• Phase 1: Assessment & Preparation

    Determine the breadth and scope of the

    implementation and resource as required.

  • Welcome to the CPIMS+ Rollout Guidelines, Phase 1! In this phase, we ensure that information management for case management processes are in place and data protection measures are accounted for before rolling out CPIMS+.

     

    Before you begin, please keep in mind that CPIMS+ is just one tool in the larger Case Management and Child Protection Information Management System and is not case management itself​​​​​​​. CPIMS+ requires a solid case management foundation. 

     

    CPIMS+ represents an opportunity to strengthen case management with the use of information management technology. This means that in order to deploy the CPIMS+ it is important to have a case management system in place or in development with clear planning that ensures that child protection staff are well trained on case management before expecting utilization of the CPIMS+. The system reflects SOPs, workflows and paper forms that partners are utilizing, therefore ensuring these are coordinated and agreed upon are key.

     

    In rapid onset emergencies a "lighter" version of case management can be considered and the CPIMS+ deployment can happen in parallel to the set up of the case management response.

     

    In accordance with the CPWG, 2014, Interagency Guidelines for Case Management and Child Protection (pp. 44-47), core components of a typical inter-agency CPIMS include:

    1. IA Child protection Case Management forms;
    2. Relevant sections of Case Management Standard Operating Procedures (SOPs);
    3. Data Protection Impact Assessments (DPIA) and Data Protection Protocols (DPPs);
    4. Information Sharing Protocol (ISP); and
    5. Databases such as the CPIMS+

    CPIMS+ requires the above 1 to 4 elements to exist and meet minimum standards prior to its deployment. Additionally, the Data Protection Framework and Terms of Use must be signed by each participating agency utilizing the CPIMS+.

     

    The workplan is a guide which includes all steps of the CPIMS+ implementation process. Here is the package of key documents needed to deploy the CPIMS+ which are also outlined in the steps below.

    STEP 1: Define your objectives and assemble your working group(s).

    This step is critical in ensuring there is clearly defined coordination. Gather your team to help in the implementation and oversight of CPIMS+. The in-country (inter-agency) Child Protection team is responsible for creating sub-working groups for additional support, supporting knowledge exchange of best practices and lessons learned.

    • Establish a coordination group or extend an existing coordination group (ie. CP AoR or Case Management Task Force) with agencies participating in the system implementation. Here are sample Terms of References to ensure accountability, collaboration, expectations and a clear mandate.
    • Assemble a team and sub-teams (as necessary) with the right skills and expertise to support the various stages of implementation with clear roles and responsibilities to ensure understanding of involvement and impact. 
    • Define the context of the implementation: Who are you trying to help? What do they need? Why do they need it? Reasons why needs are not currently being met and how you want to address these challenges. This is key to ensuring the following steps are fit for purpose.
    • Be sure to have dedicated focal points focused on capacity building. A capacity building plan which includes case management and IMS training should be designed based on the needs and capacities in country. The IMS training should be planned once the core case management training is delivered. 

    Outcome:

    CPIMS+ objectives are defined and the team is assembled which support various aspects of the implementation of the system.

    This step is required to be completed to progress to the next step.

     

    Templates for this step:

    Terms of Reference for CPIMS+

    STEP 2: Develop, adapt and finalize standard operating procedures for case management.

    • SOPs for case management, are a minimum requirement for a successful implementation. Assess current case management procedures and refine as necessary to include working with the CPIMS+. 
    • SOPs should be reviewed by all stakeholders to ensure harmonization of tools and related capacity building. Standard CP CM SOP have been developed by the global CMTF including guidance on how to develop SOPs.
    • Agreement on the SOPs is key as the CPIMS+ features and functionalities will be aligned to the SOPs (unless revisions are identified). 

    Outcome:

    CPIMS+ team has consensus of all partners on use of harmonized SOPs.

    This step is required to begin the implementation.

     

    Templates for this step:

    Standard CP CM SOP

     

    STEP 3: Review and agree on case management forms for CPIMS+.

