IPM Market Intelligence Caucasus
Standards
All our work is in line with international professional ethics and laws. IPM Market Intelligence Caucasus LLC has been the ESOMAR member for many years. This means we share its values and views in general, use as self-regulation comprehensive framework ICC/ESOMAR International Code, ESOMAR Data Protection Checklist and GDPR Guidance Note for the Research Sector in our everyday workflow
IPM QUALITY COMPLIENCE FOR DATA COLLECTION AND PROCESSING
1. Data Collection Management, Recruitment and Training of Fieldworkers
1.1 Respondent confidentiality, data protection and Information security requirements and respondent reassurances are safeguard by IPM DATA PROTECTION POLICY.
1.2 Respondent identifying personal data on data records (e.g. questionnaires) are used for purposes of research administration and quality control only and are retained only for as long as necessary.
1.3 All staff are trained in the law of data protection, their duty of confidentiality under contract and in the care and handling of personal data.
1.4 Data collection management staff are appropriately trained for the tasks they undertake, including appraisal of fieldworkers and validation of work.
1.5 Fieldworkers are recruited based on previous work experience and qualification, and/or a recruitment interview, and/or references from previous employment. Relevant recruitment documents (e.g. training records, results of validation), are retained whilst the individual carries out work and for at least one year afterwards.
1.6 Basic training for new fieldworkers include the general principles of market, opinion and social research. They receive training on ethical requirements including respondent safeguards and data protection issues. Where possible, interviewers are accompanied by data collection management staff on their first day and their first assignment after basic training is monitored with feedback provided to the interviewer.
1.7 The minimum duration (for face-to-face interviewers) basic training is 6 hours (unless data collection tasks are very simple e.g. traffic counts). The trainee and trainer sign the training records.
1.8 Key requirements and general instructions to fieldworkers are included in a document available to all Fieldworkers who are regularly used by the research service provider (i.e. for five projects/waves or more in a calendar year) and are appraised at least once a year. Less frequently used fieldworkers are appraised at appropriate intervals and include feedback from validation of work. Appraisal reports and details of any additional training provided are documented and retained with fieldworkers’ personnel records.
2. Conducting data collection by fieldwork
2.1 Fieldworkers (except those only working by phone) are issued with ID which ideally must include a photograph, name of the fieldworker, the date of issue and the expiry date and name and contact details of the research service provider.
2.2 Records are kept showing to whom IDs have been issued and dates of issue.
2.3 Appropriate “Thank you” leaflets are given to all respondents.
2.4 All respondents are given sufficient information regarding which organisations will have access to the information they give us, for what purposes it will be used, and any other information they would require in order to give informed consent to participation.
3. Data collection from children or vulnerable respondents
3.1 Special care is taken where respondents are children (under age16) or where respondents are considered to be otherwise vulnerable.
3.2 The interviewers ensure that parents/guardians, as well as the respondents themselves, understand what is entailed and give their consent based on adequate information.
3.3 Where the client lawfully requires interviewers who will be working on the study to have had Criminal Records Bureau disclosures, in order to meet their statutory obligations, such checks must have been carried out.
3.4 Records are kept (e.g. as part of the questionnaire) to show that this requirement has been met. Special training of interviewers may be necessary.
3.5 Respondents are provided with a brief description of the principles of respondent confidentiality and the general research purposes for which the data may be used and should be informed that cooperation is voluntary.
4. Project briefing
4.1 Interviewers are briefed and/or instructions for each project.
4.2 The briefing and/or instructions is the responsibility of a member of staff with a full understanding of requirements for the project. It may be delivered face-to-face, by phone, in writing or otherwise but records must be kept.
4.3 The briefing and/or instructions include, as appropriate, the fieldwork dates, the sampling procedures, quotas to be covered, methodology, other special requirements of the project; and instructions/conditions for administration of the questionnaire.
4.4 The date and duration of each interview and the identity of the Interviewer responsible for collecting the data or observation, etc. is recorded.
4.5 Nature of these incentives must meet any legal requirements and are documented as part of project records.
5. Fieldworker validation (excluding qualitative research)
5.1 Validation is carried out as soon as practical after the fieldwork (and not more than six weeks afterwards) and wherever possible before the resulting data are processed and/or reported to clients.
5.2 Validation is organised by data collection management staff and in all cases must be carried out by a second person (i.e. other than the Interviewer whose work is being validated).
5.3 Where validation identifies discrepancies or problems, corrective action shall be taken at two levels:
at the project level (e.g. replacement of interviews, further validation, qualifying of data produced);
The Interviewer level (e.g. retraining, future work allocation). In the case of serious discrepancies (e.g. fabricated interviews), recent or concurrent work by the individual shall be subjected to rechecking and validation.
6. Validation methods
6.1 Checking of data records may include, as appropriate, completeness of the data records, keeping to samples/quotas, consistency of responses and comparison of responses against normal data or between Interviewers.
6.2 Respondent re-contact include confirmation that the interview or equivalent took place and those instructions were followed. It should also include the length of the interview and responses to key questions including demographics and other qualifying questions related to quotas, etc.
7. Validation levels
7.1 The minimum re-contact validation level shall be 10% of the interviews/cases.
7.2 The minimum monitoring validation level shall be 5% of the interviews/cases with at least 75% of the whole interview monitored/listened to.
7.3 Every Interviewer working on a project should be validated or monitored.
8. Validation records
8.1 Reports are prepared on the validation carried out for each project/wave of project. The reports shall include:
the name of the person who carried out the validation.
a description of the methods of validation used including what was covered in respondent re-contact, if applicable.
the identity of the fieldworker whose work has been validated.
a description of any discrepancies found.
a record of corrective action/preventive action taken or planned at both the project level and fieldworker level.
a confirmation that the required validation level has been attained
8.2 Validation records are retrievable by both project/wave and individual Interviewer.
9. Qualitative Data Collection
9.1 Respondent details & how they were recruited are recorded & made available to moderators.
10. Respondent Recruitment Validation
10.1 All recruited respondents are validated at the interview/group discussion stage. Their identity should be confirmed. Evidence of this is documented.
11. Qualitative Moderation
11.1 Moderators are fully briefed.
11.2 Moderators shall write a report of any problems/issues found in groups/interviews including:
11.3 Compatibility of respondents with desired profile.
suitability of venue
performance of host/individual who receives group
Report discrepancies where recruited respondents don’t match requirements.
12. Recording of Qualitative Research & Respondent Confidentiality
12.1 Records are kept of group or depth interview responses.
12.2 Respondents must be aware of & give consent to the recording itself, the intended use of the recordings (incl. use by any 3rd parties) & any transfer of data (e.g. to clients).
12.3 Respondents must be made aware of & consent gained where the group/depth interviews are to be observed.
13. Data Capture and Data Processing
13.1 There are documented procedures covering Data entry, coding, editing, weighting, file preparation and tabulation.
13.2 5% minimum coded questionnaires are verified per project.
13.3 Frequent errors are identified, and the persons work is 100% verified/reworked and if appropriate retraining must be given.
14. Data Editing
14.1 Approval of changes to original data set from project manager is kept
14.2 Edit spec /imputation process is documented
14.3 Logic of force editing is tested and documented
14.4 Respondent answers are distinguished from edited answers on paper questionnaires (red/green pens)
14.5 Logic and rules for editing are documented
15. Data File Management ensure that
15.1 Files or records within file not duplicated
15.2 Latest version used
15.3 Original and cleaned data sets clearly identifiable
15.4 Record counts before and after editing to allow comparisons to be made
15.5 Data files are defined to facilitate their depersonalisation by deletion of respondent identifying information, without loss of raw research results.
16. Data Analysis
16.1 Data analysis must be undertaken according to spec.
16.2 Records of the analysis process are kept in case they are required for later replication.
16.3 Where a re-contact consent question is included in the questionnaire, a separate data file containing record ID, name and contact details of respondents who have consented to being re-contacted are produced and returned with the results.
16.4 Minimum checks are in place to verify:
completeness, i.e. that all tables are present as specified;
abbreviations for headings or open-ended responses accurately reflect the full content.
the base for each table is correct against other tables or frequency counts.
the standard breaks/banner points are checked against source questions.
all derived data items are checked against their source.
the figures for subgroups and nets are correct.
there are no blank tables (i.e. with no data);
weighting (e.g. by test tables);
frequency counts prior to running tables, in order both to ensure the accuracy of data and to determine base sizes for subgroups. spelling and legibility.
any statistical analysis used is appropriate and correct.
17. Data Tables have if appropriate:
17.1 Reference to the actual source question to which the data pertains.
17.2 Inclusion of a description of any weighting method applied to the data.
17.3 Clear identification of any subgroups used.
17.4 Availability of the bases for each question, so that the number of respondents who have actually answered the question is identifiable.
17.5 Number or proportion of respondents who replied “don't know” or gave “no answer”;
17.6 Availability of both weighted and unweighted bases.
17.7 Clear and complete definition and explanation of all variables used in the analysis of the data, including any significance testing, indexing, scoring, scaling and calculations of means, median, modes and standard deviations.
17.8 Statistical tests.
17.9 Information on cell suppression and other measures to assure confidentiality.
17.10 Warnings on results which are unreliable due to very small sample sizes.
18. Electronic data delivery
Following is checked prior to data release (where applicable):
18.1 Compatibility of the file format with the software specification agreed with the client.
18.2 Completeness (i.e. the correct number of files and records are in each file);
18.3 Inclusion of a structural description.
18.4 Labelling of the contents of the file and inclusion of instructions on limitations of use.
18.5 Encryption to AES 256 standard (or higher) of files upon request.
18.6 Checks prior to data release for presence on viruses or other malicious code in file.
19. Backups and retention and security
19.1 All data is held securely to prevent unwarranted access, damage or accidental loss.
19.2 It is stored and retained in accordance with professional codes the applicable law and legislative regulations, and any negotiated agreement with the client.
19.3 All files are clearly identified as computer files by DP (data processing).
19.4 For any proposed release of tables or data, procedures are (see IPM Data Protection Policy) in place to minimize the risk of disclosure of respondent identifiable information.
19.5 All data is depersonalised by secure deletion of respondent identifying personal data once the job is closed, reported and all quality control checks have been completed.
IPM DATA PROTECTION POLICY
1.1 Objective of this data protection concept
This data protection concept contains the technical and organisational measures as well as the control activities according to the Georgian Law on Data Protection and defines tasks, obligations and responsibilities as well as the conditions of the data processing processes in the company.
1.2 Controller
IPM Market Intelligence Caucasus LLC, 8, Baratashvili Str. 0105, Tbilisi, Georgia, ID: 204447544.
1.3 Data Protection Officer (DPO)
Giga Pirtskhalaishvili
IPM Market Intelligence Caucasus LLC
8, Baratashvili Str. 0105, Tbilisi, Georgia
Tel: +995 322 997 214
Fax: +995 322 998 506
E-Mail: [email protected]
1.4 Managing directors
Gocha Tskitishvili
1.5 Appointed head of data processing
Koba Sulukhia
1.6 Local description
1.6.1 Address
IPM Market Intelligence Caucasus LLC
8, Baratashvili Str. 0105, Tbilisi, Georgia
Tel: +995 322 997 214
Fax: +995 322 998 506
E-Mail: [email protected]
1.7 Overview to the obligation to notify pursuant to Georgian Law on Data Protection
1.7.1 Purpose of data collection, processing and use IPM Market Intelligence Caucasus LLC collects, processes and uses personal data for the purpose of anonymous market, opinion and social research surveys in nearly all areas of society (e. g. Technology & Finance, Media & Internet, Consumer & Industry, Mobility, Political & Social, etc.) according to Georgian Law on Data Protection. The results of allmarket, opinion and social research surveys are evaluated and transmitted to third parties in an anonymous form only.
1.7.2 Group of data subjects and types / categories of data
Persons, who voluntarily participate in market, opinion and social research surveys (address data from IPM Market Intelligence Caucasus LLC, from the Principal, from address dealers, from the resident registration office, data from public sources as well as addresses / phonenumbers of households and companies which were generated with an automatic random procedure, survey data, possibly further informations, if these are required to fulfil the purpose described under number 1.7.1).
Customers (e. g. address data, identification data, contract data, control data, possibly other data, if these are required for the proper and appropriate processing of the business relationship, e. g. accounting data)
Interested parties / non-customers (e. g. address data, field of interest, bidding data)
Suppliers (e. g. address data, contact data, contract data, accounting and performance data, self-assessments)
1.7.3 Recipients or categories of recipients, to whom the data may be disclosed Public authorities if statutory provisions are affected, external suppliers pursuant to Georgian Law on Data Protection or within the scope of data processing on behalf pursuant to Georgian Law on Data Protection as well as internal departments / specialist departments of IPM Market Intelligence Caucasus LLC to fulfill the purpose under number 1.7.1.
1.7.4 Indicative time-limit for the deletion of data The legislator has introduced several obligations and time-limits for the storage of data. After the expiration of those time-limits personal data will be deleted routinely. If parts of the data are not affected by this, they will be deleted after fulfilling the purpose described under number 1.7.1.
1.7.5 Planned data transmission to third countries Data transmission to countries outside of the country shall only be made within the framework of data processing on behalf (Georgian Law on Data Protection), within the framework of a justified interest or because of a voluntary and informed consent of the data subjects. The transmission will be carried out only in compliance with the statutory conditionsof admissibility pursuant to Georgian Law on Data Protection. 1.7.6 Group of persons authorised for access All employees are obliged to maintain data secrecy pursuant to Georgian Law on Data Protection as well as the secrecy of social data pursuant to Georgian Law on Data Protection. Only those employees have access to personal data, which are necessary to fulfill the purpose described under number 2.6.1.
2.1 Objective
The objective of the organisational control is to create an intra-corporate organisation that complies with the specific conditions of data protection.
2.2 Measures
ORGANISATIONAL CONTROL
Data protection organisation
MEASURES
- Appointment of a Data Protection Officer (DPO) and internal business department „Data Protection & Legal“
- Data protection contents and documents available via internal company Sharepoint
- Cooperation with external law office
Measures to ensure the lawful processing of personal data
- Obligation of data secrecy and secrecy of social data pursuant to Georgian Law on Data Protection for every employee
- Data protection chapter in every employment contract
- Informations regarding data protection for everynew employee
- Process descriptions and examination requirements in accordance with Georgian Law on Data Protection
Measures to ensure compliance with internal processes / quality checks
- External audits
- Appointment of an Information Security Officer (ISO)
- Appointment of a Quality Management Officer
Staff training
- Obligation for every employee to absolve an annual training regarding data protection and information security
- Data protection seminars are offered in the HR seminar program
- Obligation for every new employee to absolve the on-site training “Data Protection & Information Security for beginners”
- Further on-site trainings on request
- Training documentation via certificates and attendance lists
- Announcements regarding data protection via email / sharepoint
Documentation of the admissibility of all relevant data protection related processes
- Internal and public overview of all notifiable processes (Georgian Law on Data Protection)
- External audits
3.1 Objective
The objective of the entry control is to prevent unauthorized persons from entering data processing facilities where personal data is processed or used with the help of adequate measures.
3.2 Measures
ENTRY CONTROL
MEASURES
Building security
- Occupied reception / Separate gates foremployees and deliveries
- Entry control, multi-stage security system
- Building locked outside working hours
- Guard service / Plant security outside workinghours -
- Separation of processing zones and visitor’szones
- Access to individual floors with electronic access control (chip) only
Admission to the buildings logged and checked
- Electronic access control (chip) for all staff members
- Entry to the building / storeys traceable
- Identity passes for visitors
Setting up the computer center as a security sector
- Servers are located in a locked computer center with access control and burglary, fire alarm and fire extinguishing system
- Backup media stored in a safe in a co-location
- Locking system: Key regulations with accessauthorization
Specifying persons with access authorisation
- Logging the issue of keys
- Special access regulations for others: only in the presence of a person with access authorisation
- Logging admissions
Securing the networks
- Distribution boxes are secured against unauthorised access
- Network management carried out centrally 24/7 under the responsibility of IT
- Router, switches and network components are located in locked rooms or steel containers
- Cables are located in sealed cable ducts; cabling is documented
4.1 Objective
The objective of the access control is to prevent unauthorised persons from using data processing systems which contain personal data.
4.2 Measures
ACCESS CONTROL
MEASURES
Internal legitimising procedure for user codes with respect to files and systems / documented organisational procedure for:
Issuing, securing, changing, deleting of user accounts
- User accounts with individual access rights
- For newly recruited personnel, IT receives the relevant staff data for network operation (staff member code, staff member number, cost center, starting date) from administration automatically and fully-documented
User accounts for staff members who have left the company
- A documented process concerning withdrawal of any access authorisations for staff members who are relocated or leave
- Individual user accounts are to be locked / deleted, with documentation
Logging the access to applications and systems
- Traceable back over several months
Encryption routines for log-in and password
- Security Policy
- Global password policy
- Minimum length of a user code: 5 characters
- Minimum length of a password: 8 characters
- Regulated password complexity (special characters, numbers, capital and lower case letters)
- Exclusion of trivial passwords
- Required password change after 60 days
- Lost passwords may only be reset by IT upon receipt of clear authentication
- Password history / old passwords may not be re-used (10 generations)
Automatic locking system if false user codes / passwords are entered
- Access denial if more than four false attempts to log on are made
Automatic / manual keyboard and monitor lock if not used of user is absent
- Standard set up for the PC
- Automatic keyboard and monitor lock if not used for 10 minutes
- Manual locking if user leaves the working place/ Clean Desk Policy
- Reset only by entering password
5.1 Objective
5.2. Measures
The objective of the usage control is to prevent unauthorised persons from using or changing personal data.
USAGE CONTROL
MEASURES
Arrangements for the authorisation concept and usage rights
- Differentiated authorisation system for use of files, system and application programs by persons with access authorisation (including those with maintenance authorisation)
- Issuing of individual, function-suited roles and rights by IT, if called for by upper management
- Use of network drives for authorised users (groups)
- Differentiated authorisation for reading only or writing (changing / deleting) access
- User authorisation issued with relation to the application
- Logging which users use the databases
- Storing usage logs on security related data going back for 6 months
- Security policy
Controlled destruction of data storage media
- Destruction of address data using data eraser system Eraser 6.2.0.2993.
Controlled destruction of data storage media
- Physical destruction
- Secure document containers
- Exchangeable and fixed disks which are no longer for use should be rendered unusuable by IT
- Disposal / destruction via certified disposal companies after previous appointment arrangement
- Keeping data storage media in separate, secure-access hardware archive until disposed of
- Issuing disposal certificates
Special regulations for mobile terminals
- Mobile PCs (laptops, notebooks) must be kept locked away outside working hours
- Fixed hard disk encryption on all laptops
6.1 Objective
The objective of the transmission control is to prevent unauthorised reading, copying, changing or removing of personal data during electronic transmission, transportation and / or storing.
