WHO data principles

The data principles of the World Health Organization (WHO) provide a foundation for continually reaffirming trust in WHO’s information and evidence on public health.

Objective

The five WHO data principles are designed to provide a framework for data governance for WHO. The principles are intended primarily for use by WHO staff across all parts of the Organization in order to help define the values and standards that govern how data that flows into, across and out of WHO is collected, processed, shared and used. These principles are made publicly available so that they may be used and referred to by Member States and non-state actors collaborating with WHO.

Background

WHO’s data principles are based on an internal consultation process involving data collection staff from WHO headquarters and regional offices who compiled and analyzed the data principles and best practices. The principles were reviewed in consultation with external experts, convened by WHO, in May-June 2020 and released on 10 August 2020.

The Principles

1. WHO shall treat data as a public good

WHO shall make every effort to release data publicly and to share when safe and ethical to do so. Unless there is a legitimate justification to the contrary, WHO shall make data open and accessible to the public in line with data being a public good.

This principle also applies to data such as vital registration, survey data and the results of estimation and research, and situations in which data have been shared with WHO by non-Member State entities (including private-sector data producers) that collaborate with WHO on common projects.

WHO will:

  • Provide clear guidance
    In situations where legitimate reasons prevent the sharing of data, WHO will provide clear guidance on other possible ways in which the data may be accessed, such as for research purposes. The guidance will be consistent with WHO’s applicable rules and polices, including data-sharing policies (and their applicable licensing terms and conditions), information disclosure policy and personal data protection policy (currently in draft). Informed consent is almost always needed for research. For routine data collection for purposes of public health surveillance, informed consent is not the default and is not always required. For personal data, the consent of the data subject should be the preferred basis for processing the data.
  • Ensure transparency
    Treating data as a public good requires WHO to be transparent about how data are collected, used and shared. Adherence to this principle therefore requires that complete metadata about data sets should be released along with the data sets themselves and together with any explanatory notes that may be required to provide context on data provenance, scope and limitations, application and (re-)use, traceability and sharing. This is guided by three WHO policies: the disclosure policy, the policy on the use and sharing of data collected by WHO in Member States outside the context of public health emergencies and the policy on open access.

 

2. WHO shall uphold Member States' trust in data

WHO shall uphold the trust placed in it by Member States when the Organization processes data that Member States have shared with it and placed under WHO’s control.

WHO will:

  • Provide impartial and inclusive consultation
    Upholding Member States’ trust in data requires an impartial and inclusive process for consulting with Member States prior to the use of their data by WHO. Consultations with Member States will be transparent, predictable, proportionate, inclusive and coordinated processes with streamlined communication that allows Member States and WHO to easily prepare for, respond to and participate in discussions.
  • Secure storage and processing
    Ensure that data shared with WHO by Member States are securely and confidentially stored and processed – applying principle 4.
  • Apply human rights and the right to privacy
    Uphold the highest standards of data protection and respect for human rights, including the right to privacy, with regard to any personal data and data aggregates of groups of individuals included in WHO-controlled data sets. This is especially important for data sets requiring careful handling and particular attention, such as sensitive medical data, and data on vulnerable and marginalized individuals and groups, including children. Require Member States and non-State actors who share data with WHO to confirm that the data have been collected in accordance with applicable national laws, including data protection laws aimed at protecting the confidentiality of identifiable persons.

3. WHO shall support Member States' data and health information systems capacity

WHO shall support Member States’ capacity-building activities, aiming for sustainability and sharing of best practices wherever it can – specifically for the development of sound data governance, health management information systems, public health statistics, health-related data science and health data innovation.

WHO will:

  • Respond to Member States’ requests for support
    This may include both technological and human capacity for health information systems, technical assistance with data collection processes supporting data analysis, and efforts to improve data quality and accurately monitor health trends, to generate reliable information, and to inform decision-making. This includes WHO’s role in supporting the convening and coordination of partner support for data and health information systems.
  • Advance evidence-based decision-making by focusing on sustainable health information management systems (HMIS) and digital development systems
    Strengthen capacity to collect, analyse, disseminate and use national and subnational disaggregated data to develop and monitor country policies and plans.
  • Align with nationally owned monitoring and evaluation processes, structures and budgets
    Reduce Member States’ reporting burdens and increase sustainable locally-owned solutions, with clear criteria for each Member State using data.

4. WHO shall be a responsible data manager and steward

WHO will ensure that all data made available to it are processed, maintained, analysed, disseminated and used in accordance with international standards and best practices in health data management. This includes all relevant United Nations data governance standards and guidance that apply to WHO pursuant to its mandate, including the standards referenced in the preamble.

WHO shall ensure that all data it produces are of consistently high standards that include transparent audit trails and common reference years, as well as being timely, accurate, comparable and (where technically and legally possible) accessible.

WHO will:

  • Apply international scientific data standards
    As a responsible data manager and steward, WHO shall abide by applicable international scientific data processing standards such as, among others, the FAIR Guiding Principles for scientific data management and stewardship and the Guidelines for Accurate and Transparent Health Estimates Reporting (GATHER) for estimations.
  • Maintain and strengthen partnerships with relevant stakeholders
    WHO recognizes that standards will evolve and the Organization will therefore monitor its internal data governance functions and work with relevant stakeholders to bridge the digital divide in health data governance.
  • Strengthen the quality of SDG monitoring efforts
    As custodian agency for health-related SDG targets, WHO shall support Member States’ efforts to report SDG-related data;
  • Adapt to specific contexts
    Where necessary, WHO will consider adapting approaches and methods to report rare events or data originating from low-population Member States.

 

5. WHO shall strive to fill public health data gaps

WHO will support Member States to fill data gaps in public health data, using empirical data collection and predictive, transparent and coherent modelling methods with proven validity.

WHO will:

  • Use transparent models and methods
    Member States use a range of health indicators to monitor population health and guide resource allocations. However, challenges arise from the lack of data, inconsistent methods and often underdeveloped data governance and standards at all economic levels. WHO will therefore support Member States to generate coherent estimates (that may be based on disparate or incomplete sources of data) that are all open to scrutiny, transparent, available to the public and have proven validity.

Implementation and capacity building

WHO is committed to strengthening the global ecosystem of public health data. This includes building internal data governance capacities. The WHO data principles act as the foundations for data-related policies, plans and programme implementation.

In 2018, WHO established the Data, Analytics and Delivery for Impact (DDI) Division, promoting data as a strategic asset. In 2020, WHO strengthened its data coordination and governance by instituting a two-level internal data governance system with: a strategic Data Governance Committee, chaired by the Assistant Director-General for DDI and the Deputy Director-General, and an operationally grounded, federated structure known as the Data Hub and Spoke Collaborative, chaired by the Director of Data and Analytics (DNA), DDI.

This two-level governance system aims to promote ownership of data governance issues as an area of strategic importance, as well as to increase accountability and efficiency and to streamline the end-to-end processes and systems for collecting, storing, analysing, disseminating and using data. Beyond internal stakeholders, WHO will also seek advice as necessary from external expert groups such as the Reference Group on Health Statistics and the External Expert Group on Data Sharing.

About data at WHO

WHO ensures the timeliness, reliability and validity of measurements, ensuring comparability of data and allowing the world to track trends, progress and impact.