What is the DPPC?
The Disabled Persons Protection Commission (DPPC) is the state agency whose mission is to protect adults with disabilities from the abusive acts or omissions of their caretakers through investigation, oversight, public awareness, and prevention.
What is the DPPC Abuser Registry?
In 2020, Massachusetts enacted a law requiring the DPPC to “establish and maintain a registry of care providers against whom the (DPPC) has made a substantiated finding of registrable abuse.” The DPPC Abuser Registry is effective July 31, 2021, and is intended to protect individuals with intellectual or developmental disabilities (“I/DD”) by barring care providers who have a substantiated finding of registrable abuse from working with other persons with intellectual or developmental disabilities.
What is a “substantiated finding of registrable abuse”?
A substantiated finding of registrable abuse is a finding by the DPPC that a care provider abused a person with I/DD. For additional statutory definitions click www.mass.gov/service-details/statutory-definitions.
Who is a care provider?
A care provider is an individual employed by DDS or employed in any program licensed, contracted, or funded by DDS to provide services and support to persons with I/DD between the ages of 18-59. Care providers can include volunteers, interns, work-study participants, or any other similar unpaid positions.
Who has access to the DPPC Abuser Registry?
The DPPC Abuser Registry is not a public registry. This information is not considered a “public record” for purposes of M.G.L. c. 66 and all information regarding care providers listed on the DPPC Abuser Registry is confidential. By law, the DPPC Abuser Registry can only be accessed by DDS or Employers who are funded by, contract with, or are licensed by DDS. Employers are required to create verified accounts to check whether employees or prospective employees are on the DPPC Abuser Registry.
Who is required to check the DPPC Abuser Registry?
DDS and agencies defined as Employers by the law must check the registry. For purposes of the DPPC Abuser Registry, Employer means any agency that provides services or treatment to people with I/DD pursuant to:
- A contract or agreement with DDS;
- Funding administered by DDS; or
- A license issued by DDS.
Can a human services agency with no DDS contract, license, or funding check the Abuser Registry?
No. At this time, the law only permits DDS or Employers who provided services or treatment to persons with I/DD pursuant to a contract or agreement with DDS, a license from DDS, or funding from DDS.
When do I need to check the DPPC Abuser Registry?
DDS or Employers who have a contract or agreement with DDS, a license from DDS, or are funded by DDS must check the DPPC Abuser Registry before employing or contracting with a care provider (a care provider is someone who is or will be working for you and may provide services or treatment to people with I/DD between the ages of 18-59.
Do I have to check the DPPC Abuser Registry before hiring staff, or is it optional?
Checking the DPPC Abuser Registry is mandatory. All Employers must check the DPPC Abuser Registry before hiring or contracting with any care provider who may be providing services or treatment to a person with I/DD between the ages of 18-59.
What types of employees do I need to check on the DPPC Abuser Registry?
Employers must screen everyone seeking to be hired as a care provider, or anyone who may be called on to function in a care provider role. Employers should determine whether staff hired to support the Employer’s operations would ever be required to act as care providers for people with I/DD such as during an unforeseen incident or emergency.
By law, if you fail to comply with the requirement to check the DPPC Abuser Registry before hiring care providers, or if you hire as a care provider someone listed on the DPPC Abuser Registry, you may be fined up to $5,000, have your license revoked or downgraded, forfeit your state contract, or a combination of any of these penalties.
How do I access the DPPC Abuser Registry?
An employer needs to be approved before its employees can access the DPPC Abuser Registry. If your organization does not have a DPPC Abuser Registry account, please visit https://www.mass.gov/info-details/dppc-abuser-registry for information about eligibility and instructions to request access to the DPPC Abuser Registry. Once an employer has been approved, the employer’s Authorized Access Administrator (“AAA”) will receive an email with a link to activate their user account. Once the AAA has activated their own account, the AAA can create additional accounts for other agency employees. AAAs are responsible for managing access to their organization’s DPPC Abuser Registry account. The AAA is the only user with the ability to create, deactivate, and update user accounts. There is only one AAA per employer.
How can I register my organization to obtain access to the DPPC Abuser Registry?
If you are an Employer who runs a program that is licensed, contracted, or funded by DDS and your organization has not previously received an email informing you that your organization has been registered, please click here to fill out the DPPC Employer Access Authorization Form (DOCX) and send it to the DPPC by email to DPPCRegistry@mass.gov. The DPPC may also request documentation to confirm that you meet the definition of Employer pursuant to M.G.L. c.19C (for example, DDS contract, DDS funding agreement, etc.). Additionally, your organization will be required to provide contact information for one individual to act as an Authorized Access Administrator. The Authorized Access Administrator will be responsible for approving the user accounts for employees of your organization who will be searching the DPPC Abuser Registry. Each organization may have up to four user accounts.
