The recent announcement from the Crown Commercial Service (CCS) that it is launching a four-year long procurement framework focusing on data, with a projected value of up to £2bn is a really encouraging step. Open to central Government departments as well as other public bodies including local authorities, police, health, education, fire and rescue and other devolved administration the framework will run over a four-year period from 2022 to 2026.
The framework is split into two lots. The first will enable the provision of a design, build and run off professional big data analytical services, with the second offering commercial off-the-shelf software for big data and analytics capabilities. The value of the framework highlights the importance that the public sector now places on data, as does the influx of chief data officers being appointed within government bodies, including the chief data officer for the HMRC, a role which was described as 'one of the biggest roles in the UK'.
National Data Strategy – unlocking the power of data
This is part of the wider National Data Strategy (NDS) which was launched in September last year. The NDS is aimed at unlocking the power of data to create new jobs and improve public services. There are four pillars associated with the NDS, described as: ‘data foundations, data skills, data availability and responsible data use’.
Further to these pillars, five missions are also outlined for the NDS: to unlock the value of data held across the economy; secure a pro-growth and trusted data regime; transform the Government’s use of data to drive efficiency and improve public services; champion the international flow of data and ensure the security and resilience of the infrastructure on which data use relies.
It is this last mission point that should be absolutely critical in the Government’s new data focus. The potential value of the framework is an indicator of the emphasis now being placed by local government on data. It is a real acknowledgement of the value of data and the role it can play in improving public services, creating jobs and encouraging innovation.
Security has to be the number one priority
However, the nature of much of the data held by local councils means that it is of the most sensitive nature. So, whilst we should be encouraged by the Government’s commitment to gaining a better understanding of the data held within local government, it has to be tempered with some caution and ensuring an emphasis on security.
The last few months we have seen multiple attempts by cyber criminals to access and steal data from councils. It is now a real commodity with real value associated with it and criminals are always going to be on the lookout for ways to gain access and take data away.
In amongst the excitement of the £2bn framework and the continuing work of the NDS, security has to be given top priority. The CCS has to ensure that the vendors that are included in the framework are not just offering ‘flashy’ data solutions that claim to do the job but are robust and secure. The last thing local government needs is another expensive IT project disaster, especially if it involves the sensitive data of the general public.
Making security the top priority also means that local authorities also remains in-line with regulation. The recent example of the 300 GDPR breaches by the Welsh Government is a timely reminder of the importance of implementing sound data policies.
Industrialising data processes
The key for ensuring data remains secure and adhering to regulation is the industrialising of the data processes. Too many security and regulation breaches are caused by individual mistakes, so by automating the process these individual errors can be cut out.
Industrialisation, especially around GDPR, also means that any new amendments to the regulation can be automatically updated within the internal procedures. With the warning from a German data watchdog based in Hamburg that Zoom video conferencing software is not compatible with the EU’s GDPR, it is clear that the landscape is changing all of the time and many of the day-to-day activities that take place in the public sector may actually lead to a regulation breach.
Making the most of local government data will have a hugely positive impact for everyone in the country. However, there has to be a security first approach here or cyber criminals will take advantage, leaving the sector in disarray.
AJ Thompson is CCO at Northdoor