A couple of months ago, Mydex (via William Heath) published a brief UK list of government initiatives on the Ideal Government site, looking at applications of personal data systems (PDS). The motivation is the belief that:
Only the addition of an individual-centric model to the existing organisation-centric model can deliver speed, convenience, privacy personalisation and choice to the individual, and cost savings and efficiency for the organisation based on better online authentication, cleaner data and feeds of personal circumstances and preferences
The past groups services under three headings:
- Systems where a PDS is a prerequisite
- Policies that share the PDS philosophy
- Generic innovation activity where PDS could have a major impact
I put some notes together which I thought might be useful to come back to….
The first thing that strikes me is that it needs to talk more about the challenges raised by devolved/ federated government structures which may have different priorities and approaches to putting in MyData-like systems.
All the items under heading 2 (and many under heading 1) relate to English institutions. What is the situation in NI and Wales? How could the ‘One Scotland/National Entitlement Card‘ scheme fit in here, without being subsumed into a UK-wide structure? (Which wouldn’t be popular with the Scottish government). What about EU-level services? Eg the checking the E111, or the sorts of cross-border validation services that STORK is meant to provide? (It often puzzles me how insular the UK/English debate can be).
Back to more local issues, management (or at least awareness) of police and social work/care records are another obvious area for extension. This is potentially important since these agencies try to work together with health and education professionals when dealing with challenging people and families. Some of my colleagues have been working on systems that allow professionals in these sectors to share (appropriate, controlled and audited) details on individual cases and it would seem logical/fair that the service-user should also have a role, and some ownership over the data held on them.
This raises two further questions:
- The role of NGOs and advocates: to what extent can they act on individuals’ behalf? Not everyone is data-literate and self-efficacious enough to use the data. We could end up enhancing the power & autonomy of those who already have it, and putting another barrier in the way of people who are not sure how the systems work.
At what point does ‘My Data’ merge into agency data (eg details of ongoing investigations, comments from professionals). Seems to me that identity is shared between the individual and society… and that I need to revert to some books on philosophy!
More practically, I think the solution is likely to need controlling access and accuracy of data held on systems owned and operated by external business or organisations. The PDS could be a repository for the keys that prove the you have the correct rights. This would truly be empowering people to control or understand the data held on them.
All this assumes that agreed standards are in place with an accompanying support/development process, definitions and codes of practice to ensure consistency in use and application, and an understanding and management of the risks involved. Use of open data implies there also need to be clear rules about copyright, database rights etc.
Final thought: MyDex’s approach is that they will be a repository for securely storing personal data. They are not the first or only company to spot this opportunity in the market – see for instance Abine.com or OwnYourInfo. But I wonder if this is a place where the right part of the public sector could have a positive role – for instance perhaps as an extension of library cards?