WRITTEN ON August 28th, 2008 BY William Heath AND STORED IN Uncategorized
Off to a MoJ stakeholder world-cafe-style event today. A colleague says these events make her feel like a primary school child doing an exercise for teacher. My Mum says (suuportively, in a Bridget-Jones’ Mum sort of way) how grand it all sounds and “do you get paid”. *Sigh*. No. Of course not. But we’re all in this together.
What does bother me is the first sentence of the MoJ “stakeholder brief”
Effective data sharing has come to play a crucial role in improving delivery of public
and private sector services.
Has it? Is there evidence for that? Isn’t it more of a case that
The pursuit of data sharing per se in public services has created a formidable challenge for data protection and huge responsibilities which government is in no position to fulfil, without any evidence that it improves public services.
Unconstrained, thoughtless data sharing creates a toxic soup ready to spill out on every unregistered CD, memory stick or laptop sold on eBay. Can someone remind me please of any real, practical benefits of data sharing in public services, and give any examples?* * No! Not Victoria Climbie again. Nor Soham. Let the memory of those poor girls rest in peace, and not be blamed for screwing up trust in confidential public services for a generation! (I bet if I ask this at the meeting someone from government will refer to vehicle excise duty).
19 Responses to “MoJ stakeholder world-cafe thought”
Just a suggestion but wouldn’t webcasting the MoJ live be a very good example of data sharing?
Don’t know about UK, but in order to pursue the widespread government goals of “no wrong door”, “one-stop-shop”, “no data asked twice to citizens”, some form of data sharing appears obviously necessary. It all depends on how this is done – the more privacy is ensured, the more complex the system is. Its’ about cost-benefit, not about yes-no.
More concretely: if one land-owner receives fundign for producing organic food from one department, and for “waste disposal” from another, for the same piece of land, then data sharing prevents fraud.
A stakeholder briefing……how many individuals were there? As opposed to organisations?
I’m sorry but what the hell is “and private” even doing in there? Bad enough that MoJ should be pursuing a radical agenda of “removing the barriers” to data sharing across government – are the gov’t also proposing to tear up the Data Protection Act (admittedly having ignored some of the key Data Protection Principles for years)?
What possible justification can MoJ give for saying that it’s government’s job to increase data sharing in the private sector? Isn’t this just so big business won’t cry foul when the state awards itself powers to do things that would be illegal for any company?
As to practical examples of where data sharing sometimes ‘works’, as far as I can tell the overwhelming majority of ‘benefits’ accrue to the state but not actually in sufficient quantities, e.g. of reduced fraud, to lead to, say, tax cuts or significantly higher spending (from the savings) on services themselves. So even secondary ‘benefit’ to the citizen/taxpayer is negligible/unproven.
If MoJ want to assert that data sharing works, it must provide hard evidence – not anecdote (want to bet they’ll trot out the appalling, and extreme, example about the guy’s widow who had to contact more than a dozen gov’t agencies after his death. More a shameful illustration of how badly bureaucracy has got out of control than a justification for data sharing) or false assertion (cf. Climbie, which had nothing to do with data sharing and everything to do with a simple failure to act on data available) or fantasy (cf. David Blunkett’s utterly ridiculous claims about ID cards stopping benefit fraud, soon refuted by DWP) – and explain *precisely* how data sharing would deliver a particular benefit in each particular instance. Which they should really be doing under DPA anyway….
What about birth and death information? In Ontario, with the registry of a birth or death, agencies at the provincial, municipal and federal level need to be notified. Isn’t it better to share information between these groups to save a new parent some time or the recently bereaved some grief?
I agree that data protection is critically important. But data stewardship, where we look for responsible opportunities to offer improved services is important too. In fact, protection and use are both wrapped up in this concept of stewardship.
What we need are some clear principles for what that stewardship means in terms the general public relates to and can support. Even better, they are a set of principles generated by the public themselves.
Dave B writes
Surely if it’s their premiss than it’s up to them to support it?Don’t forget to ask them about ContactPoint.
