GOVERNMENT INFORMATION SHARING - SEARCH - Volume 2 - Government.pdf · GOVERNMENT INFORMATION...

C A L L S T O A C T I O N

GOVERNMENT INFORMATION SHARING :

National Association of State Chief Information Officers

PP EE RR SS PP EE CC TT II VV EE SS

VOL 2: GOVERNMENT

PERSPECTIVES

Government Information

Sharing: Calls to Action

Volume 2: GOVERNMENT

March 2005

Representing Cheif InformationOfficers of the States

2 GOVERNMENT INFORMATION SHARING: CALLS TO ACTION - GOVERNMENT PERSPECTIVES

This report and the NASCIO EnterpriseArchitecture Program are funded by a grantfrom the Bureau of Justice Assistance, Officeof Justice Programs, U.S. Department ofJustice.

The opinions, findings, conclusions, andrecommendations contained in this publi-cation are those of the contributors, and donot necessarily reflect the official positionsor policies of the Department of Justice.

NASCIO represents the state chief information officers from the 50states, six U.S. territories and the District of Columbia. Membersinclude cabinet and senior level state officials responsible for infor-mation resource management. Other IT officials participate asassociate members and private sector representatives may

become corporate members.

AMR Management Services provides NASCIO’s executive staff.

© Copyright National Association of State Chief Information Officers (NASCIO), March 2005.All rights reserved. This work cannot be published or otherwise distributed without theexpress written permission of NASCIO.

3GOVERNMENT INFORMATION SHARING: CALLS TO ACTION - GOVERNMENT PERSPECTIVES

table of contents

Introduction.............................................................................................................................................5Background............................................................................................................................................5A Changing World..................................................................................................................................6Enterprise Architecture Value Chain.......................................................................................................6Government Information Sharing: Calls to Action...................................................................................8

STATE GOVERNMENT PERSPECTIVE................................................................................................10Authoritative Sources and Identity Management..................................................................................10

Authoritative System of Record.......................................................................................................10Identity Management.......................................................................................................................11Data Classification...........................................................................................................................11Agency Interoperability....................................................................................................................12

Privacy, Politics, and Technology..........................................................................................................13Privacy.............................................................................................................................................13Politics.............................................................................................................................................13Technology......................................................................................................................................13

The Importance of Sponsorship, Business Knowledge, and Funding..................................................14Sponsorship.....................................................................................................................................14Business Knowledge.......................................................................................................................14Funding............................................................................................................................................14

Barriers to Information Sharing: Legislation, Funding, and Turf...........................................................16Barriers............................................................................................................................................16Incentives........................................................................................................................................16Key Elements...................................................................................................................................17

Maintain a Level Playing Field..............................................................................................................18

Human Services—A Comprehensive View...........................................................................................20Client Management System.............................................................................................................20A More Holistic View of Communities..............................................................................................21

Information Sharing Capability Assessment Tool.................................................................................22


PUBLIC HEALTH PERSPECTIVE.........................................................................................................23Developing an Enterprise View of Public Health Information Systems.................................................23

All Together Now..............................................................................................................................24Shared Understanding, Shared Architecture...................................................................................25Public Health Labs: Collaborating on a National Scale....................................................................25An Even Taller Order: Integrating Child Health Information Systems...............................................26Conclusion.......................................................................................................................................27

HOMELAND SECURITY PERSPECTIVE..............................................................................................28Information Sharing Perspectives from Homeland Security.................................................................28

Ten Barriers to Information Sharing......................................................................................................30

ENVIRONMENTAL PROTECTION PERSPECTIVES............................................................................35The Age of Information Sharing............................................................................................................35

National Environmental Information Exchange Network..................................................................36

TRANSPORTATION PERSPECTIVES..................................................................................................40Information Sharing Perspectives from a Transportation Agency.........................................................40

Enterprise Architecture and Data Sharing........................................................................................41Intelligent Transportation Systems and Information Sharing............................................................42Geographic Information Systems and Data Sharing........................................................................43American Association of State Highway and Transportation Officials (AASHTO) Software Development and Data Sharing........................................................................................43Enterprise Decision Support Data Warehouse and Data Sharing....................................................44

ECONOMIC DEVELOPMENT PERSPECTIVE......................................................................................45Developing a Regional Perspective.....................................................................................................45

Data Management...........................................................................................................................45Geographic Information Systems....................................................................................................47Data Survival...................................................................................................................................47

Conclusion: Making a Difference........................................................................................................49Calls to Action......................................................................................................................................49

APPENDIX.............................................................................................................................................50Acknowledgements..............................................................................................................................50Organizations of Interest......................................................................................................................55References...........................................................................................................................................63


introduction

Background

In 2000, NASCIO (formerly NASIRE, TheNational Association of State InformationResource Executives) published a report titled,"Toward National Sharing of GovernmentInformation." The report focused on the justicecommunity and provided detailed discussion ofthe characteristics of shared information, thedefinitions of significant information manage-ment issues and terms, and brought to lightimportant "calls to action" necessary to institutechange in information sharing. Among themany recommendations and topics coveredwas the need for common vocabularies and anational telecommunications infrastructure.

The report served as the impetus for major sub-sequent activities including the publishing of"Concept for Operations For Integrated JusticeInformation Sharing" in 2003. Another subse-quent activity was the development ofNASCIO's Enterprise Architecture Program.

The significance of "Toward National Sharing ofGovernment Information" cannot be overemphasized given the subsequent proliferationof products and services within NASCIO'sEnterprise Architecture Program.

In the fall of 2004, NASCIO's ArchitectureWorking Group decided that the report shouldbe revisited to assess progress to date, and thata new set of "calls to actions" be established.This follow-up report is just that. It takes a dif-ferent approach in that it covers a variety of linesof business and levels of government. Theintention here is to look at the current state ofinformation sharing, identify and discuss themajor issues and outline the "calls to action"required to move forward.

Doug ElkinsCo-ChairNASCIO Architecture Working GroupChief Information OfficerState of Arkansas

Larry JohnsonCo-ChairNASCIO Architecture Working GroupChief Information OfficerState of South Carolina


A Changing World

In today's world, managing change has becomethe most important dimension of management.Charles Kettering once stated, "If you havealways done it that way, it is probably wrong."Government must change in order to effectivelyrespond to the current dynamics in today'sworld. There must be an operating discipline inplace that both anticipates change and fullyleverages that change for the benefit of theenterprise, and its constituents. NASCIObelieves that operating discipline is enterprisearchitecture. Enterprise architecture providesan enterprise view—a comprehensive, holisticview of the enterprise that includes environmen-tal understanding, explicit strategic intent, andthe organization, business processes, and tech-nologies that enable that intent. Enablers arecapabilities that must be evaluated, and priori-

Observethe

ContextualEnvironment

Fiscal CircumstancesMacroeconomics

Customer ExpectationsCustomer Behavior

RegulationsNew Technology

CompetitionMandates

Observethe

Needor

Opportunity(Market)

SWOT AnalysisRisks AnalysisAssumptionsPolicies

StakeholdersSupply / Demand

EconomicsAccess

EnableStrategicBusiness

Intent

BusinessRelationships

ProcessesInformation

OrganizationsValue

ChainsManagement Initiatives

Balanced ScorecardGeospatial Capabilities

Capabilities

DetermineStrategicBusiness

Intent

MissionVision

GoalsObjectivesStrategies

Performance

Decisions

Figure 1

tized. Capabilities are delivered or further lever-aged through management initiatives, programsand projects.

Enterprise Architecture Value Chain

Enterprise architecture provides the means formanaging the complexities inherent in anyenterprise. Enterprise architecture also pro-vides the necessary operating discipline formanaging the changing enterprise. The enter-prise must be seen as an organism thatchanges and adapts—and even causeschange. However, change must be seen as acontinual process. NASCIO created theEnterprise Architecture Value Chain todescribe an ongoing, iterative operating disci-pline for managing the enterprise as a fluid that iscontinually changing through time. This holistic


view just described goes beyond the immediate.An enterprise perspective is needed that under-stands the importance and complexities of inter-enterprise relationships. Quickly, this enterpriseperspective looks beyond traditional boundariesand conceives of value chains that move acrossthese boundaries. These greater clusters ofenterprises may be termed communities of inter-est. Further inquiry uncovers that the borders ofthese communities of interest are also becomingfuzzy as the need for interaction becomes moreand more apparent. These interactions materi-alize into inter-enterprise architectures involvinginter-enterprise business processes and infor-mation exchanges. Information sharing and col-laboration between state governments for lawenforcement is an example.

Information exchanges, or information shar-ing—these are different terms referring to thesame concept. Others may use different terms.The point is that information is flowing morethan ever, and it is flowing over traditionalboundaries as decision makers become moreand more sophisticated in their understanding ofevents and the interactions of influences thatdrive primary, secondary and tertiary effects.This sharing has become complex as will bedescribed in this document. Changes includecross jurisdictional and cross line of businessinformation exchanges. Changes also includedelegated information exchanges to the com-puter involving machine-to-machine automatedexchanges. These machine-to-machineexchanges include the necessary logic toreview content for sensitive information andautomatically assign the proper security classifi-cation. These automated exchanges also eval-uate the requester to determine authority andauthenticity before allowing the exchange to

occur. Emerging technologies, such as ServiceOriented Architectures (SOA), enable the con-nectivity of various automated functions thatallow applications to trigger other applications.For example, this occurs when an applicationtriggers an identity management system toauthenticate an automated request for informa-tion from yet another application.

As we begin to look at information exchanges,we find there are new information exchanges asour culture sees more and more necessity andbenefit from sharing information. Nowhere isthe need for these types of exchanges moreapparent than in homeland security. Homelandsecurity touches any number of lines of busi-ness depending on the event. These includeintegrated justice, public health, environmentalprotection, national defense, internationalalliances, and even commerce. Certainly, itappears homeland security will be the primarydeveloper of information sharing capabilities aswe move into the future and an area that willbenefit most from an enterprise perspective.

In the recent Final Report of the NationalCommission on Terrorist Attacks Upon theUnited States1 the lack of information sharing isfrequently cited as a primary factor leading up to9/11, and the lack of comprehensive coordina-tion during 9/11. One of the key recommenda-tions going forward is the imperative for a unityof effort in information sharing both nationallyand internationally. Information sharing capabil-ities are absolutely necessary for intelligenceand justice agencies to be able to "connect thedots" in order to prevent future terrorist attacks.In the event of a future terrorist attack, informa-tion sharing is again one of the key imperativesfor responding to the aftermath.1 The recent

1 http://www.gpoaccess.gov/911/

http://www.gpoaccess.gov/911/


intelligence reform bill which implements recom-mendations from the 9/11 commission is repletewith requirements for information sharing.Information sharing is indeed one of the keycapabilities in transforming the intelligence com-munity.2 Other examples can be drawn frommedical records, hazard alerts, and integratedjustice. Again, the capability to share informa-tion is critical in all government lines of businessin government.

As stated, government is never done exercisingthe ongoing "Enterprise Architecture ValueChain." We must continually monitor the worldaround us as we identify needs and markets,anticipate market and political disruptions,establish explicit strategic intent, and deliver thecapabilities to enable that intent. As we moveinto the future, one of those capabilities is infor-mation sharing across jurisdictions, and acrosslines of business. As we explore this topic, weurge the reader to maintain an "enterprise per-spective" of the world. This perspective mayalso be termed a "global perspective." If infor-mation sharing as a necessary capability is tobe effectively developed, it will be necessary forall involved to maintain this "enterprise view" inorder to avoid point solutions, and stovepipedapplications.

Government Information Sharing:Calls to Action

"Calls to Action" seemed appropriate as thisreport and those who participated in its creationare convinced that all must participate in theoverall call to address this issue of information

sharing. This must truly be a mission in which weall participate. For as the reader will see, this isnot a technology problem—it is an organizationalproblem, and a human problem. It is critical thatbarriers to information sharing be understood inthis way if we are ever to truly conquer this issue.

If information is to be shared, there is the nec-essary establishment of standards for sharing.Exchange partners must agree on the contentof the information and the protocols for how thatinformation will be represented and transmitted.For instance, the justice community has facedthe issues of standards during a long history ofinformation sharing initiatives.

If information is to be shared, then the rules forsharing must be well understood by all involved,and those rules must be consistently and effec-tively applied.

