Regulations for Data Governance: Case Study

Introduction

Today big data is extensively used by local councils world-wide to make intelligent and business driven decisions for economic growth and development of the cities. Despite the numerous benefits due to sheer volume of data, the proliferation of data also brings various challenges related to data maintenance. Councils are regularly confronted with the dilemma to trade-off between proper data governance practice for interest of citizens and building potential business use case from urban data sets. Additionally, the problem becomes more complex due to involvement of wide range of stakeholders.

The city councils are also responsible for handling information from multiple data sources and business owners across city. To easily, access these datasets local governments design protocols which safeguards citizen’s personal information. Apart from legislating new policies, they are also accountable for maintaining data quality and assurance. Hence, to manage a city-wide infrastructure is an intricate problem which requires proper governance architecture.

This critical review provides a concise compendium of regulation acts conducted by different state government in Australia for practicing seamless data governance methods. The report also compares information principles to determine distinctive properties of each state administration. Moreover, the document presents the challenges faced by the local councils during execution of the regulation policies. Lastly, the report also outlines the implementation strategies for successful governance of city data.      

Research Methodology

This case study is conducted as Narrative Overview, also known as unsystematic narrative review (Green, Johnson, & Adams, 2006). The unsystematic narrative review allows conveying a comprehensive description of formerly published documents. The primary reason for selecting Narrative Overview is to summarize the already existing information of governance policies and reflect the current strategies followed by the administration state-wise, so that the council can execute contemporary practices in smart city project. The steps followed in literature review are derived from ‘Writing Narrative Literature Reviews for peer-reviewed journals: secrets of the trade’ (Green, Johnson, & Adams, 2006).

To find the credible source for describing and contextualizing literature topic an extensive search was performed on state government’s data sharing and accessibility policies, data privacy and protection policies and private organizations governance framework. A separate search was also conducted to determine the public sector’s data lifecycle, data refresh rate, and data masking and perturbation techniques. Furthermore, the Qualitative research also suggests the implementation plan for laying out appropriate data maintenance strategies.

State-wise Open Data Policy

All the state administrations in Australia have developed open data policy templates which serves as guidance for local councils. The contents of the template are modified by the local governments to best suit the governance policies of the region. For instance, the government of Victoria has planned a policy template for local governments which align with their data access policy (State Government of Victoria, 2016). This section briefly describes the framework and principles of all the state governments’ open data policies adopted across Australia.

The State Government of Queensland

The Queensland Government Chief information Office (QGCIO) have issued different internal and external policies for enhancing data management capabilities. The instructions related to each strategy is segregated in different modules stated in ‘Information management’ section explained below (State Government of Queensland, 2018).

Information management

The information management is defined as the method which follows systematic planning of how to collect, organise, disseminate, secure, maintain and dispose of valuable information. Considering all the aforementioned points the framework was constructed by QGCIO for effective information management. As shown in figure no. 1, the framework is partitioned in various domains

 

Figure no. 1 Framework consisting of information management domains (QGCIO, 2019)

• Information Governance: This module focuses on strategy and planning of policies to give future direction for usage and management of information. The domain also handles with ‘Workforce management’, ‘Risk management’, ‘Quality management’ and ‘Governance processes’. Moreover, it is responsible for providing guidance related to information management activities and orienting them with business objectives, ‘Leadership and sponsorship’ to align everyone in organisation towards similar goal and ensuring that information governance practices are fulfilled, and ‘Performance management and reporting’ to monitor efficiency of government policies.
• Knowledge management: This module helps in improving, extracting information and forming links between different knowledge assets. ‘Business intelligence’, and ‘Analytics’ also form a major part of domain. It also helps with ‘Knowledge Transfer’ (Transferring tacit knowledge is broadcasted among interested personnel), ‘Knowledge building’ (Adding value to knowledge of either public or private information), ‘Knowledge Connection’ (Transforming the contents of knowledge to documents to connect people, ‘Knowledge categorisation’(differentiating and grouping knowledge under topics), ‘Knowledge Discovery and Application’ (Data Mining).
• Information asset management: This module deals with the life-cycle management of information assets. Furthermore, it also manages ‘Registration’ (recording information asset and maintaining a repository), ‘Information asset classification’ (categorizing and organizing information according to determined criteria), ‘Metadata’ (data schemas), ‘Information custodianship’ (assigning a personnel who is responsible for giving namespace for appropriate identification throughout information lifecycle and ensuring authorization) and ‘Identification’ (identifying valuable asset).
• Information asset and use management: This domain is concerned with authorizing individuals for accessing, exchanging and using information. The sub-domains within this module consists of ‘Information access and accessibility’, ‘Licensing and rights management, ‘Pricing’, ‘Privacy’, ‘Intellectual property’, ‘Search and Discovery’ (searching and retrieving government information), ‘Sharing’, ‘Publishing and Release’, ‘Information modelling’ (providing terminology and representing information), ‘Collection Management’ (gathering data throughout the information lifecycle).  
• Records management: This module concerns with creating, controlling, maintaining, usage, and sharing of records. The sub-domains within the domain assist in the purpose of management of records. The sub-domains are ‘Record creation and capture’, ‘Archiving’, ’Retrieval and access’ (locating data from storage and using it, providing correct access authorization), ‘Retention and disposal’ (maintaining temporary records in cache and deleting them to free memory). ‘Conversation and preservation’ (rolling back, physical manipulation and modification of schemas or structure to ensure that damaged data is retrieved and preservation deals with safeguarding data) and ‘Digital continuity’ (long term access of records).  
• Data management: This module is concerned with collecting, storing, processing, validating, and querying data to provide reliability and easy accessibility of data. Furthermore, the module can be divided into sub-module for following proper maintenance. Sub-domains are ‘Data modelling’, ‘Data interoperability’, ‘Redress mechanisms’ (transparent appeals and processes to ensure data is of high quality), ‘Data Quality and integrity’, ‘Data cleansing’, ‘Data de-duplication’, ‘Data capture’, ‘Data migration and transformation’, ‘Data mining’ and ‘Data Warehousing’.
• Information Security (IS): This module concerns with data privacy and protections acts. The policies implemented in the IS follows acts from International Standardized organisation (ISO) under the ISO/IEC 27001:2013 standard.

