General Data Protection Regulation (GDPR): 10 things business needs to know

 

European Union flag with a padlock in the centre.

By Steven McGinty

On 25 May 2018, the data protection landscape will experience its biggest change in over 20 years.  This is because the European Union’s (EU) General Data Protection Regulation (GDPR) will come into effect for all member states. The regulation, which has been described as ‘ambitious’ and ‘wide-ranging’, introduces a number of new concepts, including the high profile ‘right to be forgotten’ – a principle established in a case involving technology giant Google.

Below we’ve highlighted ten of the most important points for business.

Directly effective

The GDPR is ‘directly effective’, which means that the regulation becomes law without the need for additional domestic legislation (replacing the Data Protection Act 1998). However, member states have also been given scope to introduce their own legislation on matters such as the processing of personal data. This may result in some EU states having more stringent rules than others.

Sharing data and monitoring

It also seeks to increase the reach of EU data protection law. Not only will EU-based data controllers and processors fall under the scope of the GDPR, but its authority will also extend to any business which either processes personal data or monitors the behaviour of individuals within the EU.

This will impact businesses who transfer data outside the European Economic Area (EEA). It will be their responsibility to ensure that the country the data is being transferred to has adequate levels of data protection. The most prominent example of this issue was the US Safe Harbour scheme, which was intended to protect European individuals whose personal data is transferred between the EEA and the USA. In 2015, the European Court of Justice ruled that this scheme had ceased to provide a valid legal basis for EEA-US transfers of all types of personal data. It has now been replaced by the Privacy Shield.

Transparency and consent

Greater obligations have been placed on business with regard both to seeking consent for use of personal data and providing detailed information to individuals on how their personal data is being used. The GDPR requires that consent notices are ‘unambiguous’ – not assumed from a person’s failure to respond – and that consent is sought for different processing activities. Law firm, Allen and Overy recommends that businesses review their notices to ensure they are fit for purpose.

Personal data/ sensitive data

Article 4(1) of the GDPR includes a broader definition of ‘personal data’ than previous legislation. It states that any information relating to an individual which can be directly or indirectly used to identify them is personal data. Specifically, it refers to ‘online identifiers’, which suggests that IP addresses and cookies may be considered personal data if they can be easily linked back to the person.

Enhanced rights

New rights and the enhancement of existing rights will require some businesses to improve the way their data is stored and managed. These rights include:

  • Data portability – Business must ensure that individuals can have easy access to their personal data in case they want to transfer their data to other systems.
  • Strengthening subject access rights – Individuals can now request access to their data for no cost and it must be responded to within 30 days (this is a change from the current legislation which requires a £10 fee and there is 40 days to respond).
  • Right to be forgotten – Individuals can request that an organisation delete all the information they hold on them (although this would not apply if there was a valid reason to hold that data).
  • Right to object to processing – Individuals have the right to object to the way an organisation is processing their data.
  • Right to restrict processing – Individuals have the right to request that the processing of personal data is temporarily stopped. This may be invoked whilst a right to object request is being investigated.

Personal data breach

Businesses have an obligation to report breaches to their national regulator, such as the Information Commissioners Office (ICO) in England.  The GDPR requires that notice must be provided “without undue delay and, where feasible, not later than 72 hours after having become aware of it.” This may be challenging for some businesses, particularly if the incident is discovered at the end of the working week.

Failure to comply with GDPR

The regulation introduces two levels of fines. Less serious offences under the regulation will be liable for a fine of up to €10,000,000 or 2% of global turnover – depending on which is highest. However, for more serious breaches, such as a breach of an individual’s rights or a breach during international transfers, a business may be held liable for up to €20,000,000 or 4% of global turnover.

In addition, individuals are also given the right of redress, and those who have had their rights violated may seek to receive compensation. This has led digital marketers to suggest that GDPR could be the next PPI – a practice where insurance was mis-sold to customers, which resulted in a large number of successful claims against financial institutions.

Privacy by design

Technology businesses should also consider data protection at the initial design stage of product development. This could involve adopting technical measures such as pseudonymisation – the technique of processing personal data in such a way that it can no longer identify a particular person. Additional measures, such as policies and programmes, would also show a national regulator’s commitment to compliance with the GDPR.

European Data Protection Board (EDPB)

A new body has been created to issue opinions and to arbitrate between disputes that arise with national regulators.  The board will be made up of heads of national regulatory bodies (or their representatives) and the European Data Protection Supervisor (EDPS), who govern the data processing activities of EU institutions. The opinions expressed by this board may have important implications for data protection legislation.

Impact of Brexit

Evidence suggests some businesses may be delaying taking action until they see the results of the Brexit negotiations. This possibly explains the research by cloud security firm, Netskope, which found that 63% of UK workers have never heard of the GDPR. Similarly, research by Veritas Technologies, a leading information management firm, has found that 54% of organisations have not ensured they will comply with the new GDPR.

However, it would be very surprising if the UK did not ‘mirror’ the protections offered by the regulation, particularly considering the UK’s significant input to the new legislation. Digital minister Matt Hancock has also confirmed that the UK government intends to fully implement the GDPR.

Final thoughts

If businesses already have policy and procedures in place to meet the requirements of the Data Protection Act, then they should have a solid foundation to comply with the GDPR. In many ways, the new regulation simply provides a clear framework for delivering good practice in data protection.

