In 2020, Massachusetts enacted a law requiring the DPPC to “establish and maintain a registry of care providers against whom the [DPPC] has made a substantiated finding of registrable abuse.” The DPPC Abuser Registry is effective July 31, 2021, and is intended to protect individuals with intellectual or developmental disabilities (“I/DD”) by barring care providers who have a substantiated finding of registrable abuse from working with other persons with intellectual or developmental disabilities. A substantiated finding of registrable abuse is a finding by the DPPC, after investigation and opportunity to appeal, that a care provider abused a person with I/DD.
A care provider is a person who is employed by, or contracts with, the Department of Developmental Services (“DDS”) or an Employer who provides services or treatment to persons with I/DD. Care providers include all current and prospective caretakers in any program licensed, contracted, or funded by DDS to provide services and support to persons with intellectual or developmental disabilities. Care providers can include volunteers, interns, work-study participants, or any other similar unpaid positions.
DDS and agencies defined as Employers by the law must check the registry. For purposes of the DPPC Abuser Registry, Employer means any agency that provides services or treatment to people with I/DD pursuant to:
- A contract or agreement with DDS;
- Funding administered by DDS; or
- A license issued by DDS.
The DPPC Abuser Registry is not a public registry. This information is not considered a “public record” for purposes of M.G.L. c. 66 and all information regarding care providers listed on the DPPC Abuser Registry is confidential. By law, the DPPC Abuser Registry can only be accessed by DDS or Employers who are funded by, contract with, or are licensed by DDS. Employers are required to create verified accounts to check whether employees or prospective employees are on the DPPC Abuser Registry.
Accessing the DPPC Abuser Registry
If you are an employer who runs a program that is licensed, contracted, or funded by DDS, please submit the DPPC Employer Access Authorization Form (DOCX) and send it to the DPPC by email to DPPCRegistry@mass.gov. The DPPC may also request documentation to confirm that you meet the definition of employer pursuant to M.G.L. c.19C (ex. DDS contract, DDS funding agreement, etc.). Additionally, your organization will be required to provide contact information for one individual to act as an authorized access administrator. DPPC will consider the authorized access administrator as the Employer’s official representative for all DPPC Abuser Registry matters. All future correspondence sent to Employers, including notifications of substantiated cases of registrable abuse by a care provider, will be addressed to the designated authorized access administrator. Authorized access administrators may also be contacted to perform employment verifications during the course of a compliance review and/or investigation. The authorized access administrator will be responsible for approving the user accounts for employees of your organization who will be searching the DPPC Abuser Registry. Each organization may have up to four user accounts.
If your organization has been registered to access the DPPC Abuser Registry, your organization’s employees may request an online user account to access the DPPC Abuser Registry. To create a user account, your employees should go the DPPC Abuser Registry Portal page and click Log On. This will create a pop-up window. Click the Create Account button at the bottom of the pop-up window. When your employee selects the Create Account button, they will be asked to submit their name, email address, job title, and organization name. DPPC will contact the authorized access administrator to confirm that your employee is authorized to access the DPPC Abuser Registry. Upon confirmation, DPPC will activate the user account and the user will receive an email prompting them to create a password to complete their user registration. Please have your employees check their spam folders if they do not receive an approval or rejection email.
Remove a user from DPPC Abuser Registry
In order to deactivate a user account, authorized access administrators should email the DPPC at DPPCRegistry@mass.gov. The authorized access administrator should include the user’s name and email address in the deactivation request.
Additionally, the DPPC will automatically deactivate users if they have not logged into the Abuser Registry Portal in the previous six months. Users who are deactivated due to inactivity, as well as the authorized access administrator for that account, will receive an email notifying them of their status change. Authorized access administrators may email the DPPC to reactivate these users if needed.
Guides and frequently asked questions
Below is a list of guides and frequently asked questions to provide more information about the DPPC Abuser Registry System:
- Massachusetts General Laws c. 19C
- DPPC regulations, 118 CMR
- DPPC Abuser Registry login portal
- DPPC Employer Access Authorization Form (DOCX)
- DPPC Abuser Registry Search Consent Form (DOCX)
- Division of Administrative Law Appeals
- Department of Developmental Services National Criminal Background Check
- Baker-Polito Administration Celebrates Enactment Of Nicky’s Law Establishing a New Abuse Registry of Caregivers in Massachusetts