Data sharing between enterprises is crucial to deliver public services that we all rely on. But is it effective, and is it safe?
An example is found in sharing healthcare data across the health and social sectors. If we do not have a well-operating data-sharing infrastructure between government agencies and service providers, then everyone suffers from the lack of collaboration. We cannot fix complex problems without complex solutions.
New Zealanders need seamless information sharing in our health and social sectors while ensuring our information is protected. Unfortunately, this has been a worst case scenario where data exchanges are both insecure and lack governance to drive improvements. This puts us all in the position where data is not shared when needed because nobody can agree on the rules (just say no, it’s the easiest option), and if data is shared, the methods in place are insecure and difficult to manage at scale.
Eightwire prides itself on data and information security and privacy, so we have broken down what we believe are the most important aspects of it.
Being upfront about what you are using data for and why is a crucial step in data privacy for the public and data experts. This means stating the reasons for the data exchange, the contract that allows it to happen, and any downstream uses for the information. This is especially important for AI and machine learning, where a computer uses that data to make decisions.
Data experts also need to know that the data they receive is reliable and up-to-date and won’t compromise anyone’s privacy. People will naturally assume that their information is being used for nefarious reasons when these things are not readily available or automatically disclosed. For analytics companies, every incoming data payload includes a manifest of who sent it to them, when it was sent, and a link to the agreement that allows them to have the information.
Another issue plaguing the uptake of data-sharing capabilities is a lack of governance. Data governance means setting policies on how data is gathered, processed, stored, shared, and disposed of. It also informs who can access different kinds of data, the processes they must follow and the technology that is needed. Due to increasingly complex regulatory requirements, data governance is instrumental in avoiding risks around non-compliance. Strong governance gives all parties additional confidence in securing sensitive information from organisations without proper authorisation.
At Eightwire, we are implementing the Data Trust Guidelines into our platform to apply robust governance controls for our customers. This ensures that when a data exchange is operating, it starts with good governance and the right questions are asked at the right time. We see this as a significant improvement to the current state where confusion over regulations leads to confusion and saying No to innovation is just the easiest way.
Sometimes, the barrier to entry is less about caution and due instead to different interpretations of policies and legislative processes. Organisations often have different ideas about what’s allowed from a privacy point of view. Decision-makers don’t always understand what’s acceptable and assume that the legislation is more restrictive than it is. However, the Privacy Act provides ample scope for sharing government-held data and information.
With our platform’s ability to enforce the proper technology and business procedures for data sharing, we can help enterprises meet the Privacy Act and other legislation out of the box. This guidance lowers the overheads needed to build and run a data exchange with personal information.
From day 1, Eightwire has been focused on removing the barriers to data sharing. Initially, this was the numerous technology challenges that had to be overcome to seamlessly move data between systems that were never designed to talk to each other. We overcame this challenge by building data processing algorithms and an intuitive interface that brought down the technology risk and skill required.
Next, we had to focus on the organisational challenges to data sharing, and this is where our focus on security and governance comes to play. We’ve been working with government agencies such as the Social Wellbeing Agency and NZ Data Trust to learn about the organisational challenges to data sharing and how we can use our experience to help guide our customers to achieve their end goals faster. With these two approaches, we are now trusted to handle billions of records of sensitive information in the country across hundreds of enterprises.
Another advantage of the Eightwire platform is our position of neutrality. We have no investment in the outcome of our data exchanges, we are simply interested in making it as simple and robust as possible. More than just a technology platform, we take our role as a common carrier very seriously. This is shown through our use of privacy by design and complete traceability of every record we transfer. We’ve also established an independent board to be accountable for every data exchange we run. That means a set of procedures governs every element of the process, so no one access any data without a clearly defined scope for usage.
Eightwire understands that navigating the complex technical requirements of New Zealand’s Privacy policies can be overwhelming at the best of times. As such, every organisation we take on is put through their paces. We’ll walk you through every step of the process and consult with agencies like the New Zealand data trust and the Privacy Commissioner. Having privacy experts at the table from start to finish will help ensure you are compliant with all regulations.
With the proper privacy and security governance in place, we can deliver the future we all expect, and Eightwire can deliver this today.