If information is to be shared, then people mustbegin thinking with an enterprise view. They mustput the enterprise and its constituents ahead oftheir own career, and personal ambitions.

If information is to be shared, people mustaccept and embrace the changing of bound-aries, job scope, and business processes. Ifgovernment is to be truly transformed, than oldparadigms must be abandoned. There will needto be a new type of manager. One that adaptsroles and responsibilities to best serve thechanging needs and requirements of the citizen.Government must be seen as an institution forthe citizen, not for the career public administra-tor. The same change must occur with all gov-ernment personnel. Change should not bemerely tolerated. It should be embraced. What

2 S.2845, "Intelligence Reform and Terrorism Prevention Act of 2004." http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=108_cong_bills&docid=f:s2845enr.txt.pdf

http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=108_cong_bills&docid=f:s2845enr.txt.pdf


is proposed in that change in mindset is a viewof government service as a commitment to pub-lic service—i.e., one of high calling.

If information is to be shared, then it cannot bewithheld. This seems too obvious. The manydynamics involved in organizational behaviorbecome most relevant in this issue. Dynamicsinclude power, prestige, control, personal secu-rity, and even fear of change. Information that iswithheld will serve limited purpose in govern-ment. Notwithstanding this admonition, infor-mation must be properly protected and treatedas an asset.

If information is to be shared, it must be properlymanaged. This includes the appropriate securi-ty to ensure information assets are protected.However, properly managed information isshared with those who are authorized to use it.This requires that information is properly andconsistently classified. This also requires thatinformation stewards are properly trained. And,requesters of information are properly authenti-cated to have the proper authority, and thenecessary clearances to access information.

NASCIO is exploring the subject of informationsharing from this enterprise perspective. Aspart of this initiative, NASCIO recently publisheda video on information sharing titled "In HotPursuit: Achieving Interoperability ThroughXML"3, which presents some of the barriers andsolutions. Additionally, NASCIO has conducteda survey of opinions from a variety of individuals,and expertise centers regarding the concept ofinformation sharing—barriers and calls to action.This report, presented in two volumes, offers a

variety of perspectives and a variety of modesof delivery. Included are interviews, writtensubmissions, and summaries of existing testi-monials and literature. Interviews are present-ed that involved both individuals and panelsfrom various recognized expertise centers oninformation sharing. In all cases, NASCIO wasmotivated to present expert opinions. Theseopinions are honest and frank—but all areoffered in the spirit of continual improvement. Ifwe can be honest, and provide a candid assess-ment of the "as is", then there is true potentialfor making things better.

This survey of opinions included representa-tives from integrated justice, state government,public health, homeland security, environmentalprotection, and transportation. This report ispresented in two major sections: Volume One isdevoted to the justice community, and VolumeTwo is covers the broader topic of "govern-ment." This compilation is not exhaustive.However, it is believed that it successfully out-lines the major barriers to information sharingthat are prevalent throughout government. Theend game is to objectively identify these barrierswith the intent of rationalizing the relevant solu-tions for overcoming or mitigating these barri-ers. These solutions and recommendations aretermed "calls to action" in the context of thisreport.

NASCIO recognizes the valued contributions ofall who participated in the making of this report.

Eric Sweden, EditorEnterprise ArchitectNASCIO

3 See, https://www.nascio.org/publications/index.cfm#xml

https://www.nascio.org/publications/index.cfm#xml


One of the first priorities in planning informationsharing projects is to conduct a discovery phasein order to understand what information existsand who has it. A first step in such an initiativeis the development of an inventory of the infor-mation assets in each of the participating agen-cies. Often, people do not know what informa-tion they have that would be useable outside oftheir agency. There is a need for consistentdata models that are tied back to a business ref-erence model such as the one defined by thefederal government (i.e., Federal BRM).4 TheBRM can assist in categorizing subject areasand also in identifying natural touch pointsbetween agencies.

Authoritative System of Record

The authoritative system of record must beidentified for all information. This is different forthe various jurisdictions and it varies from stateto state. However, when someone needs infor-mation, they may go to another source morereadily available and reliable. Often the agencywith legal authority for certain information rele-gates substantive authority to an agency thathas a more complete database. This hasoccurred because technological capability hasovershadowed the actual responsibility.Technical ability at the state level results in state

agencies effectively becoming the authoritativesources for local information for which they haveno legal coverage.

For example, accident data is supposed to bethe legal responsibility of the local police depart-ments in the state of Kansas. According toKansas state law, whoever initiates a record hassystem of record responsibility. Local policedepartments send all accident data to theDepartment of Transportation for statistics onsafety improvements. This data is also sent tothe Department of Revenue (DOR). The DORassociates accident information with the driver'slicense. This can trigger other action by theDOR such as revoking a license after so manytraffic tickets.

People looking for accident data for their localarea, such as a city manager, go to the stateDOR for this information because it is perceivedas the most complete and efficient source forthis information. In effect, state agencies suchas the DOR become the primary source foraccident information rather than the local policedepartment. The DOR does not have theauthoritative clearance to be the system ofrecord, but they have the technology to bringthat information to bear. Because of theiraccessibility and completeness, the DOR sys-tem becomes the effective system of record.Also, a researcher can go to one place for data

state government perspective

Authoritative Sources and Identity Management Interview with Bill Roth, Chief Enterprise Architect, State of Kansas

4 The Federal Business Reference Model, see http://www.feapmo.gov/feaBrm2.asp

http://www.feapmo.gov/feaBrm2.asp


on multiple local jurisdictions rather than calleach police department. It is simply more effi-cient to make one call to the DOR.

The complete solution to this involves both abusiness solution and a technical solution. Anagency at any level of government (i.e., local,state, federal) could become an official sourcefor much of its data even without legal authority.This can happen as agencies develop greatertechnical capabilities, and acquire more andmore information. The call to action is, do notgive in to that inclination. Understand the statu-tory authority that has been established andsupport that authority. Another approach is forthe legislature to change statutory authoritybecause of the technical capability of highergoverning authorities. However, before anagency is designated the official authority, thelaw should be changed to match these changesin technical capability so that the owner of theeffective system of record is protected and alsoenabled by statute.

Identity Management

Another business priority is identity manage-ment. It is necessary to find a secure and reli-able way to identify agencies, and computersystems. The systems must be identifiedbecause often it will be machine to machinedata exchange that occurs. Identity manage-ment should be a data service that is based onthe necessary business logic. Authenticationand authorization must be automated with thisbusiness logic so that an information requestcan be validated quickly. If someone is request-ing specific information from a system, theauthentication process should not print out alengthy report on the requester. Rather it shouldprovide a simple YES or NO. Again, this deci-sion logic should be imbedded in the system.

When a system is designated as the system ofrecord for particular information, the rules forinformation sharing should be established inthat system of record. It must be determinedwho can retrieve that information.Consideration should be given to the public,other state agencies, universities, the federalgovernment, other local and county officials,etc. One approach is to create an identity man-agement broker that keeps track of who haswhat authority to access what information atwhat classification.

Data Classification

Accurately classifying data is also a criticalissue. In reality, data is "classified" according tothe 95/5 rule. 95% of the time, the informationsteward is reluctant to share information. 5% ofthe time, the information steward is willing toshare information. If an agency is burned oncebecause it shared classified information, it willbe reluctant to share information again fordecades. When requests are made, more oftenthan not the information steward will respond,"I'll have to review your request with our legalcounsel."

95% of the solution is education. Informationstewards should be trained so they understandand can apply the rules for information classifi-cation, and those rules should be applied con-sistently. Additionally, data and informationshould have attached meta data that documentsits classification, thus removing any question asto its classification. As that data is passed on toinformation consumers, the rules accompanythe information payloads. Consumers are alsomandated to apply the classification meta data.However, consumers should not repack infor-mation and resend. Data should be locked sothe consumer can access it, but not resend it.Digital signatures should have associated


authority meta data so the requester/consumerprofile accompanies an information request. Ina Service Oriented Architecture (SOA), the sys-tem of record requests authorization informationfrom the identity management system and veri-fies requestor or requestor system authoriza-tion. Once authority is verified, the system ofrecord sends the information with the classifica-tion meta data attached to the payload.

Agency Interoperability

One additional area that needs exploration isinteroperability among agencies. Currently,there is a lack of understanding of how agenciesare using information. Agencies often use thesame information differently. For example,many agencies deal with human resource infor-mation. Do they use it the same way? Do theyhave different business processes for process-ing that information? This needs to be deter-

mined. There is a lack of awareness of inter-agency and intra-agency business processes.This understanding must be developed in orderto truly achieve interoperability among variousagencies. And there is the need to have trainedbusiness analysts in place to pursue this under-standing. Kansas is currently developing train-ing in-house in order to develop these skills inour staff.

Many state agencies could benefit from sharedbusiness processes and shared technology toenable those processes. Ultimately, the ServiceOriented Architecture (SOA) is a necessaryapproach where multiple agencies could beleveraging the same applications. This coulddrive cost down significantly. The vendors couldprovide a clean service layer on top of theirapplications. One of the issues with SOA ismuch of the vendor community uses differentterms for the same concepts. SOA is the rec-ommended direction with appropriate interac-tion with identity management capabilities.


Privacy

Privacy is a major issue that must be addressedwhen planning information sharing initiatives.It's important to establish the boundaries for pri-vacy. South Carolina has encountered thisissue with sharing health information. It wasnecessary to mask personal data before send-ing diagnostic and treatment information that isused for state population studies. There is thiscontinued fear, or appearance, associated withletting "private" data out to others. While thereare some privacy concerns that need to beaddressed, sound legal measures and guidanceare required to overcome these issues.Sometimes this issue is really a disguise for asecond issue. A fear of losing control.

Politics

There is a fear among many in government thatcontrolling the data is somehow equivalent topower. Actually, it is to a point. Too many think thatsharing information will somehow make their posi-tion, or program, less important. This is a politicalissue that must be solved by political means. Thesolution is to set up mechanisms that rewardand publicize information sharing as a meansfor providing additional constituent benefit, orfor more effectively managing government cost.

Many recognize that information sharing is use-ful. However, there is an unwillingness to imple-ment any changes that would allow others toaccess "our" data. No matter what types of

technologies are used, some stovepipe datadefinitions have to be made shareable within agreater context. However, the owners of thedata have to see the value of doing this work.Their data has been structured for their immedi-ate and focused needs. To move to an enter-prise perspective of data is difficult for them tojustify. Proponents for change need to do a bet-ter job of explaining the value of this perspec-tive, and how data owners will benefit.

Technology

Data standards are needed for informationexchanges. Standards like the Global JusticeXML Data Dictionary (GJXDD) are on the righttrack. However, other agencies and communi-ties of interest such as revenue, or the depart-ment of motor vehicles, have no such standard.

The call to action here is to present a compellingmessage for an enterprise perspective on infor-mation management. There must be more initia-tives like the GJXDD within other lines of busi-ness that also maintain an enterprise perspectiveso at the end of the day there are not multiple,independent XML vocabularies. Rather, informa-tion can truly be shared across lines of business.Proponents for change need to deal with theorganizational dynamics of control, power, andprestige that inhibit information sharing. Thisrequires understanding these dynamics andestablishing the incentives to transform this think-ing to see the "power" and prestige of sharinginformation—becoming a quality source for infor-mation should be seen as a desirable position.


Privacy, Politics, and TechnologyInterview with Larry Johnson, Chief Information Officer, State of South Carolina


Sponsorship

Sponsorship is one of the keys to success forany initiative involving information sharing orother types of collaboration. An effective spon-sor will have a vision for an integrated view, orenterprise perspective. The sponsor must alsohave the resources to implement solutions andprovide operational support. .

Nebraska has initiated an integrated justiceproject that developed momentum very early,because participants shared an enterprise per-spective. The Nebraska Crime Commissionassumed the role of sponsor, and the directorand staff of the Commission have been instru-mental in guiding many initiatives in the CriminalJustice Information Services (CJIS) StrategicPlan to a successful conclusion.

A good sponsor is important to any project, but itis especially critical for statewide strategic initia-tives. The sponsor must be viewed as neutraland able to pursue the vision of the enterprise asa priority. This can be a difficult role for agenciesthat must balance their individual priorities whiletrying to champion the broader vision. By virtueof its very existence, every agency must place itsown mission as the number one priority evenwhen it sees the benefits of a broader effort.


