CONSULTANCY TO DEVELOP A DATA PROTECTION, PRIVACY AND MANAGEMENT STRATEGY FOR THE JASIRI PROGRAM

TERMS OF REFERENCE FOR CONSULTANT TO DEVELOP A DATA PROTECTION, PRIVACY AND MANAGEMENT STRATEGY FOR THE JASIRI PROGRAM.

1.Purpose

The Jasiri Consortium comprising Centre For Rights Education and Awareness (CREAW), Grassroots Organizations Operating Together in Sisterhood (GROOTS Kenya), Collaborative Center for Gender and Development (CCGD), Centre for Domestic Training and Development (CDTD) and Advocates for Social Change Kenya (ADSOCK) are jointly implementing the Jasiri Program for a period of 5 years (2023-2028). The consortium seeks to retain a consultant to develop a Data Protection and Privacy and Management Strategy for the program that will safeguard program data and outline data management and data sharing protocols for the program which align with Data Privacy and Protection Laws in Kenya. The successful consultant will work closely with technical leads from the consortium partner organizations to co -create the strategy and action plan and monitoring framework.

2.Context

The Jasiri program builds on the achievements of a pilot program implemented by the consortium during the COVID Pandemic to address the high incidences of gender-based violence. The program seeks to deepen support to most at-risk girls and young women who are survivors of gender-based violence in 16 counties [Nairobi, Kilifi, Mombasa, Meru, Nyeri, Mandera, Busia, Kajiado, Kwale, Samburu, Baringo, Kakamega, Tana River, Kiambu, Garissa and Bungoma Counties] in Kenya that are recording high prevalence rates of Gender Based Violence. The Jasiri Program will expand its scope to address GBV and the heavy load of unpaid care and domestic work as an emerging gender barrier that disproportionately affects adolescent girls and young women living in rural areas and urban informal settlements.

This program will address the following systemic and structural barriers:

1. Limited access to gender-responsive financial resources and skilling would reduce entrepreneurship and employment opportunities for adolescent girls and young women who are GBV survivors or at risk of GBV.
2. Limited capacity and resources among national and sub-national (county) governments and GBV service providers to effectively respond to GBV and unpaid care work faced by adolescent girls and young women.
3. Social norms and harmful cultural beliefs, attitudes and practices expose AGYW to abuse and discrimination and prevent them from meaningfully participating in the world of work.

The program’s broad interventions are:

1. Engage financial services providers and State department of gender to build up responsive and inclusive financial services that cater to the full range needs of young women especially gender-based violence survivors. Support and collaborate with community skilling partners to provide skilling opportunities (life skills, entrepreneurship) to GBV survivors and most at-risk Adolescent Girls and Young women (AGYW) as a pathway to work.
2. Collaborate with national and county governments and to address unpaid care and domestic work through policy, practice, and budget reforms. Engage community leaders and gatekeepers (including men, boys, and cultural and religious leaders) in shifting perceptions, attitudes, and beliefs that perpetuate gender inequalities e.g. GBV and the heavy load of unpaid care work.
3. Enhance capacity and resilience GBV service providers including Safe shelter actors to provide timely, safe, and confidential services to support the short- and long-term healing and empowerment of GBV survivors. Enhance capacity of National and county governments (e.g., sensitization on how to domesticate national GBV policies and SOPs) to implement laws and policies that prevent and respond to GBV.

Some of the expected program outcomes will include:

1. Increased utilisation and uptake of gender responsive and inclusive financial services/products by young women and young women owned MSME’s.
2. Enhanced resilience of GBV survivors and most at-risk adolescent girls and young women in entrepreneurship and in the world of work.
3. More time and agency for adolescent girls and young women to participate in economic opportunities.

3.Objectives

The primary objective of this consultancy is to develop a comprehensive Data Protection, Privacy and Management Strategy tailored to the needs of the Jasiri Program. Specific objectives include:

1. To identify the potential risks and vulnerabilities related to data management and protection.
2. To undertake a review of existing policies, procedures, and guidelines for effective data management and protection and data sharing.
3. To make recommendations for the implementation of the strategy and capacity strengthening measures to include action plans and a monitoring framework.
4. Assess the current data protection, privacy and management policies and practices within the program.
5. Identifying potential risks and vulnerabilities related to data management and protection.
6. Developing policies, procedures, and guidelines for effective data management and protection and data sharing.
7. Providing recommendations for the implementation of the strategy and capacity strengthening measures to include action plans and a monitoring framework.
8. Ensuring the strategy complies with relevant national and global data protection laws, regulations and ethical standards.

4.Methodology

The consultant will propose a comprehensive methodology in order to achieve the objectives of this assignment. The methodology should be thorough, participatory and include clear explanations of how they plan to execute the assignment. The methodology should specifically address each task of the assignment and how they contribute to strengthening the data protection, privacy and management priorities and needs of the program. The consultant will be expected to further refine the methodology with technical leads from the consortium partners.

A detailed activity and work plan, as well as a budget and timeline for the entire assignment, should be included.

5.Scope of work

The consultant will undertake the following task:

1. Review existing documentation on data protection, privacy and management.
2. Conduct interviews and consultations with key stakeholders including but not limited to Jasiri Program partners and participants to understand their data management priorities, needs and concerns.
3. Assess the data collection, analysis, storage, and sharing practices.
4. Identify potential risks, threats, and vulnerabilities to the security and privacy of data.
5. Develop a comprehensive Data Protection, Privacy and Management Strategy, including policies, protocols, and guidelines.
6. Develop an action plan and monitoring framework aligned to relevant International and national data protection laws, regulations, ethical standards, and best practices.
7. Submit a final report with detailed analysis, findings, recommendations, action plan and monitoring framework.
8. Facilitate a program partner induction on the strategy.

6. Deliverables

1. Inception Report: Detailed methodology, data collection tools, and work plan within 5 days of contract commencement.
2. Final data collection, and assessment tools.
3. Draft Report: detailed analysis, findings, recommendations, action plan and monitoring framework.
4. Final Report: Revised report based on feedback received from the program partners.

7.Timelines.

The level of effort for this assignment is 30 consultancy days. The assignment is expected to be completed within 60 days after execution of the contract.

8.Qualifications of the consultant.

1. Post graduate degree in social science and any other related field.
2. At least 5 years of relevant experience in developing data management, safeguarding and protection strategies, particularly in the context of human rights and gender related programming.
3. Experience in carrying out similar assignment.
4. Excellent research and analytical, communication, and report writing skills.
5. Ability to work independently and collaboratively with diverse stakeholders.
6. Knowledge and experience in national, regional and international data protection laws and regulations.

9.Application procedures

The consultant should submit an Expression of Interest which includes:

1. A detailed technical proposal highlighting:
2. A financial proposal: A detailed budget proposal outlining the consultant’s fees and any additional costs associated with the consultancy.
3. Description of consultants’ skills and experience that match the TOR requirements
4. An understanding of the assignment
5. Previous similar assignments
6. Proposed methodology
7. Workplan
8. Consultant’s CV