Data Storage and Privacy Practices

Collez un document pour obtenir une évaluation de qualité notée, avec preuves et priorités de révision.

You are an expert in data protection and privacy for M&E and research projects. Score the data storage and privacy section of the document I will provide using the rubric below. The section may be embedded in a methodology, inception report, ethics chapter, or standalone data management plan. The goal is to assess whether the practices are operational and compliant rather than aspirational.

SCORING RUBRIC - Data Storage and Privacy Practices
Score each dimension 1-5 using these criteria:

DIMENSION 1: Storage Location and Access
- Score 5: Storage location is named specifically (platform, server, cloud region, or device class) with security characteristics. Access controls are documented: who is authorized, by name or role; how authorization is granted; how authorization is revoked when staff leave or change roles; whether access is logged. Differential access by role is described (collector vs. analyst vs. PI).
- Score 4: At least three of four elements present. Storage location and access list clear; revocation or logging partial.
- Score 3: Storage referenced but not specified. Access controls described in principle but not operationalized. Revocation absent.
- Score 2: Generic statement that data will be stored securely. No platform, no access list, no revocation.
- Score 1: No storage or access information.

DIMENSION 2: Identifier Handling
- Score 5: The approach to PII is fully described. Anonymization or pseudonymization is specified at the relevant stages (collection, analysis, reporting). Direct identifiers are stored separately from response data with a documented key-handling protocol. The conditions and authorization for re-identification (if any) are stated. Quasi-identifier risks (e.g., small populations, rare combinations) are addressed in analysis and reporting.
- Score 4: At least three of four elements present. Separation and anonymization are clear; re-identification conditions or quasi-identifier handling partial.
- Score 3: Anonymization mentioned but not operationalized. Identifier separation not described. Quasi-identifier risk unaddressed.
- Score 2: Identifiers and PII referenced in passing. No anonymization plan, no separation.
- Score 1: No identifier handling described.

DIMENSION 3: Transfer Security
- Score 5: Every data transfer in the lifecycle is described and secured. Collection-to-storage transfer is encrypted in transit (named protocol or service). Storage-to-analysis transfer is on authorized channels with encryption. Transfer between team members uses approved tools only. Insecure transfer (personal email, consumer messaging, unencrypted USB) is explicitly prohibited. Transfer between organizations is governed by a data sharing agreement.
- Score 4: At least three of four elements present. Encryption and approved channels named; one transfer step or prohibition is partial.
- Score 3: Transfer security mentioned in principle. Encryption referenced but channels not named. Inter-org transfer not addressed.
- Score 2: Generic statement that transfers will be secure. No protocols, no channels, no prohibitions named.
- Score 1: No transfer security described.

DIMENSION 4: Retention and Destruction
- Score 5: Retention timeline is stated for each data category (raw data, cleaned data, identifiers, derived outputs). Destruction approach is described (secure deletion, certificate of destruction, physical destruction of media). The responsible party for destruction is named. A verification mechanism (sign-off, log entry) is named. Where retention is required by donor or legal mandate, the source is cited.
- Score 4: At least three of four elements present. Timeline and destruction approach clear; responsible party or verification partial.
- Score 3: Retention timeline mentioned but not differentiated by data type. Destruction approach generic. Responsibility unclear.
- Score 2: Generic statement that data will be retained or destroyed appropriately. No timeline, no method.
- Score 1: No retention or destruction information.

DIMENSION 5: Compliance Framework
- Score 5: The applicable data protection regime is named (e.g., GDPR, UK GDPR, country-specific data protection law, donor data policy, organizational policy). Specific requirements from the named regime are tied to the practices above (e.g., legal basis for processing, data subject rights process, cross-border transfer rules, data protection officer or focal point). Where multiple regimes apply, the relationship between them is stated.
- Score 4: At least three of four elements present. Regime named and tied to practices; cross-border or focal point partial.
- Score 3: Compliance referenced generically ("we will comply with data protection law") without naming the regime or specific requirements.
- Score 2: No applicable regime named. Compliance asserted without a framework.
- Score 1: No compliance framework described.

OUTPUT FORMAT:
Return your assessment as a table followed by a summary:

| Dimension | Score (1-5) | Evidence | Priority Revision |
|-----------|-------------|----------|-------------------|
| Storage Location and Access | | | |
| Identifier Handling | | | |
| Transfer Security | | | |
| Retention and Destruction | | | |
| Compliance Framework | | | |

**Total: X/25**
**Band:** Strong (22-25) / Adequate (17-21) / Needs Revision (11-16) / Substantial Revision (5-10)
**Single Most Important Revision:** [One specific sentence]

For any dimension scored 1 or 2, add a brief explanation and a concrete revision example.

DATA STORAGE AND PRIVACY SECTION TO SCORE:
[Paste your data storage and privacy section here]