IN-CONFIDENCE
MSD Survey Standard
Approved by:
Privacy Security Oversight Board (PSOB)
Approval date:
15 June 2022
Next review:
15 June 2024
Standard Owner:
General Manager Information
Introduction
The Ministry of Social Development (“the Ministry”) often surveys clients, staff, stakeholders, and the
public to help inform insights into our performance or areas for improvement around projects,
programmes and initiatives being undertaken.
Surveys may be undertaken by the Ministry alone, in partnership with another organisation, or by a
third party creating and conducting surveys on the Ministry’s behalf.
This Standard is intended to provide guidance to Business Units who may undertake or facilitate
surveys on the Ministry’s behalf, and to set out the basic requirements that must be met.
1
Standard
1.1 Applicability
1.1.1
This Standard
must be applied by any Business Unit that conducts or facilitates a survey.
1.1.2
Surveys
must only collect information classified at ‘Unclassified’ and ‘In-Confidence’, in accordance
with MSD’s Information Classification Standard.
1.1.3
The Information Group
must be consulted immediately if, for any reason, a survey relates to
information classified above ‘In-Confidence’ (i.e., ‘Sensitive’ or ‘Restricted’).
1.2 Definitions
1.2.1
“Survey” means research questions on one or more topics, to which people are invited to voluntarily
respond to for the purposes of gaining insights
.
1.2.2
“Personal information” is any information about a specific individual. The information does not need
to name the individual, if they are identifiable in other ways, like through their home address (it does
not include a company, or a Trust, or an NGO).
1.2.3
“Collection” includes collection by phone, mail, email, the internet, in person, on social media, or
through a specialised survey tool.
1.2.4
“Bias” is an inclination or prejudice for or against one person or group, especially in a way that could
be considered to be unfair.
1.2.5
“Discrimination” is an unjust or prejudicial treatment of different categories of people, especial y on
the grounds of race, age, sex, or disability.
1.2.6
“Responses” to questions may be yes or no, on a scale, multi-choice, or free text.
1.2.7
“Conducting” a survey includes (but is not limited to):
1
IN-CONFIDENCE
• creating survey questions
• choosing participants
• distributing the survey
• collecting responses
• storing responses
• analysing responses
• sharing responses or analysis of responses with others (whether inside the Ministry or externally)
• disposing of responses.
2
Meeting the Standard
2.1 Demonstrating compliance
2.1.1
Compliance with this Standard
must be clearly documented and agreed by the Control Owner or
relevant Manager responsible for the Survey.
2.2 Purpose and collection
2.2.1
The Business Unit
must document a clear purpose for the survey and the rationale for each survey
question and associated collection of information from participants.
2.2.2
The Business Unit
must engage the Information Group to review survey questions
if any personal
information is likely to be collected.
2.2.3
Prior to conducting any survey participants
must have the purpose for collection and use of
information explained to them.
2.3 Transparency and consent
2.3.1
Participation in all surveys
must be voluntary, and it
must be clear that participation is voluntary.
2.3.2
There
must be clear, relevant, and accessible information made available for all participants in
advance of their consenting to participate.
2.3.3
At a minimum, the information
must make clear:
• what the purpose of the survey is
• that participation is voluntary and that a decision not to participate will not affect a prospective
participant’s relationship with the Ministry
• whether responses will be kept anonymous or whether the participant will be identifiable
• how responses will be used by the Ministry or by others
• who will view the responses (e.g., if they are to be shared with other organisations, which
organisations will view the responses)
• what will happen to the survey responses on completion of the survey (e.g., analysis, storage,
destruction, etc.)
• [
if personal information is being collected] that those individuals have the right to access and
correct information collected about them; and that they are provided with appropriate MSD contact
information.
2.4 Anonymising surveys
2
IN-CONFIDENCE
2.4.1
Where identifying an individual is not necessary, there
must be a process in place to ensure that no
personal information is collected. Surveys
must not include free-text fields for this purpose.
