Introduction
Humanitarian projects are initiated with the intention that they will be closed, typically with a handover of project activities to local authorities or organisations, a transition to a development approach, or by phasing down. From this perspective, planning for and implementing an effective project closure is a crucial component of all projects, and one that should be deliberately incorporated within project design and reviewed and revised across all project phases (Sphere Project, 2018). Many elements have been linked to closing a project well, including respectfully engaging with partners and stakeholders, responsive planning, communicating transparently, demonstrating care for communities and staff, and anticipating and acting to minimise harms (Hunt et al., 2020; Pal et al., 2019). The success of humanitarian projects is also linked to their legacy in terms of sustainable benefits for communities served by the project that endure after a project has closed, as well as the net impact of the project on local institutions and partner organisations (Gerstenhaber, 2014).
The focus on project legacy is reflected in a strong emphasis on the handover, where possible and appropriate, of health-related activities undertaken by international humanitarian organisations toward the local government or civil society organisations. Discussing health programmes in Sierra Leone, Sitali et al. define handovers as ‘a process of passing responsibility for activities from one actor to another, including humanitarian groups, non-governmental organisations (NGOs), the local community, or the Ministry of Health (MoH)’ (Sitali et al., 2022:1). Handover of project activities as part of the exit of an international humanitarian organisation may be established as a specific programme objective from its inception. Yet handovers are often challenging, such as when partners do not have access to resources to carry programmes forward, when there is limited capacity or expertise related to the project activities, when standards or approaches of the partners do not match, or when the mandates or priorities of potential partners lie elsewhere. A phased handover may be implemented in some cases, where components of the project are handed over in a sequential fashion so that responsibilities of the international humanitarian organisation within the project are scaled down as those of the partner organisation increase. In other cases, the goal of handing over is not achieved if a partner cannot be identified or the challenges described above are not overcome. While handing over of project activities to local actors is often the focus of closure planning for health projects, in some instances project activities are transferred between international organisations. This scenario may occur if a project that was established as a humanitarian intervention in a situation of urgency is transitioned over to a development-focused NGO. Elsewhere, project closure involves the phasing down and termination of the project activities, without the intention of activities continuing after the humanitarian organisation departs. Such an approach may be selected if healthcare needs are being addressed by other actors, or if the project had a finite scope, such as an immunisation campaign that has been completed. There are also instances of abrupt project closures in response to circumstances such as an acute deterioration of the security situation or a government rescinding permission for the project. Such ‘forced exits’ are not the focus of analysis in this paper.
The closure phase of a humanitarian project requires careful attention, and dedicated support and funding, regardless of whether the objective is a handover of activities to a local partner, transition to a development approach led by another international organisation, or phasing down. Project closure raises an array of logistical, human resource and financial questions that need to be answered, alongside issues of how service delivery will be ended or shifted to another actor who will provide continuity of services. For example, those managing a closure need to consider the distribution of material resources from the project, an element that can cause tension or even conflict (Sitali et al., 2022). Likewise, environmental assessment and a decommissioning plan may be required for the project site.
An additional component that requires careful attention by those responsible for project closure is the management of project data, including what to do with confidential records collected as part of the project. Such data are associated with a range of ethical considerations, such as privacy, security and consent, and raise questions of humanitarian organisations’ responsibilities to carefully consider data management during and following closure as a key facet of an ethical project closure. Humanitarian projects focused on healthcare are among those most likely to generate large volumes of sensitive data, especially patient health records. In addition, they often collect project-level datasets of aggregated information regarding patient demographics, health conditions and outcomes of care. Projects also hold extensive financial, management, human resource and other forms of data. In considering how to manage data at project closure, the type of data, its sensitivity and the intent and conditions under which it was collected – and for which it might be retained – are critical for assessing obligations that arise for humanitarian organisations (OCHA, 2021). Such concerns were underlined by an international humanitarian worker whom we interviewed for a study on ethics and project closure (Hunt et al., 2020). They expressed this concern: ‘So information and data is really, really critical but can also be very, very sensitive. Who does it go to afterwards?’
Though a project may be closed, project data are likely to endure. Addressing issues of data responsibility – including attention to safe, ethical and efficient management of personal data (IASC, 2021) – is a necessary and indeed crucial component of closure planning and implementation. It requires attention that spans the duration of the project, the process of its closure, and into the future (for example, when data is shared with international or national partner organisations, or stored). Questions around data responsibility at project closure can be examined as a component of the ethics of project closure, acknowledging and being responsive to the limited temporal scope of humanitarian projects, yet orienting ethical attention to a wider horizon of responsibility (Eckenwiler et al., 2023), including for the data collected as part of project activities.
In what follows, we consider humanitarian organisations’ responsibilities in relation to managing data leading up to and following the closure of health-related projects. We propose seven questions to support reflection and deliberation around ‘closing well’, including considerations related to data being retained by the organisation, handed over to a partner, returned to the individuals (often patients) from whom it was collected, or destroyed. We illustrate the application of these questions in relation to the example of a healthcare project in a refugee camp that was handed over from an international humanitarian organisation to local health authorities.