The Importance of Sponsorship, Business Knowledge, and FundingInterview with Steve Schafer, Manager of IT Financial Solutions, The Office of the CIO, State ofNebraska

Business Knowledge

Another challenge is to combine strong spon-sorship with sound business knowledge. It isone thing to promote ideas such as an integrat-ed view of information and data sharing, buteventually one must enlist business expertswho understand the policies and processes andwhat will work in the field. Business expertsare indispensable, and good business expertswho understand computer systems are veryhard to find. As a rule, their plate is full, andthey have their day-to-day jobs to do.However, without their involvement, you can notgo forward with analysis, systems planning orsystems development. And, if you do, theresults won't be legitimate.

Other challenges to data sharing include statuto-ry barriers, conflicting federal requirements, otherorganizational dynamics, politics, and funding.All of these challenges must be dealt with, butfunding is one issue that often rises to the top.

Funding

One approach to funding is to leverage spon-sorship by providing some amount of "seed"money. This helps the sponsoring entity get theinitiative off the ground. For example, Nebraskais working on a statewide telehealth network.By the end of 2005, every hospital in the statewill be connected to this network. Some of the


early planning money came from a variety ofsources including the CIO office, the NebraskaInformation Technology Commission, and theNebraska Hospital Association, which has nowassumed sponsorship of the network. Thoseearly efforts took a while to gestate, but theyhave now resulted in funding commitments frombioterrorism grants, federal Universal Servicefunds, state Universal Service funds, and localhospitals. The initial planning funds were smallbut essential to success, because they allowedthe sponsor to create momentum.

Funding is also a critical component in thestate's approach to e-government initiatives thattranscend organizational boundaries. Nebraskarelies on a self-funding model for the state por-tal, which provides a modest amount of incomethat the State Records Board uses for new ini-tiatives. Without this funding source, efforts tocreate an integrated view of government wouldnever get beyond the "good idea" stage.


Barriers

There are multiple barriers to information shar-ing. Legislation can create barriers through pri-vacy laws which preclude the collection or dis-semination of certain information. Some of thatinformation would be useful in decision makingand could still be protected.

There are specific laws that determine what islegal and what is not legal regarding data orinformation sharing. Certain information is high-ly protected by both state and federal law. Andstrict requirements must be met when workingin these subject areas. These requirements canadd a tremendous amount of lag time to projectplans because multiple permissions must berequested and given before a project can pro-ceed. An example is the tax department. Thisinformation is highly sensitive. In order to touchtax data, there are multiple forms that must becompleted. These safeguards are in place for agood reason. However, there are approachesfor expediting these permissions.

Lack of resources also presents a barrier.These include financial, personnel, and capital.Without these resources the necessaryprocesses and technologies cannot bedesigned and implemented to enable informa-tion sharing. The states are facing gross short-ages in resources in a time when informationsharing is becoming more critical to effectivegoverning.

Turf battles create an ongoing detriment to infor-

mation sharing. Agency personnel take owner-ship of certain data, and they simply won't shareit. The challenge is how to motivate people tocooperate. Thirty to forty years ago processesbegan to leverage automation. This automationwas not done with an enterprise perspective.The result was multiple stovepipe solutions thatdo not interconnect. This approach actuallyadded to the problem of turf. Systems weredeveloped that supported little fiefdoms. Thenthe adage became a reality, "he who holds theknowledge, holds the power." This has beencarried to an extreme. No one wants to seetheir power reduced. So, they keep their data.

This behavior is seen at all levels of governmentand authority. When change agents comealong and try to move to a new paradigm, anenterprise perspective paradigm, they get little ifany cooperation. This has occurred manytimes. Recalcitrant personnel in the civil servicesystem have the attitude, "..we be here beforeyou came.. we be here after you go…." Whenthese individuals don't want to embrace change,they can stick their heels in the dirt—and a proj-ect manager can not get around that.

Incentives

The call to action is to find incentives for them tocooperate. Those incentives will vary dependingon the agency, and the level of responsibility.Each agency has their own culture and theirown "family" organization. We need to under-stand the dynamics of these organizations.


Barriers to Information Sharing: Legislation, Funding, and Turf Interview with Chaed Smith, Senior Technology Officer, State of West Virginia


Some incentives include measuring and report-ing performance and providing sharedresources.

West Virginia started a one-stop business regis-tration and licensing system that could be usedby tax, workers compensation, the treasurer, thesecretary of state, and unemployment. Dataentry was streamlined down to one form. Anynew business must fill out the form and theinformation is disseminated in the backgroundto individual agency systems and departments.The result has been higher levels of customerservice and increased customer satisfaction.These performance measures go up to the gov-ernor and the state legislature. This effortproved effective.

Integrated workflow solutions would also free uppersonnel resources who can then be retrainedand refocused where the agency is under-staffed.

Key Elements

There are a number of key elements to launch-ing initiatives like this. Stakeholders must beidentified in order to gain their participation andsupport. Appropriate incentives must be identi-fied for these stakeholders. That requires know-ing them and understanding their line of busi-ness, culture, and mission. Stakeholders needto see a demonstration of how their work will bemade easier or enhanced. They need to beconvinced that proposed changes will be effec-tive in helping them reach their objectives.Finally, engage their help. Leverage theirknowledge. Develop solutions that they feelthey own.

Funding is an ongoing challenge. Agencies aremuch more willing to allocate funds for initia-tives that remain within their "borders." It is verydifficult to convince agencies to flow money toan initiative that would serve a community ofagencies. They feel they would not have con-trol, or enough control.


What we hear from the governor's office is theywant to share and leverage information sharingsolutions from state to state. However, theywant to be comfortable that the IT used is ascost effective as possible.

The challenge is that most states are beyondthe point where sharing solutions doesn't threat-en a state. All of the states have reached thislevel of sophistication. For example, the stateswill get an offer from the federal government topartner with them on some initiative. The statesthen determine these federally focused initia-tives don't buy much for the states but mostlybenefit the federal government.

With the increase in competition for industry,jobs, and resources, from here on out, thestates will be asking how these collaborative ini-tiatives will affect their competitiveness.Another issue is related to state identity. Stateswill ask, "can we share without losing our iden-tity and competitiveness?" Any collaborativeefforts aimed at sharing information will have toensure there is a level playing field for all theparticipants.

In South Dakota, much of our activities arealready centralized so we don't have a problemaligning multi-agency initiatives. Essentially wealready have an enterprise perspective.

We are also working on a vision for unified gov-ernment integrating people, process, and data.We are realigning programmatic activities sostaff and the agencies look at problems from an

enterprise viewpoint. This is where enterprisearchitecture is today in South Dakota.

We want the person in a given agency to havea sense that other agencies may be interestedin his/her data. There needs to be an affinityamong the agencies. For example, GIS is anatural for relating agency data to a particularlocation; thereby, allowing the alignment ofmany agency datum together. The Departmentof Agriculture may be interested in Departmentof Transportation road information to help milkproducers plot a route to market during the win-ter storm season. Identifying what informationhas a potential for sharing is key.

One of the initiatives we have going in order tofacilitate this data discovery and analysis, andeventual sharing is the implementation of onedata dictionary. This dictionary ties together allprocesses, applications, and data all in onerepository. This gives us a statewide view—anenterprise view—of these domains. The capa-bilities of this repository allow us to map oneprocess to another and agency data to process.Everything is transparent and viewable. We'vebeen in the process of populating this reposito-ry for the past 3 years. It will probably take usanother 10 to 12 years before everything is doc-umented.

Our point of contact with the agencies are sen-ior analysts assigned to those agencies. Anyproject, bid, or initiative goes through the pointof contact. These points of contact cometogether as a community. This provides for


Maintain a Level Playing FieldInterview with Otto Doll, Chief Information Office, State of South Dakota


better communication across all the agencies.Eventually we like to see this role filled by theagencies. It's preferable to have their own per-sonnel as representatives. This forum providesthe opportunity for the entire community to knowwhat projects are ongoing and what capabilitiesthey are delivering. There are obviously oppor-tunities to leverage many of these capabilitiesacross the agencies. The forum is the commu-nication tool for ensuring this happens.


South Carolina is looking at a full fledgedhuman services capability. This brings togethermultiple perspectives relating to the citizen.This initiative includes the following kinds ofinformation:

� elderly services� disability and special needs� vocational rehabilitation � law enforcement� juvenile justice� public safety� probation� parole� child care data� social services� abuse and neglect reporting� Medicare and Medicaid � state employee medical claims� community health centers information� home health care billing� outpatient billing� emergency room visit� free clinic treatment � hospitalizations� mental health � alcohol and drug abuse� birth and death � achievement scores and school readiness� disease registries including cancer,

Alzheimer's, and spinal injuries� reportable diseases

Some of this information will be updated month-ly. A unique tracking number will be established

for each person. This information will bebrought into a data warehouse that will facilitateany query. The warehouse will be available toany agency. Cubes have been developed formother/baby, injury, and violence informationand statistics. Other cubes will be developed toserve the research needs of each agency.

Client Management System

A client management system will access thisdata warehouse. Agencies will be able to easi-ly see what other services a particular client isreceiving. Historical reporting will be madeavailable providing reporting capabilities suchas, what services have been provided over timeto an individual over a period of time. This willinclude the cost of those services, and evenwhat drugs were prescribed. A tickler or kick outfeature will be added that will indicate whatprocesses or services should be initiated andwhen. This feature is intended for use byagency management to facilitate the manage-ment of government.

Statistical analysis capabilities will be providedthrough the client management services.Researchers will be able to access and analyzedata within the system. As more analyticalcubes are developed, a solution will have to beimplemented for managing permissions andrules of operations.

This central broker approach will not entail


Human Services—A Comprehensive ViewInterview with Pete Bailey, Chief of Health and Demographics, Office of Research andStatistics, State of South Carolina


changing any systems within the agencies.Data will be taken as it is offered. It is expectedthat several agency systems will be identified asbeing the preferred source. For example, thefood stamps system has the highest qualityaddress information. So, it will become the sys-tem of record for that information. Other agen-cies have systems that will become the originalor preferred source for other information.

This centralized approach emphasizes anenterprise perspective and effectively resolvessome of the barriers to information sharing.There are basically two ways to share data:either the data from one agency data is movedto the requester agency's computer, whichupsets the balance of power in government; orinformation stewardship for all of the agencies isdelegated to a third party, which sidesteps thebalance of power issue. The objective is anintegrated data system that is holistic and com-prehensive, and that everyone can access.This effort will eventually include geospatialinformation as well.

There is no competition among agencies if a thirdparty information broker is in place. Everyone istreated the same whether it's a large agency or asmall agency. Much of the barrier to informationsharing in government is related to negative pub-licity. Information has to be protected and yet beavailable for analysis. These safeguards will beimbedded in the data warehouse.

A More Holistic View of Communities

An effect that is being seen from this effort is anew way to look at information and the deliveryof services to South Carolina. State govern-ment has traditionally looked at serving the citi-zen as an individual. Government is now at theadvent of looking at that individual holistically,taking into account all of the services that are

relevant to that citizen and ensuring they receivethem. Society is moving into a future whereagencies rethink how they deliver services. Inaddition to looking at the individual, agencieswill begin looking at households and wholeneighborhoods in order to understand whatimpact they are making in the quality of life forSouth Carolinians. This will allow data associa-tions and analysis only begun to be conceived.

For example, the University of Maryland is com-bining information on emergency room visitswith air quality data. This is an opportunity forenvironmental protection and public health towork together. Those presenting at the emer-gency room with respiratory symptoms may beresponding to air quality problems. The dataassociation is incidence of respiratory diseasewith geospatial data with air quality data. Thiswill potentially allow for the determination ofcause-effect relationships. The next iteration ofthis approach could be more predictive. Achange in air quality could conceivably be a pre-dictor of increased visits to the emergencyroom. Environmental data could prompt localhospitals to provision for expected increaseddemand of their services. This kind of crossdomain data analysis and cross agency collab-oration is where we are headed.

