OTTAWA – Treasury Board Secretariat, the federal government department that acts as the general manager of the Canadian public service, is in the midst of a multi-year effort to revamp its policies on information management, access to information and privacy, executives told the annual GTEC conference on Wednesday.
But “we’re really going to try and not have more rules,” said Chuck Henry, who is about to retire as federal chief technology officer and senior director of Treasury Board Secretariat’s information technology division, at a Treasury Board Secretariat policy update session at the conference. “That’s not helpful.”
In fact, the secretariat’s policy renewal, launched in January 2005, aims to reduce the number of regulations, standards and guidelines, said Donald Lemieux, executive director of the information privacy and policy division. What TBS does want to expand, though, is the number of government agencies to which its policies apply and the emerging technologies and issues they address.
So a new Policy on Government Security, which took effect July 1, covers 127 government organizations versus the 104 to which its predecessor, the Government Security Policy of 2002, applied, said David Schwartz, senior director of cyber-security in security and identity management. The access to information policies now apply to 250 public-sector institutions, Lemieux said.
On the access to information front, Lemieux said, accountability and transparency are big emerging issues, partly because of the Obama administration’s emphasis on “proactive disclosure” in the U.S. “We’re obviously all looking at what’s happening south of the border,” he said.
Growing use of social networking tools also requires new policies to deal with both access to information and privacy, said Lemieux.
A key change in security policy is the requirement that every department have a security policy, which has to be reviewed annually and signed off by the department head, Schwartz said.
While security and privacy get lots of attention, information management is a thorny issue for government too.
“Over the past several years we’ve seen an exponential increase in the rate at which we produce information,” observed Kim Steele, manager of information management for the policy and compliance unit of TBS. In fact, she said, it has been estimated the world will have 10 times as much digital information by 2011 as it had in 2006.
To help keep the public sector from drowning in data, Steele’s group is working on a metadata standard to try to ensure that government data is tagged and classified consistently so it will be easier to retrieve. Guidelines on e-mail are also in the works.
Henry said the government needs to reduce the complexity of its IT infrastructure – “we have a very complex infrastructure and that leads to it being a security risk,” he said – and to try to share more IT infrastructure and services across departments.
For instance, he said, the federal government has 22 separate implementations of PeopleSoft software. One of those was recently upgraded and cleaned up, he said, but that leaves 21 more to go. “We really need to figure out how not to spend that hundred million dollars again and again and again.”
GTEC wraps up Thursday.
