- The DTM team conducts an initial overall Risk Assessment of the exercise and decides implementation according to findings. Such assessment will be repeated as needed when the situation changes, or new relevant information is available.
- In addition, DTM team, partners, cultural experts, protection and security experts consider the impact on safety of each question and option for reply. Before including a question in the questionnaires, they will ensure that question safe and does not put anybody at risk (See Do-No Harm Checklist)
- Remember that harm may be done to:
- Enumerators
- Key Informants
- Displaced community & Host Community
- Organization
- Each step of the process may have potentially harmful consequences. The analysis will have to take into account:
- Collecting data
- Storing data
- Analysing data
- Sharing data
- Harm may be done:
- At time of collection
- In the future
- You can fill the table, indicating IF and HOW specific actors are put at (increased) risk by a question.
Doing No Harm
- In order to conduct a Do No Harm analysis, DTM and colleagues will consider:
- The security/political context. Whether asking certain questions may do harm to the enumerator, key informant, community, or humanitarian access.
- The complexity or sensitivity of questions versus the ability to do quality control in the field. Enumerators are given a brief introductory training on CP, GBV and Protection, and are not trained to collect sensitive data usually collected in specialist assessments. Often, DTM enumerators work in areas that expatriate DTM managers do not have access to visit, thus limiting their capacity to ensure that the enumerators are asking complex questions as requested.
- The humanitarian imperative. DTM data collection often has a much wider geographic coverage within a country than partners, which means that suggested questions will be asked in locations with response capacity and also in locations without response capacity. It is therefore important to assess the balance between the benefits/risks of asking your question in an area without response capacity vs the need for data from those non-covered areas to advocate for programmatic expansion/funding.
- Possible incidents disclosures. DTM does not collect protection incident data, however reflect on whether your question could lead to a protection incident disclosure: Is there a referral mechanism in place? Should you ask for this information? Have the enumerators been trained on the Urgent Action Process (see Developing an Urgent Action Process - Guide).
- Identify questions that require additional training for DTM enumerators, particularly with regards to sensitivity, terminology, or when it is important that enumerators know that they should not list the potential answer options.
- Designing questions that do no harm means considering potential risks for all stakeholders (enumerators, Key Informant, community, organization...) at all stages of the process, including Data Collection, Storage, Analysis, Dissemination and Use.
- DTM data is shared with partners, either publicly or through data sharing agreements. It is therefore crucial to consider the consequences that the shared data may have for population, organizations and staff also as we design the data collection tools. For each question included in the questionnaire, we should assess benefits and risks, in the current and potential future context, of sharing and NOT sharing data. Appropriate measures should be put in place to minimize harm when sharing (e.g., Data Sharing SoPs, Agreements, aggregate data to a level that is not harmful)
- During implementation, it is important that Enumerators feel able to inform DTM when they could not ask a question, without this leading to negative consequences for their job security. Feedback of such instances will trigger modification in the questionnaire and be reported back to partners who originally asked for that information. This will improve the quality and reliability of data.
- Finally, during and after data is collected, analysed and shared, DTM and partners should also monitor the consequences (benefits, risks...) of data sharing and of NOT sharing.
Guiding questions for each stage of the Data Process
1. Can Collecting the dataset do harm?
- How likely is it that asking this question puts enumerators, Key Informants, displaced population, host community, or others in (increased) danger/at (higher) risk? What are these risks/dangers?
- How likely is it that asking this question puts the organization and its capacity to carry out its activities in (increased) danger/at (higher) risk? What are these risks/dangers?
- Are there accessible and safe services to support community members if the question triggers the sharing of information on incidents of violence and abuse? Are the enumerators able to refer to these services?
2. Can Sharing the dataset do harm?
Consider potentially harmful consequence of sharing this dataset: Can these data be analysed and then used in a way that causes harm to/put at risk enumerators or key informants or communities, individuals in the communities (host community or displaced community), or the organization if...
- Shared publicly?
- Shared with specific stakeholders?
- Specific stakeholders access them, even without authorization?
Consider the risks versus the use of these specific datasets.
- How severe can the impact be on communities and individuals we serve, if these data become known to such specific stakeholders?
- How likely is it that such specific stakeholders access these data?
- What measures can we realistically put in place to minimize this risk?
- How likely is it that such specific stakeholders access these data, even after we implement such measures?
3. How can we make Data-Sharing safer?
- Identify and implement safeguards for protecting such datasets at collection, storing, and sharing stages (both for digital and paper data and documents), including identifying different phrasing for questions, use proxy indicators, protecting access to digital files, lock safely paper files, destroying unnecessary files, aggregating datasets at a higher admin level.
- Sign Data Sharing Agreements with the specific partners who will use the data for the intended purpose. Data Sharing Agreements include Standard Operating Procedures detailing how sharing, storing and destruction of data will safely happen.
- Remember that human errors are still the first cause of unintended data sharing:
- Consider carefully who is the receiver of your email, who is part of your mailing list (do you know them all? Are they part of the organizations who you should share with? Have they left the country and now work elsewhere?). Before sharing with them, ensure they need to receive the data and they know how to safely handle the data.
- Consider carefully all the datasets in the table before uploading them on the web or sharing them. Are all these datasets safe and needed in the public sphere or for the receiver? Is there any dataset that you had agreed should not be shared publicly nor sent to the receiver in your table? Check the “Comments” field and the “Protection” fields specifically. Is there any information there that may put enumerators or interviewee or community or even the organization at risk?
4. Can Analysing the data do harm?
- In designing your data collection tools, consider the phrasing of questions that will result in datasets that in the past have been misunderstood, misinterpreted and even misused on purpose against the communicates and individuals we serve. For example, pay specific attention to obtaining data on the real reasons for displacement/movement of population. This information will impact their status and incorrect phrasing may exclude entire communities from their legal protection rights.
- Consider the impact on the population’s access to their legal rights also when you design the exercise and the specific questions, as well as when you present data on categories of population. For example, providing separate figures on persons who returned voluntarily and persons who were forced to return may increase the impact of protection partners. Distinguishing between persons returning from abroad and persons returning from internal displacement will help understand reasons and potential needs of returnees. Differentiating between IDPs, persons fleeing persecution or generalized violence and insecurity, persons moving solely for economic reasons, persons fleeing poverty will facilitate access to legal and humanitarian protection and a better understanding of the needs and resources of the population.
Available Tools
- Specific Guiding questions for each stage of the Data Process are included in the Do No Harm Checklist and Guiding Questions for DTM and Partners, in: https://dtm.iom.int/dtm-partners-toolkit/field-companion-sectoral-questions-location-assessment
- For a Joint Benefits and Risk Assessment, see PIM-OCHA Framework for Data Sharing in Practice: http://pim.guide/wp-content/uploads/2018/05/Framework-for-Data-Sharing-in-Practice.pdf and http://pim.guide/essential/a-framework-for-data-sharing-in-practice/
- DTM Data Sharing Agreements templates and Data Access Forms: https://displacement.iom.int/dtm-partners-toolkit/dtm-data-sharing-forms
- Examples of Data Sharing modalities: https://dtm.iom.int/dtm-partners-toolkit/data-sharing Data sharing Forms, in: https://dtm.iom.int/dtm-partners-toolkit/dtm-data-sharing-forms and Guidelines : https://dtm.iom.int/dtm-partners-toolkit/data-sharing-guidelines