Building on previous efforts to make more data available across all jurisdictions for policy development, tracking implementation and service delivery, the recently revealed Intergovernmental Agreement (IGA) for Data Sharing is a crucial step to support a digital economy.
The agreement, which came into effect immediately, recognises data as a shared national asset and commits all jurisdictions and levels of government to share public sector data as a default position, relative to the roadmap of linked-up government services.
However, while there is all-important intention to accelerate the coordination of Australia’s public sector, it’s less clear how that will be delivered to our two million public sector workers. These petabytes of sensitive data, including that of the public, critical infrastructure and industry, must be protected.
The Data and Digital Ministers Meeting (DDMM) is set to define ‘priority data’ and establish the necessary reforms to share it “safely, securely and lawfully” – as prime minister Scott Morrison promised. But to achieve a more connected government, these efforts will need to be underscored with an integrated, digital framework capable of evaluating, defining, coordinating, and governing the data so that every department or agency that needs it, gets it when they need it.
Complexity is a common hurdle to working in the public sector. Silos between agencies, roadblocks in accessing information, and broad-ranging state and federal legislature create frequent headaches.
It can feel like forcing water to flow uphill, and 82% of public sector workers say this frustration stems from with their agency being at or behind the digital transformation curve.
The federal government’s latest proposal for QR-code vaccine certificates is already hitting roadblocks. While ‘travel passports’ are the key to reopening international travel, there is currently a missing link preventing Services Australia, the Department of Foreign Affairs and Trade (DFAT) and the Department of Health securely sharing medical data.
Meanwhile, digital barriers have even inhibited emergency services workers who make up the frontline of a national, coordinated response to crises.
But once data from dozens of back-end systems and hundreds of applications and processes is synchronised, it creates visibility and a layer of assurance that the data being shared among agencies is confined to a protected environment that can feed it to the departments, as they need it.
From the everyday crunch to a state of emergency, we need a data-first approach
There’s no longer room for historic habits and digital barriers to inhibit public service agendas. My conversations with public sector leaders indicate that better serving Australians requires more than just deploying new apps or launching digital services. We need more cohesive operations.
Cleaning and actioning data with respect to all of the geographic and departmental jurisdictions that govern it, and adhering to regulations like the Notifiable Data Breach scheme – designed to create accountability in the face of data leaks, whether unintended or malicious – will enable a more coordinated public sector.
Systems and processes must be available to shoulder the responsibilities of the public sector, especially the nation’s emergency services and essential workers. Paramedics, for example, will be in a stronger position to expedite patient treatment and manage surge capacity with a connected framework that enables timely, consistent and accurate data. This is particularly important during emergency response situations, when there is simply no time for extensive preparative or predictive measures.
Having a common, integrated foundation is in fact part of the Bushfire Royal Commission’s 80 recommendations made to government, all of which were accepted last year. The report highlighted the need for consistent data standards to measure disaster impact, and a greater capacity to collect and share standardised and comprehensive natural disaster impact data. Synchronised systems and applications will enable this requirement.
Managing the human in data protection
Managing sensitive data is no simple feat, and since the onset of the COVID-19 pandemic, it has become more challenging than ever. The wide-scale shift to remote work caused by the pandemic has increased the attack surface, with government agencies now working as distributed environments reliant on cloud technologies. Cybercriminals saw this as an opportunity and have increased their attacks – ransomware attacks alone shot up by 48% in 2020.
Against this backdrop, there’s also the concurrent increase in data leaks resulting from human error, whether unintentional or malicious. Since the start of the 2019 financial year, Services Australia has reported five eligible data breaches to the Office of the Australian Information Commissioner, all involving human error.
Both federal and state governments have moved to address lingering security concerns through assessments like the Information Security Registered Assessors Program and Cloud Security Guidance. These frameworks have been designed to ensure standards for data protection and cybersecurity, and simultaneously provide stamp of approval for technologies available to Australia’s public sector.
Government employees need to trust they can safely, securely, and lawfully enable a more coordinated public sector. With the ability to control permissions and manage requests, a centralised and synchronised digital foundation will ensure the right people have the right access, at the right time – connectedness is key to delivering better outcomes for Australians.