At the Public Sector CIO Academy, experts from the public and private sectors provided insight into what IT leaders need to think about when considering data collection and sharing aimed at benefiting residents' lives.
SACRAMENTO, Calif. — If governments are going to collect data on citizens, they need to understand the responsibilities that lie therein. That was the overarching message during a data privacy discussion at the 2020 Public Sector CIO Academy Thursday in Sacramento, Calif.
Panelists from a range of backgrounds shared their experiences of how and when data should be stored or shared. Michael Wilkening, special adviser on innovation and digital services to California Gov. Gavin Newsom, said that IT leaders should view the data collected from various services as their duty to protect, and in the case of sensitive data, something to be shared only when justifiable.
“As we’re starting to use that data, what are the implications there? Are you gathering information for enrollment purposes or administrative purposes?” Wilkening asked the audience. “I’m not seeing us crossing the lines and using the data in ways that we shouldn’t.”
Wilkening pioneered an open data portal while secretary of the Health and Human Services Agency. He did this to better understand how various programs, like CalFresh, impacted residents and whether people used more than one program or could benefit from multiple enrollments. Prior to a singular repository for querying, the data lived in disparate systems that couldn’t identify these commonalities.
“The data is not our data. It belongs to the people,” Wilkening said. “We’re stewards of data, but we don’t actually own the data.”
He said CIOs must ask themselves these hard, gray-area questions when they consider using residents' information to monitor program effectiveness. As more and more information is collected, it becomes more difficult to keep certain citizens anonymous.
The easiest solution, of course, is to not collect data at all, but that isn’t feasible in the modern era, said Scott Christman, the former CIO and deputy director of information technology services for the Office of Statewide Health Planning and Development.
“There’s this idea of not collecting data for the sake of collecting data,” Christman said. “It’s similar to the blue-sky [thinking] problem of, ‘If I just had all this data, I could do great things.’ … The why needs to be there represented by strong use cases and purposes.”
There aren't yet universal guidelines for data collection or sharing, except where it comes to health-care records are concerned. But even in cases of medical records, the willingness to transmit data from a primary care physician to a specialist varies, he said.
If an IT leader is to change how their organization views data, they must relentlessly advocate for its use and provide specific cases, like within the Health and Human Services Agency, where it improved residents lives.
“The use of this data, in this case we’re talking about sensitive data, the rationale is we’re trying to advance the organization,” he said. “I think it’s critically important and that can’t be communicated enough to teams that are working on these types of projects.”
While a moral high ground for data collection and sharing didn’t immediately emerge, a potential path for dissipating people’s privacy concerns may have. Panelist Chris Neff, the vice president of marketing and research at NIC Inc., said governments could adopt an opt-in approach.
People are already comfortable with sharing their information on social media platforms, Neff said. If they understand how their data will be used and that there will be a tangible benefit to sharing it, they may more willingly provide it, he argued.