Quite right Dave, They didn’t. I did, and again, no defence was offered. Very few people are willing to come out and engage over ContactPoint, and when they do there’s a weird climate of fear&loathing around.
My friend N sends a very personal account of why sharing can be important:
I can think of one example where I believe it would help. The caveat is that even as I write about it I’m thinking that it may be the reliance on paper -
as opposed to some commonly accepted and verifiable electronic ‘token’ that I could deploy under my own control – that is the real problem.I have had enduring Power of Attorney on behalf of my mother for some time.
She is still fully compus mentis but finds a lot of admin a struggle. So the document, and a number of certified copies from our solicitor, have been sitting in my filing drawer for some time.
I have now started to exercise the POA rather more – especially as Mum has just gone into a nursing home and we are selling her flat, cancelling local taxes, changing circumstances for benefit, filling in forms etc.
For each public body I have to send a certified copy of the POA in the post.
This is slow, and there’s a period of uncertainty about receipt/acknowledgement/taking effect etc.
Some public bodies, the Borough Council for example, have no means even of
*internally* sharing the fact of my having POA for my mother (let alone sharing this with, or validating it for, other public services). So I have to establish this with each Borough Council department, ad hoc, as and when a situation arises… more delay, more uncertainty.At County Council level I was even able to sign a form permitting the Council (i.e. the part assessing Mum’s contribution to the cost of
residential care) to share information about my mother with the DWP. Despite this, if I want myself to deal with the DWP on her behalf I have to separately register my POA with them.Incidentally – replacing certified copies which are not returned incurs further cost with our solicitor.
If a wide range of public bodies were able to share a piece of data – i.e. the fact that I have POA for my mother – registered and verified once by one of those bodies – my public service experience over the last couple of months would have been very different. If it could also have been shared with utilities, insurance companies, lifeline provider… then even more so.
But the caveats are – this is a ‘would’ and not a ‘did’, and also that there are other possible solutions such as an electronic ‘token’ of POA status which could be deployed via e-mail and other electronic exchanges.
Thanks N.
I’m starting to postulate a thesis that data sharing is mainly of value in overcoming existing bureaucratic hurdles. If that’s right, then perhaps we could fix the bureaucracy and not need the data sharing.
Geoff Ll writes to say
Data sharing may be neither necessary not sufficient for improving delivery performance ( speed, cost, responsiveness, felt-satisfaction and other measures ) but I’m convinced that it is a major help because it:– allows more coherent planning of service provision ( you couldn’t plan a business effectively if the sales department did not share its information with marketing or finance)
– transaction speed can be increased if some basic data gathering is done once and only once ( cf the perpetual complaint from anyone dealing with the public sector that “You already know that – why ask me to fill in a form yet again to give you the same information that I gave you last week?”
– strategic resource allocation MUST be facilitated if the people doing the planning have a fuller overview of the pattern of need (Local Authorities can do more to help poor areas if they have an holistic understanding of the multiple deprivations that they experience – poor health, poor transport, poor utility supplies, poor housing, poor public safety go together and need to be treated together)
– rationalisation of provision to save costs or re-prioritise can be done better if you have better information (improving ambulance response times by locating ambulances on street corners depends on getting info about a number of dimensions of the emergency service challenge from different stakeholders)
– customer satisfaction is enhanced if customers feel they are “recognised as a past customer” by the organisation they are dealing with; that’s what CRM is all about – making the customer feel there’s a valued friendship maintained over time rather than a series of discrete transactions where the customer starts from scratch each timeSo, in my opinion, if you see service improvement as analogous to a marketer’s problem in launching or improving a product or service ( or indeed a military field commander planning/controlling a battle) it is axiomatic that they will be able to do a better job if they have more information available flowing to them without inhibition due to “silo mentality”.
So in practice, you CAN improve service without data sharing (eg by smiling more and having nicer people to answer the phone) and data sharing IN ITSELF is not a magic bullet (eg if the well informed contact centre person manages to sound Orwellian!) but I’m sure that it helps.