    • All child protection actors participating in the CPIMS+ implementation must agree on the forms to be used in the case management process. The Global Case Management Task Force has revised the Case Management Inter Agency Forms, which are configured in CPIMS+ v2, but can be adapted as needed.
    • Identify a focal point to coordinate and get consensus across all partners and organizations who will be utilizing the CPIMS+ on the forms that are to be used. This focal point will also be the main point of contact in the Implementation Phase when changes are requested during user acceptance testing (where partners review the CPIMS+ and verify that the system is configured correctly and working as intended). They will approve the changes requested and communicate the changes to all participating partners.

    Outcome:

    CPIMS+ team has consensus of all partners on which paper forms are going to be configured into the CPIMS+.

    This step is required to begin the implementation.

     

    Templates for this step:

    Case Management Forms

     

    STEP 4: Complete the assessment survey.

    • The leading agency coordinator will complete the assessment survey (which will be provided by the Primero/CPIMS+ teams) on behalf of the participating agencies and conduct bilateral meetings on readiness for us to better understand your team’s needs, caseload, and processes. 
    • We will review your team’s readiness and will contact you to schedule a call with us to discuss identifying what we need to ensure a successful implementation. We will provide you with an analysis, identifying recommendations of what is required to get underway. You will then complete an assessment report at the agency or inter-agency level (through coordination mechanisms) which will be shared. The report will include an action plan to address recommendations which will come from the Primero/CPIMS+ teams).

    Outcome:

    Assessment survey is submitted, reviewed and consolidated in a report.

    This step is required to begin the implementation.

     

    Templates for this step:

    Assessment Survey (which will be provided by the Primero/CPIMS+ team directly)

    Assessment Report

     

     

    STEP 5: Determine what resources you have.

    • Map out the resources needed to implement CPIMS+. The assessment may give you an idea of the type of resources you require. This should include: human resources, capacity building and costs associated with hosting and deploying the CPIMS+.
    • This budget includes both case management and CPIMS+ costs which can be contextualized according to your needs.
    • After estimating the costs, discuss if there are funds to cover the initial costs of the system implementation and to maintain funding for this project long-term. This budget should also include costs for migration from legacy systems, excel or other databases to CPIMS+.
    • Determine where the funding will come from (note it can be inter-agency funding through a coordination mechanism).
    • Agree on the support and operational costs and ensure there is a coordinated vision on sustainability.
    • Note: The System Administrator is a required role for the CPIMS+ and this authorized user will maintain the CPIMS+ by troubleshooting system issues, adding/removing users, or modifying forms as programming needs change. The System Administrator is hired by any CPIMS+ implementing agency. Sample TORs for System Administrators have been drafted if you need to recruit for this role.
    • Sample TORs have been drafted for CPIMS+ Specialists, Case Management or Information Management Managers if they require to be hired.

     

    Outcome:

    Human resources and budget resources have been determined for the implementation.

    This step is required to begin the implementation.

     

    Templates for this step:

    Terms of Reference for CPIMS+ Staff and System Administrators

    Budget Template

  • How much will it cost?

    The v2 Subscription Model includes implementation support as well as production support and maintenance. 

    Implementation Support

    $TBD*

    annually

    • Deployment of a demo and production environment of CPIMS+
    • Hosting costs (if provided by UNICEF)
     
     
     
     
     

    Additional Services

    Variable

    Based on request

    • Support with analyzing, configuring, deploying & training 
    • In-country missions for technical support or training
    • Interoperability with partner systems
    • Data migration
     
     

    Production Support & Maintenance

    $TBD

    annually

    • Support centralized through support.primero.org where issues are escalated to software development teams
     
     
     
     
     
     
  • STEP 6: Complete the Data Protection Impact Assessment (DPIA).

