Public agencies need to understand they are custodians, not the owners, of data and information they collect from their customers and citizens, according to experts at a Mandarin information management seminar held recently in Perth.
This seminar was the last in a national series, exploring the importance of information governance for the public sector, in a digital world. Each conversation has highlighted common challenges and concerns but reflected different priorities and approaches between jurisdictions, providing opportunities to learn from each other.
All jurisdictions are under pressure to modernise public services and operations, which relies on using, sharing and protecting information appropriately.
The push to integrate data and information is coming as citizens look for more personalised services, services which bring to an end citizens having to navigate the alphabet soup of government agencies for major life events like the birth of a child, or the death of a parent.
Agencies are also increasingly adopting data driven program and policy design. This is especially so, as governments look to take a more preventative approach, and as agencies focus on outcomes, rather than outputs, to determine program success.
Citizens are also demanding greater transparency and accountability, as trust in government continues to decline. Agencies that do not rapidly develop their information governance frameworks and capability will find they are deeply disadvantaged as they move to embrace modern digital government.
Held under Chatham House rules, speakers at the Perth seminar included Cathrin Cassarchis, State Archivist and Executive Director State Records Office, Stuart Gibbon, Executive Director, ICT Strategy & Delivery, Office of the Government CIO; and Sonya Sherman, Director of Public Sector Industry Solutions at Objective Corporation, formerly Director Information for NSW Government.
READ MORE IN THIS SERIES
▪ Digitally transforming NSW: what public sector executives really think
▪ Trust, privacy and accessible data: can you really have it all?
▪ Why information governance underpins digital government
▪ How can agencies promote ‘information confidence’?
▪ Joining the dots: pathways for sharing information safely across silos
Understanding custodianship and balancing interests
The Perth seminar heard that taking a custodianship approach is the key to managing information governance in the digital age. Panelists highlighted that although the concept of custodianship is often discussed, most agencies still apply an “ownership” approach. An example was provided around land ownership and the Aboriginal approach to custodianship of country.
Custodians must understand the needs of various stakeholders, and manage things like access, security, use and maintenance in ways that balance these interests for the broadest benefit. Stakeholders agree to take on defined roles and responsibilities, and are accountable to the custodian and other stakeholders for their actions. This sits in contrast with ownership, where decisions and actions are made primarily in the interest of the owner.
Participants noted that the culture in many government agencies is to hold control over their information for fear that if it is shared with another agency or opened to the public, it will be used or interpreted in ways that are detrimental to the agency, without consideration for other stakeholders.
In other cases, where the information governance roles and responsibilities are not clear, this can cloud decisions about the public benefit of sharing the information. An example was the case of the missing MH370 plane, and the struggle to share flight radar data with the military, because it was not clear how the data would be applied, and a lack of trust between the parties about how ongoing responsibilities for the data would be fulfilled.
The seminar also heard of the importance of taking a longer term approach around information management; beyond today’s transactions and next years’ service planning. Custodianship needs to recognise and balance interests around retention and disposal of information.
Government information by its intrinsic nature has long term value for policy analysis and development, and protecting citizens’ rights. It can also be given a second lease of life because of new usage cases. A distinct example is historic information such as colonial records, which are now in high demand by people wanting to understand their family history.
Information governance and digital government
Against this backdrop, the seminar heard that many public agencies wanting to collect, share, release or reuse information, have struggled to find an efficient way to manage these processes and make consistent decisions.
This underlined the value of a robust information governance framework, that codifies requirements, obligations and business needs for information, and supports decision-making.
Once the rules are established, the seminar was told they could be integrated into information systems and embedded into digital work processes. Attendees discussed how this approach has worked especially well in regulated environments like government, financial services, health and utilities.
The manual effort around record keeping and compliance had been automated, supporting efficiency and consistently enforcing protocols for information release, access and security. Key actions and decisions were tracked, making them easy to report or audit in real time – a major improvement over bureaucratic paper based systems.
Participants stressed that having well-structured controls at the point of creation was critical to building a strong culture of information awareness and importance. Government agencies should take a leaf from other sectors. Rather than seeing these rules as burdensome or restrictive, they should learn the benefits of unlocking the value of information.
Building and maintaining trust
The argument was made that the value does not reside within the information itself, but comes from the way information is used and shared. Defined governance frameworks provide transparency and confidence that enable agencies to trust each other, and the public to trust government.
The rising concern of how private data has been released by Facebook is a sharp reminder of the challenge all sectors have managing and securing their information holdings and applications.
The panel observed governance arrangements will need to be calibrated for portfolios where personal data is highly sensitive, in such domains as health, public safety, children at risk or family violence. The federal government for example has been undertaking a large scale consultation around the sharing of administrative health data.
It was argued that giving citizens the opportunity to decide if and what data they want to share would help build critical trust. While many platforms for private sector services offer controls to manage privacy and security settings, these are not typically available for online government services. Nor is it easy for individuals to access information about themselves.
In the face of uncertainty, public bureaucracy can take months to reach a decision on information release, or default to a position of “no” to avoid potential risks. Interestingly, citizens respond the same way to government proposals around digital services and data analysis, when the benefits and controls are not transparent.
Some proposed that jurisdictions with a central agency to drive public sector data sharing, such as South Australia, Victoria and NSW, were having greater success. But others reflected, even in these states, trust between agencies can be a challenge and public support or social licence remains critical.
New Zealand was cited as offering the best example of community engagement and building trust in the use personal information for wider public benefit. Transparency around information governance has been central to this approach – openness about how information will be used, who will benefit and how information will be protected.
Trust emerged as the key requirement, if public agencies are going to successfully transform into the digital world. That trust can be built and maintained by embedding governance, such as information security, privacy and accessibility into government processes – and balancing wider public interests with a citizen’s power to choose how their information is used and managed.