Part of the rationale is that people using theservices of one agency typically require theservices of other agencies. People servedthrough our mental health system are oftendealing with social challenges that requireassistance from social services, or family serv-ices. Alcoholics are dealing with law enforce-ment, drug intervention programs, and poten-tially unemployment. New cross agency collab-oration will bring more effective assistance tothese individuals. It is anticipated that this holis-tic and comprehensive approach will be signifi-cantly more effective in delivering service andimproving lives.

CapabilityAssessment:

Using theToolkit

Preparation:• Scan

environment• Set goals &

scope• Situation &

gap analysis

Results:• New action

plans• Investments

in improvedcapabilities

• Investmentsin theinitiative


The Center for Technology in Government(CTG) has created a method and supportingtools for assessing capabilities for inter-organi-zational information sharing. Use of the assess-ment tools and the results obtained provide sup-port for addressing many of the issues encoun-tered in information sharing initiatives. In its cur-rent version, the Capability Assessment Toolkitis targeted for the justice community. However,this toolkit and its approaches are intended tobe applicable for other government agenciesworking on information sharing initiatives.

The Capability Toolkit describes the process forplanning and implementing an information shar-ing initiative. The Toolkit includes an overallframework, tools for assessing readiness, anddescribes how to use the assessment results todevelop the necessary action plans to ensurethe information sharing initiative is a success.Shortcomings or potential gaps in capability aremitigated through action plans that are intendedto bring the information sharing initiativethrough to completion.

The approach presented by CTG includes anassessment activity for each participatingagency. A combined assessment for the infor-mation sharing initiative can then be donebased on the readiness of each participant.Worksheets, workshop planning guides, andeven sample letters of invitation are provided.The guidance document was made available inJanuary 2005. A web based assessment toolwill be available later in 2005.

The dimensions and sub-dimensions evaluatedecho the kinds of issues described in this report.These issues range from willingness to collabo-rate to technological capabilities. The overallprocess described is shown below.

The associated call to action is to use this disci-pline and the associated automated tool inpreparation and implementation of any informa-tion sharing initiative in order to ensure successof the project.


Information Sharing Capability Assessment ToolAnthony M. Cresswell, Deputy Director, Center for Technology in Government, University atAlbany-SUNY


Unlike medical or laboratory equipment, whichwears out and loses value with use, informationbecomes more valuable the more it is used.Information does not grow in value, however,merely by residing in a database. The more it ismade accessible to increasing numbers of peo-ple and used in more ways, the better it servessociety.

It stands to reason, then, that an enterprise viewof health information, in which information isshared among many partners, would be valued.But for all of its technical advances, the world ofhealth care has been slow to transition from alargely paper-based industry to one that fullyembraces information systems that enablebroad exchange of health information.

In the last year, the concept of a national healthinformation network has been gaining ground,principally because it holds promise for reducingmedical errors. Such a network would electron-ically link disparate health care information sys-tems—allowing patients, physicians, hospitals,payers, public health agencies, and otherauthorized users across the nation to share clin-ical information in real-time. All network systemsand participants would operate under stringentpolicies on access, security, privacy, and otherprotection provisions.

This enterprise view of clinical health care

information exchange—that is, informationabout individual patients—is becoming a realityin a few model programs. Numerous regionalcollaborations, known as Regional HealthInformation Organizations (RHIOs), are underdevelopment across the country. When fullyrealized—although it could take a decade orlonger—these health information exchanges willenable hospitals, health care providers, payers,and public health agencies to send and receiveindividual patient information securely usingWeb-based technology.

A number of complex, thorny issues remain tobe resolved, however, before such large-scaleenterprise-wide interconnectivity becomes real-ity in more than a few forward-thinking locales.These include issues of governance, technolo-gy architecture, data use agreements, andfinancial and business models that ensure sus-tainability. It is important to note that no single,national system is planned; rather, the vision isof a network of interoperable RHIOs that use acommon architecture.

Public health agencies—agencies whose workfocuses on the health of populations rather thanindividuals—also have a role in these healthinformation enterprises. Data from public healthinformation systems can provide clinicians withindividuals' immunization records or case man-agement information at the point of service.

public health perspective

Developing an Enterprise View of Public Health Information Systems Dave Ross, Terry Hastings, and John Kiely, Public Health Informatics Institute

©2005 The Public Health Informatics Institute

Public health informatics is the systematic application of information and computer science andtechnology to public health practice, research, and learning.


Private health care providers can also benefitfrom aggregate population-level data to estab-lish risks and trends (e.g., infectious diseaseoutbreaks) and expert guidance for manage-ment of public health problems (e.g., smokingcessation, lead screening, infection control).

But the barriers to public health acting as part ofthe national health information network, orenterprise, are great. In fact, barriers to an enter-prise view of public health, in which informationis shared across and among public health agen-cies themselves, are also formidable.

Barriers to an enterprise view of public healthare related in large measure to funding. Thefederal government funds much of public healthat the state and local levels. As federal fundinghas increased, states have cut their contribu-tions. However, the legal authority—and spend-ing authority—for public health resides at thestate and local level. The typical sequence forpublic health funding begins with lobbying activ-ities at the federal level to convince Congress tofund very specific public health programs.Funds are allocated to states and disseminatedwith strict spending timelines.

When the program involves information technol-ogy, often little guidance is given to help effec-tively apply the funds. State and local publichealth offices receive the money through agrant process, and the accompanying instruc-tions for building applications to tackle specificpublic health problems range from detailed tonon-specific. Requirements are typically notprovided. At the same time, a ticking clock man-dates that the money be spent quickly. In manycases, the funds are spent at the discretion ofindividuals within public health who have little orno background in information technology, busi-ness process improvement, information archi-tecture, or enterprise architecture.

As a result, progress toward interoperablehealth information systems among public healthagencies has been slow, and anecdotal evi-dence points to limited positive impact ondesired health outcomes. Health informationsystems projects are often narrow in focus, poor-ly defined, or driven by consultants from a widespectrum of expertise and experience in devel-oping specifications and implementing require-ments. Consultants also vary in their knowledgeand experience in enterprise architecture.

All Together Now

So what's needed to overcome these chal-lenges, to create the conditions for public healthto act as an enterprise, take an enterprise viewof its information systems, and share informa-tion in a way that serves public health goals?

The Public Health Informatics Institute's goal isto tip the public health belief system from its per-ception that the business of public health isunique in each locale, to a belief that the publichealth enterprise can succeed only if it definestomorrow's information systems together. Publichealth agencies need to understand that, inmost respects, they are not independent islandsin need of tailor-made solutions. The rationalecan be summed up with a straightforward ques-tion: Why develop multiple, similar systemswhen our problem and information needs aresimilar?

Aligning information infrastructure with informa-tion needs requires group action and groupadherence to a new operational model:

� To act as an enterprise, public healthagencies must first reach consensus onthe health problem to be solved, conceptu-alize the public health needs and goals,and understand how information systemscan improve health outcomes.


� They must develop the social will to createreal change, that is, they must be willing towork together for the common good, andto put aside individual agency agendas andturf control. They must be willing to come tothe table as collaborators, not competitors.They must be willing to develop one-on-one relationships and trust among oneanother. This constitutes the "social glue"that makes collaborations work.

� They must develop a common understand-ing of their business processes: how theirwork is done. Through this exercise, partic-ipants invariably discover that despite theirdifferent circumstances (e.g., geography,size, budgets, etc.), they are all in the busi-ness of public health, perform the samebasic functions, and thus have more busi-ness processes in common than not.

� With the discovery that business process-es are principally the same, public healthagencies that define requirements togeth-er find that the requirements for the sys-tems to do the work (business processes)also are more common than unique.

Health agencies that take an enterprise view bycollaboratively defining the health problem, thebusiness processes, and requirements can getahead of the funding curve. When funding forinformation systems becomes available througha federal initiative, the health organization canrespond quickly and effectively, with require-ments already in place. Information technologyinvestments can solve real problems and addlong-term value.

Shared Understanding, Shared Architecture

Once public health agencies understand theircommon purpose and have social will to act asan enterprise in defining business processes

and requirements together, the architecture is themost easily accomplished piece of the process.The elements of the architecture—data stan-dards, code sets, and vocabulary—are beingactively developed by standards organizationsand the Centers for Disease Control andPrevention through its Public Health InformationNetwork (PHIN) initiative. Shared architecturemakes information shareable, but the collabora-tive group first must define the infrastructure. Theresult is a seamless interoperable enterprise.

Public Health Labs: Collaborating on aNational Scale

In 2002, the Institute had an opportunity todemonstrate on a large scale that greater bene-fit can be gained through collaboration. Inresponse to the bioterror events following 9/11,federal funding was appropriated to "modern-ize" public health laboratories at the state andcounty levels. In conversations with members ofthe Association of Public Health Laboratories(APHL), the Institute learned that most publichealth laboratory directors were not sure whattheir laboratory information management sys-tems (LIMS) needs were. As is often the casewith federal funding, they needed to spend themoney within a tight timeline.

The Institute and APHL agreed to collaborate tosolve the problem. Supported by funding fromThe Robert Wood Johnson Foundation, theInstitute, APHL, and 16 public health laboratories,(i.e., 14 states, one county, and one city) set outto collaboratively develop the business processesand requirements for public health LIMS.

The first challenge was to convince the partici-pating lab directors that their business process-es had more in common than they realized. Atthe start of the project, the lab directors believedthat their laboratories' information systems were


unique because the laboratories are organizeddifferently from state to state, and they varygreatly in size and services provided. TheInstitute, however, found that laboratoryprocesses are largely the same. For example,they all collect specimens. Specimens areprocessed. Results are reported. They all man-age inventories of equipment and supplies.They all have standard laboratory proceduresand testing protocols. Their few real differenceswere not in critical areas.

Over time, project participants experienced anumber of aha! moments, dramatically chang-ing their mutual perception from "We're all dif-ferent" to "Hey, we're not so different after all."Once this premise was accepted, project partic-ipants, guided by the Institute, produced a busi-ness process framework for all public healthLIMS. Next, a comprehensive requirementsdocument was developed. Within six months,public health LIMS business processes andrequirements were developed—by public healthlaboratories for public health laboratories.

With this information in hand, public health lab-oratories are now ready to "visit the showroom"of solutions and evaluate alternative solutions inthe marketplace. They have the option of creat-ing their own LIMS applications or using therequirements to develop RFPs for purchasingcommercial off-the-shelf (COTS) LIMS. Perhapsthe most valuable outcome is that public healthlaboratories now understand their commonbusiness processes, speak the same language,and can more easily interconnect and integratetheir LIMS.

Now, public health laboratories can avoid "rein-venting the wheel" when launching a project.They have the information they need to build abetter system. Developing requirements througha multi-state collaborative consortium led to amore comprehensive product (BETTER) in a

rapid process (FASTER) and at LOWER COST.These requirements also more accuratelyreflect interoperability needs. The collaborationproduced requirements with lasting shelf lifethat allow for expansion and upgrades, and offerwidespread cost efficiencies for future partici-pants.

An Even Taller Order: Integrating ChildHealth Information Systems

The Institute offers an example of an evenbroader collaboration in its work with state andfederal agencies to integrate child health infor-mation systems. This initiative focuses on link-ing the results of newborn dried blood spotscreening with immunization records, vitalrecords, lead screening, and hearing screeningto provide a much more complete picture of thechild, the environment, and the various at-riskpopulations in a community.

Integrated child health information systems arein many ways more complex than LIMSbecause the boundaries are very broad and notas crisply defined. Participants in the initiativerepresent many aspects of child health and areprogram-focused and data-oriented, rather thanprocess- or technology-driven, as the publichealth LIMS participants were.

Fortunately, this collaboration has a vision of acomprehensive child health profile that canbecome a child's "electronic health record."With guidance from the Institute, state and fed-eral health agencies are collaboratively devel-oping a common understanding of the need fora child health profile (what is the businesscase?), the business processes (how does thework get done?), and the requirements (whatdoes the system need to do?) for informationsystems that make a child's information avail-able when and where it's needed.


Conclusion

In the world of health information systems, ashared enterprise view of information is criticalto improving the health of individuals and popu-lations. A shared architecture makes informationshareable, but a collaborative approach todefining the health problems and developinginformation systems is equally essential to thegoal of information sharing.

For the fields of public health and heath care,the language of information enterprises, busi-ness process, and systems architecture issometimes foreign and can create a conceptualbarrier to understanding. The Institute seekssupport of and collaboration with organizationssuch as NASCIO and its member CIOs to com-municate and incorporate best practices inenterprise information systems projects under-taken by public health agencies.