Responsible Data Management and the Ethics of Project Closure
An array of international and national regulations and laws, as well as sectoral and organisational guidelines, are relevant to issues of data responsibility for humanitarian organisations. Although there is a growing body of knowledge and guidance related to data management and data risks in humanitarian settings, relatively few sources specifically address these issues in relation to project closure. Where guidance documents identify issues of data management at closure, they generally address concerns of privacy and the establishment of safe data transfer agreements or contracts with third parties (CARE International UK, 2018; ICRC, 2020).
More broadly, sectoral guidance documents address responsible data management, including recent guidance from the Inter-Agency Standing Committee (IASC, 2021) and the United Nations Office for the Coordination of Humanitarian Affairs (OCHA, 2021). The IASC and OCHA guidelines are based on a common set of principles for data responsibility in humanitarian action: accountability, confidentiality, coordination and collaboration, data security, defined purpose, necessity and proportionality, fairness and legitimacy, human-rights based approach, people-centred and inclusive, personal data protection, quality, retention and destruction, and transparency. They build from these principles to make operational recommendations for managing personal and non-personal data in humanitarian response settings. Data management is also addressed in standards such as the Sphere Project (2018), and in reports such as the Harvard Humanitarian Initiative’s ‘The Signal Code: A Human Rights Approach to Information during Crisis’ (Greenwood et al., 2017). These sources highlight elements such as the right to data agency, which refers to the power to shape personal and/or collective data and deciding whether, when and with whom to share it, the need for transparency in how data is collected, processed and stored, obligations to protect privacy, and the requirement for robust data security. Concerns about data agency and ownership of data are particularly elevated for sensitive, personal data such as health records. OCHA’s Centre for Humanitarian Data has also created a ‘Guidance Note on Humanitarian Data Ethics’ (OCHA, 2020). It includes recommendations for organisations to create codes of conduct for ethical data management, support staff to engage with ethical issues around data management, and to include ethical audits as part of data practices. The focus of most recent guidance documents in this area, including those listed above, are considerations related to digital data, though they remain germane for all forms of data collected in humanitarian projects.
Alongside these sectoral guidelines, many humanitarian organisations have established policies and regulations for data management within their projects. The ICRC Handbook on Data Protection (2020) offers extensive recommendations for humanitarian data protection and responsibility. It addresses questions of where data should be stored and how, as well as when it should be destroyed, and how to protect data when transferring or sharing it (ICRC, 2020). Similarly, OXFAM, CARE International and Médecins Sans Frontières address the issue of third-party data transfers (OXFAM, 2017; CARE International UK, 2018; MSF, 2018).
National and international laws are key orienting frameworks for data responsibility of humanitarian organisations. Decisions around data management by humanitarian NGOs need to account for these requirements, likely at multiple levels. For example, a humanitarian organisation based in one country and operating in a second will need to consider two sets of national guidelines, as well as international or regional legal frameworks, such as the European Union’s General Data Protection Regulations (GDPR). In some instances, stringency requirements may be higher in one legal standard over others. In other cases, frameworks may be more directly in tension (OCHA, 2020), such as if a national authority required humanitarian organisations to provide access to sensitive data, a situation which is likely to contravene organisational and sectoral policies on confidentiality and privacy, as well as other legal duties.
These issues of data responsibility and data ethics can also be situated within discussions of the ethics of project closure. Several authors have underlined the ethical obligations of humanitarian organisations when closing a project and when developing exit strategies. Fuller (2006) argues that humanitarian organisations have special obligations of care toward people living in communities where they have established projects. She associates these obligations with the relationships and expectations that have been established over the course of a humanitarian project. Similarly, Hunt and Miao (2018), adapting a concept from Richardson (2012), describe how project closure must address responsibilities arising from the ‘moral entanglements’ that are created when projects are more comprehensive in nature or lengthy in duration, providing services that populations rely on and for which they have few or no other options for seeking the needed support. In a review of literature related to humanitarian project closure, Pal and colleagues (2019) identified ethical considerations for project closure in relation to responsible planning, collaboration, adaptability, transparency, minimising harms, sustainability and fairness. They propose that addressing the ethical dimensions of project closure is supported by the development and practice of certain ethical capacities among humanitarian actors, such as foresighting possible harms, attentiveness as an ‘openness to and recognition of the needs and concerns of others affected by a project closure’, and responsiveness to shifting circumstances (Pal et al., 2019: 7). These ethical capacities can also be applied to approaches to data during project closure: anticipating and acting to mitigate harms, being attentive to the needs, concerns and rights of the people whose data has been collected, and tailoring plans to specific contexts and adapting them when necessary in order to uphold obligations and commitments. In the following section, we draw on these approaches and ideas to propose seven questions to support data responsibility at project closure.
Data Management Options at Project Closure and Questions to Support Reflection and Deliberation
As we have described, robust data management is a central – but perhaps insufficiently considered – component of ethical project closure. In the context of a project closure, multiple pathways might be taken for managing specific types or sets of data. Broadly speaking, there are four main possibilities:
-
(1) data is retained by the humanitarian organisation (possibly after being processed in some way, such as removing some identifiers);
-
(2) data is transferred to a partner organisation (possibly after being processed in some way);
-
(3) data is destroyed (possibly after being stored for a set period); or
-
(4) data is returned to the individual(s) from whom it was collected.
