180 likes | 314 Views
Office of the State Chief Information Officer. Prepared for: CHECO Conference. HB-1364 Act & Council Overview. HB 08-1364 Overview. HB 08-1364 – creation of an interdepartmental data protocol to enable data sharing across agencies for more effective policy-making.
E N D
Office of the State Chief Information Officer Prepared for: CHECO Conference HB-1364 Act & Council Overview
HB 08-1364 Overview • HB 08-1364 – creation of an interdepartmental data protocol to enable data sharing across agencies for more effective policy-making. • Roots in Governor’s P-20 Education Coordinating Council • Ability to analyze longitudinal data for a variety of purposes • Mirrors the State’s needs as an enterprise to analyze and determine effectiveness of policies, programs, and resource allocation • Protocols and Procedures to be used in: • Collecting data • Storing data • Manipulating data • Sharing data • Retrieving data • Releasing data
1364 Council • Mission is to provide guidance, policies, and procedures for implementing a data sharing architecture across the State enterprise that will achieve the stated goal and objectives of HB 08-1364. • 1364 Council Participants – includes executive branch agencies that collect unit records • And others determined necessary by State CIO • State, Judicial, Law • Committee representation – DGWG, STRAC • Dedicated Program Manager and Data Architect
1364 Council Scope • August 21, 2008 – February 26, 2009 • Bi-monthly meetings • Unit Records – Records regarding Individuals • Baseline As-Is: one major application per agency (more if possible) • System • Data • Compliance • Procedures and Governance –leverage work of DGWG • Data Sharing –leverage success and lessons learned of current & failed state data sharing initiatives • Benchmark similar work in up to 5 other States • Controls toprotect privacyof citizen data • Develop To-Be recommendations • Work with pilot application – State Traffic Records Advisory Committee (STRAC)
HB 08-1364 Objectives • Understand and document the data captured, stored and maintained by all State Executive Branch Agencies; • Understand and document the policies and statutes that currently govern the privacy of information held by all State Executive Branch Agencies; • Develop an architecture for the development of the data protocol, including data normalization, identity resolution, and source data authority; • Develop recommendations and identify associated costs for a full implementation of the data protocol; • Establish the circumstances under which a state agency may release data to a political subdivision, a nongovernmental entity or an individual; • Develop a governance structure, including processes and procedures, to be used by state agencies for sharing information with another state agency, with a political subdivision, or with a nongovernmental entity or an individual; • Establish the format in which a state agency may release data to a political subdivision, a nongovernmental entity or an individual; and to, • Ensure personal privacy and the protection of personal information.
Project Deliverables • Templates and procedures to capture all agency baseline data -done • A comprehensive reporting structure to store and maintain the reported agency baseline data – in development • A report with the recommendations and strategy to be delivered to the State Chief Information Officer • Suggested technical architecture and approach • Cost analysis • Timeline for implementation • Recommended governance structure • Policies and procedures to achieve data sharing • Identified statutory/regulatory changes necessary to the success of the data sharing protocol • Other recommendations as needed to facilitate objectives – e.g., data governance process, organization structure changes, etc. Final report to be delivered to Governor and Legislature by State CIO
Communications & Subcommittee Structure • 1364 Council Communication Tools • SharePoint portal: https://securityportal.isoc.state.co.us/1364 • OIT website: www.colorado.gov/oit • Key Initiatives section • Subcommittees - To expedite and facilitate discussion of objectives and decisioning • Technical – Mike Armbruster (CDOT), Chair • Business – Guy Mellor (CDOT), Chair • Legal – Susan Lin (AG), Chair
Technical Subcommittee • Understand and document the data captured, stored and maintained by all State Executive Branch Agencies; • Develop an architecture for the development of the data protocol, including data normalization, identity resolution, and source data authority; • Develop recommendations and identify associated costs for a full implementation of the data protocol; • Establish the format in which a state agency may release data to a political subdivision, a nongovernmental entity or an individual. • Work with Business and Legal Subcommittees on the following: • Does the recommended approach meet business-side needs? • Will in work within the existing structure that exists today? If not, what are recommended changes? • Does the recommended approach meet legal, compliance and privacy requirements?