Information sharing within the Department ofHomeland Security (DHS) involves multi-juris-dictional interactions that must occur quickly. Indefining the necessary information exchangesthat must occur, there needs be a clear defini-tion of business requirements. Businessrequirements must be established in front of anytechnical solution development. However, with-in homeland security, a comprehensive conceptof operations does not exist in many of theareas that comprise homeland security.

The enterprise architecture approach will typi-cally entail the identification and cataloging ofthe "as-is." However, DHS is currently facing alack of catalogs of existing information stores.This understanding is necessary as part of theprocess for defining the "to-be" and then devel-oping the process for moving from the "as-is" tothe "to-be." Information must be properly clas-sified before decisions can be made regardingaccess to this information. However, currentlythere is a lack of clear criteria for informationholders.

DHS may be facing one of the most significantinformation sharing challenges having com-bined some 22 agencies into one department.This re-organization has significant implications

relative to organization, business process inte-gration, and information sharing. DHS has metthis challenge by establishing an InformationSharing and Collaboration Program. This pro-gram involves the following imperatives:

1. Improve information sharing and collabo-ration within each of the Directorates of theDepartment,

2. Improve information sharing and collabo-ration between DHS elements,

3. Improve information sharing and collabo-ration across the cabinet level depart-ments and agencies, and

4. Improve information sharing and collabo-ration with our State, tribal, territorial, local,and private sector partners responsible forsecuring the people and infrastructure ofthis country.5

The department has also recognized the needto establish an enterprise view as demonstratedby its objective to create an Information SharingEnterprise System. The Terrorist ThreatIntegration Center (TTIC) was launched withonline capabilities for ensuring information shar-ing horizontally, i.e., for sharing information withother federal agencies. It has created addition-al online capabilities for sharing information with

homeland security perspective

Information Sharing Perspectives from Homeland SecuritySelected testimony before the House Committee on Government Reform's Subcommittee onTechnology, July, 2004

5 Statement of Patrick M. Hughes, Lieutenant General, USA, Ret, Assistant Secretary for Information Analysis, InformationAnalysis and Infrastructure Protection Directorate, U.S. Department of Homeland Security, Before the House Committee onGovernment Reform's Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census


state, local and private sector entities. Thisincludes the deployment of a Sensitive ButUnclassified (SBU) version of the TTIC on theOpen Source Information System (OSIS) net-work. The department is working to developadditional vertical information sharing capabili-ties where the information will originate at thelocal level and be passed up to the federal level.

The Department of Homeland Security hasmade the following statements:

1. . . . The intelligence, law enforcement andhomeland security communities are invari-ably faced with a complicated mix of tech-nical, security, policy and legal challengesassociated with improved sharing of infor-mation.

2. Attaining the proper balance is the key.There seems to be an underlying currentsuggesting that all "terrorism-related"information should go to all people that aresomehow involved in the USG counterter-rorism effort. Such an approach will likelyput at risk sources of information and oper-ations critical to winning the war on terror-ism. …

3. . . . Information Sharing is not a panacea :In short, information sharing is necessarybut not sufficient. If we don't have the basicbusiness process for terrorism analysisright, and haven't established critical massof analytic talent, we can pass informationall over the government and still not con-nect the proper dots; indeed we couldeven face the prospect of simply beingwrong faster.

4. . . . --"Effective information sharing" is crit-ical: We are seeing an explosion of net-works and websites, containing terabytesupon terabytes of information.. . . As agen-cies "post" their information, they can legit-imately say they have shared the informa-tion. Whether anyone on the other endknows how to find it and read it is anentirely different matter.6

These statements clearly make the point thatthe challenges forthcoming will not be easy toallay. Effective information sharing is not simplypublicizing everything—rather, careful judgmentmust be applied to ensure the right informationis available to those that need it. Finally, infor-mation must be categorized, and organized so itcan be retrieved.

6 Statement for the Record of Russell E. Travers, Deputy Director for Information Sharing and Knowledge Development,Terrorist Threat Integration Center (TTIC), "Facilitating an Enhanced Information Sharing Network that Links Law Enforcementand Homeland Security for Federal, State, and Local Governments" before House Government Reform Committee'sSubcommittee on Technology, Information Policy, Intergovernmental Relations and the Census, July 13, 2004,http://reform.house.gov/TIPRC/Hearings/EventSingle.aspx?EventID=1188

http://reform.house.gov/TIPRC/Hearings/EventSingle.aspx?EventID=1188


There are ten barriers to information sharingwithin the context of homeland security.

1. Lack of a clear definition of the businessneeds, or a concept of operations, beforeinformation-sharing projects are undertak-en. This is particularly true of the "to-be",or improved, business processes thatmight be enabled by new technology orbetter data.

Once a business process is understoodand documented, it should be clear whatdata is needed to properly execute theprocess. Once that data is identified, wecan address the more tactical issue of howto obtain and deliver that data as quicklyas possible. Before making major ITinvestments, we need an overall strategyor concept of operations that describeshow individual projects will fit into a con-sistent process framework and how thatframework supports a strategic goal. Forexample, if there is a proposal to build acriminal intelligence fusion center, deci-sion-makers need to know that the pro-posed center will fit into the overallprocess of gathering and using criminalintelligence in the "to-be" state. Has anational approach to this process beendefined, or will it be implemented at a State

or regional level? We cannot hold up allinvestment until we have re-engineeredevery process, but we should make it a pri-ority to invest in defining and documentingprocesses critical to homeland security.

2. Lack of catalogs of existing informationcollections.

Many people believe there are existingdatabases and information collections thatwould be of great value to law-enforce-ment and homeland-security operations ifthey could be shared more widely. An obvi-ous first step toward sharing this informa-tion is to publicize what collections exist insome sort of on-line catalog.

While it would be great to have lots ofdetailed information in the catalog, wewould be ahead of where we are if thedatabases and major information collec-tions held by federal agencies were cata-loged with even so general a descriptionas "immigration applications." A simplecatalog would facilitate exploitation of thisinformation as a tactical improvementtoward information sharing.

homeland security perspective

Ten Barriers to Information SharingMartin Smith, Office of the Chief Technology Officer, U.S. Department of Homeland Security7

7 The opinions expressed by Mr. Smith are his own, and do not necessarily represent the views or policies of the U.S.Department of Homeland Security.


3. Lack of clear criteria for information hold-ers (e.g., Federal agencies) to make deci-sions regarding access to existing dataassets by potential users (e.g., Stateagencies).

It is remarkably difficult and time-consum-ing to get one organization to decidewhether it can provide a database toanother organization, and if so under whatconditions. My experience is that it maytake months or even years to negotiateand implement such an exchange, and toooften the conditions of the exchange arevery restrictive. Certainly there are legal,security and other issues that must beaddressed, but other obstacles like confu-sion over who has the authority to approvean exchange can be eliminated.

At some point, automated information bro-kers will be used to quickly disseminateinformation to qualified recipients in sec-onds. For now, it would be a hugeimprovement if the time it takes to estab-lish a new information exchange could bereduced to a few weeks. To make this hap-pen, Federal agencies and others shouldidentify a single point of contact for coordi-nating information-exchange initiatives,and they should standardize (and publi-cize) the process and the criteria forreviewing proposed exchanges.

4. Lack of a clear plan—or even widely-accepted ideas—on how to get beyond theconceptual goal of increasing the priority of"need to share" versus "need to know" forsensitive information.

Every Federal agency involved in home-land security has a program to improve orexpand information sharing. At the sametime, no responsible official favors indis-

criminate dissemination of non-publicinformation or abandoning the concept ofneed-to-know. How close or far are wefrom the "correct" balance between shar-ing and restricting access? Can we quan-tify or at least clearly articulate the costs ofsharing versus not sharing? How do offi-cials now making these decisions on adaily basis define the correct balance, ingeneral or even in a specific case? Shouldsharing decisions be made by data "own-ers" exclusively? What considerationsshould enter into a decision to share, andis the information available to supportgood, consistent decisions? We need a lotmore baseline data to understand wherewe are on information sharing and someconsensus on how to define the optimalextent of sharing. This should be recog-nized as an important research issue.

5. Lack of a performance baseline fromwhich to set performance improvementtargets for information sharing.

There is a lack of well-defined measures of"success" in information sharing. Sharingitself is just a means to an end: more effec-tive mission performance. We shoulddefine sharing metrics that are relevant tothe intended outcomes of better missionperformance. We may be able to scoresome initial successes by making smallimprovements that are of obvious value,but to justify the cost of major sharing proj-ects or to sustain sharing programs we willneed to show clear value.

6. Lack of agreement (or at least documenta-tion) of the "real" business rules versuscommon practice, or tribal knowledge.

"Real" business rules are based on regula-tions, official policies, operational doctrine,


etc. That is, there is a legal basis or busi-ness reason for the rules. However, it's acommon observation among people whohave been involved in documenting busi-ness processes that workers are typicallyquite inconsistent from one to the next infollowing official procedures. What's more,workers often assert the existence of rulesthat have been changed or that have novalid basis whatever. The constraints thatapply to sharing of sensitive informationare complex, and they change. In fact, inthe post-9/11 world we want them tochange. The challenge is to implementnew rules and procedures that expand andspeed sharing, while at the same timemaking sure the "real" rules are observedconsistently.

To meet the challenge we have to do twothings: first, re-examine the rules, elimi-nating the obsolete or dysfunctional ones,and documenting the ones that are validand the new or changed ones. This is ahuge task so we'll have to prioritize.Second, drive the new rules into effectiveapplication. We may be able eventually toautomate many of these sharing deci-sions, but for now most decisions aremade by people, so training (or re-training)will be the critical success factor.

7. Lack of effective ways to extract and dis-tribute unclassified, actionable informationfrom classified sources.

There is currently no affordable, expedi-tious, consistent method for pulling unclas-sified content from classified content. Partof this issue relates to determining andunderstanding what content is classifiedand what is unclassified. Again, it isabsolutely necessary to understand thebusiness rules when evaluating solutions.For example, if the process has a targetexecution time of 5 seconds, solutions forextrapolating unclassified content that take10 minutes will be irrelevant. Evenprocess improvements that may realizeperformance gains of a 5% decrease intime are inconsequential. We have tounderstand the parameters for processperformance, then develop solutions thatare bounded by those parameters.

8. Lack of an effective facility for leveragingexisting trust relationships and credentialsto support "fine grained" sharing decisions.

We need some type of federated identityand privilege management system thatpresents who a person is and what theyare empowered to authorize, view,retrieve, download, etc.

Such a system is described in the follow-ing diagram:


There is an associated logic chain incor-porated in this type of model. The scopeof this model is far too large to design andimplement from the ground up. It must bedesigned and implemented to leverageexisting business processes and logicwithin a diverse population of agenciesand jurisdictions. This will require leverag-ing the logic in de facto authoritativesources. An example of such an authori-tative source would be a payroll system forestablishing "employee status." Anotherexample is an established certification forcarrying firearms. Such a list alreadyexists. It would be an authoritative sourcefor issues related to firearms.

Such a system must be detailed to a highlevel of granularity. This level must also be

established based on the classification ofthe data, the level of security required inthe process, etc.

9. Lack of a method for effectively ensuringdistribution restrictions accompany theinformation or data throughout its lifecycle.

Information custodians who have someinformation collection responsibilities alsohave legal responsibilities for what happensto that information once it is distributed.Often these custodians will hold informationback because of these legal obligations andpotential legal exposure. As well, onceinformation is distributed to a primary recip-ient, there is no effective way to ensure thatthe distribution restrictions are maintainedfor secondary, and tertiary distribution.

Figure 2

Information Decision Logic


Digital rights management is an existingtechnology for ensuring business rulesaccompany the content of informationexchanges. The further iteration of thistechnology would be a federated identitymanagement system. This system wouldbe used to manage roles and rights. Itwould also have the intelligence to deter-mine the sensitivity of the informationexchange by evaluating the contentagainst established policy decision rules.In its highest iteration, this capability canmake a decision without human interven-tion.

Such a system would interact with localsystems' requests for information andrespond regarding the classification andshareability of the information. This capa-bility is currently available for use withinreasonably trusted organizations and forless sensitive information.