However, all businesses will need to take action to ensure compliance with the GDPR. Otherwise, the financial penalties (as well as reputational damage) of a breach could have serious consequences for their business. And this is not just an IT issue. The whole organisation, starting from board level, must show a willingness to understand the legislation and implement procedures that protect the fundamental rights of individuals.


Follow us on Twitter to see what developments in public and social policy are interesting our research team. If you found this article interesting, you may also like to read our other data-related articles

From data to intelligence and improvement – what cutting edge councils are doing in the UK

Group of workers having a meeting

By Steven McGinty

Data has the potential to revolutionise the delivery of local services. Just like the private sector – where organisations such as Amazon and Facebook have leveraged user data – local councils have the opportunity to reap significant benefits from analysing their vast silos of data. Improving efficiencies, increasing levels of transparency, and providing services which better meet people’s needs, are just some of the potential benefits.

Although many councils are still at the early stages of utilising their data, some are innovating and introducing successful data initiatives.

Wise Councils

In November 2016, the charity NESTA published a report highlighting the most ‘pioneering’ uses of data in local government. The report emphasised that most local services would benefit from data analysis and that a ‘problem-oriented’ approach is required to generate insights that have an impact on services. The case studies included:

Kent County Council

Kent County Council (KCC), alongside Kent’s seven Clinical Commissioning Groups (CCGs), have created the Kent Integrated Dataset (KID) – one of the largest health and care databases in the UK, covering the records of 1.5 million people. The core requirement of the dataset was to link data from multiple sources to a particular individual, i.e. that information held about a person in hospital, should also be linked to records held by other public bodies such as GPs or the police.

This integrated dataset has enabled the council to run sophisticated data analysis, helping them to evaluate the effectiveness of services and to inform decisions on where to locate services. For example, Kent’s Public Health team investigated the impact of home safety visits by Kent Fire and Rescue Service (KFRS) on attendances at accident and emergency services (A&E). The data suggested that home safety visits did not have a significant impact on an individual’s attendance at A&E.

Leeds City Council

Leeds City Council have focused their efforts on supporting open innovation – the concept that good ideas may come from outside an organisation. This involved the initiatives:

  • Data Mill North (DMN) – this collaborative project between the city council and private sector is the city’s open data portal (growing from 50 datasets in 2014 to over 300 data sets, in over 40 different organisations). To encourage a culture change, Leeds City Council introduced an ‘open by default’ policy in November 2015, requiring all employees to make data available to the public. A number of products have been developed from data published on DMN, including StreetWise.life, which provides local information online, such as hospital locations, road accidents, and incidents of crime.
  • Innovation Labs – the city has introduced a series of events that bring together local developers and ‘civic enthusiasts’ to tackle public policy problems. Leeds City Council has also provided funding, allowing some ideas to be developed into prototypes. For example, the waste innovation lab created the app, Leeds Bins, which informs residents which days their bins should be put out for collection.

Newcastle City Council

Newcastle City Council have taken a data-led approach to the redesign of their children’s services. The Family Insights Programme (FIP) used data analysis to better understand the demand and expenditure patterns in the children’s social care system. Its aim was to use this insight to support the redesign of services and to reduce the city’s high re-referrals and the number of children becoming looked-after.

The FIP uses data in three different ways:

  • Grouping families by need – The council have undertaken cluster analysis to identify common grouping of concerning behaviours, such as a child’s challenging behaviour or risk of physical abuse. When a child is referred to long term social work, senior social workers analyse the concerning behaviours of the case, and then make a referral to a specialist social work unit. Since introducing this data-led approach, social work units have been organised based on needs and concerning behaviours. This has resulted in social workers becoming specialists in supporting particular needs and behaviours, providing greater expertise in the management of cases.
  • Embedding data analysts – Each social work unit has an embedded data analyst, who works alongside social workers. Their role is to test what works, as well as providing insights into common patterns for families.
  • Enabling intelligent case management – Social workers have access to ChildSat, a tool which social workers use to help manage their cases. It also has the capability to monitor the performance of individual social work units.

Investing in data

Tom Symons, principal researcher in government innovation at Nesta, has suggested that councils need support from central government if they are to accelerate their use of data. He’s suggested that £4 million – just £1% of the Government Digital Service (GDS) budget – is spent on pilot schemes to embed data specialists into councils.

Mr Symons has also proposed that all combined authorities should develop Offices of Data Analytics, to support data analysis across counties. Over the past few months, Nesta has been working on this idea with the Greater London Authority, and a number of London boroughs, to tackle the problem of unlicensed HMOs (Houses in Multiple Occupation). Early insights highlight that data analytics could be used to show that new services would provide value for money.

Final thoughts  

After successive years of cuts, there has never been a greater need for adopting a data-led approach. Although there are undoubtedly challenges in using council data – including changing a culture where data sharing is not the norm, and data protection – the above examples highlight that overcoming these challenges is achievable, and that data analysis can be used to bring benefits to local councils.


Follow us on Twitter to see what developments in public and social policy are interesting our research team. If you found this article interesting, you may also like to read our other digital articles. 