    Data protection and confidentiality are central to the CPIMS+ mission. Together with the CPIMS+ technical team, your team will complete a Data Protection Impact Assessment:

    • The purpose is to identify, evaluate, and address the risks to children arising from managing sensitive case data at agency and inter-agency levels.
    • Identify focal point to conduct DPIA. In refugee contexts this will be UNHCR and the tools will be provided by them.
    • Contextualize and disseminate the DPIA Template, Risk Assessment & Checklist documents with relevant actors and agree on methodology. Organise a 1-day DPIA workshop with relevant agency focal points. The outcomes should be an action plan and relevant information should be included in the Data Protection and Information Sharing Protocol (DP ISP is outlined in the next step). Note: Both DPIA and DP ISP documentation are currently under revision by the Global Case Management Task Force – once finalized, new templates will be updated here.

    Outcome:

    DPIA has been completed with partners.

    This step is required to begin the implementation.

     

    Templates for this step:

    DPIA Template, Risk Assessment & Checklist

     

     

    STEP 7: Develop a Data Protection Protocol & Information Sharing Protocol (DPP-ISP) & define how Data Requests will be handled.

    • All data sharing requests should be clearly outlined in the Data Protection Information Sharing Protocol. The DPISP template shared has been developed by the Alliance for Child Protection in Humanitarian Action.
    • All child protection actors are required to agree and sign a DPISP defining what information about the children can be shared, when and with whom. This workshop template can support a DPISP workshop with relevant participating agencies and will stimulate discussions around data sharing.
    • The DPISP will also serve as guide to establish and assess what information to collect; how the information will be used; and how the information will be stored. It is essential for all personal and case-related information be protected for the safety and confidentiality of the children and families that Child Protection actors collect data from.

    Outcome:

    CPIMS+ partners endorse and sign an agreed upon DPISP and determines who can audit the system and has defined how data requests are handled.

    This step is required to go-live.

     

    Templates for this step:

    Data Protection and Information Sharing Protocol

    ISP Workshop Template

    STEP 8: Review the Terms of Use.

    • Terms of Use is an agreement signed by the relevant authority in each user organization at programme level. The Terms of Use constitute the agreement between authorized users’ and access to and use of the CPIMS+. Rights and responsibilities which users must agree to use the system or software; it effectively forms a contract between the agency/agencies implementing Primero (ie. UNICEF, UNFPA, CSO partners, government partners etc.) and the user organization(s). The ToU makes reference to the implementation plan, information sharing protocol and governance structure. This includes definitions of key words, access to the information, user rights and responsibilities, managing users, limitation of liability, correct behavior and actions that may be taken against the user if terms are broken, user notifications if terms are modified.
    • In 2019, the Primero Board convened legal and data protection specialists from UNICEF, UNFPA, Save the Children, International Rescue Committee (IRC) and Terre des hommes (TdH), with different organizational statuses and jurisdictions. After a +1 year process, the inter-agency legal departments drafted a new Primero Terms of Use which prioritizes the data subject’s rights, data controllers’ duties and obligations, data processors’ duties and obligations, and limitations of liability. The first version of this Terms of Use is for UNICEF-hosted interagency CPIMS+ instances. This has been approved by the Primero Board and inter-agency partners.
    • Review the Primero Data Protection & Privacy Framework.

    Outcome:

    CPIMS+ partners review and sign the Terms of Use. This step is required to go-live.

     

    Templates for this step:

    Terms of Use for CPIMS+ in inter-agency settings hosted by UNICEF

    Primero Data Protection & Privacy Framework

    STEP 9: Determine procedures for data breaches.

    • All CPIMS+ interactions are logged in an "Audit Log" which the System Administrator and support staff have access to. This allows for traceability of abuse or unusual activity and data requests. This report indicates the user name, record owner, time, date and activity conducted. Please refer to the Primero Data Breach SOP on how to notify of a breach and the escalation process.
    • In-country coordination mechanisms should decide 1) user and role will be assigned the permission to view this report and 2) the process to govern how and when the report is used.  

    Outcome:

    CPIMS+ partners agree on Data Breach Procedure and include the decision in the DP-ISP.

    This step is required to go-live.

     

    Templates for this step:

    Primero Data Breach SOP

  • Congratulations!

    You have completed Phase 1: Assessment

    and can now proceed to Phase 2: Planning!

All Posts
×