Business Subcommittee • Understand policies and statutes that currently govern the privacy of information held by all State Executive Branch Agencies; • Understand and document major data sharing initiatives happening today among State Executive Branch Agencies; • Develop a governance structure, including processes and procedures, to be used by state agencies for sharing information with another state agency, with a political subdivision, or with a nongovernmental entity or an individual; • Benchmark the work of up to 5 other states in this area; • Assist Technical and Legal Subcommittees with the following: • Develop an architecture for the development of the data protocol, including data normalization, identity resolution, and source data authority • HELP RESOLVE BUSINESS-SIDE ISSUES • Develop recommendations and identify associated costs for a full implementation of the data protocol • ARE RECOMMENDATIONS REALISTIC? • IS THE TIME FRAME REALISTIC? • WHAT ARE THE POTENTIAL RISKS/ISSUES WITH THE RECOMMENDED APPROACH? • Are the legal, compliance and privacy needs of the agencies being met? • IF NOT, IDENTIFY GAPS • ASSIST IN IDENTIFICATION OF POTENTIAL STATUTORY/REGULATORY CHANGES THAT MAY NEED TO BE MADE (IF POSSIBLE)
Legal Subcommittee • Understand and document the policies and statutes that currently govern the privacy of information held by all State Executive Branch Agencies; • Establish the circumstances under which a state agency may release data to a political subdivision, a nongovernmental entity or an individual; • Ensure personal privacy and the protection of personal information. • Assist the Technical and Business Subcommittees with the following: • Identify existing statutory/regulatory changes or interpretations that may need to happen (if possible) to facilitate the implementation of HB-1364. • Does the recommended technical approach stay within Federal and State legal, compliance and privacy requirements? • Does the recommended governance structure stay within State legal, compliance and privacy requirements?
What are we doing? • Taking Inventory of information to formulate the basis for data sharing. • Platform: Hardware, OS Software, Virus Software, network, etc. • Application information • Database: Database management system • Data Elements: Begin the Data dictionary • Targeting 1 primary system containing unit data from each • agency.
What is the approach? What is the approach for gathering the information? • Leverage the work already completed in the government sector • Primary reference models • The Federal Enterprise Architecture1 (FEA) • National Information Exchange Model2 (NIEM) • Adhere as close as possible to the Federal Enterprise Architecture • Focus on the Data Reference Model3 (DRM) for the unit data elements. • Include data component information from the National Information • Exchange Model as appropriate. 1 References in this document to the FEA are to FEA Consolidated Reference Model Document Version 2.3 October of 2007. 2 References to NIEM include the Introduction to the National Information Exchange Model (NIEM) February 12, 2007, Requirements for a NIEM Information Exchange Package Documentation Specification 2.1 Draft. 3 References in this document to the DRM are to the Data Reference Model Version 2.0 November 17, 2005
Federal Enterprise Architecture A Framework for communication. What is the FEA? Purpose: to facilitate cross-agency analysis, duplication, gaps, opportunities for collaboration. Goal: Better management, communication through common framework and vocabulary. Method: Five FEA Reference Models Input Tool: Excel Spreadsheet
Why the FEA? Why the Federal Enterprise Model and NIEM? • Colorado is standardizing on a best-practice models • The FEA is a complete model with specific guidelines for • managing sensitive data • NIEM has completed work on Information Exchange Packages • Provides Colorado with compatibility with the Federal Government • Many states have adopted the FEA and DRM • It is a relatively mature model • Build on work done by the Data Governance Working Group 1References in this document to the FEA are to FEA Consolidated Reference Model Document Version 2.3 October of 2007.
Baseline Data Collection Process Agency Input: Each agency will create a copy of the Unit Information Data Element Definitions spreadsheet, populate it with information from their primary application that accepts/processes unit data, and upload it to the SharePoint site.. Each agency will copy the System Inventory spreadsheet and populate the copy with information from their primary application that accepts/processes unit data. Upload: We will upload this data to a DBMS for analysis by the subcommittee. This will give us a base from which to determine how much modeling and transformation work will be needed. Work is already underway and due by October 30th
Questions Next meeting: Sept. 18th Time: 11 am – 1 pm Location: CDE, 1560 Broadway Micheline.casey@state.co.us or 303-866-6280