10. Lack of individual and organizationalincentives to share information.

This is a knowledge management issue.Much of the problem is related to the cur-rent incentives and disincentives used bysome management. The disincentive forsharing information is the "punishment"system that is often in place. And, there isno "reward" for sharing information. So,information stewards will most certainly dowhat they can to avoid "punishment" whenthere is no "reward."

There need to be appropriate incentivesfor sharing information instead of hordingit. This again touches the training and riskmanagement issues as well. If, in fact,information stewards are trained in theproper operating discipline for informationstewardship, they will know when to share,and when not to share content becausevery clear, precise decision logic will bewell documented. In this instance, risk iseliminated or reduced as documenteddecision logic ensures all informationstewards make consistent decisions.


Ten years ago, the world stood at a crossroadsas the digital revolution began to unfold. Theidea of being able to send an e-mail message ina matter of seconds to a colleague across thecountry was a tantalizing concept. The WorldWide Web—a virtual information marketplaceallowing for the exchange of data, information,and communication on a level previously unat-tainable—achieved a rare shared enthusiasmbetween private and government businesses.

At that time, the Pennsylvania Department ofEnvironmental Protection was one of the firststate agencies in the country to create and posta web page. During its first few months of exis-tence, the site was hosted not on a governmentserver, but on an employee's personal comput-er in his garage. How times have changed!

Now ten years later we are at a new crossroads.We live in an age where businesses, organiza-tions, and individuals, having adapted to emerg-ing technologies, are at the point where thedesire for bigger, better and faster technologyhas been replaced by the demand for high qual-ity information—accessible anytime, anywhere.

The U.S. Environmental Protection Agency(EPA) strives to provide citizens with usefulinformation about the quality of the water they

drink, the cleanliness of the air they breathe,and the health of the land on which they live.This information can be retrieved by the citizenwhile in the comfort of their home, office, orschool and with a few clicks of a keyboard andmouse. In the past ten years, EPA and theOffice of Environmental Information have takentremendous steps in turning that vision into real-ity. However, these efforts must continue.

New approaches and technology like web serv-ices, portals, virtual repositories, and grid appli-cations—all of which are in use at EPA—canassist. But they are no substitute for the part-nerships that must be developed in order to getour arms around the vast amounts of data thatcurrently are scattered across our various agen-cies and departments.

Two years ago, EPA published the first DraftReport on the Environment .8 It was the firstdocument of its kind in the agency's thirty-yearhistory. What quickly became apparent duringthe research and writing of the Draft Report wasthe number of key questions that couldn't beanswered due to lack of data. Thirty-five ques-tions concerning air, land and water conditionscould not be answered fully in the 2003 DraftReport. While there were detailed reasons forthis that often varied by indicator and question

environmental protection perspective

The Age of Information SharingBy Kimberly T. Nelson, Assistant Administrator for the Office of Environmental Information& Chief Information Officer, U.S. Environmental Protection Agency and Co-Chair, Architectureand Infrastructure Committee, Federal CIO Council

8 Draft Report On The Environment, please see: http://www.epa.gov/indicators

http://www.epa.gov/indicators


posed, there were also data sharing challengesthat were made very clear.

A wide variety of organizations, including otherfederal and state agencies and two nonprofits,contributed the information included in the DraftReport. Among the data sharing challenges wereorganizations collecting similar information usingdifferent standards and formats, gaps in areas ofcollections and coverage, and a lack of a dataneeds framework for environmental informationon trends and conditions. Work is underway todevelop the next Report on the Environment forpublication in 2006, and the task of analyzing datafrom many different partners paints an accuratepicture of the challenge EPA faces in accessingand sharing information in support of its mission.

National Environmental InformationExchange Network

Five years ago, EPA, along with state and tribalpartners, began to address the technical chal-lenge of data sharing with the creation and useof the National Environmental InformationExchange Network.9 Thirty-one states currentlyhave nodes on the Exchange Network, withmore joining every week. Via their nodes,states maintain their own data and share com-mon data with EPA and each other usingInternet-based, web services. The ExchangeNetwork was jointly conceived, built and is gov-erned by a partnership of state environmentalagencies and EPA. It is scalable to include other

9 National Environmental Information Exchange Network, please see: http://www.exchangenetwork.net

Figure 3

Network Overview

Partner D

Partner B

Partner A(e.g., state)

Partner A(e.g., state)

Partner C(e.g., EPA)

Partner C(e.g., EPA)

KeyPartner NetworkNode

Data ExchangeTemplate

KeyPartner NetworkNode

Data ExchangeTemplate

InternetInternet

The Exchange Network

http://www.exchangenetwork.net


partners. After just two years, the ExchangeNetwork has proven to be a sound investmentwith real outcomes that have enhanced envi-ronmental protection across this country.

In New Hampshire, state regulators now receiveimportant drinking water quality informationfrom laboratories faster, thereby improving theirability to protect public health. Michigan tax-payers are experiencing a cost savings due tothe Exchange Network's ability to support elec-tronic water discharge monitoring reports, cut-ting red tape and duplication of work. States inthe Pacific Northwest are, for the first time,exchanging data about the quality of surfacewater in the Snake and Columbia rivers,resources jointly managed by two states. TheExchange Network's accomplishments are justa preview of what is to come.

Other federal agencies and departments haveembraced similar intergovernmental net centricapproaches to data sharing. The U.S. Centersfor Disease Control and Prevention hasunveiled a new Environmental Public HealthInformation Network; the Department ofHomeland Security fosters a network for firstresponders (e.g., fire fighters, police) and theDepartment of Justice promotes data and inter-operability through the Global JusticeInformation partnership. These are just threeexamples of federal agencies employing tech-nology to improve data sharing and communi-cation with trusted partners.

The federal government makes an annual infor-mation technology investment of approximately60 billion dollars. There is a need to worktogether across the federal government and

Environmental Information Exchange Network: State Implementation ProgressJanuary 2005

KEY:

WA

DC

OR

CA

MT

INIL

ID

NVUT

AKHI

AZNM

TX

OK

WY

ND

SD

NE

COKS

LA

MO

AR

IA

MN

KY

TN

ALMS

FL

GA

SC

NC

VA

OH

ME

WV

PA

NYMI

WI

VTNH

NJ

MA

CT

RI

MD

DE

In Production

In Development

N/AFigure 4


with tribal, state and local governments toensure that the data produced by these variousnetworks and systems are compatible, therebymaximizing their use and benefit. It is signifi-cant to note that last year's report by the 9/11Commission10 noted a strong need for betterinformation sharing among federal and stateagencies and departments, but had few recom-mendations for new technologies.

Most government information systems werenever designed to enable interoperable dataflows across agencies. Data and informationare the fundamental building blocks for interop-erable organizations and work flow, as we havelearned through the Federal Government crosscutting twenty-four e-Government initiatives andthe Lines of Business. Therefore governmentmust begin to place a greater emphasis onthe exchange of data between and among itstrusted partners.

The Office of Management and Budget recentlypublished the Federal Enterprise ArchitectureDate Reference Model (DRM).11 The model isbased on three concepts: the categorization,structure, and exchange of information and iswidely considered as the foundation on whichthe entire federal enterprise architecture struc-ture rests. The DRM holds promise for enablingthe federal government to embrace fully netcentric technologies because it addresses keyquestions regarding how one searches, access-es, and understands various forms of informa-tion. I have no doubt that the DRM will be a cat-alyst for driving new interoperability policies.

As the DRM evolves and federal agencies anddepartments work towards building true enter-prise-wide data architectures, it will facilitate theharmonization of the structure and definitions ofdata across the federal government, affordingagencies, departments and their partners theability to "reuse" data. With a fully developedDRM, we may be able to move closer to theconcept of "data on demand" among govern-ment's trusted partners.

To realize fully the potential of technology andtruly leap into the Information-Sharing Age,CIOs will need to make use of semanticapproaches and ontologies. The semantic or"intelligent" web is where the convergence ofknowledge management and information tech-nology occurs.12 New methods are neededwhich support data access and search capabili-ties over a wide spectrum of information net-works or even stand alone legacy systems.Currently, there are pockets of the federal gov-ernment, mainly devoted to scientific research,where these concepts are quickly becomingreality. Called the next evolution of the Internet,the semantic web will expand and take its placein everyday society ultimately providing data,information and tools on demand. EPA is alreadyexploring the new possibilities that a semanticworld presents via our international partnershipson ecoinformatics and through creating ontologi-cal approaches that link public health and envi-ronmental contaminate information.

Unlike ten years ago, there isn't a need to oper-ate out of the confines of a garage inPennsylvania as government begins exploring

10 National Commission on Terrorist Attacks Upon the United States Final Report, please see: http://www.9-11commission.gov/report/index.htm11 Federal Enterprise Architecture Program Management Office DRM Version 1.0, please see:http://www.feapmo.gov/feaDrm.asp12 W3C-Semantic Web, please see: http://www.w3.org/2001/sw/

http://www.9-11commission.gov/report/index.htm

http://www.feapmo.gov/feaDrm.asp

http://www.w3.org/2001/sw/


the possibilities of sharing the vast amounts ofinformation that are contained within our variousorganizations. Regardless of where one sitswithin the IT community, it will be increasinglynecessary to see the need for intergovernmen-tal collaboration and governance structures,enterprise architecture frameworks and seman-tic web approaches. It's the Information-Sharing Age.


Data sharing is not primarily a technology issue.A major challenge in data sharing is the ability toknow what data exists and how the data con-tained in one system may be used in other sys-tems. Data is conceived, defined, collected,stored and manipulated to support businessprocesses that enable the agency to accom-plish its mission. Thus, to fully understand thevalue of individual pieces of data it is impor-tance to understand, at least in general, theprocesses for which the data was generated.Even the best of metadata descriptions of dataelements often can not fully define the data insufficient terms that will allow both the providerand recipient of the data to feel comfortable withsharing data elements.

The Kansas Department of Transportation(KDOT) has undertaken several projects tounderstand their data. To broadly understandand articulate how data is used, KDOT engagedthe University of Kansas in a research project tobuild an agency taxonomy. The project team iscurrently searching for a model that will allowthe agency to locate data, understand the basicorganization of that data, and be able to definedata elements so that the data will have mean-ing across the agency. As long as data isdefined in the context of a single system, theprobability of the data's use in other systems isnot high.

KDOT is developing an enterprise architecturewhich will bring an understanding of the busi-ness processes of the agency and the data orinformation that enables these processes. The

focus of this enterprise perspective is a look atall agency processes, especially when theprocesses span different systems. Experiencewith other state departments of transportationreveals that systems with similar names oftenhave widely varying functions and sub-functions,but the actual processes and flow of data can beremarkably similar. Fortunately, the enterprisearchitecture has various levels of abstractions,thus allowing the identification of classes of data.By using the appropriate level of abstraction, fur-ther research allows the determination of thevalue of sharing specific data elements.

Another challenge to data sharing is the lack ofa clear understanding of just what is meant bydata sharing. It could mean sharing a singlerecord of data, sharing a single definition of adata element by means of rigorous meta data,establishing harmonization of synonyms, or avariety of other aspects of sharing information.The objective for an agency is to balance"responsibility with responsiveness." Data shar-ing then must be subjected to a benefit-to-costconsideration. Management's view of shortterm versus long term savings will drive thedecision to spend resources to enable datasharing more globally. Users of individual sys-tems may wish to define and collect their owndata rather than take on the burden of moreglobal optimization initiatives across the agency.Scope becomes the issue. That is, does theagency look at the scope of data sharing interms of "city planning" or as a "single familyhome construction?" Is agency managementprepared to develop the infrastructure for data

transportation perspective

Information Sharing Perspectives from a Transportation AgencyBen Nelson, Computer Services Bureau Chief, Kansas Department of Transportation


sharing from an enterprise perspective or isagency management more concerned withmore traditional and tangible aspects of tradi-tional systems development.

The State of Kansas has worked over a decadeto develop an organizational culture that encour-ages cooperation between agencies which pro-motes data sharing. An Information TechnologyExecutive Committee has the responsibility foroverall coordination of information technologywith representatives from the judicial, legislative,and executive branches of government; from theRegents, and from the private sector. This com-mittee has the power to dictate information tech-nology polices and to form committees to inves-tigate and implement specific policies. The com-mittee has clearly indicated its desire that databe shared across state entities.

