-
هل الدولة/ الجمعية الوطنية/المؤسسة أدرجت الالتزامات الواردة في هذا القرار في الخطط الاستراتيجية أو التشغيلية ذات الصلة؟
نعمأُدرجت الالتزامات في كل مما يلي
الاستراتيجية
السياساتعلى المستوى الدولي, المستوى الوطني المستو
التفاصيل:
As part of the BRC’s participation in the Movement RFL Code of Conduct on Data Protection Application Group and membership of both the Archiving Policy and Deletion thematic working groups, we have contributed to the creation and dissemination of standard archiving policy and deletion guidelines for Family Links Network (FLN) members.
In 2020, Migration and Displacement was identified and incorporated as one of the three areas of focus for the BRC Strategy 2030. Through Strategy 2030, the BRC has committed to ensuring that “every person experiencing displacement in the UK has the opportunity to rebuild their lives, maintaining and restoring links with their loved ones” – including through implementation of new information technologies and development of staff and volunteers’ data skills and capacity – by 2030.
The Foreign, Commonwealth and Development Office (FCDO) is assisting the British Red Cross in seeking confirmation from the Information Commissioner’s Office (ICO) that the British Red Cross may use the public interest basis when processing personal data related to the carrying out of our humanitarian activities.
-
هل الدولة/ الجمعية الوطنية/المؤسسة تعمل مع شركاء آخرين من أجل تنفيذ الالتزامات الواردة في هذا القرار ؟
نعمعملت في شراكة مع:
الحكومة و/أو السلطات العامة
اللجنة الدولية للصليب الأحمر / الاتحاد الدولي
جمعيات وطنية أخرى للصليب الأحمر أو الهلال الأحمر
شركاء في العمل الإنساني والإنمائي (على سبيل المثال، الأمم المتحدة، منظمات غير حكومية الخ..)أمثلة على التعاون مع شركاء:
The BRC has agreed to use the Family Links Answers (FLA) tool’s ‘Interoperability’ function, to facilitate secure exchange of cases with other National Societies and ICRC delegations.
Following the cyber incident in 2022, the BRC has also agreed to use the ICRC Central Tracing Agency secure system, ASPERA.
The BRC participated in the Movement’s Application Group for the RFL Code of Conduct on Data Protection and became a member of two thematic working groups: Archiving Policy and Deletion.
We have worked closely with the UK Information Commissioner’s Office on responding to the cyber incident in 2022, identifying 1,553 priority cases of potential data breach and processing all cases for notification.
-
هل واجهتم أية تحديات في تنفيذ الالتزامات الواردة في هذا القرار ؟
نعمتحديات بشأن:
غير ذلكتفاصيل عن هذه التحديات:
Our challenges have arisen mainly from incompatibility with external partners’ standards and practices:
There have been challenges working with UK Missing Person’s Unit (UKMPU), part of the government’s National Crime Agency, to develop a pilot that aims to provide answers to families whose loved ones may have died in boat sinkings.
For a period, NHS Scotland ceased their letter-forwarding system used by the British Red Cross tracing service. NHS Scotland expressed concern that the use of personal data in this way did not meet GDPR conditions. The British Red Cross brought to the attention of NHS Scotland Article 49 of the GDPR, which notes the derogations with respect to humanitarian work, as well as 33rd International Conference Resolution 4. NHS Scotland subsequently changed their position and they have resumed the letter-forwarding service (for the British Red Cross only as far as we are aware, and not for other organisations).
As other National Societies have also experienced, data transfer to third parties may present a challenge due to incompatible standards, practices and systems. The International Organization for Migration (IOM), particularly, cannot accept information via Egress and this has presented an obstacle to data sharing. Instead, a Data Protection Impact Assessment (DPIA) was carried out and a joint SharePoint Site has been created.
-
هل كان للالتزامات الواردة في هذا القرار أي آثار على عمل الدولة/ الجمعية الوطنية/المؤسسة وإدارتها؟
نعمنوع التأثير:
تعزّز التعاون بين الحكومة /السلطات العامة والجمعية الوطنية
أصبحت البرامج والعمليات أكثر فعالية وكفاءة
وضعت أدوات/منهجيات ابتكارية ويجري استخدامها
تزايد تدريب الموظفين والمتطوعين وتنمية قدراتهم (في ما يتعلق بالجمعية الوطنية)تفاصيل عن هذا التأثير:
The BRC devised a data mapping exercise spreadsheet to map all data storage and to identify and mitigate risks.
To minimise data protection risks, the BRC conducted Data Protection Impact Assessments (DPIAs) for tools including Trace the Face, Family Links Answers (FLA), and the video conferencing tool used by the prison service.
Data protection is now included in our FLA training content, ensuring that new FLA users are aware of the risks and responsibilities related to data processing.
All our RFL caseworkers are now using Egress software for sharing personal information with external organisations via email. The Egress software is embedded in our email system, ensuring secure transfer of emails and documents to non-secure email addresses.
The BRC has produced an online training course titled ‘Data Matters’, which is now mandatory for all staff and volunteers. A yearly refresher of this training is also mandatory.
Key guidance on data protection and data collection practices is included in our new casework manual, which acts as a ‘one-stop shop’ resource for all members of the International Family Tracing team.
-
5- هل كان للالتزامات الواردة في هذا القرار أي آثار على المجتمعات المحلية التي تستفيد من خدمات الدولة/ الجمعية الوطنية/المؤسسة؟
نعموصف هذا التأثير:
BRC personal information leaflets for RFL services have now been translated into 16 languages, providing enquirers with information on our data processing activities, their data rights, and who and how to contact if they have any concerns or questions.
Dashboards for the FLA casework management tool now monitor any issues related to data quality and consent, improving accountability and oversight.
We have removed around 16,000 contact records on FLA, as part of ensuring respect for individuals’ data rights.
Following the 2022 cyber incident, 1,553 priority individuals were appropriately notified of the potential breach of their personal data.
لا يمكن تحميل اللجنة الدولية للصليب الأحمر والاتحاد الدولي لجمعيات الصليب الأحمر والهلال الأحمر واللجنة الدائمة للصليب الأحمر والهلال الأحمر، بصفتها الجهاز المفوض من قبل المؤتمر الدولي للصليب الأحمر والهلال الأحمر (المؤتمر)، بأي شكل كان المسؤولية عن أي محتوى أو مشاركات منشورة من قبل المستخدمين في قاعدة البيانات هذه. يحتفظ فريق الموقع الالكتروني بحق إزالة أي مشاركة أو محتوى في حال تنافيا مع المبادئ الأساسية للحركة الدولية للصليب الأحمر والهلال الأحمر و / أو مع أهداف المؤتمر.
