TDH – Developing a Global Directive for Data Protection in Child Protection Case Management

Terre des hommes is committed to ensuring the highest standards of data protection, especially given the sensitive nature of Child Protection Case Management. While Tdh had foundational policies and was aligned with inter-agency standards like the DPISP, there was a critical need to bridge the gap between high-level policy and on-the-ground operational practice. The challenge was to transform the global policy framework into a practical, actionable Directive—a document providing specific, user-friendly procedures that staff could implement daily, ensuring consistency and compliance while remaining adaptable to over 30 countries’ local laws and regulatory contexts (including GDPR and FADP).

Our approach was consultative and structured around achieving maximum clarity and compliance within a strict page limit. We began with a detailed review of all existing Tdh policies (including the Framework Policy and Personal Data Protection Policy) and relevant inter-agency protocols. Following an inception note that defined the structure and scope, the drafting process focused on operationalizing complex principles into simple, practical procedures. Key areas addressed included: clear protocols for securing consent, maintaining confidentiality, secure information sharing, and secure data storage. The final Directive design prioritized accessibility and user-friendliness, ensuring it was a working tool for protection teams, not just a static governance document.

We delivered the Final Directive on Data Protection and Information Security in Child Protection Case Management (maximum 10 pages, plus annexes). Key components included:

1. Actionable Procedures: Clear, step-by-step guidance on data handling (collection, processing, storage, disposal) tailored specifically to the case management lifecycle.
2. Roles & Accountability: Defined roles and responsibilities for all staff and external partners involved in data handling, alongside mechanisms for monitoring and accountability.
3. Global Adaptability: Specific guidance on applying international standards and aligning with key regulations (GDPR/FADP) while providing scope for local tailoring based on national legal requirements.
4. User-Friendly Annexes: Tools and references (links to the General Framework) to ensure practical implementation.

The final deliverable included an Executive Summary in both English and French, successfully integrating feedback from the Child Protection expertise and the Global Data Protection Officer.