Future City Glasgow: successes, challenges and legacy

By Steven McGinty

In 2013, Glasgow City Council won £24 million worth of funding from Innovate UK (formerly the Technology Strategy Board) that would see the city become a ‘living lab’ for smart city projects.

Although Glasgow has been more synonymous with low life expectancies (the so called ‘Glasgow Effect’) and urban deprivation, the funding was intended to transform Glasgow into a world leading smart city, with the technologies piloted by Glasgow eventually being used in other cities.

The projects proposed by Glasgow City Council were designed to explore innovative ways to use technology and data to make the city ‘safer, smarter and more sustainable’.

However, three years on, with the majority of the work complete, has the programme been a success?

Managing a future city

From the beginning, Future City Glasgow set out an ambitious programme for change. However, it wasn’t just the experimental nature of the technologies or implementing them in such a short space of time which caused challenges. The programme also had an important role to play in the security of the 2014 Commonwealth Games – a major international event for the city.

Just under half of the programme’s funding was spent on a new state-of-the-art Operations Centre,  integrating traffic and public safety management systems, and bringing together public space CCTV, security for the city council’s museums and art galleries, traffic management and police intelligence.

Although this has required significant investment, the centre has enabled Glasgow to take a ‘proactive’ approach to traffic management and public safety. Video analytics tools, for example, provide operation centre operators with better information to help respond to emerging events. And traffic operators have control over the city’s signalling, allowing them to prioritise late-running public transport. CCTV cameras have also been upgraded to full HD, providing better images for operators and an important source of evidence for Police Scotland.

Demonstrator projects

A major part of Future City Glasgow’s work has been introducing a number of demonstrator projects. According to Gary Walker, programme director at Future City Glasgow, these focus on four main themes: energy; active travel (encouraging people to walk and cycle); public safety; and transport. Some of the most notable projects, include:

  • Intelligent street lighting – the Riverside Walkway has lighting which switches on when people walk by, and Gordon Street has lighting which provides real time data on noise levels, footfall, and air pollution.
  • Sensor technology in retrofitting – low cost sensors (the BuildAx and the Eltek GC-05) have been deployed in buildings throughout Glasgow to evaluate the impact of insulation projects.
  • The Glasgow Cycling App – an easy to use platform has been created to encourage cyclists to share their experiences of cycling and to generate data that could help citizens plan journeys or highlight areas the council should target for improvement.

The challenge of data

Much of Future City Glasgow has been underpinned by data sharing – including traffic data gathered by the Operations Centre and citizen-generated data from the Glasgow Cycling App.

However, ‘freeing’ this data proved challenging, as sharing data went against the traditional working culture of local government. As Gary Walker explained to the Guardian newspaper:

“Change can be challenging – especially when you are driving something that appears to contradict everything you’ve had drummed into you for years. Initially, organisations were nervous when we asked them to release their data because people know they must protect it. But once they realised that we were not asking for sensitive or personal data they began to relax a little and appreciate the value in creating a data hub.”

After some awareness raising and reassurance, the Glasgow Data Launchpad, a publicly available repository for the city’s data, now has over 400 datasets from 60 organisations, including Glasgow City Council, Glasgow Life (which delivers cultural, sporting and learning activities on behalf of Glasgow City Council), and the Department for Work and Pensions (DWP).

Looking to the future

As Gary Walker noted at a recent Smart Cities event, Future City Glasgow has received a lot of international interest. The programme has also won a number of awards, including:

  • Winner – Geospatial World Excellence Awards 2015
  • Winner – NextGen Digital Challenge (Digital Innovation) 2015
  • Winner – Holyrood Connect ICT (Innovation) 2015

However, it’s important that the city doesn’t become complacent and continues to progress with smart city initiatives. Alan Robertson, in an article for Holyrood magazine, suggests that financial pressures facing local councils may put initiatives in jeopardy. For instance, he highlights that Glasgow City Council leader Frank McAveety has warned that the city faces “impossible budget cuts”.

There are, however, some positive signs that work will continue. Last year, the Scottish Government introduced Smart Cities Scotland, a new programme which aims to make Scotland’s cities more efficient and greener, and more attractive to potential investors. The programme received £10 million in European funding and will involve a collaboration between Scotland’s seven cities and the Scottish Government.

Final thoughts

Future City Glasgow has had many successes since it was launched three years ago. Although Smart Cities Scotland promises less funding, Future Cities Glasgow has provided the smart city infrastructure capable of supporting new projects.

In terms of driving growth, it will also be interesting to see how Glasgow City Council responds to new forces within future cities, including disruptive business models and technologies, such as controversial tech companies Uber and Airbnb.


Follow us on Twitter to see what developments in public and social policy are interesting our research team. If you found this article interesting, you may also like to read our other smart cities articles. 

Counting the cost of data protection failures in local government

A laptop keyboard with a padlock on it.

By Steven McGinty

In August, Hampshire County Council were fined £100,000 by the Information Commissioner’s Office (ICO) after social care files and 45 bags of confidential waste were found in a building, previously occupied by the council’s adults’ and children’s services team.

Steve Eckersley, the ICO’s head of enforcement, explained that this data protection breach affected over 100 people, with much of the information “highly sensitive” and about adults and children in vulnerable circumstances.  In his view:

“The council’s failure to look after this information was irresponsible. It not only broke the law, but put vulnerable people at risk.”