Fair points!
Adrian writes to say
Answer off the top of my head.1. Data Protection applies to name-linked data. FOI and PSI apply to all data. Copyright can affect access and sharing of PSI.
2. Data sharing of name-linked data has to reflect the terms on which it was collected. However, such data can be retained after the legal status of the data keeper has changed: departments merge; Parliament changes the law;
international agreements are made; privatisation occurs. Reports like “The Power of Information” influence policy. Technology changes.3. Data sharing of all data within central government and the wider public sector is often worthwhile. Re-use of the EU MS’s PSI by the private sector could be worth tens of billions of Euros. So ‘information as a service’ provided by approved private sector companies in a competitive market to all who need it will often be better than public bodies collecting and storing the data they use.
Pete Reed writes
This may be too late (just picked it up), but I am a strong advocate of data sharing so would oppose any attempt to claim the premise is flawed.FWIW, here are some views….
1) why should I have to provide the same information multiple times to different government bodies
2) Even more so, why should somebody with a turbulent life have to keep updating their circumstances with lots of different bodies, and risk losing benefits if something falls through the cracks(I think DWP and local government have achieved significant improvements in benefit processing efficiency and service levels by sharing info)
3) Why should fraudsters be free to claim the same benefits or tax concessions in different local authorities or different contexts? (I think various fraud initiatives can claim significant recoveries as a result of data sharing)
4) Why should policy makers and managers not be able to base their decisions on the best information available (I think UK health can probably claim one of the world’s best information bases on clinical outcomes)
5) Why should my mother not be free to chose between receiving hospital treatment in her home area, or near one of her children, with all her records available to all involved? (long live NPFIT)
6) Why should we impose unnecessary costs on the police by not tracking offenders through the systemEtc etc.
Fair points all!
Meanwhile, I’m grateful to Ian at ICO for pointing out a useful example of data sharing. If you reapply for a lost driving licence from DVLA, they can check with IPS that yor photo is a photo o you. Someone else present had used the service and said it worked well.
That is a help and an improvement, I can see. But it falls within the hypothesis that the likeliest purpose of administrative data sharing is to take some of the clunkiness out of clunky admin.
Has anyone else used this?
I think you can define data sharing in different ways – shared access to databases or active passing on of data – but here are three instances that have been well received.
1) The DVLA’s online vehicle registration service. This has won plaudits all round, and a crucial feature is the ability to quickly check data made available by insurance companies. Much much better than digging out the documents and standing in line at the Post Office (if you can find one that hasn’t been closed).
2) Criminal Records Bureau check. Maybe it doesn’t do the subject any favours, but it is welcomed by the public for ensuring sensitive jobs don’t go to unsuitable characters.
3) The NHS Scotland Emergency Care Summary, which makes basic data on individual patients available around the health service. It has been received without all the hair pulling that’s accompanied the development of the Care Record Summary in England; maybe because it was not quite so ambitious, maybe because Scotland does not have such a vocally active privacy lobby.
I would contest the thrust of your statement; there is a tension between data sharing and data protection/privacy issues, but done properly it can provide an improvement in public services.
I’m sorry but the CRB example is wrong. It doesn’t ensure that ’sensitive jobs don’t go to unsuitable characters.’ All it does is perhaps to prevent some CONVICTED persons from being recruited to sensitive posts. CRBs are not a panacea. They can be helpful, but they can also induce misplaced ‘confidence’ in apparently ’suitable’ candidates
And it is also an example where ‘enhanced’ data sharing is underway and has produced a litany of mis-identifications and false positives that have ruined the lives of numerous innocent people.
Add to that the proposal contained in the Vetting and Barring Scheme to have publicly available the personal details of 11 million volunteers and employees in sensitive posts, and I believe we are just building a recipe for disaster. It will come in the form of either the massive loss of personal data, the (ab)use of such data for the purpose of child abuse, or else as CRB-assisted abuse, where an abuser, unknown to the authorities as an abuser, ‘passes’ a CRB and is given access to abuse the vulnerable.
