Data processing description

Program:
Project:
Duration of the project:
Area of intervention:
Date of DPIA:
Responsible of DPIA:
Participants:

Analysis of data processing

What is the legal basis of the data collection?

Legal and Policy

Describe the project (aim, duration, intervention area, main activities, targeted beneficiaries…)

Are there any linkages with other project within the program?

Did you do DPIA for a similar project within the program?

Description of the project to be assessed Who is the data controller?

The data controller determines what personal data is processed, and the purposes and means of personal data Processing

Who is the team responsible for the data cycle management?

Were the staff trained on data protection?

Do you have a data protection SOP for your program?

What is the purpose of the data processing?

The purpose of data processing must be specific, explicite and legitimate. it must answer the question why we need to collect personal data

What benefits will it bring to the beneficiairies?

List the type of personal data that you will collect, from whom and why?

identify and decide Describe the sensitive data that will be collected
Sensitive data is data, if disclosed or lost, may cause discrimination against the individual concerned or a negative impact on the organization.
Sensitive data require a higher level of protection, are not necessarily personal data.
Sensitivity is context specific and can change over the time
OCHA sensitivity assessment tool
https://data.humdata.org/dataset/2048a947-5714-4220-905b-e662cbcd14c8/resource/c7053042-fd68-44c7-ae24-a57890a48235/download/ocha-dr-guidelines-working-draft-
032019.pdf

Are all the data that you will be using necessary for the project and not excessive?

How will the data be collected? (Paper, mobile data collection…)

What type of sotware you will use to collect personal data? (Survey CTO...)

How will data be checked for accuracy?

What security mechanisms you will be put in place during the data collection?
collect
Who will have access to the personal data? For which purpose?
Description of Data
flows How will you collect the beneficiairies' consent (written/verbal) ?

What mechanism will be put in place to respect data subject rights? (Right to access, erase, correct, object)
the beneficiarie has the right to privacy and to be informed of the use of his/her personal data and to have access to them.
HI must set up a mechanism to ensure that the beneficiarie has the possibility to have access, correct and erase his/her personal data

What will be the modalities of storage? Where the personal data will be stored?

Who will have access to the personal data? For which purpose?
process, clean and
store What security measures will be put in place in place to protect the personal data? (encryption procedures…)

De identification methods are necessary to protect personal data? Pseudonymisation anonymisation..

A data de-identification is method of data cleaning that allows the deletion or transformation of all personal and/or sensitive information or data in
a data set

analyse and
interpret What types of tools will be used to analyze the data and what type of information can be produced?

Will you share personal data with external organization? If yes, whith whom? Which information? For what purpose?

Share and use What type of technologies will you use to share personal data?

What document will you use to support data sharing? (MoU, data sharing aggrement?)

For how long will that data be retained ? Under which format (anonymized data) ? when will they be deleted?
Archive and pool
How will you archive data? Paper and digital version?
 Description

In the scope of their work humanitarian, organisations may rely on the following legal bases for processing personal data;
- Vital interest of the Data Subject or another person
- public interest
- Consent
- Legitimate interest
- Performance of a contract
- Compliance with a legal obligation
Compliance with a legal obligation depends on the location of the legal entity of HI.
At the field level, NGOs must apply and respect local laws on data protection and privacy.
https://unctad.org/page/data-protection-and-privacy-legislation-worldwide
https://www.dlapiperdataprotection.com/index.html?t=world-map&c=NG&c2=AR

If there is no data protection legislation in the country, the legal basis for processing personal data will be the consent of the beneficiaries and the data processing will be organised
in compliance with the data protection principles.
Risk Matrix

Description Evaluation
Mitigation of the risks
Risk Describe the likelihood and impact of a harmful event (threat) resulting from data management.
identify additional measures you could take to reduce or eliminate risks identified as Responsible
Likelihood Impact Seriousness medium or high risk

Example : HI could be asking sensitive/too many questions without a justifiable purpose. This could heighten the
Unjustifiable or excessive potential negative consequences of a data protection violation unnecessarily, raise beneficiary 1 3 Avoiding unjustifiable or excessive data collection (data minimization): To minimize the
amount of personally identifiable and sensitive information we collect, the risk of all
collection of data expectations, or increases chance of assessment fatigue. indicators collecting data that can be used to identify/locate persons should be weighed
against the benefits during the form design phase. This should be continually re-assessed
during routine tool revisions within he technical unit.

MEAL manager

Example : Unintentional
files containing beneficiaries' personal data are usually stored on an uncovered and unlocked shelf, which 2 3 Establish an archiving and security system for forms containing beneficiaries' personal data
leakage or inadvertent
can expose them to leakage or loss
disclosure
MEAL manager

Example :: poor consent As the consent obtained at the time of data collection is not in writing, it is possible that a beneficiary
collection claims that he/she did not fully understand or did not consent to the use of the data. 2 1 Regular awareness-raising must be done by the teams to ensure that the collection and
use of data collected from the beneficiaries is always well explained. Above all, they must
be sure that the beneficiary has understood and consented MEAL manager
2 2

3 2

3 3

3 4

4 3

4 4

1 3

1 4
Likelihood
1 Unlikely
2 Moderately likely

3 likely

4 Very likely
*from TdH sheet, Understanding Threats, Harms and Risks

Impact
1 Minor

2 Moderate

3 Severe

4 Critical

*from TdH sheet, Understanding Threats, Harms and Risks

Seriousness
Minor
Moderate
Severe
Critical
 Low chance of taking place; between 20% and 40% within the next year.
Moderate chance of happening. 40%-60% chance of occurring within the next
year or has occurred a few times in the past.
Will probably happen in the next year with a likelihood of 60% to 80%. Has
occurred several times in the past.
Will happen with a likelihood of 80% or more over the next year or has
occurred frequently in the past
Harms and Risks

Up to 5% of tangible assets are lost. In case of physical or social harm, the

affected will be able to recover fully within a short time.
Damage or loss of up to 20% of assets or physical harm that will require
professional treatment. Self-recovery is possible but challenging over time.

Up to 50% loss of tangible assets, major injuries or damage to social standing

that will take several years to recover from. Full recovery might not be
possible without assistance.
Catastrophic effect on the life of the affected, such as death or long-term loss
of liberty. Loss of more than 50% of tangible assets or other damage that the
affected cannot recover from.
Harms and Risks

Can be addressed with routine procedures

Concrete and comprehensive measures to mitigate risks need to be
implemented within a specified time period.
Immediate action is required
Immediate action is required