In considering how to manage data responsibly, we propose seven questions to foster reflection and deliberation at the level of teams and within partnerships (as illustrated in Figure 1 and discussed below). We developed these questions based on the literatures of humanitarian data management and ethics of humanitarian project closure. Our aim in doing so is to support careful consideration of a range of features that are relevant to data responsibility for project closure, and which can complement organisational policies, standard operating procedures, regulations, and other frameworks that are intended to structure and orient these processes.
1. What is the purpose for which data was collected, and for retaining or sharing it?
Specification of purpose is a fundamental concern for responsible data management (OCHA, 2020; IASC, 2021; MSF, 2018). It entails having a clear reason for collecting a particular set of data, as well as the justification upon which decisions will be made to retain, transfer or destroy it. The principle of purpose limitation, also linked with data minimisation, is that the intended use for the data should be established beforehand and adhered to, with data collection limited to what is necessary to achieve the purpose (Gazi, 2020; OCHA, 2020). These concerns for the clarity and fidelity of purpose for data collection remain key concerns at project closure. The purpose for which data was collected should guide decisions for its management during and after closure. From this perspective, the retention or sharing of data should only occur if it satisfies an established and specific purpose (IASC, 2021). For example, organisations may set retention periods post-closure which are calibrated to the purpose for which data was collected and after which it would be deleted or anonymised (Gazi, 2020). This situation may arise for information required for donor audits, or data relevant to public health surveillance. Especially when handling confidential data, considering purpose as part of the decision whether data should be retained, shared or destroyed can support organisations in planning ahead for potential harms that can surface from managing sensitive information. In some situations, these purposes can be fulfilled by returning data to the individuals from whom it has been collected, such as providing health records to patients themselves so that they have access to this information when accessing healthcare services in the future. However, this proposal may also raise its own concerns for security of data and continuity of healthcare in situations of crisis or displacement due to difficulties related to safe retention and accessibility of data. Overall, attention to the purpose for which data was collected is a critical element for assessing options for what to do with data at closure and has implications for principles of accountability, privacy and transparency (OCHA, 2020; IASC, 2021).
2. What duties of care exist and how can they be fulfilled?
There are multiple duties of care that exist in the context of a humanitarian health project: duties of health care providers to patients, of the organisation to its staff, and of the organisation to the wider community (and communities) that it seeks to assist. A duty of care, in law and ethics, encompasses the obligations that are owed to an individual or group, to act in ways that adhere to a standard of reasonable care based on the nature of the relationship that exists between those involved (ICRC, n.d.). From the perspective of ethical project closure, the notion of duty of care can be applied to data management by considering what standards should guide decisions around managing data, including how and to whom any data would be transferred, the steps required for due diligence in securing data for storage, and the care required in deciding what and when data would be destroyed. In this way, enacting a duty of care requires the ethical capacity of attentiveness to the needs and concerns of those persons affected by closure and how their data is managed, and points to responsibilities of data stewardship on the part of humanitarian organisations.
Issues of duty of care of healthcare providers towards patients are clearly implicated in efforts to ensure ongoing access to health records, while seeking to keep the data secure and limit its use to this purpose. It also suggests the sorts of steps that might be needed to ensure that data can be used effectively, both in the short and longer term, for the intended purpose of maintaining effective healthcare to individuals. In a handover of a health project, attention to considerations such as compatibility between partners’ data systems, especially for digital records, is needed to ensure that information remains accessible.
Moreover, data responsibility is closely linked to experiences of trust and perceptions of trustworthiness between humanitarian actors and the communities they assist, including local staff hired from within the community (IASC, 2021). As identified in the review by Stellmach et al. (2023) in this issue, data management practices can have implications for the trust that people place in humanitarian organisations, for example if data is shared with organisations with lower security standards or in situations of ‘function creep’ where data is used for ends beyond the purpose of its initial collection. Perceptions of the diligence exercised in data management decisions are likely to have impacts on broader relationships in the present, and into the future (for example, if the humanitarian organisation was to re-establish a project in the locale at a later date), reinforcing the value of a person-centred approach to data responsibility (IASC, 2021).
3. What are the implications for data rights?
The Sphere Minimum Standards in Humanitarian Response (Sphere Project, 2018) recognises that individuals who share their data in humanitarian contexts have rights in relation to data protection, including access to their own information, as well as the ability to raise concerns about the misuse of their data. They also indicate that people in communities affected by crises should be informed of their rights and entitlements and participate in decisions related to them. Similarly, the Signal Code affirms that in handling information during crises, the right to information, protection, privacy and security, data agency, and rectification and redress need to be respected and implemented (Greenwood et al., 2017). These rights hold particular salience for patients who have been receiving healthcare services from a humanitarian organisation, including for ownership of and access to their own health data. However, during project closures and handovers, achieving these rights can be met with technical, operational and contextual difficulties. The format and even language in which an international organisation stores data can pose challenges in providing data subjects with access to their own information, and following up with former patients of a health project is often unfeasible, especially for refugees and people who are internally displaced.