CRBs are not a good example
I’m not sure the thousands of people who are wrongly turned down for jobs each year would agree that CRB works quite as perfectly as (2) implies. See http://www.theregister.co.uk/2008/07/14/crb_checks_total_analysis/ for a closer look.
And the Scottish ECS was not only less ambitious, it was founded in the fundamentally different premise that the explicit consent of the patient was sought before adding their details to the system. The system is still flawed (why should Scottish Sir Humphrey get to see the data as well – he’s got nothing to do with clinical or emergency care) but not so blatantly a grab for people’s complete medical records as NHS CRS/SUS.
You ask for practical examples of data sharing. It seems to me that there are two varieties: 1) the swapping of data between departments and 2) multiple departments sharing the same source of data.
The former is some sort of hoped-for Holy Grail that will magically solve numerous problems while the latter is in such widespread and commonplace use, that it is barely considered to be data sharing. (An obvious example is the use of the Post Office Address File, or PAF, to validate address information as it is entered.)
I think ‘data sharing’ is a case of forgetting just how far we have come – 80% of the benefits have been achieved for 20% of the cost and the conference you attended is focussed on extracting the remaining 20% of benefit but baulking at the inevitable 80% cost.
True enough and that, I think, neatly encapsulates the problems we see with ‘data sharing’ as wished-for by the the government and others. Unless there is an explicit purpose in the sharing then the benefits will always
“If you reapply for a lost driving licence from DVLA, they can check with IPS that yor photo is a photo o you”
But if I’m a fraudster, I’ll just tell DVLA that I don’t have a passport, won’t I? Anyway, why don’t they just look at driving licence photo THEY ALREADY HAVE form the licence I’m replacing?
Some quick comments:
The government – possibly the MoJ maintains the Register of Births, Marriages & Deaths; Its expensive new agency registers the new expensive form of Power of Attorney.
Rather than complex “data sharing” or the obsolete process of obtaining & posting certified copies of register entries to numerous bossy organisations:
Would it not be more sensible if we could simply refer these bossy organisations to the particular entry on a secure online version of the registers?
This seems so simple and obvious, that I am (not!) surprised that it hasn’t already been implemented.
So, in the event of someone’s death, the relative or trustee or solicitor would simply supply the relevant “link” and login details of the entry on the secure register to the numerous public and private organisations that seem to need to know.
So, rather than being controlled from “the centre,” this whole process would remain under the control of the relative / trustee / solicitor.
Finally, and as others have stated, all those new “registers” which purport to check applicants for sensitive posts “so as to protect the public” have at least three glaring flaws:
1. Someone’s past behaviour is not an infallible guide to their future behaviour: Perhaps they’ve never been tempted, or caught… yet? Alternatively, perhaps the punishment really worked and they’re now reformed?
2. The application process for “clearance” from these registers deters many honourable people who could make a great contribution to society:
For example, there’s a danger that the lack of people to lead activities for young people actually results in more young people being harmed by boredom & neglect than would have been harmed by the isolated but ghastly events so beloved by the media.
3. Increasing numbers of people are now effectively excluded from society and unemployable: In the past, most previous criminal convictions were eventually considered “spent.” But in our present “enlightened” era, thanks to these new “registers,” even the lowest level of “anti-social” behaviour seems to blight someone’s life – permanently – even if the matter was never actually proved in court.
I think you’ll find that IPS took over GRO on April 1st this year. And the goal blatantly *is* to control this all from “the centre” – via the National Identity Register.
I think no amount of clever algorithms, cryptography etc can keep the genie in the bottle in real world settings.
So the emphasis has to be on keeping data sharing to an absolute minimum. Of course when it is done it should be in as robustly secure and auditable way possible. But your initial instinct is the, IMHO, the best one to follow – is there evidence that all this sharing is actually improving data sharing? Can’t we be more nuanced about this debate than just a binary data sharing: yes/no?