Government wants to improve secure collaboration and share information to solve complex policy problems and deliver integrated services. Agencies need to carefully consider their underlying information governance regimes to ensure they meet the interests of diverse social groups, and the business needs of agencies, NGOs and private providers — often working under differing privacy and recordkeeping regulations.

In November, the Mandarin hosted a Victorian Government seminar focused on the need for public debate to reframe approaches to information sharing and reuse, and the role of transparent information governance in building public trust and the use of technology to support staff capability.

Changes must also respect the different governance requirements of the various stakeholders in the service delivery chain.

Held under Chatham House rules, speakers at the seminar included the new Victorian Information Commissioner, Sven Bluemmel; the head of the Public Record Office, Justine Heazlewood; and the Director of Public Sector Industry Solutions at Objective Corporation, Sonya Sherman, formerly Director Information for NSW Government.

Navigating the sea of legislation

The seminar heard that the Australian Privacy Act applies to federal government agencies and certain private sector organisations. Meanwhile, each state and territory have equivalent legislation, except South Australia (which has an administrative instruction on privacy) and Western Australia (where some of the privacy principles are covered by the Freedom of Information Act).

Several jurisdictions also have additional legislation addressing the privacy of health information and there are many other acts impacting information sharing and information governance, such as freedom of information, public records, telecommunications, among others.

Navigating this sea of legislation and developing information governance to manage the different requirements presents a major challenge for sharing information between public agencies across geographies.

For example, the seminar heard of pilot projects to create a single business registration system and the challenges presentin moving information across three tiers of government even in this relatively simple scenario.

Attendees noted that some of the benefits of sharing information across states and different levels of government include an easier transition for citizens moving interstate, better services for business and residents in border communities and research advantages from pooling medical data.

Privacy regulation does not mean agencies can’t share. Even so a nationally harmonised privacy regime would enable more consistent decision making about what can or should be shared. But in the absence of common approach, it’s critical that agencies implement transparent governance arrangements to demonstrate that there are appropriate safeguards in place.

Mapping complete user journeys

It is recognised that digital transformation in government has, so far, focused primarily on external customer services. But it is now time to consider how to connect the different parts of a service which may be delivered by different agencies, NGOs and private sector enterprises. Government needs to think about the end-to-end user journey and how to safely work across the information silos and join up the governance of information.

Participants highlighted a range of advantages in this approach. Firstly, users of public services would enjoy a more seamless experience at the time of service delivery. They would also be able to access a much more complete and accurate record of their interaction with government, after the fact.

The seminar heard that this is very important for groups such as former children in care, where government records may be the closest thing they have to a family history or childhood photo album. Today that record is often inconsistent or incomplete because providers are subject to different requirements and apply different information governance rules – so records may have been destroyed or cannot be found.

Secondly, valuable frontline data can be fed back into the broader information systems of government, for ongoing policy evaluation, service design and improvement, as well as secondary research for social or economic development.

These changes must also respect the different governance requirements of the various stakeholders in the service delivery chain. Many of the rules and policies are embedded within existing systems, which could be extended to protect information as it flows across this complex ecosystem.

Recognising challenges along the road

Attendees noted that government – and providers who deliver public services – face some unique challenges.

It was noted the some of the people most documented in government records are people in need or at risk, for a variety of reasons.

Government is the sole provider for certain services, such as social security or immigration, and users do not have alternative providers to choose from. In other cases, service recipients like children in care or people in the custody of mental health or corrective services, and their families, may not be customers by choice. In these situations, people must still give sensitive information to officials.

The seminar heard that it is important for government to demonstrate awareness and commitment to privacy principles, information access and good governance in relation to these types of services.

Transparency around the protocols and systems dealing with information collection, storage and sharing helps build trust between service providers, service recipients and the wider community. This in turn contributes to better social outcomes.

Government services also need to take account of diverse attitudes to privacy, access and retention or disposal between different cultural groups and changing views over time.

For example, some indigenous communities consider information to be traditionally owned by family groups rather than individuals.

Today, we see changing views in what information is considered private and what should be made available in the public interest. As Guardian blogger Andrew Sparrow has noted:

“50 years ago it was assumed that there was a public interest in knowing that an MP was gay, but little or no public interest in whether he drove home drunk, hit his wife or furnished his house using wood from non-sustainable sources. Now, obviously, it’s the other way round.”

Government officials are often dealing with messy a balance of values and motivations, made even more challenging by the explosion in data and information. As one person observed, messiness is what governments are often asked to sort out.

This means there is no one-size-fits-all approach and information governance frameworks need to be flexible enough to accommodate these differences.

READ MORE IN THIS SERIES
▪ Digitally transforming NSW: what public sector executives really think 
▪ Trust, privacy and accessible data: can you really have it all?
▪ Why information governance underpins digital government
▪ How can agencies promote ‘information confidence’?
▪ Building trust in government

Understanding custodianship and balancing interests

The Perth seminar heard that taking a custodianship approach is the key to managing information governance in the digital age. Panelists highlighted that although the concept of custodianship is often discussed, most agencies still apply an “ownership” approach. An example was provided around land ownership and the Aboriginal approach to custodianship of country.

Start with simple steps

It was observed that although there is a lot of complexity and many ‘grey areas’, there are also some easy wins. Government often gets bogged down in trying to solve the most difficult scenarios. But there can be value in starting with the simple, learning and developing models that can extend to address more challenging issues.

For example, starting with sharing and releasing information about government operations, how policies and services are performing, budgets, spending, grants, research and business cases for large projects or programs, where there is no personal information involved and privacy does not need to be managed.

The seminar heard that this can be made much more systematic if rules around information access and release are encoded into systems that support business processes. This enables staff to confidently share information in day-to-day operations, without having to interrogate and navigate the legislation every time.

Although there is a strong focus on sharing and linking more structured data across government, it was noted that a vast amount of government work is done through documents – analysis, reports, briefings, advice and correspondence.

Agencies already have established systems and information governance frameworks for managing this kind of information. They could extend this existing capability into workflows and collaboration spaces, making it easier for staff to do their jobs and keep good records at the same time.

This directly leads to better decision making, ensuring all the information that is relevant to decision making is brought together and easier to search.

These solutions could then be used as a model to address more challenging areas of transformation. As government agencies move to use tools such as social media in areas like emergency services and healthcare, it is important to design processes with solid information governance built-in to ensure the integrity of the data.