The agency of data subjects is influenced by the contextual features of a crisis, which limit opportunities for them to make other choices than to share their data. This situation constrains consent and individuals’ decision-making power with regards to what will happen to their data once the project has ended. Issues of consent regarding the provision and sharing of information are fraught in crisis situations. Not only is the process of consent subject to steep power asymmetries in humanitarian aid settings (Paragi, 2021), but data sharers are unlikely to be able to predict future risks of how their personal information will be managed and processed, or by whom (Greenwood et al., 2017). Therefore, to uphold data rights and respect the agency of those persons who have shared their data, organisations should endeavour to communicate in a transparent manner, acknowledging uncertainty as well as the existing power imbalances, and adopting participatory mechanisms of data management where feasible (Global Partnership, 2022).
4. What commitments and agreements have been made?
Humanitarian projects involve diverse commitments – both formal agreements and less formal understandings – among those involved. These commitments arise in the context of relationships with government authorities and other humanitarian and civil society organisations, between the humanitarian organisation and its international and national staff, and with communities and individuals who are recipients of project services and programmes. The Inter-Agency Standing Committee (IASC, 2021) refers to communication, collaboration and inclusion of different actors as key to responsible data management in humanitarian settings. Where sensitive data is shared between organisations, such as for project handover, formal data-sharing agreements should be established, and their negotiation integrated as part of handover planning (OCHA, 2020). Such agreements establish terms and conditions that will govern the sharing of data, including measures that will be taken to protect data (IASC, 2021).
As project data is likely to endure after the project ends, commitments to data responsibility principles need to be upheld over time and organisations require vigilance to ensure that data ethics principles are maintained. The ongoing nature of such responsibilities is reflected in the idea of moral entanglements as outlined by Hunt and Miao (2018), with corresponding obligations on the part of humanitarian organisations toward individuals from whom data has been collected, as well as communities and project partners. The ways that humanitarian organisations follow through on their commitments regarding data usage and management will have important implications for these relationships, including perceptions of their trustworthiness within communities and on the part of other stakeholders (Global Partnership, 2022).
5. What are the expectations of different groups?
Stakeholders are likely to have varied expectations – and interests – regarding data and its management. When it comes to project closure or handover, these varied expectations may lead to disagreement or tension, a scenario which may be heightened if the differences in views and interests have not been articulated. For example, international organisations might have an interest to retain confidential data for future research purposes or medical liability. However, local and national organisations might require such data for operational purposes when international organisations exit (OCHA, 2021). The patient, on the other hand, might want sensitive data deleted or returned to them due to security considerations. However, patients might be unaware, especially in crisis settings, of why data is being collected and the complete implications of it being shared or retained by an organisation. A patient’s data agency therefore lies at the intersection of a ‘need of humanitarians to collect data from individuals and the right of individuals to have their autonomy respected when this data is collected and used’ (Greenwood et al., 2017). From this perspective, a deliberate step of considering how different individuals and groups perceive data and data management decisions is important to support clear, respectful communication and demonstrating care and concern for those affected by how data will be managed.
Successful project closure is more likely to be achieved when communication is established among all stakeholders from the early phases of the project, especially around planning, budgeting and establishing indicators and steps for project closure, including for data management (Sitali et al., 2022). Data subjects should also play a role in these decisions. Informed participation aims to ensure that affected populations can provide input about proposed and ongoing uses of data relevant to them (Greenwood et al., 2017). In these ways, different actors will have the opportunity to communicate their expectations and concerns regarding data management so that policies and plans are responsive to these considerations (Global Partnership, 2022). The involvement of local actors in the planning of data management activities, and the promotion of individual autonomy through informed participation, can promote data responsibility and enhanced participation, fairness and legitimacy (IASC, 2021).
6. What risks are there and how can they be minimised or mitigated?
A range of harms may be associated with data management at project closure. Indeed, the process of implementing a phasing down, phasing over or handing over of project activities is a period when project data is particularly vulnerable due to the dynamic nature of the changes that are being made. For example, data may be especially susceptible to cyberattack or other efforts to access sensitive data while it is being transferred. In other cases, lack of diligent attention to security during transportation or archiving of data could result in it being lost or misplaced. Other sorts of harm are also possible. A patient’s health record may contain information that has legal or security implications. This might be the case, for example, if a patient’s health record included information about abortion in a setting where this procedure is illegal, or information related to injuries sustained during fighting or political protest. If so, such information could entail risks for the individual patient, and even for the humanitarian organisation.
