

  • Replace lost public sector revenue, using this funding to provide government services up to the amount of revenue lost due to the pandemic.
  • Respond to the far-reaching public health and negative economic impacts of the pandemic, by supporting the health of communities, and helping households, small businesses, impacted industries, nonprofits, and the public sector recover from economic impacts.
  • Provide premium pay for essential workers, offering additional support to those who have and will bear the greatest health risks because of their service in critical sectors.
  • Invest in water, sewer, and broadband infrastructure, making necessary investments to improve access to clean drinking water, to support vital wastewater and stormwater infrastructure, and to expand affordable access to broadband internet.

More on SLFRF Rules and Regulations

As a municipality, it’s important to understand how you can use ARPA funding — but that’s only part of the equation. The more challenging element is determining how you should apply these dollars. 

The goal for any municipality should be to capitalize on this tremendous opportunity for recovery in ways that meet the most prevalent needs of the community. The challenges many cities and towns face is — identifying those needs, and assessing the most effective pathways to meet those needs. Many communities are developing recovery and growth plans that involve:

  • Constituent Communications — engaging with the people in their communities to assess needs and priorities.
  • Data Analysis —  Collecting, organizing, and analyzing data points to gain insights to accelerate community recovery and equity.
  • Peer Evaluation — Reviewing what other similar communities have done and are doing with their ARPA funds, learning from their successes and challenges.
  • Compliance and Reporting — Ensuring projects meet the Treasury’s requirements for suitability and that quarterly reporting requirements are met and timely filed.
  • Project Management — Defining a plan and developing the roadmap to deliver the intended outcomes.

How are cities and towns using their ARPA money?

As it’s been nearly two years since ARPA’s passing, there is more and more data on how these funds — specifically those of the State and Local Fiscal Recovery Fund — are being allocated. The Council of State Governments published a database of all state-level allocations of SLFRF funding. Additionally, there is a Local Government ARPA Investment Tracker project developed through a partnership between the National League of Cities, Brookings Metro, and the National Association of Counties pulling in data from ARPA projects from cities and counties with populations of at least 250,000. 

According to data from the Local Government ARPA Investment Tracker, as of August 31, 2021, 150 local governments submitted 2,577 projects involving $18.5 billion in SLFRF funds. Specifically, these projects involve a number of spending categories:

  • Government Operations (37.6%)
  • Infrastructure (12.5%)
  • Housing (12.5%)
  • Community Aid (12.3%)
  • Public Health (12.2%)
  • Economic and Workforce Development (11.1%)
  • Public Safety (2.3%)

While information on how state governments and large cities are deploying their recovery funds is easily accessible, there is very little reporting on how small towns and medium-sized cities are making use of ARPA dollars. That’s why it may be beneficial for small-to-medium cities and towns to work with consultants and project managers to help ensure they are using these SLFRF funds in the most meaningful and efficient ways.