A widespread problem

In 2015, Big Brother Watch, an organisation which encourages more control over personal data, published a report highlighting that local authorities commit four data breaches every day. It found that between April 2011 and April 2014 there were at least 4,236 data breaches. This included, at least:

  • 401 instances of data loss or theft
  • 159 examples of data being shared with a third party
  • 99 cases of unauthorised people accessing or disclosing data
  • 658 instances of children’s personal data being breached

In the past year, local authorities have reported a 14% increase from the previous year in security breaches to the ICO. The figures show that 64% of all reported breaches involved accidentally disclosing data. This supports research which suggests that human error is a major cause of data protection breaches.

These statistics are both positive and negative for the ICO. Peter Woollacott, CEO of Huntsman Security, suggests that it could show that local government is becoming better at identifying security breaches. However, he also acknowledges that most organisations are subject to multiple attacks, with only some being detected.

Areas for improvement

In 2014, the ICO conducted nine advisory visits and four audits of social housing organisations. It found that improvements could be made in ten areas, including:

  • Data sharing – organisations regularly share personal data but few have formal policies and procedures to govern this sharing.
  • Data retention – few organisations have data retention schedules for personal data, which provide details on when records should be disposed of, although most only extend to physical records. Data protection legislation sets out that data must not be stored for ‘longer than necessary’.
  • Monitoring – there is little evidence that organisations monitor their compliance with data protection policies.
  • Homeworking – where organisations allow staff to work flexibly, it often wasn’t formalised.
  • Training – there are varying levels of data protection training found in organisations.

Public confidence

Unsurprisingly, high-profile data breaches, such as the loss of 25,000,000 child benefit claimants’ details in the post by HM Revenue and Customs (HMRC), have left the public concerned about their data.

In October, a YouGov poll showed that 57% of people believed that government departments could not share personal data securely. And 78% of people didn’t believe or didn’t know whether the government had the resources and technology to stop cyber-attacks.

A poll by Ipsos Mori has also shown that 60% of the public are more concerned about online privacy than a year ago. The three main reasons given were: private companies sharing data; private companies tracking data; and the reporting of government surveillance programmes.

The cost of data protection failures   

The implications of failing to protect the public’s data are serious. Not only could local government be heavily fined by the ICO, but it could also have an emotional or economic impact on individuals if their data enters the wrong hands and is used maliciously (e.g. to commit an act of fraud).  However, there are wider issues for government.

At the moment, both local and central government are undergoing digital transformation programmes, digitising their own operations and moving public services online. Examples include social workers using electronic social care records and the public paying council tax or booking appointments through their local council’s website.

If the public buy into ‘digital by default’ (the policy of ensuring online is the most convenient way of interacting with government), then services could be delivered a lot more efficiently, resulting in significant savings. However, if the public are concerned over the security of their personal data, they may be less willing to consent to its use by government.

We’ve already seen this in some areas. In 2014, the Scottish Government announced plans to expand an NHS register to cover all residents and share access with more than 100 public bodies, including HMRC. This year, the Scottish Government attempted to bring into effect the ‘Named Person Scheme’, where every child in Scotland would be assigned a state guardian, such as a teacher or health visitor.

With both of these schemes concerns have been raised over privacy, including from the ICO in Scotland. The Supreme Court has also ruled against the Named Person Scheme, over the data sharing proposals.

Final thoughts

Local government needs to be robust in ensuring compliance with data protection legislation. The financial costs could be great for local government, but the bigger concern should be public trust. If councils fail to meet their legal obligations, they may find it challenging to implement policies that use public data, even if it brings the public benefits.


Follow us on Twitter to see what developments in public and social policy are interesting our research team. If you found this article interesting, you may also like to read our other data related articles. 

Bristol is Open: case study of an innovative smart city

By Steven McGinty

In May, ‘Bristol is Open’ was named as a leading smart city, just behind London, in Huawei UK’s Smart Cities Index. In the same month, Bristol is Open was also announced as Smart City Innovator of the Year by TM Forum’s Digital World Awards.

Bristol is Open

The project is a joint venture between the University of Bristol and Bristol City Council. Several other partners are involved, including national and European governments and commercial organisations, such as Japanese technology firm NEC. This collaborative project will act as a ‘laboratory’ for research and development initiatives and will help shape the development of smart cities and the ‘internet of things’.

Paul Wilson, Managing Director of Bristol Is Open, explains what’s so innovative about the project:

We use a software-defined network (SDN) to run the city in Bristol and then we apply network functions virtualization (NFV) into that network, which is allowing us to have an elastic and scalable network that we can slice to thousands of different users.”

In simple terms, the city is in the process of creating a world leading digital infrastructure. This includes: 144 core fibres in the ground; a mile-long stretch of wireless connectivity along the harbourside, which will include experimental wireless technology such as 5G mobile broadband; and a selection of internet of things sensors and technologies, including 1,500 lampposts. All of which, will be interconnected and controlled by software.

A key advantage of this new model is the ability to splice up the network for different users. This provides the opportunity for new partners to become involved, including community organisations and small start-up companies. Professor Dimitra Simeonidou, Project Lead and Chief Technology Officer at Bristol is Open, also explains that the network is “open, agnostic and programmable”, ready to be adopted for the technologies of the future.

