FDPF DATA HUB

Fiji Disabled Peoples Federation

Nothing About Us Without US

Contact Us

DATA HUB

Menu

Governance Policies

  1. Purpose

The Fiji Disabled Peoples Federation (FDPF) Data Hub (fdpf-datahub.org) serves as a centralized platform for the collection, management, and sharing of sensitive data relevant to persons with disabilities in Fiji. This policy outlines the guidelines for data governance, security, privacy, access, and use to ensure the integrity, confidentiality, and availability of data within the FDPF Data Hub.

  1. Scope

This policy applies to all users of the FDPF Data Hub, including but not limited to FDPF staff, affiliated organizations, and other authorized users. It covers all data collected, stored, processed, or shared through the Data Hub.

  1. Data Governance
    •  Data Ownership: All data hosted on the FDPF Data Hub is owned by the respective contributing Organizations of Persons with Disabilities (OPDs) and its own FDPF Administrative Member Data Profile. FDPF acts as a steward of the respective contributing OPDs data, providing infrastructure and oversight for its management.
    • Data Quality: Contributing OPDs are responsible for ensuring the accuracy, completeness, and timeliness of the data they submit to the Data Hub.
    • Data Stewardship: FDPF will designate data stewards to oversee the management, use, and sharing of data. Data stewards will ensure compliance with this policy and on the Commission Right of Person with Disability (CRPD) Data Protection Policy
  1. Data Security
    • Access Control: Access to the FDPF Data Hub will be restricted to authorized users. Access levels will be assigned based on the user’s role and the principle of least privilege.
    • User Authentication: All users must authenticate through secure login procedures, including the use of strong passwords and, where possible, multi-factor authentication.
    • Data Encryption: All data transmitted to and from the FDPF Data Hub will be encrypted using industry-standard encryption protocols. Sensitive data stored on the platform will also be encrypted at rest.
    • Incident Response: FDPF will need to develop and maintain a detailed incident response plan, outlining roles, responsibilities, escalation procedures, and communication protocols to address data breaches or other security incidents. All incidents must be reported immediately within 24 hours to the FDPF Data and Information Officer who will in turn escalate report to the Office Manager for communication to the relevant data steward for contributing OPDs
  1. Data Access and Sharing
    • Internal Access: FDPF staff and affiliated OPDs may access the data for purposes aligned with FDPF’s mission, including research, advocacy, and program development. All access must be logged and monitored.
    • External Access: Third-party access to the data is subject to approval by the FDPF Data Governance Committee and must be governed by data-sharing agreements outlining the terms of access, use, and data protection requirements.
    • Data Sharing: Data summary may be shared with external entities only with the explicit consent of the contributing OPD and in accordance with FDPF’s data-sharing agreements. Any shared data must be anonymized or aggregated to protect individual privacy. Personal data will never be shared externally without explicit, informed consent from the individual or their legal guardian, only when permitted by law and ethical considerations.
    • De-identification Process: Prior to sharing, data will be de-identified using techniques such as:
    • Generalization: Reducing the specificity of data (e.g., replacing specific ages with age ranges).
    • Suppression: Removing identifying information (e.g., names, addresses).
    • Data Masking: Replacing sensitive data with realistic but fictional data.
    • Aggregation: Combining data from multiple individuals to create summary statistics.
    • Review Process for Data-Sharing Agreements:
    • All data-sharing requests will be reviewed by the FDPF and its affiliates or the Data Governance Committee.
    • The committee will assess the purpose of the request, the proposed use of data, the recipient’s data protection capabilities, and the potential benefits and risks to individuals with disabilities.
    • Agreements will include clear terms on data use, confidentiality, security, and destruction or return of data.
    • The committee will regularly monitor compliance with agreements and may terminate agreements if breaches occur.
  1. Data Use
    • Permitted Use: Data within the FDPF Data Hub is to be used solely for purposes that advance the rights, welfare, and inclusion of persons with disabilities in Fiji. Any other use is prohibited.
    • Prohibited Use: The use of data for commercial gain, discriminatory practices, or any activity that could harm individuals or groups represented in the data is strictly prohibited.
    • Data Retention: Data will be retained for the duration necessary to fulfill its intended purpose or as required by law. FDPF will periodically review and delete, or archive outdated or unnecessary data for 3 years.
    • International Data Transfers: If data is transferred across borders, address compliance with relevant international data protection regulations.
  1. Privacy and Confidentiality
    • Data Privacy: FDPF is committed to protecting the privacy of individuals represented in the data. Personal data will be handled in accordance with applicable privacy laws and principles.
    • Confidentiality Agreements: All users with access to sensitive data must sign confidentiality agreements. Breaches of confidentiality will result in disciplinary action, including potential termination of access.

8.Compliance and Monitoring

    • Compliance: All users must comply with this policy and any applicable laws and regulations. Non-compliance may result in revocation of access privileges and other penalties as determined by FDPF.
    • Monitoring: FDPF will regularly monitor and audit data access, usage, and security practices to ensure compliance with this policy.
  1. Policy Review and Updates

This policy will be reviewed 2 years or as needed to reflect changes in legal, technical, or operational requirements. Users will be notified of any significant updates.

 

  1. Contact Information

For questions or concerns regarding this policy, please contact:

 

Fiji Disabled Peoples Federation (FDPF)
Address: 3 brown Street, Toorak, NCPD Complex
Email: fdpfoffice@fdpf.org/officemanager@fdpf.org
Phone:  +679 331 1203 / 8679687 /
Website: fdpf.org

Datahub Website: fdpf-datahub.org

FDPF DATA HUB

Facebook