Privacy concerns and client-level data collection

In recent years, the widespread digitisation of ID has been accompanied by large-scale breaches of privacy (in the Philippines, Nigeria, India, and more). Europe’s General Data Protection Regulations (GDPR), the EU’s (in)famous answer to protecting the personal data of its citizens, has been both lauded and criticised. Specifically within international development, GDPR proves difficult to implement operationally. Technology will always penetrate a market before regulations catch up, and in a sector where the celebrated Silicon Valley motto of “move fast and break things” puts lives at risk, GDPR can become a powerful tool in improving the quality of programmes, while preserving the privacy of beneficiaries. Against the backdrop of recent privacy breaches, this session will argue that our entire sector should voluntarily strive to adopt key GDPR principles to raise the bar on issues such as minimising the collection of sensitive data, informed consent, privacy by design, and respecting privacy rights. In addition, we will describe the benefits of using cloud technology to achieve the above aims.

Responsible data practice has implications in the digital health landscape and is a topic on many development practitioners' minds. Protecting the privacy and security of patients and stakeholders through proper collection, use, and handling of digital data is a huge concern- especially when there are stigma or legal implications associated with health status. At the same time, use and sharing of data is important for a variety of reasons such as providing continuity of care and tracking disease. Finding the proper practices to balance privacy/security, data use, and transparency/accountability is a challenge. In May 2019, USAID launched the Considerations for Using Data Responsibly and has been coordinating with the development community to share best practices and best approaches for incorporating responsible data practices into digital health projects and activities. This session highlights the complexities of responsible data use and the lessons learned so far.

With the rapid emergence of Digital Immunization Registries (DIRs) across low-middle income countries for achieving better immunization outcomes, this session will focus on providing participants with our experience of developing, testing and scaling up the Zindagi Mehfooz (Safe Life; ZM) Digital Immunization Registry in Pakistan. The presentation will be organized to follow the continuum of a scaled program, starting with conception and development of Registry through seed funding from a UN Innovations Working Group grant in 2010. During the pilot, 25,000 children were enrolled in ZM and positive impact in immunization outcomes led to further funding from WHO and NORAD to support a district-wide implementation in 2015. Over the next 2 years, over 63,000 children were enrolled and through continued Government engagement, highlighting Program impact at various forums, and continuous iterative improvements in the System, the Registry was eventually scaled up across the entire province in 2017 through funding from WHO and GAVI. Currently, the DIR has enrolled 1.5m children across the entire Sindh province in Pakistan (with a population of 48m) through 2500 government vaccinators, across 1400 health facilities in 27 districts. We will also discuss the impact achieved till date, including the increase in the Pentavalent-3 coverage rates from 59% at baseline to 71% for children enrolled in the Registry, as well as the enrolment and linkage of ‘zero-dose’ children to the health system. Additionally, we will cover the Registry’s unique features including individual level data to track each child in the community, web-based dashboard, unique QR code based identification, interactive SMS reminders, a decision support system to guide vaccinators for routine and catch-up immunizations, predictive analytics to identify children at high risk of drop-out and customized report generation for monitoring.