Risks of harm from failures of responsible data management may be particularly elevated in situations of armed conflict if project records could be used to target certain individuals or groups (Squire et al., 2022). An international humanitarian worker in an interview-based study on ethics and project closure (Hunt et al., 2020) remarked that a government might tell a humanitarian organisation: ‘We want to get the information, we’re going to take over the programme, and the programme is going to give us all of the information. Well, that means all those people are in that area. Well, we’d like to have a chat with them, but not about their health.’ As reflected by the participant, project data (perhaps combined with other information sources) might be misused with the intent to identify and locate individuals for reasons that could result in them being harmed. In this way, data decisions at closure should involve risk-based assessments that require identification and estimation of potential for harms and unintended consequences (Gazi, 2020; InterAction, 2003), including assessments of possible re-identification of anonymised data (IASC, 2021). Implementation of a data inventory system can also help manage risks due to insecurity, such as a data asset registry (IASC, 2021). Such a system can be crucial in a scenario when project closure must be done rapidly due to an event like an acute deterioration of the security situation or if a government rescinds permission for the project. In that case, an inventory can help direct actions for a rapid project closure to protect sensitive data and to address concerns of continuity of healthcare. Even in less urgent situations, a data registry is an important tool to ensure that all data are addressed in data management planning within a project closure.
7. Is there alignment with laws, regulations and policies?
In considering data management options at closure, there may be multiple laws, regulations and policies to consider, with implications for data decisions and safeguards (Stellmach et al., 2023, in this issue). The IASC guidelines on data responsibility recommend reviewing data responsibility measures within the context of the specific humanitarian response setting, and in relation to norms, policies and legal requirements that apply (IASC, 2021). Such a review – termed a data responsibility diagnostic by IASC – can help to situate responsibilities, and to identify potential points of tension or mismatch. It is similar to a data protection impact assessment as required by GDPR (EU, 2016: recital 92). Such actions can help identify situations of discordance between operational practices and standards and guidelines (Squire et al., 2022). In its operational guidance on data responsibility, the IASC (2021) identifies challenges arising from potential gaps in existing guidance and standards, as well as differences of data management frameworks across international humanitarian organisations and with national authorities. This diversity can lead to challenges for harmonising approaches between stakeholders who may be accountable to different frameworks (e.g. GDPR, specific organisational policies, or sectoral guidelines) (Paragi, 2021).
Communicating – especially in the case of project handover – between partners about their respective organisational policies and other requirements is essential. If initiated early in the project planning, these exchanges can lay the groundwork for establishing shared and harmonised processes, and for analysing the different possibilities of data management during closure. Moreover, the process of collaborative planning can help better calibrate expectations among partners. Such planning can then lead to the formulation of data-sharing agreements that address legal, regulatory and organisational considerations, to support alignment and collaboration.
Handover of a Healthcare Project for Syrian Refugees
To illustrate how issues of data responsibility may arise in practice, we briefly describe the phased handover of a healthcare project in a refugee camp and the set of data management considerations that arose during this process. One of the authors (HMS), was a team leader in a healthcare project for Syrian refugees which was handed over to local health authorities. The following case draws upon his experiences, and we discuss the case in relation to the seven questions that we have developed in the previous sections.
Following the outbreak of the civil war in Syria in 2011, Syrian refugees fled to neighbouring countries. In response to this emerging humanitarian crisis, multiple refugee camps were established and international humanitarian organisations initiated a range of projects to address the needs of refugees. In one camp, an international organisation launched a project providing basic healthcare services to camp residents, such as vaccination, trauma care and an outpatient clinic for general medical conditions. With increasing numbers of refugees arriving at the camp, a new primary care clinic was later added to provide services in areas including non-communicable diseases, sexual and reproductive health and mental health. In a third phase, a maternity programme was established. These programmes ran for several years. As the region where the camp was situated became more stable, while insecurity increased in other sectors, the organisation decided that it should shift its programmes elsewhere given its mandate as an emergency response organisation. After an extended process to identify a partner to take over the project, the local health authorities, with support from another international agency, agreed to assume responsibility for the clinic. They planned to continue most services established by the project, though also identified several components to be discontinued and that staffing would be reduced as a result.
The project had a robust system for data collection, including paper-based and electronic records. Patient health records were in paper format and written in Arabic. These records remained in the clinic when the project was handed over to the local health authorities. Handover of the project maintained the activities of the health clinic in the camp, which continued to serve the refugee population. The purpose of maintaining continuity of care and access to medical histories provided a strong rationale for ensuring that health records remain available to healthcare workers (question 1: What is the purpose for which data was collected, and for retaining or sharing it?). For those health services that were not being maintained after the handover, returning information to patients would fit the purpose of its collection as it would then be available for future healthcare provision. It is unclear the extent to which this occurred after closure. Doing so would be challenging to implement if former patients have moved, are difficult to reach, or the format of the data is difficult to share. Alternatively, patient records of the services that were closed could be stored in the clinic. Health information might also be retained for purposes of accountability and medical liability, or for documentation of human rights abuses. In considering these options, attention is needed for how to preserve confidentiality, protect security of data, and promote the agency of patients, asking what duties of care exist? and what risks are there and how they can be mitigated? (questions 2 and 6).
Throughout the project, patient data was also entered into an electronic database system. Data such as diagnosis, age, sex and geographic location were recorded with the goal of mapping epidemiological trends and patterns of disease, and to create organisational reports. Summaries of these data were also provided to national health authorities on a regular basis. Names were not included. The data entered into the database were retained in the humanitarian organisation’s data management system after project handover in alignment with the purpose for which it was collected and processed, with attention to securing the data and limiting risks of re-identification of individual patients.