Interestingly, the core fibres were installed in a network of redundant ducts purchased by the council over ten years ago. Previously, they had provided cable television to homes in Bristol in the 1970s.

The Data Dome

Last November, the project launched ‘The Data Dome’ at Bristol’s Planetarium.

The 98-seat Bristol Data Dome is connected to a high-performance computer at the University of Bristol (via a 30Gb/s fibre link). The Data Dome, supported by the network and high-speed computer, provides an opportunity to visualise complex experiments, create virtual reality environments and give audience members their own unique perspective.

The dome has been used to show content from earth sciences, as well as real time sociological mapping in cities. Engineers, at corporate sponsor Rolls Royce, have also used the Dome to visualise engines and to inspire young people about engineering.

‘No grand visions’

In a recent TED talk, Stephen Hilton, Leader of Bristol City Council’s Futures Group, states that ‘he doesn’t like to spout grand visions’.  Instead, he explains that the Bristol is Open team prefers to focus on tangible targets and introduce measures that lay the groundwork for smart cities.

He highlights that the project aims to:

  • reduce carbon emissions by 40% by 2020;
  • create 95,000 new jobs, particularly in high growth sectors such as the creative industries and green technology;
  • have Bristol recognised among the top 20 European cities by 2020.

 Smart Cities Index

Huawei’s Smart Cities Index highlights five important themes for creating successful smart city programmes. These include:

  • the importance of leadership and vision
  • a need to focus on local priorities and strengths
  • the importance of engagement with local communities
  • building local partnerships
  • understanding the way in which the data revolution can improve services and boost innovation

Privacy

George Ferguson, former Mayor of Bristol, recognised the challenges surrounding data privacy. He acknowledged that privacy can lead to heated debate and advised that cities should help shape the debate, rather than leave it to technology companies. For him, understanding how citizens want their data to be used is an important part of the Bristol is Open project.

However, this may not satisfy those concerned about lampposts with “acoustic detection sensors” capable of recording noise levels, possibly speech.

Final thoughts

Bristol’s commitment to becoming a truly smart city has led to its award winning status. In the future, it will be interesting to see if it’s ambitious, yet pragmatic, approach will help to address some of the city’s key challenges, such as reducing carbon emissions. More importantly, it will be interesting to see whether the lessons learnt in Bristol, will be introduced in other cities, and whether we move away from the idea of smart cities to a ‘smart nation.’


Follow us on Twitter to see what developments in public and social policy are interesting our research team. If you found this article interesting, you may also like to read our other digital articles. 

Digital Economy Bill – the impact of Brexit

By Steven McGinty

On the 18th March, the Queen’s Speech set out the government’s legislative programme for the year ahead. This included the Digital Economy Bill, a piece of legislation which aims to ensure the UK is a world leader in digital provision.

However, as former British Prime Minister Harold Wilson once said ‘a week is a long time in politics’. The UK has unexpectedly voted to leave the European Union (EU). The Prime Minister has stood down, leaving a leadership contest in the Conservative Party. And many are uncertain about the future direction of the country.

In this article, I’ll outline the Digital Economy Bill, highlight some of the early commentary, as well as comment on the new political landscape the Bill now finds itself in.

Digital Economy Bill

The Digital Economy Bill focuses on five main areas. These include:

Fast broadband

The Bill introduces a ‘Broadband Universal Service Obligation’, providing all citizens and businesses with the legal right to have a fast broadband connection installed (of at least 10Mbps initially). This is similar to the telephone landline obligation which currently exists.

There is also an emphasis on cutting the costs and improving the processes for building broadband infrastructure. However, at this stage, there is very little detail on how this might be achieved, apart from introducing a new Electronic Communication Code and making changes to the planning system.

Consumers

New powers will be given to Ofcom, the UK communications regulator, which will enable them to request data, such as broadband speeds data, which will help consumers in choosing a provider. The Bill also attempts to make it easier for consumers to switch provider and to receive compensation when things go wrong.

Data sharing

Public bodies will be given powers to share information in an effort to combat fraud, which costs the country billions every year. For example, the cost of tax fraud was estimated to be £15 billion in 2011. Other notable measures include encouraging the use of data to provide better public services and identifying and helping people with debts at an earlier stage.

Intellectual property rights

The new Bill recognises that it’s important to support digital industries by addressing the difference in online/offline copyright laws. In addition, the process of registering copyright should be easier and cheaper.

Unsolicited Marketing

Consumers will be given further protection against spam emails and nuisance calls.

Early commentary  

TechUK, industry body for the digital sector, has welcomed the new Bill, highlighting that if implementation is successful, the measures will play an important role in growing the UK’s digital economy. They do, however, note the need for careful consideration when making changes to the planning system and the Electronic Communication Code, alongside stressing the need to ensure changes to copyright law are technically feasible.

Geoff French, chairman of the Enterprise M3 Local Economic Partnership, has also welcomed the advantages the new Bill could bring to business. He highlights that there are still too many urban and rural areas that have low broadband speeds, affecting the growth of the digital economy, as well as the innovation, productivity and competitiveness of the wider economy.

