Data protection principles and practices should guide every humanitarian at each stage of project development. What makes you and your team responsible data users?

Every day, humanitarians ask themselves “how can I protect the most vulnerable?” We know that data protection and responsible data are essential. Yet, it can be hard to know where to start and what questions to ask. Either for planning new health-focused technology projects, like the Norwegian Red Cross community-based surveillance platform Nyss, or implementing cash transfer programs, like the IFRC and Turkish Red Crescent’s Emergency Social Safety Net program, ESSN, everywhere, humanitarian practitioners research, design, plan, implement, evaluate and store data.

We aim to uphold our principles throughout all aspects of our work and with each step of the data lifecycle. Using data protection principles and practices as a guide allows us to view the risks and benefits at each stage of project development. 

This helps to ensure that when personal data is collected and used, it is protected in a way that considers not only legal obligations with respect to data use, but also individuals’ privacy and dignity.

Data protection and the responsible use of data are vital to the Red Cross and Red Crescent work, especially as more and more people around the world are working with data and digital technologies. Now that the Red Cross and Red Crescent actors are on a Digital Transformation journey, data protection will have to be considered as a priority for every single project.

By respecting data protection principles and considering responsible data use, we can learn not to fear data collection and use, but to see them as tools that facilitate a safer, more respectful, more efficient operation – from all perspectives.

How the Data Playbook can help

The Data Playbook can help teams figure out what questions to ask and how to mitigate risks identified. Responsible data use and data protection can often be difficult topics to raise with participants who are not familiar with data, or don’t have a full understanding of the potential risks of using digital technologies. It is not easy to know what are the needs around data protection and responsible data use, however, it is within everyone’s job. 

The Data Playbook Community aims to help all our network improve their skills with a responsible data approach while adhering to data protection guidelines. By knowing more about the opportunities and risks, Red Cross and Red Crescent practitioners will be able to uphold their humanitarian accountability while using data.

We designed the Data Playbook with data protection/responsible guidance across the whole data lifecycle. We aim to help you and your team to strengthen your data skills with easy-to-apply exercises, to assist your teams explore, discuss, and foster a data protection and responsible data mindset and approach to your work. 

With the support of the Data Playbook, you and your teams will gain the ability to identify what data is being processed, how it is processed, and ask the right questions around the risks and benefits presented when working with data. Alongside that, we can help your teams develop the confidence and knowledge to identify and distinguish between different kinds of data (e.g. non-personal, personal, sensitive and sensitive group data) and what that means for how it should be used responsibly.

Next steps in data protection and responsible data use

It is not always clear on where to start with the journey of being more data responsible. For that, we recommend teams to start by discussing among themselves ways to incorporate best practices of data protection and responsible data use into their work.

Teams can explore the handout on People Before Data (Module 7 – section 16), followed by the exercises What data do we really need? (Module 7 – section 9) and What can we do vs. What should we do? (Module 7 – section 10).

For support on how to incorporate these sessions in your future workshop, contact the data literacy team via [email protected]. For additional guidance on the data protection principles and actions, refer to IFRC’s data protection guidelines.