1.0 Introduction
HOPE User Manual
What is HOPE?
The Humanitarian cash Operations and Programme Ecosystem (HOPE) is UNICEF’s humanitarian cash transfer management information system. HOPE can,
- Collect beneficiary data.
- Associate data with cash programmes
- Create target populations.
- Manage payment lists.
- Send payment lists to Financial Service Providers (FSPs).
- Reconcile payments.
- Triangulate payment verification information directly from beneficiaries.
- Handle grievances and feedback.
- Provide reporting on key programme metrics.
HOPE is flexible and can either use beneficiary data collected by UNICEF through KoBo or other partners including UN agencies and governments. HOPE development was led by the Office of Emergency Programmes (EMOPS) with technical support from Information and Communication Technology Division (ICTD) and the Division of Administration, Finance and Management (DFAM). HOPE is a digital product under the ownership of UNICEF Programme Group Social Policy Social Protection. HOPE software libraries are release open source (https://github.com/unicef/hct-mis) the vision for HOPE is to become a Digital Public Good.
Figure 1.1 The HOPE ecosystem
HOPE enhances the quality of programmes implementing Humanitarian Cash Transfers (HCT) by increasing compliance with UNICEF guidance and tools and ensuring accountability and traceability of the information managed. KoBoToolbox was chosen for its widespread use in the humanitarian community as the main mobile digital data collection tool to be integrated with HOPE. HOPE guides users in processing the required data for each step of the programme cycle in a standardised manner to ensure programme quality and prevent implementation bottlenecks.
Following the Principles for Digital Development, the “reuse and improve” and “collaborative” concepts, HOPE integrates existing solutions used by the humanitarian community and contributes to their improvement, aiming at further developing these solutions as a public good. Use of RapidPro as an integrated monitoring solution in HOPE allows the system to engage in real time communication with beneficiaries and match their responses with their assistance records to verify that payments were received.
HOPE’s Beneficiary Data Lifecycle and Tools
The figure 1.2 below illustrates the beneficiary data lifecycle and the tools (internal and external) associated with each step.
What is HOPE used for?
HOPE enriches beneficiary data to view, track and create better-informed cash programmes for people in need. HOPE can be used to support:
Learn more about Humanitarian Cash Transfers
For those who are interested in learning more, an interactive e-Learning Course on Humanitarian Cash Transfer (HCT) is available on UNICEF’s AGORA learning platform.
The course covers the fundamentals of Humanitarian Cash Transfers (HCT), including an introduction to what HCT are, and how UNICEF uses them as part of its humanitarian response as an implementation modality across sectors. It includes considerations on UNICEF’s comparative advantage and its strategic positioning on HCT, as well as showcases examples of programmes and two case studies.
The course is structured around three modules that allow participants to progressively gain a more practical and field implementation-oriented understanding of HCT.
UNICEF colleagues can access it here. Humanitarian partners can access it on the following link on AGORA platform. Partners need to register, create an account, and then log in to access the course.
For more technical guidance on designing and implementing humanitarian cash transfers refer to the UNICEF HUMANITARIAN CASH TRANSFERS FIELD GUIDANCE.
User roles and access
Functions described in this user manual are performed by different users depending on which user rights they have been granted in the system.
Across the ecosystem, in KOBO, HOPE and CashAssist segregation of duties are in place, for cash transfer programmes. This separation of duties ensures that different users can approve and authorise cash plans and release payment lists to financial service providers. User profiles are required to perform different mandatory actions to execute a cash plan end-to-end.
Registration Supervisor: users with this role can manage KoBo Projects and share KoBo forms with enumerations. This can be either a UNICEF or partner staff member.
Enumerator: users with this role can view KoBo form templates and can create and synchronize completed KoBo forms. This can be either a UNICEF or partner staff member.
HOPE - Population Management Roles
Reader: users with this role can view the different lists (registration list, target population lists, payment verification lists) of households only but cannot modify them neither import them. Typically, this would be attributed to a non HCT programme staff that is involved in the implementation of the cash transfer, e.g., an Education Officer that supports the cash for education programme.
Advanced Registration Reader: users with this role can access Household or individual beneficiary details. This can be either a UNICEF or partner staff member.
Population Viewer: users with this role can search and view the households and its individuals, including the payment records. Typically, this is a role for a call center staff that needs to consult information on HOPE to be able to respond properly to an enquiry of a beneficiary.
Planner: users with this role can import population and run deduplication (without merging it to the golden database), create edit and activate a programme, a target population, or a payment verification plan. Typically, this would be attributed to a HCT programme staff who handles day to day operation of a HCT without having an authority to approve (Programme Officer).
Approver: users with this role can merge an imported population into HOPE, create, edit, and activate a programme and a target population. Can activate and discard a cash plan and payment verification plan. Typically, this would be attributed to a senior HCT programme staff who is involved in organizing the operations of an HCT and proposes the strategic options for the programme, with the authority to send for management approval (Programme Specialist).
HOPE - Payment Module Roles
Payment Planner: users with this role can create a Payment Plan (choose target population, dates the payment is expected to cover and dispersion dates), run the entitlement formula, choose the FSP and send a Payment Plan to approval.
Payment Approver: users with this role can approve or reject the payment plan and comment on its approval or rejection.
Payment Authorizer: users with this role can authorize (linking with relevant FC) or reject the payment plan and comment on its authorization or rejection.
Payment Releaser: users with this role can release (final authorization to conduct the transaction) or reject the payment plan, send the payment plan to the FSP (in case of SFTP or API connection) and/or trigger the excel generation for download.
Payment Reconciler: users with this role can upload the reconciliation file and finish a Payment Plan
Payment Data Officer: users with this role can export and import the payment data in order to generate the file needed by the FSP.
HOPE Grievance Management Roles
Grievance Collector: users with this role can view, create, and add notes to grievance tickets (except for sensitive grievances). Typically, this role is assigned to a call center agent.
Grievance Manager: users with this role can view, assign, update, approve and add notes to grievance tickets including sensitive grievances that were created by the grievance reviewer. Additionally, this role can set tickets in progress, put tickets on hold, bulk assign grievances and upload documents. Typically, this is a role for a UNICEF staff that handle the operation of accountability mechanisms.
Grievance Reviewer: users with this role can view, update, and add notes to grievance tickets including sensitive grievances that were assigned to them by the grievance manager. Additionally, this role can set tickets in progress, put tickets on hold, send for approval, upload documents, and create new related tickets if needed. Typically, this is a role for a UNICEF staff that handle the operation of accountability mechanisms.
Sensitive Grievance Reviewer: users with this role can view, update, add notes, set in progress, put on hold, send for approval sensitive grievances. Additionally, this role can upload documents only for sensitive grievances.
Grievance Approver: users with this role can view, create, and add notes to grievance tickets (including sensitive grievances). Additionally, this role can approve data change and adjudication tickets. Typically, this is a role for a UNICEF staff that handle the operation of accountability mechanisms.
Senior Management: users with this role receive notification on grievances collected (including sensitive) and can add a note on them. Users checked under this box would be given a grievance approver function with an update level of update as owner. Note that this is a role for senior management who have accountability in the management of sensitive grievances.
HOPE - Accountability Roles
Accountability Viewer: users can view list of created surveys and communication messages. Can review details of created surveys and communication messages.
Accountability Manager: has full access on both surveys and communication. Can create new surveys and communication messages, view list of created surveys and communication messages, review details of created surveys and communication messages.
System Requirements
Google Chrome and Microsoft Edge are the recommended browsers for accessing HOPE platform. Kindly ensure that you are using the latest version of each browser. Other additional system requirements include:
- Computer: CORE i5 processor, 4GB RAM and 500GB storage
- Internet bandwidth: 20Mb
User Support
You can access support for HOPE related incidents via Service Gateway. The user support link is also available on the HOPE home page as illustrated below.
Protecting Sensitive Data Inside and Outside of HOPE
Implementation of cash transfer programmes requires UNICEF to store and processes large amounts of information, including personally identifiable information (PII) of both actual and prospective beneficiaries. Protecting this information is a fundamental part of UNICEF’s duty of care to populations affected by humanitarian crisis.
HOPE was developed following UNICEF’s Data Protection Policy and Information Security procedure. The act of ensuring data protection principles such as proportionality of data to be processed, accuracy, retention and transparency has permeated HOPE system requirements and are the starting points of all HOPE processes.
Finally, system security has been a priority element of HOPE’s development since conception; advanced encryption features at rest and in transit and yearly security scans are some of the tools that have been put in place to ensure the highest level of information security in HOPE.
Whenever possible, Personally Identifiable Data (PII) should not be handled outside of secure systems such as HOPE. In some cases, transferring sensitive information is necessary. The below chart highlights scenarios where sensitive data might flow outside of HOPE. In the rare cases of handing data of outside of HOPE (such as in Excel), it is advised to use encryption methods.
Cases where sensitive data may flow outside of HOPE,
1. When you have the option to handle beneficiary list in Excel before importing into HOPE.
2. When downloading the manual payment verification sheet and filling it out and uploading it to payment verification module.
3. When conducting any export that contains personally identifiable information or other sensitive data.
Encryption
PII in HOPE are encrypted automatically in transit and at rest, avoiding transfer of personal data outside of HOPE is a good risk mitigation measure. In cases where this is not possible encryption options must be considered and adopted.
The concept of Pretty Good Privacy (PGP) is associated with protecting sensitive data in such cases, the following guidelines should be observed:
1. Never share personal data through an unprotected means (such as in non-password-protected files via email).
2. At a minimum, any files which contain sensitive information should be protected by password at file-level (such as applying a password to an excel spreadsheet). Passwords should be composed of a minimum of 10 characters, including uppercase and lowercase letters, numbers, and symbols. The password should be shared with the intended recipient through a different channel than the one used to share the file itself (for instance, send the file over e-mail and password over SMS).
3. Wherever possible, data should be fully encrypted before being shared – both between UNICEF users and with external stakeholders. PGP encryption is the preferred method for encrypting data prior to sharing. Where this is not possible, file-level encryption using tools like WinZIP or Microsoft Office can be used to password protect files.
4. Whenever an individual is finished working with sensitive data, she or he should remove that information from his or her laptop or other device.
The above considerations are a starting point; UNICEF’s Data Protection Policy clearly outlines descriptions of what is and is not sensitive data, as well as clear guidelines for handling sensitive information.
Moreover, proactively protecting sensitive data through “Pretty Good Privacy” or “PGP” encryption is the most effective and recommended method for data sharing between UNICEF users and with stakeholders. PGP encryption is a method for protecting data which involves securely encrypting data with a special key and sharing that key with the recipient to whom the data is sent. It helps protect private information and sensitive data and can greatly enhance the security of communication which involves the transfer of such information. The illustration below shows the encryption process for securely encrypting data.