 

The State Government of New South Wales

The purpose of this document is to provide a foundation for the Information Management Framework and to help agencies implement best practices for managing information across the NSW public sector.

Information management

A key initiative of the NSW Government ICT Strategy is the development of an Information Management Framework (the IM Framework) to support the way government administers and uses data and information. The Framework is a coherent set of standards, policies, guidelines and procedures which are implemented either manually or, where possible, automated through technology. This will allow data and information to be managed in a secure, structured and consistent manner (New South Wales Government, 2013)

Governed

• is a strategic, operational and administrative asset for NSW Government agencies;
• in a transparent and accountable manner to citizens and organizations of NSW.

Collected

• to document and facilitate the provision of services and functions of NSW Government agencies;
• with respect for NSW citizens’ privacy and the confidentiality of organisations in NSW;
• in accordance with agreed standards that provide appropriate, accurate and consistent support so that they are suitable for credible purposes and can be reused NSW Government agencies to improve service provider or reporting manager.

Organised

• be described and linked to relevant data or information, so that it is easy for NSW Government agencies to find, retrieve, use and compare;
• be identified and integrated into the system that allows NSW Government agencies to regularly monitor and manage them according to their value.

Secured

• detect unauthorised access, alteration, loss or deletion, to ensure their integrity and continuous value to NSW Government agencies;
• use controlled and audited procedures that show NSW citizens and organizations the process of the protection of sensitive data and information.

Used

• to assist with NSW Government agencies in the process of decision making, planning, resource allocation, communication, reporting, and transactions;
• is processed and analysed by the NSW Government agencies to develop evidence-based policies and providing targeted services for citizens and organizations of NSW;
• and reused, in these assets the NSW Government agencies gain maximum benefits from their investments.

Shared

• with respect for the privacy of citizens and the security NSW organizations in NSW;
• with other agencies of the Government of NSW to reduce duplication of efforts, streamline service delivery and provides an aggregated view of the needs of customers or the performance of the public sector;
• published and provided to explore, where appropriate, by the citizens and organizations of NSW, provides opportunities for communication, consultation and cooperation or participation in the processing, analysis and development of added value.

Maintained

• use efficiency measures, based on risk to facilitate business continuity of the NSW Government agencies;
• to ensure their availability and reliability, for as long as they support service delivery and accountability by NSW Government agencies; and then systematically destroyed when their use and value has ceased, to minimise the costs and risks to NSW Government agencies of over-retention;
• or systematically stored to protect the long-term rights and interests of NSW citizens and organizations.

The State Government of Western Australia

The purpose of the Western Australian Whole of Government Open Data Policy (the Policy) is to improve management and use of the public sector’s data assets in order to deliver value and benefits for all Western Australians. This includes greater release of appropriate and high value data to the public in ways that are easily discoverable and usable. (Government of Western Australia, 2015)

Data quality

• It is important that users have confidence in the data they are accessing and using and be aware of any warnings which are related to it. To allow users to determine whether a data set is appropriate for their purpose or not, the data must be provided with a statement or metadata, related to the purpose and its quality.
• Even if there are aany restrictions which are related to the data set, such as the data set is incomplete, the release data are encouraging and providing information that are sufficient to inform users about any limits or empty space.

Open by default: Data should be provided for free or at minimum costs for the users to maximize potential usage.