Brendan O’Reilly, Chief Technology Officer at O2 UK, suggests that the planning system needs to be streamlined to allow the expansion of the network. He explains that the process of deploying a mast can take up to three years from start to finish. To emphasis his point, he contrasts the situation in the UK with that in South Korea, where three months to deployment of a mast is considered a long time. And although the new Bill may provide for this change, he highlights the need for collaboration between government and industry, and to think more of ‘UK plc’.

Landowners, however, have been less positive about the new Bill. Under new proposals, landowners would receive ‘compensation’ for masts located on their property; as opposed to the current system where they receive ‘market rate’. As Strutt & Parker telecoms specialist Robert Paul explains, this could mean landowners who used to receive £7,000-£8,000/year, would instead receive £200-£300/year, if classed as compensation. Mr Paul suggests that this could result in landowners taking their case to tribunals, with the result being expensive and time consuming legal challenges to the deployment of masts.

The elephant in the room – Techxit?  

Before the referendum result was announced, Ed Vaizey, UK digital economy minister, stated that there would be a ‘significant economic impact’ if we voted to leave the EU, with uncertainty affecting investment decisions in the UK.

Although it’s too soon to comment on whether this is the case, there has been some notable reaction since the UK voted to leave the EU. Firstly, Ed Vaizey has stated that progressing the Digital Economy Bill will not be delayed as a consequence of the result. However, unconfirmed reports (reported in the media) have suggested that the Bill may have to have its contents altered.

The Economist Intelligence Unit reports that the telecoms industry has been negatively affected by the result, with revenue forecasts being reduced from 29% to 23% by 2020. They highlight, though, that the Digital Economy Bill is still likely to contain regulation that supports increased investment, and that Brexit may even lead to a more favourable investment environment. Yet, the EIU also notes that other broadband targets, such as the elimination of rural ‘not-spots’ may be deemed less important.

At the moment, the reforms in the Digital Economy Bill are still on the agenda. But it’s not clear how future changes will affect its progress. For instance, issues such as the free movement of skilled professionals, the UK’s position in the single market, and the impact on investment for start-ups are all sources of uncertainty.

The Knowledge Exchange will monitor the Bill’s progress as it receives parliamentary scrutiny.


The Digital Economy Bill was introduced into Parliament on 5 July 2016.

Follow us on Twitter to see what developments in public and social policy are interesting our research team. If you found this article interesting, you may also like to read:

Delivering digital differently: how should we provide public services in the future?

 

By Steven McGinty

On April 21st, Socitm (the Society of Information Technology Management) will be having their annual spring conference. This year, the agenda reflects the challenges facing technology leaders, who are under increasing pressure to radically transform services and deliver financial savings.

The event will open with a discussion on how digital technology should be used to provide the public services of the future. In anticipation of this, I thought I’d highlight some of the issues that may be discussed.

Open architecture and platforms

In 2012, the Government Digital Service (GDS), the body responsible for digital transformation in central government, launched GOV.UK. Within 15 months this project brought together over 300 government agency and arm’s length body websites into just one single platform. Similarly, they also introduced GOV.UK Verify, a platform rolled out across a number of departments, which allows citizens to prove who they are when using government services.

These platforms exemplify the UK Government’s new ambition for public services, i.e. that services should be simple, user-centric, and built on ‘a common core infrastructure of shared digital systems, technologies, and processes’. In theory, this should provide users with a seamless experience as they move between different government services. This approach has been referred to as ‘Government as a Platform’.

We have also seen examples of this approach adopted in local authorities. For instance, Manchester City Council’s award winning website clearly follows some of the GDS’ design principles.

Collaboration

Historically, the public sector has worked in silos, with individual departments and local authorities responsible for their own digital projects.

However, Matt Hancock, Minister for the Cabinet Office, appears keen on greater levels of collaboration, particularly with the private sector, as he believes this will lead to financial savings. For example, he highlights the joint-venture between the UK Government and Ark Data Centres to provide hosting services for the whole government. Previously, each government department would have had to agree their own bespoke contract. This joint-venture could potentially save the UK government £105 million.

Local councils have also shown a willingness to collaborate, with many joining together to sign shared information and communications technologies (ICT) service contracts with suppliers. Usually these councils are neighbours; however we’ve recently seen ‘pioneering agreements’ between councils from different regions in England. Like the hosting agreement, this collaborative approach is expected to provide better value for councils.

Data

Eddie Copeland, Director of Government Innovation at NESTA, has written widely on the need for the public sector to make better use of its data. Although this is certainly true, there have been some successful data projects, such as the London Datastore, a free and open data-sharing portal for Greater London.

Eddie Copeland has proposed that London, as well as other devolved regions, should introduce a New York style ‘Office of Analytics’. This would be led by a Chief Data Officer who would have overall responsibility for managing and coordinating data projects. He suggests that having a central office to manage data could help UK cities in a number of areas, including increasing business growth, identifying illegal housing, and predicting possible fraud.

The Greater Manchester Combined Authority (GMCA) has also announced plans to introduce a data service called GM-Connect. The service’s main purpose will be to help break down the barriers that prevent public services sharing information.

User-led approach

There is now a recognition that public services should be determined, not by the organisational and legal constraints of government departments, but by the needs of citizens. For instance, in a podcast in 2012, Mike Bracken, former head of the GDS, stated that “everything we do is based on users and user-testing.”

