What do we do about sharing data?

October 31, 2008

If the Conservatives get in at the next election, all that work on sharing data and services might have been wasted according to a report today:

Keep our data ‘carefully controlled’
Friday, October 31, 2008

The shadow security minister, Dame Pauline Neville-Jones, has told a conference that the government needs a less-joined up approach to information systems.

The former chairwoman of the Joint Intelligence Committee (JIC) said to the RSA Conference in London that a Conservative government would be likely to adopt “separate, disaggregated and carefully controlled information systems and databases”.

Dame Pauline said the “lax security culture that has emerged” must be tackled with greater regulation and oversight of the transfer of information. The recent spate of data losses suggest that the government will have to work within a policy framework that favours disaggregated IT systems, she added.

“Access to data, and the transfer of data, must be based on clear and legitimate business need. And the information supplied must be limited: it should meet the requirements of that business request, nothing more,” she said.


Between rocks and hard places

September 9, 2008

Local government IT, as regularly occurs, finds itself between a rock and a hard place. This time, at one side it has the supporters of the ‘invisible’ hand who want liberal access to the data and at the other side, as a result of repeated co**-ups by central government we have the ‘security experts’ demanding increasing levels of security on the data held by local authorities. Of course, the ‘security experts’ don’t do owt for nowt and increasing budgets are now destined for their coffers.

This is, in part, stimulated by the need to use services of the long-awaited Government Connect, some four or five years in the wings, which councils are now being complelled to use if they want to exchange data with the Department of Work and Pensions (DWP) amongst others. A local authority cannot link to Government Connect without having completed and had approved a Code of Connection, which requires in many cases the purchase of additional hardware, software and services, none of which had been budgeted for at the time they were all sent the ‘command’ by the DWP a few months ago.

Hot off the press is an Experian/QAS report entitled ‘Electronic authentication: bridging the technology gap’ which has surveyed public sector managers and the general public to find representative opinions about security. Unsurprisingly it states that 32% of the public questioned had ‘no trust at all’ in central government, whilst local government it says fared ‘slightly better’ without revealing the figure! It also states that only 54% of customers of local government can apply online! Of course, Experian/QAS are selling an authentication system that avoids the citizen repeatedly presenting some form of identification when they apply online. This is potentially in competition with the government’s own tool, the Government Gateway, which is the authentication tool pushed by central government and to some extent avoided by local government, since it is, as yet, not compulsory!

I think citizens deserve their data being held securely , which in local government’s case it normally is, and on this basis they trust LOCAL government. I also think we need to remember that, according to the Data Protection Act and other legislation, much data can only be used for the purpose for which it was collected! It doesn’t even get recycled around councils due to the fact that its illegal to do so!