The State Executive Branch CIO has developeda federated approach to management of infor-mation systems whereby organizational CIOs atall levels of government meet once a month todiscuss items of interest to the whole communi-ty, including data sharing. This has accentuat-ed the desire by organizations to seek out waysto reduce costs of systems development, includ-ing data sharing.

Within the Kansas Department of Transportation,the Information Technology ExecutiveCommittee oversees all systems development.This committee is supported by a senior man-agement team, which provides policy recom-mendations while overseeing functional teamscomprised of professionals from various organi-zational units. These teams are tasked to inte-grate systems across agency organizationalboundaries.

There are five major ongoing initiatives whichare contributing toward increased data sharing:

� Enterprise Architecture,

� Intelligent Transportation System (ITS), � Statewide GIS data sharing, � American Association of Transportation

Officials (AASHTO) development of multi-state transportation software, and

� KDOT data warehouse.

Enterprise Architecture and DataSharing

An important program that is having an impacton information sharing within KDOT isEnterprise Architecture (EA). Over the pastcouple of years, KDOT has embarked on a pro-gram to document its existing business, data,applications, and technology architectures. Thedata architecture is perhaps the furthest along.KDOT now has a good estimation of exactlyhow many databases, tables, and attributes arecontained within its thousands of programs andapplications.

Despite a strong database design and manage-ment activity, many improvements can signifi-cantly contribute toward better data sharingboth within the agency and between the agencyand its business partners. One of the discover-ies that has come out of this program is anunderstanding of just how much redundancyexists. Key data attributes like "project no" and"route," for example, appear on dozens oftables. And dozens of redundant tables exist forconcepts like "county." With redundancy, it isdifficult for end users or even developers toknow which attribute is the "best" or "official"one or which table they should use for theirapplication. Often, developers choose to clonean existing table, and give it a different name.Of course, this makes the situation worse.

All of the above limits KDOT's ability to support itsusers when they make requests for managementdata or try to provide better information to the


public. This is reality with what is labeled "struc-tured data." In the area of "unstructured data"(images, photographs, documents, email,attachments, web pages, voice, video, etc.), thesituation is even more complicated. In a recent"Project Portal" project, KDOT has developed adata warehouse of project information thatdraws on different kinds of data that includestructured data from key applications, docu-ments, and maps to provide the public andKDOT personnel up-to-date information onhighway projects. It is anticipated that this proj-ect will be the first of many. However, tyingstructured and unstructured data together suc-cessfully is currently a major challenge, sincethese different data types currently exist in dif-ferent domains and to date there has not beena great deal of examination of how these vari-ous kinds of data fit together.

One of the next tasks in the EnterpriseArchitecture program is to extend KDOT's"Enterprise Data Architecture" to fully documentwhat data already exists, and to identify thesteps necessary to make the input, indexing,integrating and retrieving of KDOT's informationmuch more straightforward.

Intelligent Transportation Systemsand Information Sharing

In the early 1990's, the U.S. Department ofTransportation (USDOT) began work on anambitious "multi-modal, information- and infra-structure-based" national program to "useadvanced technology to improve the efficiencyand safety of our Nation's surface transportationsystem." This program eventually became theIntelligent Transportation Systems (ITS)Program. Since its inception, ITS has workedwith all of the states and many local jurisdictionsto study and improve the ways that technologyand communication can improve the capacity

and safety of the nation's most critical infra-structure: its urban highways, interchanges,intersections, and accesses. To this end, theUSDOT has funded a myriad of projects to mon-itor usage. And, track and respond to widerange of other problems, such as congestionand accidents, that cause a huge loss of timeand money to the American economy.

By its very nature the ITS involves the collec-tion, processing and sharing of enormousamounts of data. Starting in the mid 90s, theKansas DOT has coordinated activities with theState of Missouri, and local agencies in theKansas City Metropolitan area to plan, fund,and monitor the regional KC SCOUT TrafficOperations Center (TOC) in Lee Summit,Missouri. This center manages a wide range ofinformation including a large number of closedcircuit feeds from major arteries around the met-ropolitan area and a whole range of other traffic,weather, and other information into a traffic con-trol center, operated by law enforcement per-sonnel in the KC Metropolitan area.

KC SCOUT is a large scale multi-agency, multi-state information sharing initiative. Agreementswith a wide range of public and private datasources have had to be defined, discussed, andcommitted to writing. This project has been atthe forefront of advanced technology for KDOT.KC SCOUT is all about real-time information.The management issues span the gamut fromcontracting for high-speed fiber-optic data linksto provide CATV and data feeds across the sys-tem, and relaying messages for dynamic mes-sage signs (DMSs) to the development of wire-less links to law enforcement, local media, andKDOT maintenance crews.

ITS will continue to push information sharing tothe state-of-the-art. Over the next decade it isanticipated that "intelligent roadways" and "intel-ligent vehicles and trucks" will communicate


with one another in more and more ways, toreduce traffic congestion, reduce accidents, andallow motorists and truckers to make more intel-ligent travel decisions in real-time.

Geographic Information Systems andData Sharing

KDOT has a huge investment in the transporta-tion infrastructure. The natural display andaccess to this information is via a GeographicInformation Systems (GIS) interface. A largepart of the operational expense is directly relatedto the transportation infrastructure. Informationsharing with local agencies is almost entirelyrelated to investments and usage of the localtransportation network and the interactionbetween their local highway networks and theKDOT statewide highway system.

Following a consistent GIS referencing frame-work for transportation allows KDOT to shareinformation easily without large conversionexpenses. The GIS Data sharing community inKansas develops technical standards and sup-ports a Statewide GIS data clearing house at theKansas Data Access and Support Center(DASC) (http://gisdasc.kgs.ku.edu/). This clear-ing house is supported by the Kansas GISPolicy Board that establishes standards includ-ing metadata, monitors ongoing efforts of allparties, and helps establish sharing agreementsbetween parties. The Policy Board also encour-ages information sharing between federal, stateand local entities.

KDOT is evolving its GIS effort by incorporatinga geospatial phase in every project whether it

entails new development or a major revision toan existing system. This will ensure that GISdata collection and presentation is addressedand resolved in the early planning stages of anyproject. Incorporating geospatial concepts intothe design stage using consistent standards andformats will facilitate sharing information.Training, executive support, and standards havebeen instrumental in facilitating GIS data sharing.

American Association of State Highwayand Transportation Officials (AASHTO)Software Development and Data Sharing

For more than a decade, the AmericanAssociation of State Highway and TransportationOfficials (AASHTO) has facilitated data exchangeby developing software, called AASHTOWare,which is used by multiple departments of trans-portation. The strategic direction of the softwaredevelopment is stated by AASHTO:

"The AASHTOWare® technical service pro-gram is a thriving activity generating in excessof $24 million in annual revenue. Last year, all50 state transportation agencies, as well as twoCanadian Provinces, several foreign countries,U.S. counties and cities, as well as numerousconsulting firms licensed one or moreAASHTOWare products. The simple philoso-phy of sharing resources to acquire or developtransportation software solutions that would beotherwise uneconomical to produce hasproven to be a powerful strategy against esca-lating software lifecycle costs and risks."13

AASHTOWare software covers the followingtransportation functions: transportation software

13 ASHTOWare Strategic Plan 2004 at http://www.aashtoware.org/sites/aashtoware/docs/AASHTOWare%20Strategic%20Plan%20-%20August%202004%20final%20.pdf

http://gisdasc.kgs.ku.edu/

http://www.aashtoware.org/sites/aashtoware/docs/AASHTOWare%20Strategic%20


management solutions, bridge management,bridge rating and design products, and surveydata management. These and future systemsare jointly developed under the overall guidanceof AASHTO by volunteers from state depart-ments of transportation with assistance fromselected software development vendors. Fundingresults from solicitations for voluntary contributionsto develop and maintain the systems.

By developing systems, complete with systemdocumentation of processes and data elements,this program has been both the vehicle and cat-alyst for data sharing between departments oftransportation.

Enterprise Decision Support DataWarehouse and Data Sharing

The Data Warehouse (DW) program is havingan increasing impact on the data sharing atKDOT. The DW concept allows mission-criticaldata needed to support decision-making func-tions to be separated from the operational sys-tems, while complementing these transactionalapplications. The demand for data warehousingsystems has made it necessary to prioritize thesubject areas to provide the highest impact direc-tion for the program and support for a phasedapproach to improving access to information.

The DW Project Management team utilizes theBusiness Dimensional Lifecycle (a trademark ofRalph Kimball Associates) to support the devel-opment and maintenance of the DataWarehouse. The goal is to make KDOT's infor-mation more accessible and consistent with aDW that is an adaptive and resilient source ofinformation, which will become the foundationfor decision making.

Each data warehouse project starts with a spon-sor that has general management responsibility

in a specific subject area (e.g., planning, acci-dent and traffic data). The business require-ments are gathered through a process of defin-ing the types of business questions to beanswered by the data warehouse starting withthe higher level executive, and working towardthe business user.

The next step in the process is the data auditand analysis task, which identifies required datasources, prepares the data requirements docu-ment, and analyzes the required data for anydata issues outside of the normal businessrules. It is within this task that information shar-ing becomes evident. As would be expectedthere are a number of data sources containingsimilar information in varying stages of enter-prise usefulness. Inter-organizational discus-sions are conducted with associates at all levelsof management. Data sources and data defini-tions are identified which support the enterpriseview of information in the data warehouse.

The results of the data analysis are document-ed and presented to the administrators of thedata for their review and action. Informationthat does not fall within the business rules isidentified and quantified for quality control pur-poses. Some data is clean enough for the oper-ational system, but not for the Enterprise DataWarehouse. Finally, business rules to handlethe exceptions are agreed upon by the businesscommunity and are implemented in the datawarehouse data staging process. The businessrules are documented in the Data WarehouseMetadata Repository for review by thoseaccessing information in the Data Warehouse.

The process of developing and maintaininginformation sharing through the KDOT DecisionSupport Data Warehouse will be repeated foreach subject area leading toward an EnterpriseDecisions Support Data Warehouse.


A lot of barriers are structural relating to bureau-cratic organizations. Some of the fundamentalissues are in the way a state government isorganized, the way assignments are made, andmaintaining compliance with statutory require-ments. Risk aversion is common. All data isimperfect and a manager may not be comfort-able sharing data unless it is 100% perfect sothey don't get bit later. If someone bases a deci-sion on data that is imperfect, and the wrongchoice is made, then the blame game begins.Thus the causes for not sharing data are oftenunderstandable. Reducing risk and creatingcommunity advantage though sharing arestrategies to consider.

Data Management

So how is this achieved? A state "informationutility" was proposed for California about 1997.Logically, each subject area is sourced from themost appropriate agency, e.g., the agency thathas responsibility for that particular data. Theagencies focus on keeping their layers current.A user is always getting the best data at anypoint of use. This is not the historical data ware-house, that is, a library archive where all reportssit. Information is often kept by librarians basedon the chance that someday perhaps it will beused.

As a regional planner, it is necessary to find anduse local, state and Federal data sets on manyissues and in response to many data requests.

As an Affiliate State Data Center, the NorthernShenandoah Valley Regional Commission hasreceived Census Bureau, Department ofCommerce and a variety of state agency reportsfor the past 30 years.

There is a categorization problem that occurswith such a document collection, since the infor-mation does not fit a traditional library subjectmode. This is due to the fact that the data ismixed when it comes in a report—it's not puredata. The organizing scheme currently used bythe commission is to file reports by the name ofthe agency that created the report, within geo-graphic sections: local, regional, state and fed-eral. State agency name changes create a con-tinuity problem, so things are grouped by thecurrent name.

This is being simplified as agencies use theInternet to make their data available to the pub-lic. This is often driven by a transparency oropen government policy and it is very useful increating a climate for improving informationsharing. Search engines also speed up theprocess of finding information. If a researcherhas the 1999 report and wants 2003—they cansearch on the report name and will generallyfind it very quickly—more so than when going tothe agency page and working through themenus.

Google® is now available for the desktop and itworks very well. If a researcher needs to findsomething, they can easily find it using key

economic development perspective

Developing a Regional PerspectiveTom Christoffel, AICP, Senior Planner, Northern Shenandoah Valley Regional Commission,Commonwealth of Virginia


words for subject, author, or content. It wouldbe useful if the classification and indexingscheme it creates from a collection could bemade visible. That could help build organizingschemes for initial classification which is stillneeded.