6.2. Measures
TRANSMISSION CONTROL
MEASURES
Data transmission
Transport security
- Transmission of files only to an authorised person and with a transmission log
- Documentation of all addresses along the transmission chain
- Documentation of PCs, software and files with personal data
- Completeness and correctness check
- Internal transmission: via internal network / secure exchange portal
- Portal participants to be regulated by user recognition and rights concepts
- Logging / traceability of all use
- Proof of use and transmission control via log files
- External transmission: encrypted as agreed with the receiver and / or by courier
- Compressed / encrypted with password protection, strong encryption algorithm (Standard: AES-256)
- Sealed transport containers
- Reliable messengers / transport companies
7.1 Objective
The objective of the input control is to provide options for subsequent testing whether personal data was entered, changed and / or removed in the data processing system and by whom.
7.2. Measures
INPUT CONTROL
MEASURES
Systems for logging and logging evaluation
- Automatic logging of file use / file changes
- Logs for security-relevant data documentation can be evaluated restrospectively (6 months)
Documentation of the input methods
- Specification of those authorised for compiling data storage media and processing data
- Subsequent traceability of the completed data input
8.1 Objective
The objective of the order control is to guarantee that personal data processing is only done in compliance with the instructions of the contractor.
8.2. Measures
ORDER CONTROL
MEASURES
Formalising the placement of an order between the principal contractors
- Detailed written regulation of the contractor relationship and formalisation of the complete order process
- Clear regulation of the competences and responsibilities
- Documentation of the process stages via an internal portal
- Work step control
- Administration, security, documentation of the address data in the respective interaction system provided
Formalising the placement of an order with respect to all the subcontractors
- Careful choice of contractor
- Detailed written regulation of the contractor relationship and formalisation of the complete order process
- Contractual obligation of the subcontractor to data protection and secrecy
Order control and documentation
9.1 Objective
9.2. Measures
The objective of the usage control is to prevent unauthorised persons from using or changing personal data.
AVAILABILITY CONTROL
MEASURES
Data security concept
- Central backup system with authorisation and destruction system
- IT is responsible for carrying out the data security measures
- Changed databases are saved every day
- For weekdays a separate data storage medium is used
- Every week all the databases are fully backed up
- Programme directories are backed up after every change to ensure that there is always at least one copy of the latest programme database
- Back-up process checked monthly
- Back-up logs checked daily
- Monthly test restores for data
- Restore by IT
- Storage of back-up copies in different fire- protected and sealed rooms / safes
- Guidelines for data archiving
- Emergency plans / IT continuity management
- IT continuity test according to fixed processes and time intervals
Fire protection systems
- Fire protection zones
- Fire protection doors
- Air-conditioning for server / technology rooms
- Smoke and fire alarms in the computer center
- Connection of the computer center to fire brigade emergency call center
- Fire extinguisher equipment in the computer center
- Plans for escape, rescue and fire protection
Software installation
- Protection of the internal networks using several firewall systems
- Use of IDS / IPS systems
- Incoming mails are examined for malicious software by an automatic process
Data storage media
- Data storage media received or to be dispatched are to be examined for malicious software with a virus scanner before being used or dispatched
Virus protection
- Installation and constant updating of automatic virus protection
Blocking of sites
- Blocking of indexed websites
Power supply
- Installation of emergency power diesel and UPS systems / Safe server shut down in the case of a power cut
10.1 Objective
The objective of the separation control is to ensure that personal data collected for different purposes is processed separately.
10.2. Measures
SEPARATION CONTROL
MEASURES
Separated processing / File management for each other
- Separation by project numbers
- Data can only be used / processed for the purpose agreed
- Separated logging of individual work steps for each order
Function separation
- Saving data and programs in different directories
- Using pseudonyms for test data
11.1 Objective
The objective of the information classification and labelling is to ensure that data is classified and labelled properly.
11.2 Measures
The labels used are as follows:
C0 Public
C1 Internal
C2 Restricted
C3 Secret
C4 Top Secret