The project had a large cadre of local staff, most of whom were refugees themselves, and human resource data, including staff evaluations, were collected. The project also held health records for staff since health coverage was provided as part of their employment. During the handover process it was unclear whether the related financial and medical information should be returned to the staff members or retained by the organisation. In the end, this information was retained and archived, yet there was limited input from, or information provided to, the local staff regarding their stored information by the organisation (question 3: What are the implications for individual data rights?). The lack of individual data agency and knowledge about what had happened with their data points to the importance of transparent communication and consideration of individuals’ data rights as part of data management during the closure phase of a project.
A primary duty of care in the project relates to the provision of effective healthcare to patients in the community, and to ensure that relevant information is available to inform future health decisions (question 2: What duties of care exist and how can they be fulfilled?). In this light, the humanitarian organisation was responsible for conducting an effective handover that would preserve quality and continuity of care. The organisation also had duties towards its staff. In the lead-up to the handover, the local health authorities requested access to employee files as part of the handover process with the goal of assessing which staff to retain. The argument for transferring the information was that, as the staff size was reduced, the most capable staff would be retained, thus promoting a better quality of care for patients, but this proposal also raised concerns about duties to protect the well-being of staff. This situation appeared particularly concerning since most of the employees were themselves refugees living in precarious situations. This issue illustrates how there may be multiple – and sometimes competing – duties of care that pull in different directions. While in the end only some general elements of staff evaluations were shared to facilitate the handover process and continuity of services, the ultimate decision was to keep the core content of evaluations confidential.
In their everyday practices, the humanitarian organisation stored sensitive data in a secure manner, such as staff health documents, which included information about sexual and mental health. As the handover took place, this data needed to be transported for storage, a process which presented new risks for the information to be leaked or lost. Careful planning to secure the data during transport and in the location where it would be stored was therefore needed to address risks associated with this project closure step (question 6: What risks are there and how can they be minimised or mitigated?).
Formal agreements, including a memorandum of understanding between the organisation and the local health authorities, were established for the handover steps and calendar, though data management was not a specific area of focus (question 4: What commitments and agreements have been made?). Handover planning should address aspects such as technical and capacity requirements for safe data storage and transfer, with information about data-sharing plans clearly communicated to those affected by these decisions. These considerations were discussed as part of the negotiations around project handover and a commitment was made to leave patient health records in the facility to support continuity of services post closure. Within these discussions, attention to rules and regulations that orient partners’ data practices are also important points for discussion (question 7: Is there alignment with laws, regulations and policies?) to be integrated as part of the closure plan.
Efforts to understand the expectations and concerns of different individuals and groups is an important aspect of preparing for project closure (question 5: What are the expectations of different groups?). Discussion and consideration of different perspectives presents an opportunity to clarify and respond to concerns. In the project for Syrian refugees, it became evident as the closure unfolded that there were different expectations about what data (beyond patient health records) would be transferred between the partners, and even the extent of project activities that would be maintained after the handover. Identifying points of disjuncture is an important opportunity to improve communication and to respond proactively to potential sources of tension or discord. Despite different expectations among stakeholders at the beginning, discussions throughout the handover process helped clarify perspectives and facilitate a shared handover plan, though there remained some points of disagreement or uncertainty, such as access to employee evaluations.
This project illustrates the varied forms of data collected in a medical humanitarian project. It also suggests some of the tensions and concerns associated with deciding how to manage them, whether by transferring, retaining, returning or destroying data. This example demonstrates ways that the seven questions can help to surface points to be considered for the management of data at project closure. The questions could also be applied across a range of humanitarian closure settings to foster reflection and discussion around data management. For instance, the co-author (HMS) who shared his experiences with data management in the refugee camp project was also involved in other initiatives in the region, including a mobile primary clinic and a field surgical unit. The mobile clinic delivered healthcare services to remote populations who had lost access to primary healthcare services amidst ongoing armed conflict, and the field surgical unit was deployed to locales with active fighting and many injuries. The itinerant nature of the mobile clinic and responsiveness of the field surgical unit create distinctive sets of data considerations during closure, such as questions surrounding ongoing access to health records for the continuity of care for people with chronic conditions treated by the mobile clinic (Saeed et al., 2022) and possibilities of rendering health data available for patients who received care from the field surgical unit. Moreover, both these initiatives faced distinct challenges for keeping data secure due to the itinerant nature of the mobile clinic and the proximity to conflict, which could lead to sudden closure of the field surgical unit. Similar to the project in the refugee camp, which handled sensitive information, such as personal reproductive health information, projects dealing with HIV patients, victims of sexual and gender-based violence, mental health conditions, or trauma victims from armed conflicts also include especially sensitive information which requires heightened vigilance for data security at project closure.
