Data governance for the delivery of community and human services
Designation Number:
CAN/DGSI 100-11
Standard Type:
National Standard of Canada - Domestic
Standard Development Activity:
New Standard
ICS code(s):
03.100.02 03.100.40 35.020 35.030
Status:
Proceeding to development
SDO Comment Period Start Date:
SDO Comment Period End Date:
Posted On:
Scope:
Scope
This proposed standard aims to specify minimum requirements for the responsible and
privacy-preserving collection, storage, use, and sharing of personal information by
organizations delivering community and human services.
Considerations are given to:
● client/beneficiary and donor data;
● data governance and management practices;
● privacy regulations and other applicable legislation;
● relevant ethical guidelines and practices; and
● requirements for service providers, funders, and technology vendors.
Project need:
Project Need
Canada’s community and human service providers deliver services and support to
vulnerable and at-risk individuals. The vast majority of these organizations collect and use
some amount of client data. Some of this data is sensitive – such as participation in
addiction treatment, a health diagnosis, or experience of violence.
Beyond client information, many also collect financial donations by individuals. This
financial support can be critical to their success.
As community and human service providers adopt new technologies for client and donor
management, this can multiply the amount of data under control of organizations and
their vendors. This can pose serious new risks to privacy and security which may not be
well understood:
1. Unauthorized use of client data can cause irreparable harm to clients, including
reputational damage, trauma, exposure to identity theft and fraud.
2. If donor data is compromised, it can also result in a loss of donor confidence.
3. The reputation of the organization and the community and human service sector
as a whole can be undermined as data breaches and other harms accumulate.
4. Further harm to more vulnerable populations, including Indigenous and racialized
communities, who have been disproportionately impacted by data harm.
Note: The information provided above was obtained by the Standards Council of Canada (SCC) and is provided as part of a centralized, transparent notification system for new standards development. The system allows SCC-accredited Standards Development Organizations (SDOs), and members of the public, to be informed of new work in Canadian standards development, and allows SCC-accredited SDOs to identify and resolve potential duplication of standards and effort.
Individual SDOs are responsible for the content and accuracy of the information presented here. The text is presented in the language in which it was provided to SCC.