In the US, the city of Oakland has introduced an innovative pilot programme that assigns an ‘MVP’ (most valuable player), whose sole responsibility is to ensure that digital initiatives consider how users, outside of city hall, approach finding new services. In addition, it also uses surveys to understand how services are used, digital dashboards that display current activity on the city website, and virtual town halls, which provide an opportunity to receive direct feedback.

Multi-channel, cross platform

As technology has changed, citizens are now expecting to access public services via a range of devices, including smartphones and tablet computers. There is also the expectation that government services are able to match the experiences provided by private sector organisations such as Facebook and Google. Social media has also become so pervasive that some organisations receive more visits to their social media pages than their main websites. Public services, therefore, need to be optimised for mobility, as well as providing a consistent multi-channel service.

Conclusion

At the moment, public sector organisations are using digital technology to improve public services. However, if they are to make the savings highlighted by last year’s Spending Review, they will need to refocus their efforts on digital initiatives.

The public services of the future will need to:

  • be based on a common set of shared platforms, processes and technologies
  • involve a number of stakeholders working together (whether private or public sector)
  • focus on the needs of users
  • harness data to provide targeted interventions and optimise services
  • be optimised for mobility
  • provide a consistent multi-channel experience.

Follow us on Twitter to see what developments in public and social policy are interesting our research team.

Top 5 trends for public sector technology

The Word 'Digital' on metal

Image from Flickr user Ged Carroll via Creative Commons

By Steven McGinty

At the Idox Information Service, we like to keep up to date with the latest developments in public sector technology. Whether it’s what new digital services are on the market or which direction the government is heading in, we like to monitor everything that could potentially have an impact on our customers, as well as, of course, ourselves.

With the pace of change though, sometimes it’s a good idea to stand still and reflect. Therefore, we’ve decided to sit down, analyse the trends of the day, and produce our very own list of top 5 public sector tech trends.

Here’s what we’ve come up with:

Government as a platform

The recent election win by the Conservatives provides a certain level of continuity for the Government Digital Service (GDS). Over recent years they have been heavily involved in the implementation of ‘government as a platform’. They describe it as:

“a common core infrastructure of shared digital systems, technology and processes on which it’s easy to build brilliant, user-centric government services”.

The most high profile example of the government as a platform approach is the GOV.UK website. In 15 months the government has shifted from having over 300 government agency and arm’s length body websites to having information delivered through just one single website.

The GDS has also introduced GOV.UK Verify, a platform that allows citizens to prove who they are when using government services. At the moment, several government departments have signed up, including HM Revenue and Customs (HMRC), the Department for Environment, Food & Rural Affairs (DEFRA) and Department for Business, Innovation & Skills (BIS).

It is likely that government as a platform will continue, with new government departments and agencies moving onto GOV.UK and GOV.UK Verify. The Chancellor, George Osborne, also announced a greater role for the GDS in working with local government. The result could be a greater use of government as a platform principles in local government.

Government austerity

The issue of tackling the budget deficit was a major theme of the last election. It’s widely accepted that savings will have to be made if the government is to reach its goal of running a surplus by the end of the parliament.  The Local Government Association highlight that local authorities may be particularly affected, estimating cuts of approximately 9% next year. Although it will be interesting to see if a recent warning against further cuts, which has come from Conservative Councillors, will make a difference.

Either way, this will have an impact for technology. It could mean that councils will be looking to find technical solutions to create efficiency savings. We have also seen local authorities working more closely together and sharing services in order to drive down costs.

Data driven decisions (analytics)

The public sector has been using data collected from a variety of channels to provide more efficient and effective public services. Government services are being moved online and users are being encouraged to make this their first port of call.

For instance, Essex County Council has been using analytical and diagnostic methods from the commercial sector to map the ‘customer journey’. They applied this approach to the booking of Adult Learning courses, which requires customers to interact with a number of systems.

‘Open government’

In January, the Speaker’s Digital Democracy Commission published a report on how technology can be used to improve democracy in the UK. Some of the main proposals include:

  • Ensuring that Parliament is fully interactive and digital by 2020;
  • Introducing secure online voting for citizens by 2020;
  • Making sure that published information is freely available in formats suitable for re-use;
  • Using new technologies and social media to help explain the role of the Houses of Commons and increase public engagement.

Health and social care

Health and social care is a key area for technology. The policy of health and social care integration means that technical solutions are required to manage and share information.  Although this has been an issue for decades, the demand for greater savings has meant that this has become a real issue. It will also be necessary to meet new legislative requirements, such as the reporting requirements introduced through the Care Act.


Further Reading:

We regularly write about public sector technology, and how technology based solutions can help drive improvements in public sector service delivery. Other recent blogs include:

What’s happening to make big data use a reality in health and social care?

data-stream-shutterstock_croppedBy Steven McGinty

At the beginning of the year, NHS Director Tim Kelsey described the adoption of new technologies in the NHS as a ‘moral obligation’. He argued that the gaps in knowledge are so wide and so dangerous that they were putting lives at stake.  It’s therefore no surprise that the UK Government, the NHS, and local governments have all been looking at ways to better understand the health and social care environment.

The effective use of ‘big data’ techniques is said to be key to this understanding. Big data has many definitions but industry analysts Gartner define it as:

“high-volume, high-velocity and high-variety information assets that demand cost-effective, innovative forms of information processing for enhanced insight and decision making”

However, if health and social care is to make better use of its data, it’s important that an effective infrastructure is in place. As a result, changes have been made to legislation and a number of initiatives introduced.