Conclusion
We have suggested and applied a series of seven questions that humanitarians can ask regarding data responsibility for health project closure – and especially when a handover of project activities is to take place. These questions can support discussion and deliberation regarding possible actions for managing sensitive data, including data retention, destruction, sharing or return. Considered as a feature of ethical project closure, an array of responsibilities are highlighted, including concerns for transparency, minimising harms, and responsible planning. A further notion that could draw together several of these proposals is that of stewardship. Stewardship responsibilities have been discussed in a range of health care contexts (Rosenbaum, 2010) and are grounded in a general obligation of accountability for how an organisation manages personal data, as a matter of fiduciary duty to patients and others for whom it holds responsibility and to whom commitments have been made. Integrating data stewardship as an explicit feature of ethical project closure could further emphasise that managing data is a concern of acting responsibly – helping to ‘close well’ – and not merely a question of logistics. Stewardship can be enacted in a range of ways, including by creating data-sharing agreements, where appropriate, and establishing robust practices and policies related to data management. It would require that data considerations are systematically addressed in project closure plans and that those involved are familiar with and follow them. A second way that stewardship can be operationalised is by identifying specific individuals to act as data stewards with defined oversight responsibility for data management at closure. Identifying one or more data stewards from within the project teams of both the international humanitarian organisation and a local partner organisation if a handover is occurring, could enhance attention to data responsibility during closure. Paired data stewardship would also underline the commitments that have been made and the notion of data management being a shared responsibility between partners, while presenting opportunities to enhance alignment of data practices in advance of handover and providing an additional pathway to foster responsible management of health data.
In this paper, we have sought to draw together conceptions of data responsibility and ethical project closure. From this perspective, responsible data management should be understood as integral to closing well. It has yet, however, to be foregrounded in policies and analysis of project closure and handover. As sectoral and organisational guidance on exit strategies and project closure are revised or developed, further engagement with issues of responsible data management is needed, including identifying strategies and tools to respond to potential ethical issues. Explicitly linking these domains will be helpful to further draw attention to the importance of responsible data management across all stages of a humanitarian project’s lifecycle, from its design through to (and past) project closure, and across all types of project closures. To support this integration, people involved in planning and enacting project closure will benefit from training on data ethics (Squire et al., 2022). At the level of teams and projects, the seven questions that we have proposed here can serve to spark reflection and deliberation among those involved in and affected by project closure, focusing attention on responsible data management. Given that the lifespan of data is likely to extend beyond the duration of the projects in which it is collected, a wide scope of temporal attention and ethical concern for project data is needed.
Works Cited
CARE (2018), ‘Data Protection Policy and Procedures’, CARE International UK, www.careinternational.org.uk/sites/default/files/CIUK_Data-Protection-Policy_Oct-2018.pdf (accessed 20 October 2022).
Eckenwiler, L., Hunt, M. R., Crismo, J. J. L. G., Conde, E., Hyppolite, S-R., Luneta, M., Muñoz Beaulieu, I., Saeed, H. M., Schwartz, L. (2023), ‘Viewing Humanitarian Project Closure through the Lens of an Ethics of the Temporary’, Disaster Prevention and Management, ahead-of-print, doi:10.1108/DPM-11-2022-0226.
European Union (2016), ‘General Data Protection Regulation (GDPR)’, Regulation 2016/679 L119, https://gdpr-info.eu/ (accessed 20 October 2022).
Fuller, L. (2006), ‘Justified Commitments? Considering Resource Allocation and Fairness in Médecins Sans Frontières-Holland’, Developing World Bioethics, 6:2, 59–70, doi: 10.1111/j.1471-8847.2006.00139.x.
Gazi, T. (2020), ‘Data to the Rescue: How Humanitarian Aid NGOs Should Collect Information Based on the GDPR’, Journal of International Humanitarian Action, 5:Art. 9, doi:10.1186/s41018-020-00078-0.
Gerstenhaber (2014), 2014 Handover Toolkit 2.0: ‘Success Is Also Measured by What You Leave Behind’, Policy Paper, msf.evaluation.org.
Global Partnership for Sustainable Development Data (2022), Reimagining Data and Power: A Roadmap for Putting Values at the Heart of Data, White Paper, www.data4sdgs.org/reimagining-data-and-power-roadmap-putting-values-heart-data (accessed 20 October 2022).
Greenwood, F., Howarth, C., Escudero Poole, D., Raymond, N. A. and Scarnecchia, D. P. (2017), ‘The Signal Code: A Human Rights Approach to Information during Crisis’, Harvard Humanitarian Initiative, https://hhi.harvard.edu/publications/signal-code-human-rights-approach-information-during-crisis#:~:text=The%20Signal%20Code%20is%20the,have%20to%20information%20during%20disasters (accessed 20 October 2022).
Hunt, M., Eckenwiler, L., Hyppolite, S.-R., Pringle, J., Pal, N. and Chung, R. (2020), ‘Closing Well: National and International Humanitarian Workers’ Perspectives on the Ethics of Closing Humanitarian Health Projects’, Journal of International Humanitarian Action, 5:Art. 16, doi:10.1186/s41018-020-00082-4.
Hunt, M. and Miao, J. (2018), ‘Moral Entanglement and the Ethics of Closing Humanitarian Projects’, in Ahmad, A. and Smith, J. (eds), Humanitarian Action and Ethics (London: Zed Books), pp. 22–39.
Inter-Agency Standing Committee (IASC) (2021), ‘IASC Operational Guidance on Data Responsibility in Humanitarian Action’, IASC, https://interagencystandingcommittee.org/operational-response/iasc-operational-guidance-data-responsibility-humanitarian-action (accessed 20 October 2022).
International Committee of the Red Cross (ICRC) (2020), Handbook on Data Protection in Humanitarian Action, ICRC, www.icrc.org/en/data-protection-humanitarian-action-handbook (accessed 6 September 2022).
International Committee of the Red Cross (ICRC) (n.d.), ‘Duty of Care: Elements of Definition’, https://unsceb.org/sites/default/files/imported_files/ICRC%20-%20Duty%20of%20Care%20ICRC%20definition.pdf (accessed 6 September 2023).
InterAction (2003), ‘Data Collection in Humanitarian Response: A Guide for Incorporating Protection. InterAction Protection Working Group Data Collection’, InterAction, https://www.globalprotectioncluster.org/_assets/files/tools_and_guidance/InterAction_Guide_Incorporating_Protection_2003_EN.pdf (accessed 20 October 2022).
Médecins Sans Frontières (MSF) (2013), ‘MSF Data Sharing Policy’, MSF, www.msf.org/sites/msf.org/files/msf_data_sharing_policycontact_infoannexes_final.pdf (accessed 20 October 2022).
Médecins Sans Frontières (MSF) (2018), ‘MSF Health Data Protection Policy’, https://web.archive.org/web/20210803095816/https://bibop.ocg.msf.org/docs/1/L001POLM02E_MSF-Health-Data-Protection-Policy.pdf (accessed 6 September 2023).
Office for the Coordination of Humanitarian Affairs (OCHA) (2020), ‘Guidance Note on Humanitarian Data Ethics’, OCHA, https://data.humdata.org/dataset/2048a947-5714-4220-905b-e662cbcd14c8/resource/a39c4674-d976-42ae-af31-e037c1ffb9fe/download/guidance_note_ethics.pdf (accessed 20 October 2022).
Office for the Coordination of Humanitarian Affairs (OCHA) (2021), ‘The OCHA Data Responsibility Guidelines’, OCHA, https://centre.humdata.org/the-ocha-data-responsibility-guidelines/ (accessed 20 Oct. 2022).
OXFAM (2017), ‘Rough Guide to Exit Strategies’, Oxfam, https://www.oxfamwash.org/en/running-programmes/exit/Oxfam%20Rough%20Guide%20to%20Exit%20Strategies.pdf (accessed 20 October 2022).
Pal, N. E., Eckenwiler, L., Hyppolite, S.-R., Pringle, J., Chung, R. and Hunt, M. (2019), ‘Ethical Considerations for Closing Humanitarian Projects: A Scoping Review’, Journal of International Humanitarian Action, 4:1, doi:10.1186/s41018-019-0064-9.
Paragi, B. (2021), ‘Digital4development? European Data Protection in the Global South’, Third World Quarterly, 42:2, 254–73, doi: 10.1080/01436597.2020.1811961.
Parekh, S. (2017), Refugees and the Ethics of Forced Displacement (New York: Routledge).
Richardson, H. S. (2012), Moral Entanglements: The Ancillary-Care Obligations of Medical Researchers (Oxford: Oxford University Press).
Rosenbaum, S. (2010), ‘Data Governance and Stewardship: Designing Data Stewardship Entities and Advancing Data Accesses’, Health Services Research, 45:5(Part 2), 1442–55.
Saeed, H. M., Schwartz, L. and Hunt, M. (2022), ‘Ethical Considerations Associated with Closing a Non-communicable Disease Program in a Humanitarian Setting, Canadian Journal of Bioethics / Revue canadienne de bioéthique, 5:2, 132–5, doi:10.7202/1089793ar.
Sitali, N., Briskin, E., Foday, J., Walker, C., Keus, K., Smart, F., Ali, E. and Whitehouse, K. (2022), ‘What It Takes to Get It Right: A Qualitative Study Exploring Optimal Handover of Health Programmes in Tonkolili District, Sierra Leone’, Global Public Health, 1–12, doi:10.1080/17441692.2022.2058047.
Sphere Project (2018), Sphere Handbook: Humanitarian Charter and Minimum Standards in Humanitarian Response, Sphere Project, https://spherestandards.org/handbook-2018/ (accessed 20 October 2022).
Squire, V., Fayehun, O., Jones, B., Moro, L., Porto de Albuquerque, J., Stevens, D., Trigwell, R., Àkànle, O., et al. (2022). Data and Displacement: Assessing the Practical and Ethical Implications of Data-Driven Humanitarianism for Internally Displaced Persons in Camp-Like Settings, University of Warwick, https://warwick.ac.uk/fac/soc/pais/research/projects/internationalrelationssecurity/dataanddisplacement/data-displacement/ (accessed 20 October 2022).