Easily discoverable and subject to public input: Data can be easily explored by accessing data through the online portal of the Government of Western Australia (data.wa.gov.au). Open access to the data enabling participation and two-way cooperation between the government and the public, industry and other groups.

Usable: The data must be published in open, internationally recognized formats for ease of use, the data must be properly licensed by agencies with clear terms surrounding copyright and usage.

Protected where required: A large amount of data which are collected by public sector will be suitable for public release. However, there are cases where data needs to be protected and therefore, access is restricted or blocked, including

• privacy – relevant personal or sensitive information can be determined for an individual or may be involved as a result of unwanted data links, or a combination of data;
• security – the nature of the data or information;
• confidentiality – arising from the nature of the data or information or contractual arrangements have been made concerning for the for the data or information;
• legal privilege – together with certain legal advice;
• commercial – such as commercial trust, intellectual property considerations or pending patent;
• public interest – if there are public interest considerations against the isueand, on balance, the considerations that goes beyond the public interest considerations in favour of release.

Implementation Strategy

Information Sharing

The Information sharing framework is a guidance architecture which allows the data publishing individuals/agencies to successfully share data by following protocols. The figure no.2, shown below gives a brief overview of data sharing protocols regulated by QGCIO. 

Figure no. 2 Phases of information sharing framework

The key relationship in data sharing lifecycle is explained by different phases of information sharing mentioned below:

• Prepare: Thisphase involves formalizing any information sharing activities between parties.
• Manage: This phase is default after execution of each phase and requires the parties to conduct an established information sharing activity over the period of data sharing. It can also be used to conduct periodical review for ongoing information sharing activity.
• Exchange: This phase includes deployment and usage of technical architectures, transmission structures (data schemas), User Interface and User experience wireframes.
• Use: This phase includes spreading user awareness on policies of shared information, providing support to users on various web platforms and resolving queries from users.

Responsibilities and Roles

Information is now considered to be one of the most important property for any organization. For organizations operating in the public sector, most of the operational budget is spent on information processing. Information is needed at all levels of government to support executive work and be of great help in achieving operational goals, and it is also a proof how the government is running its jobs and exchanging information within the government which is being implemented.

-All employees are ready to access all the information they need to perform work at all levels of the organization.

– Information are fully exploited through the process of sharing information within the organization and with other public sector agencies; through agreements with private sector in organizations at the appropriate points.

– The quality of the information must be maintained and must be accurate, reliable, always up to date, comprehensive and consistent.

– Legal requirements as well as other requirements such as confidentiality, privacy, confidentiality, authenticity and integrity of information must be enforced.

– Information needs to be made available to the public conveniently through various channels.

– Records and other required information must be well maintained.

– The organization achieves a high level of effectiveness in information processing activities.

People involved in information management – Includes:

-          The owner of the information, responsible for a specific item as well as the accuracy, availability and confidentiality of the information.

-          Information caregivers, responsible for the maintenance of information transmission equipment and information technology-related issues.

-          Users (inside and outside the organization) access and use information specified by the information owner and authorized by the information caregiver.

References

• Green, B., Johnson, C., & Adams, A. (2006). Writing narrative literature reviews for peer-reviewed journals: secrets ofthe trade. Clinical Update, 101-117.
• State Government of Queensland, (2018, Novemeber). Information management. Retrieved from Queensland Government Chief Informative Office : https://www.qgcio.qld.gov.au/information-on/Information-Management
• State Governamnt of Victoria, (2016, January). Open Council Data. Retrieved from Open Council Data Tools and guidance for local government: https://opencouncildata.org/template-policy/
• Queensland Government Chief Information Office, (2019, July). How Should I manage my information?. Retrived from Queensland Government Chief Informative Office : https://www.qgcio.qld.gov.au/information-on/Information-Management/how-should-i-manage-my-information
• Queensland Government Chief Information Office, (2017, August).Information Management policy framework. Retrived from Queensland Government Chief Informative Office : https://www.qgcio.qld.gov.au/__data/assets/word_doc/0022/5953/Information-Management-Policy-Framework-v200-.docx
• Queensland Government Chief Information Office, (2018 March), Information Sharing Authorising framework : Comprehensive guidance for information sharing. Retrived from Queensland Government Chief Informative Office.
• New South Wales Government, (2013, July), Information Management: A common approach. Retrieved from: https://www.digital.nsw.gov.au/sites/default/files/IM%20common%20approach%20v1.pdf
• New South Wales Government, (2019, February), Open data policy. Retrieved from: https://www.digital.nsw.gov.au/sites/default/files/NSW_Government_Open_Data_Policy_2016.pdf
• Government of Western Australia, (2015, April), Open data policy. Retrieved from: https://data.wa.gov.au/__data/assets/pdf_file/0009/9549/Open-Data-Policy-Final-v5.9-with-Cover-updated-21.07.15.pdf