1 / 10

Thoughts on an electronic data sharing model: a discussion

Thoughts on an electronic data sharing model: a discussion. Jerry Fishenden National Technology Officer Microsoft UK. data sharing issues include …. the citizen needs to …: prove who they are (and potentially their circumstances)

galeno
Download Presentation

Thoughts on an electronic data sharing model: a discussion

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Thoughts on an electronic data sharing model: a discussion Jerry Fishenden National Technology Officer Microsoft UK EURIM Confidential

  2. data sharing issues include … • the citizen needs to …: • prove who they are (and potentially their circumstances) • know they are dealing with a legitimate public sector organisation • provide consent to personal data collection/collation and the uses to which it might be put • ensure government does not misuse data (transparency/accountability) • have access to all appropriate government-held information (FOI etc) • government needs to ….: • achieve greater operational efficiency by enabling appropriate data to be accessed and shared between systems: this raise problems of interoperability around security, access controls, semantics, metadata etc • ensure it knows precisely who it is dealing with and the role/capacity in which they are acting • ensure data is not misused or accessed/altered/disclosed etc inappropriately • find some means of linking user identity and government’s many silo applications and data in a reliable way EURIM Confidential

  3. data sharing – core requirements • to establish verified electronic identity for all parties (including role, where appropriate) • to associate accurately a proven identity with ownership of or entitlement to access specific government identifiers/information/services • to ensure legality (eg DPA, FOI, privacy, confidentiality, consent and related topics) • to ensure practical interoperability (ie the physical ability to communicate meaningfully data between systems whilst respecting security etc) EURIM Confidential

  4. UK now EURIM Confidential

  5. the existing federated identity verification and management model The UK Government model uses a federated, Web service based authentication / authorisation architecture using WS-Security, WS-Trust, WS-Policy etc EURIM Confidential

  6. UK now • the Government Gateway provides: • the key link between an online identity (issued by a third party) and ownership of specific government identifiers (National Insurance Number for example) proven relationship – binding a verified electronic identity to government identifiers government identifiers proven user identity EURIM Confidential

  7. electronic identity and its linkage to government services EURIM Confidential

  8. current data sharing model • once a user’s online identity has been verified by a third party (or using a Government process), it needs to be linked to numerous separate government identifiers • such identifiers include National Insurance Number, NHS Number, Date of Birth, Unique Tax Reference Number, etc • the current model is user opt-in based (ie. consent-driven) – they choose which services they want to use and the way in which the services may or may not use their data • the Gateway keeps each information-owner’s details away from each other’s: although if the user provides consent, they can be shared EURIM Confidential

  9. some of the issues EURIM Confidential

  10. some next steps • facilitate the legal ability to share data more easily • obtain legal clarification of whether the DPA can provide a higher level government registration rather than the current highly granular model: if not, new legislation is required • facilitate the technical ability to share data more easily • enrich the interoperability framework to tackle the practical problems of interoperability between existing and new systems • address the cultural barriers to progress • implement a new incentive/reward model in the Civil Service • simplify the user identity verification and linkage process • identify improved ways of linking a proven electronic identity with verifiable ownership of government identifiers / services • simplify and encourage online services take-up (internal/external) • encourage a broader set of identity issuers to enter the marketplace, such as Local Authorities through their smartcard schemes • provide self-service FOI / accountability reporting systems • to automate citizens’ ability to obtain their entitlements EURIM Confidential

More Related