Why is it important to know about big data in health and social care?

The effective use of data in health and social care is a key policy aim of the current government (and will most likely continue under future governments).  The changes that have been made so far have had a significant impact on the policies and practices of health and social care organisations. The vast majority focus on information sharing, in particular how organisations share data and who they share data with.

What changes have been made to support big data?

Care.data

This was the most ambitious programme introduced by NHS England. It was developed by the Social Care Information Centre (HSCIC) and set out to link the medical records of GP practices with hospitals at a national level. It was expected that datasets from GPs’ records and hospital records would be linked using an identifier such as an NHS number or a person’s date of birth. However, due to concerns raised by the public, particularly in regards to privacy, the programme was delayed. The programme has now resumed but new safeguards have been introduced, such as the commissioning of an advisory board and the ‘opt out’ provision, where patients can opt out from having their data used for anything other than their direct care.

The Health and Social Care Act 2012 and the Care Act 2014

The Acts have both introduced provisions that impact on data. For instance, the Health and Social Care Act enshrines in law the ability of the Health and Social Care Information Centre (HSCIC) to collect and process confidential personal data. In addition, the Care Act clarifies the position of the Health and Social Care Act by ensuring that the HSCIC doesn’t distribute data unless it’s part of the provision of health and social care or the promotion of health.

Centre of Excellence for Information Sharing

This initiative came from the ‘Improving Information Sharing and Management (IISaM) project’, a joint initiative between Bradford Metropolitan District Council, Leicestershire County Council and the 10 local authorities in Greater Manchester. The centre has been set up to help understand the barriers to information sharing and influence national policy. They hope to achieve these goals through the use of case studies, blogs, the development of toolkits, and any other forms of shared learning. The centre has already published some interesting case studies including the Hampshire Health Record (HHR) and Leicestershire County Council’s Children and Young People’s Service (CYPS) approach to communicating how they deal with data.

These are just some of the steps that have been taken to make sure 2015 is the year of big data. However, if real progress is to be made it’s going to require more than top down leadership and headline grabbing statements. It’s going to require all health and social care organisations to take responsibility and work through their barriers to information sharing.


Further reading

Read our other recent blogs on health and social care:

Become a member of the Idox Information Service now, to access a wealth of further information on health and social care including best practice and commentary. Contact us for more details.

What’s preventing health and social care from going digital?

Two women using a tablet computer.

Image by Innovate 360. Licensed for reuse under Creative Commons.

By Steven McGinty

In the first of two articles focusing on technology in health and social care, I will be looking at some of the barriers organisations face in adopting digital technologies. Financial pressures such as the reduction in public spending, as well as an ageing society, mean that health and social care will be expected to meet greater levels of demand with fewer resources.

The UK Government believes that the implementation of technology is the solution to helping the health and social care system become more efficient and more effective at delivering patient care. However, before health and social care can reap the benefits of technology, a number of barriers have to be broken down.

Information sharing challenges

Integration has been a main focus of health and social care in England, as well as the devolved administrations. If integration is to work successfully, different organisations must be able to share data securely. At the moment, data is recorded in a variety of ways across a number of different IT systems. We also have a situation where the main method for sharing data securely in local authorities, the Public Services Network (PSN), is not fully integrated with either the NHS in Scotland or England. Eddie Copeland, of the Policy Exchange, suggests that full integration of the NHS with the PSN should be seen as a priority.

Financial costs

The financial costs of rolling out new technology within an organisation can be significant. These costs can include the procurement of hardware and software, internet connections, and the training of staff. For organisations which are undergoing major budgets cuts, it may seem very difficult to justify the investment in technologies, even if there is the potential for savings in the future.

Management issues

The importance of technology in organisations can be underestimated by decision-makers. For example, according to Martin Ferguson, Director of the Society of IT Management (Socitm), the ICT challenges involved in introducing the new Care Act in England are not being given enough priority. He highlights that if organisations are unable to share information safely by April 2015, they risk failing to comply with new reporting regulations.

Local authorities can also have policies that restrict the use of technology. A recent Skills for Care report into the digital capabilities of social care found that local authorities are still wary of certain technologies, including cloud based systems, which can offer low-cost solutions, and social media, which can lead to savings for local authorities if used correctly.

The health and social care workforce

The Skills for Care report highlights that over 95% of staff feel they are confident in basic online skills. However less than a quarter of managers believe that they have staff with enough skills to make use of digital technology. This mismatch means that managers may be hesitant to introduce new technologies over fears that staff may have difficulties in using the technology, as well as the costs associated with staff training.

There is also a suggestion that social care staff may be resistant to the introduction of new technologies, due to concerns that introducing technology may over-complicate things and move the focus away from the patient. As we noted in a recent article on digital services within government, a key part of introducing any new technology is changing the mindset of staff and having effective leadership in place to champion it.

These are just some of the challenges associated with introducing digital technologies into health and social care. In a future article, we will look more at how technologies can be used within health and social care and the benefits they can bring to organisations. We also look at a case study of an innovative technology partnership between Calderdale Council and Idox, which is addressing the shared services agenda in social care.


Further reading: