1. Introduction
One Love Sisters Ghana (OLS) is committed to protecting the privacy, dignity, and safety of all individuals whose personal data we collect, store, and process through our programs, research, advocacy, and gender-based violence (GBV) hotline services. As a feminist, LBQ- and GNC-led organization, OLS recognizes that our communities often face systemic violence, criminalization, and discrimination. Safeguarding personal information is therefore not only a legal obligation but also a moral, political, and feminist commitment to care and safety. This policy aligns with:
- The Data Protection Act, 2012 (Act 843) of Ghana;
- UN and donor data protection standards; and
- OLS's feminist, trauma-informed, and rights-based principles of
confidentiality, consent, and survivor-centeredness.
2. Purpose of the Policy
This policy ensures that all OLS staff, volunteers, consultants, and partners understand their responsibilities in handling data-particularly sensitive survivor information collected through the GBV hotline, tele-nursing system, and field activities. It provides clear guidelines to:
- Protect personal and sensitive data from misuse or unauthorized access;
- Uphold the privacy and safety of survivors and community members; and
- Promote a culture of accountability and feminist care in all OLS operations.
3. Scope
This policy applies to all OLS personnel and activities involving data collection, processing, or storage, including:
- GBV hotline and tele-nursing services;
- Community healing and wellness programs;
- Monitoring, Evaluation, Accountability, and Learning (DMEAL) processes;
- Organizational and donor reporting; and
- Research, advocacy, and communications.
4. Guiding Principles
OLS's data protection approach is guided by the following principles:
1. Confidentiality and Safety:
All survivor and community information is kept strictly confidential. Identities and details are not disclosed without consent or unless legally required for protection.
2. Informed Consent:
Personal data is collected only after clear, voluntary consent. Hotline callers are informed that their information will remain confidential and may be anonymized for reporting.
3. Feminist and Survivor-Centered Care:
OLS's approach prioritizes safety, dignity, and emotional well-being over data collection needs. Survivors always control their narratives.
4. Data Minimization:
Only essential data for service delivery or monitoring is collected-never more than necessary.
5. Anonymity and Protection:
Hotline and tele-nursing systems use coded identifiers (e.g., case numbers) instead of names to preserve anonymity.
6. Accountability and Transparency:
All data processes are documented, reviewed, and shared transparently within the organization.
7. Do No Harm:
No data activity should expose a survivor or community member to stigma, violence, or legal risk.
5. Categories of Data Collected
OLS may collect:
- Personal Data: Age, gender identity, region, and contact details (if voluntarily
shared).
- Sensitive Data: Sexual orientation, gender identity, health information, and
details of GBV or human rights violations.
- Operational Data: Hotline logs, referral records, training attendance, and M&E
forms.
- Administrative Data: Staff, partner, and donor information for accountability
and reporting. All sensitive information is anonymized before being analyzed or reported externally.
6. GBV Hotline and Tele-Nursing Data Pr otocols
1. Call Documentation:
- Operators record only essential data-case type, general location, gender, age
bracket, and service provided.
- Names, phone numbers, or identifiable details are optional and recorded only
with explicit consent.
- Operators assign a unique case code for each call.
2. Confidentiality and Caller Safety:
- Calls are handled in private, secure spaces.
- No recording of calls unless required for quality review and with caller consent.
- Call logs are stored in encrypted digital systems accessible only to authorized
team members.
3. Referrals and Follow-ups:
- When connecting survivors to external service providers (healthcare, legal,
psychosocial), OLS ensures prior consent.
- Only necessary details for service delivery are shared.
- Survivors can withdraw consent at any stage.
4. Crisis Management:
- In cases of imminent harm, suicide risk, or danger to a child, limited data may be
disclosed to trusted response partners in line with OLS's safeguarding protocols.
5. Wellness and Debriefing:
- Operators and coordinators participate in regular wellness debrief sessions where
case details are discussed anonymously to prevent secondary trauma.
7. Data Storage and Security
- Physical files are kept in locked cabinets at OLS's main office, accessible only to
authorized personnel.
- Digital data is encrypted and stored on secure cloud servers with password
protection.
- Access is granted on a need-to-know basis and governed by signed
confidentiality agreements.
- Quarterly security reviews are conducted by the DMEAL team to ensure
compliance.
8. Data Sharing and Disclosure
OLS does not share personal data externally unless:
- There is informed consent from the survivor or participant;
- Disclosure is legally mandated for protection; or
- Data is anonymized for advocacy, research, or donor reporting.
- All partner organizations or consultants accessing OLS data must sign a Data
Protection and Confidentiality Agreement.
9. Data Retention and Disposal
- Survivor and hotline records are retained for a maximum of five years unless
otherwise required by law.
- Data that is no longer needed is securely deleted or shredded.
- Anonymized, aggregate data may be used for learning and advocacy purposes.
10. Rights of Data Subjects
Individuals have the right to:
- Know what data OLS holds about them;
- Request correction or deletion;
- Withdraw consent; and
- Lodge complaints regarding misuse of data.
OLS commits to responding to such requests within 15 working days.
11. Breach Response
In the event of a data breach:
1. The DMEAL Officer and Executive Director are notified immediately.
2. The breach is documented and assessed.
3. Affected individuals are informed, where appropriate.
4. Measures are taken to prevent recurrence.
12. Roles and Responsibilities
- Executive Dir ector: Provides overall oversight and ensures compliance.
- DMEAL Officer / Data Protection Lead: Oversees implementation, conducts
data audits, and leads training.
- Hotline & Tele-Nursing Coor dinator s: Ensure adherence to confidentiality and
documentation protocols.
- All Staff & Volunteer s: Maintain privacy standards and report any suspected
breach.
13. Capacity Building
OLS will provide r egular feminist and trauma-informed data protection tr aining to:
- Hotline operators and tele-nurses;
- Program and administrative staff; and
- Partner organizations.
14. Policy Review
This policy will be reviewed ever y two years or whenever legal or operational changes occur. Updates will be approved by the Executive Director and Board.
15. Effective Date
This policy takes effect on Apr il 15, 2025, and supersedes any previous data protection guidance within OLS. Appr oved by: Leila Yahaya Executive Director, One Love Sisters Ghana Date: 15TH April 2025