I am Authorized Access Administrator for the DPPC Abuser Registry. What is my role?
DPPC will consider the authorized access administrator (“AAA”) as the Employer’s official representative for all DPPC Abuser Registry matters. All future correspondence sent to Employers, including notifications of substantiated cases of registrable abuse by a care provider, will be addressed to the designated authorized access administrator. Authorized access administrators may also be contacted to perform employment verifications during the course of a compliance review and/or investigation.
AAAs are also responsible for managing access to their organization’s DPPC Abuser Registry account. The AAA is the only user who has the account permission necessary to create, deactivate, and update user accounts. There is only one AAA per employer.
Do people who hire through the DDS Participant Directed Program need to check the Abuser Registry?
Yes, the fiscal intermediary (FI), Public Partnerships Limited (PPL) will conduct the Abuse Registry check, as well as the Massachusetts CORI check and National Criminal Background Check for these individuals or guardians at the time of hire. For PDP participants using Agency With Choice (AWC), the Agency will conduct the check.
I ran the DDS Fingerprint Background Check, do I still need to check the DPPC Abuser Registry?
Yes. Completing a search of the DPPC Abuser Registry is required for every prospective care provider, regardless of other steps you take in order to ensure the care provider’s suitability for employment. A search of the DPPC Abuser Registry does not relieve you of your obligation to follow all other employment requirements of your organization, including DDS’s Fingerprint Background Check.
Do I need permission to check a staff/prospective staff on the DPPC Abuser Registry?
Yes. The law requires that Employers receive signed consent from the care provider or prospective care provider. Click here for an example of a DPPC Abuser Registry Search Consent Form (DOCX) consent form.
Can I check the Registry regularly or randomly after employing or contracting with a care provider?
Yes. Agencies are permitted, to check the DPPC Abuser Registry on a regular or random basis, or if they have reason to believe one of their care providers has been listed on the registry since the last time a check was completed. A regular or random search still requires signed consent Click here for the DPPC Abuser Registry Search Consent Form (DOCX).
What if I want to hire someone whose name is listed on the DPPC Abuser Registry?
If you are DDS or an agency that provides services or treatment to people with I/DD under a contract, agreement, or license with DDS, or funding administered by DDS, you are prohibited from hiring someone whose name is listed on the DPPC Abuser Registry to work as a care provider. There are NO exceptions.
How do I search the DPPC Abuser Registry?
Please see the DPCC Abuser Registry User Guide.
What information will I get when I check someone’s name on the DPPC Abuser Registry?
Employers will be required to input identifying information for a potential care provider and the result will inform the Employer whether the information entered resulted in a match to a care provider listed on the DPPC Abuser Registry. At no time will an Employer receive a list of care providers who appear on the DPPC Abuser Registry.
Are employers notified of registrable abuse cases or proceedings?
Yes. By law, DPPC is required to notify DDS and the care provider’s last known Employer of investigation findings substantiating a care provider for registrable abuse and any further actions related to the findings, such as appeals and decisions on appeals. Notifications to the care provider’s last known Employer will be addressed to the Employer’s Authorized Access Administrator.
Links to related documents/agencies
Terms relevant to the DPPC Abuser Registry
(See 118 CMR 2.02 for all definitions.)
- Care Provider: A Caretaker who is employed by, or contracts with, the Department or an Employer to provide services or supports to a Person with an Intellectual Disability or a Person with a Developmental Disability. Care Providers include all Caretakers in any program licensed, contracted, or funded by the Department; and any Caretaker who provides services on behalf of any program licensed, or funded by or contracted with the Department. A Care Provider shall be considered to be contracting with the Department or Employer irrespective of whether the Care Provider is receiving compensation for services, including volunteers, interns, work-study participants, or any other similar unpaid position.
- Employer: An entity that provides services or treatment to a Person with an Intellectual Disability or a Person with a Developmental Disability pursuant to: (i) a contract or agreement with the Department [of Developmental Services]; (ii) funding administered by the Department [of Developmental Services]; or (iii) a license issued pursuant to M.G.L. c. 19B, § 15 or 15A. An entity shall be considered an Employer if any part of its operations are funded or licensed by the Department or contracted with the Department.
- Registrable Abuse: An Act or Omission of a Care Provider that results in Serious Physical Injury or Serious Emotional Injury or constitutes Abuse Per Se of a Person with an Intellectual Disability or a Person with a Developmental Disability between the ages of 18 and 59. Registrable Abuse shall not include instances in which the Commission, after review of an objection under 118 CMR 14.02 (3), issues a decision pursuant to 118 CMR 14.02 (4) (b) 2, that upon weighing the conduct of the Care Provider and its outcome, the Commission determines that the incident was isolated and unlikely to reoccur and that the Care Provider is fit to provide services or supports to persons with intellectual or developmental disabilities.