2.4.2
If surveys need to include free-text field the Information Group
must be consulted for guidance.
2.4.3
Where identifying an individual is not necessary, the participants of the survey
must be advised not
to enter any personal information into the survey.
2.4.4
There
must be a documented process for removing and destroying any unexpected collection of
personal or identifiable information that participants supply in response to the survey, as per the
Ministry’s Information Retention and Disposal Standard.
2.4.5
Where identifying an individual is necessary, but their personal information is not necessary for
research and evaluation, there
must be a process in place to ensure that the information is de-
identified.
2.4.6
Where participants need to create a profile or log-in to use a survey tool, usernames and passwords
must meet the MSD Password Standard.
2.5 Research and Evaluation responsibilities
2.5.1
Surveys with the
explicit purpose of Research and Evaluation
must have their survey questions
reviewed by the Research and Evaluation team to reduce the risk of unintended bias or
discrimination. An Ethics assessment form must be completed and sent to the Information Group.
2.5.2
Consistent with 2.4, if personal information is collected from surveys, it
must be de-identified after
relevant research and evaluation purposes are met.
2.5.3
If analysis of a survey creates or reveals data capable of identifying an individual, the Privacy team
must immediately be contacted for advice.
2.6 Tool selection
2.6.1
The method or tool used for publishing or submitting the survey
must be certified and accredited,
with its use approved by the Ministry and the Chief Information Security Officer (CISO) and Chief
Privacy Officer (CPO). The Information Group can be contacted to confirm a method or tools
certification status.
2.6.2
The method or tool used
must be appropriate for the purpose intended and be used in the way for
which it has been approved. Some tools have been approved at MSD Enterprise level. See 3.2 for
further details and their accompanying patterns to ensure use is consistent with Information Group
expectations.
2.7 Managing bias and discrimination
2.7.1
Care
must be taken to ensure that the end-to-end conduct of surveys does not introduce bias or
discrimination at any point. Bias or discrimination may be introduced through the creation of
inappropriate survey questions, the selection of participants, the distribution of surveys, access to
surveys, and the analysis and implementation of survey responses.
2.7.2
If surveys have the potential to include or introduce any bias or discrimination, or it is uncertain if
they will, the survey
must be reviewed end to end by the Information Group to minimise any
potential risk.
2.7.3
Where surveys produce results that are (or appear to be) biased or discriminatory, steps
must be
taken to identify and remove or mitigate the unintended bias or discrimination.
3
IN-CONFIDENCE
2.7.4
Accessibility options for surveys
must be explored to ensure that those who may not be able to
engage with surveys through conventional methods and tools are still able to have their responses
collected.
2.8 Engaging with third parties
2.8.1
When using a third-party to deliver a survey or part of a survey, the Third-Party Assurance Standard
for Information
must be met.
2.8.2
If the third-party cannot meet the Third-Party Assurance Standard, the Information Group
must be
consulted immediately.
2.9
Retention and access to data
2.9.1
Access rights of MSD staff members (or third-party) to the information
must be controlled to ensure
that user access is controlled, and access removed when no longer required.
2.9.2
Any survey related information including participants details and responses
must be managed in a
secure manner in accordance with the Ministry Information Retention and Disposal standard,
including being stored in an appropriate corporate information repository such as Objective
(EDRMS).
3
References
3.1.1
Key artefacts used as inputs in the development of this Standard or that directly support the application
of this Standard.
Third-party Assurance Standard
Third-party Assurance Standard – operational guidance
Information Classification Standard
Privacy Policy
Information Retention and Disposal Standard
MSD Password Standard
Research and Evaluation Team - Ethics Toolkit
3.2 Draft patterns to be approved at a later date:
3.2.1
SurveyMonkey – Attestation Document Template (A14199362)
• Recommended to be used for activities, such as Anonymous surveys, non-sensitive information.
3.2.2
Citizen Space – Attestation Document Template (A14303716)
• To be used for activities, such as Engagement and consultation with members of the public, or surveys
which may or may not permit anonymous responses.
4