One of the problems with data categorization isthat generally data is collected in response to astovepipe requirement, e.g., some program orinitiative requires this data be collected forreporting purposes. This may be required bystatute. What many people are realizing is thatthe data has more value than the original pur-pose. Or, the design of the system that gener-ates the data missed one or two critical ele-ments. This happens due to a lack of an enter-prise perspective. The project team that devel-oped the system was not thinking far enoughahead. In reality when business problems arebeing addressed, whether they are in trans-portation, or economic development, the analy-sis must draw from many datasets. Businessproblems anymore have a regional dimensionthat encompasses a scope beyond thestovepipe. In this changing world, there is aneed for a new integration in thinking, in prob-lem solving, and in evaluating opportunities.Bureaucracies disintegrate things and put themin departments. This is the historic approach tomanaging complexity—divide and conquer.The modern world wants more sensitive solu-tions and the mitigation of impacts not previous-ly on the radar. That calls for working acrossboundaries—to re-integrate so a more wholepicture of the issues, problems and potentialsolutions can be envisioned.

For example, in exploring an economic devel-opment opportunity, you must involve thedepartment of transportation and its perspec-tives relative to impact on highway and roadtraffic, availability of mass transit, etc. It is nec-essary to involve the department of education

and its perspectives on new demands for edu-cation, availability of schools, availability ofteachers, availability of facilities, the tax basefor supporting these resources, etc. It is neces-sary to involve the departments of health andenvironmental protection to understand theimpacts on air quality, water quality, etc. So,problems can not be solved without an integrat-ed approach—that is, a community enterpriseperspective that uses information relating to thestate, the region and the locality.

Promoting a regional perspective and coopera-tion, and information sharing appears to be a"no-brainer." But for some reason it is difficult.Partially because agencies are reluctant toshare data—there is a risk adversity to datasharing. Sometimes this is because the organ-ization in focus doesn't know what data theyneed. Other times it is because agencies do notand have no history of working together.Therefore, it is necessary to first create thissense of community before you can elicit coop-eration.

Agency directors, analysts, and informationmanagers at the state level can't anticipate whatproblems will need to be solved in the future. Associety determines what can be gained fromintegrated data, it will need utilities for integrat-ing data. There is a need for regional datasetsand the associated intelligence for using thedata. Currently, there is a general lack of thisregional intelligence. In fact, data must be inte-grated in order to gain understanding.

At a recent conference for analyzing data, it waspresented that in order to understand what ishappening in a county it is necessary to look atdata going back 10 years—so there is a timedimension. It is necessary to expand geo-graphical analysis of a county to include an areaas much as 90 miles in radius because peoplenow live in regional environments where they


may drive 90 miles to get to their job—this is thegeographical dimension. It is necessary to lookat housing costs and salary data. People gowhere the jobs are, but they can't afford thehousing, so they keep their home where theycan afford housing, and drive to where theirsalary can pay the cost of living—this is theeconomic dimension and population densitydimension. Society is getting more and moredispersed. Data must be analyzed from all ofthese dimensions to get a clear picture of whatis really happening.

Some of the difficulty could be solved by estab-lishing standard regional blocks. This approachshould be part of a strategy for aggregating datawhile maintaining confidentiality. Some exam-ples of existing standards are the geo-politicaldefinitions of state, county, and city. An inter-mediate geography needs to be defined thatspans counties. It already exists in many statesas a system of regional councils established inthe late 1960's or early 1970's. Those states likeVirginia, that utilize a standard regional geogra-phy scheme in the development of data sets,have an advantage. However, no state is usingthis concept to its full potential. A state standardregion for census data that gave 100% geo-graphic coverage is a simple solution now beingpursued. It is fundamentally a state strategythat can be used for a competitive advantage.The value of the enterprise architecture in thiscase is that each departmental enterprise unitresponds to its respective needs and require-ments based on political geography, each con-tributing a perspective as part of an intelligentcommunity.

Geographic Information Systems

The federal government has been working ondata coordination since the 1980's. As part ofthe Federal Geographical Data Committee

(FGDC) analysis, it was discovered that longi-tude and latitude were recorded using 22 differ-ent formats for the same information. Therearen't standards for this information at the statelevel either, and the states won't use the federalapproach that came out of this effort. This isdemonstrated in the database design approachused at the state level. There is the example ofthree different counties that developed differentGIS designs. And, a subsequent effort createdyet another design.

There is an integration problem that becomesobvious when looking at the geo-spatial dimen-sion. Each discipline has a different set of pro-tocols for granularity whether its water sciencedata, biological data, or economic data. It's notnecessary to have a high degree of accuracy forlongitude and latitude for economic data. Butthere is a need for higher accuracy and granu-larity for water science data. So, all of thesedatasets have been generated for different dis-ciplines, but no way to cross reference them.One set is very granular, and others are at toohigh a scale. Or, some data within the samediscipline is captured with varying degrees ofgeospatial granularity because it is intended fordifferent uses.

Some GIS vendors state they can import anydata. Is this really reachable? Standards areneeded but the states don't come together onstandards. And the federal government hasbeen working on standards for 20 years. GIS isbecoming more and more important as a dimen-sion of data, providing context for analyzingdata. The spatial dimension has been invisibleto many database people.

Data Survival

Data survival is an ongoing problem, especiallyas we migrate to new media and new systems.


Software changes and equipment obsoletes,but the data must survive. This should be a keypriority in state government. On the other sideof the spectrum is another extreme which canbe termed a librarian mentality. Someone mayneed this information a hundred years fromnow, so it better be kept and protected.

There needs to be a balance among all of theseissues. Data survival, better designs, betterdata collection, regional perspectives, etc. Allpursued as part of a data quality goal. Therecould be "perfect" data collected and stored, butnever used. The ultimate users are the oneswho will require various correlations. So, theseusers must be involved in data analysis. It mustbe kept in mind that some of these ultimateusers may be outside the community of datacollectors. This requires careful identification ofall stakeholders to be sure all stakeholders areinvolved in determining what data is collected,and stored for analysis.


The contributors to this report touched on anumber of issues and initiatives regarding infor-mation sharing within multiple lines of businesswithin government. The interviews that wereconducted involved people who are dealing withthese issues on a daily basis. Their experience,knowledge and resilience is impressive. Theywere also willing to participate in the creation ofthis document with the intention of makingthings better.

There are a number of themes and solutionsthat have come out of these interviews.

� Enterprise Architecture� Organizational Dynamics� Identity Management� Privacy� Sponsorship� Funding� Incentives� Methodology� Tools� Common Vocabularies

Calls to Action

The recommendations from this list of contribu-tors can make a difference, but only if they areused. The people interviewed are dedicatedprofessionals who have stepped up to the plateas change agents who are willing to provide therest of us with the benefit of their expertise andexperience. This benefit won't be realizedunless everyone works to overcome barriers toinformation sharing and respond to the calls toaction outlined in this report. It will take thecombined effort of everyone to make a differ-ence. NASCIO encourages the readers of thisreport to respond to these Calls to Action withinthe limitations and opportunities of their own cir-cumstances.

Please submit any inquiries to Eric Sweden,NASCIO, [email protected], 859-514-9189.

conclusion: making a difference


appendix

AcknowledgementsNASCIO expresses its sincere appreciation to those who participated in interviews and contributedarticles. These individual contributed candid remarks that present not only the real barriers, but alsoproductive suggestions on how to move forward with information sharing—and establish an enterpriseview within government.

Pete Bailey Chief of Health and DemographicsBudget and Control BoardOffice of Research and Statistics State of South Carolina

Anthony M. CresswellDeputy DirectorCenter for Technology in Government

John ClarkProgram DirectorIntergovernmental SolutionsU.S. General Services Administration

Pat CummensDirector, State and Local GovernmentSolutionsESRI

Tom Christoffel, AICPSenior PlannerNorthern Shenandoah Valley DisabilityServices Board and Regional Commission

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]


Otto DollChief Information Officer State of South Dakota

Dr. Mike GeerkenChief Information OfficerAttorney General's OfficeState of Louisiana

Kelly HarrisDeputy Executive DirectorSEARCHNational Consortium for JusticeInformation and Statistics

Terry Marie Hastings, MACommunications DirectorPublic Health Informatics Institute

Larry JohnsonChief Information OfficerState of South Carolina

John Kiely Communications ManagerPublic Health Informatics Institute

Thomas KooyPresidentJustice Information Sharing Professionals

Mark MyrentAssistant Director Illinois Information Authority

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]


Mary McCafferySenior AdvisorAssistant AdministratorOffice of Environmental InformationU.S. Environmental Protection Agency

Ben NelsonChief Information Officer / Bureau ChiefBureau of Computer ServicesKansas Department of Transportation

Kimberly T. NelsonAssistant Administrator for the Office ofEnvironmental Information& Chief Information OfficerU.S. Environmental Protection Agency

Co-ChairArchitecture and Infrastructure CommitteeFederal CIO Council

Steve PrisocDirector and Chief Information OfficerJudicial Information DivisionState of New Mexico

Bill RothChief Enterprise ArchitectState of Kansas

Dave RossExecutive DirectorPublic Health Informatics Institute

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]


Lt. Lon RamlanSan Francisco Police Department

Mike RyanEnterprise ArchitectState of Minnesota

Chaed SmithSenior Technology OfficerState of West Virginia

Martin SmithChief Information OfficerU. S. Department of Homeland Security

Dr. Peter ScharfExecutive DirectorCenter for Society, Law and Justice

Steve SchaferManager of IT Financial SolutionsThe Office of the CIOState of Nebraska

Dr. Heidi UnterAssociate Director of ResearchCenter for Society, Law and Justice

Paul Wormeli Executive DirectorIJIS Institute

Tammy WoodhamsExecutive DirectorKalamazoo Criminal Justice CouncilKalamazoo County, Michigan

[email protected]

[email protected]

[email protected]

202-401-1109 [email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]


Doug RobinsonExecutive DirectorNASCIO

Jack GalltAssistant DirectorNASCIO

Eric SwedenEditor Enterprise ArchitectNASCIO

Vince HavensProgram ManagerNASCIO

Nancy HowardMarketing & Creative Services DirectorAMR Management Services

Chris WallsSenior Publications & WebsiteCoordinatorAMR Management Services

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

[email protected]

NASCIO recognizes the contributions of the following staff members toward the compilation and pub-lishing of this report.


appendix

Organizations of Interest

American MedicalInformaticsAssociation

Association ofPublic HealthLaboratories

http://www.amia.org/

The American Medical Informatics Association is a non-profit 501(c)(3)membership organization of individuals, institutions, and corporations ded-icated to developing and using information technologies to improve healthcare.

AMIA was formed in 1990 by the merger of three organizations - theAmerican Association for Medical Systems and Informatics (AAMSI), theAmerican College of Medical Informatics (ACMI), and the Symposium onComputer Applications in Medical Care (SCAMC). The 3,200 members ofAMIA include physicians, nurses, computer and information scientists, bio-medical engineers, medical librarians, and academic researchers and edu-cators. AMIA is the official United States representative organization to theInternational Medical Informatics Association.

http://www.aphl.org/

The Association of Public Health Laboratories (APHL) works to safeguardthe public's health by strengthening public health laboratories in the UnitedStates and across the world. In collaboration with members, APHLadvances laboratory systems and practices, and promotes policies thatsupport healthy communities. The association's founding members aredirectors of state and territorial public health laboratories. Others includestate laboratory staff, city and county laboratory directors, and internation-al representatives. APHL is a non-profit, 501(C3) organization with a his-tory of over fifty years.

The LIMS initiative is described athttp://www.aphl.org/Informatics/index.cfm

http://www.amia.org/

http://www.aphl.org/

http://www.aphl.org/Informatics/index.cfm


Bureau of JusticeAssistance

ComCARE Alliance

Center for Society,Law and Justice

http://www.ojp.usdoj.gov/BJA/

The Bureau of Justice Assistance (BJA) is a component of the Office ofJustice Programs, U.S. Department of Justice, which also includes theBureau of Justice Statistics, the National Institute of Justice, the Office ofJuvenile Justice and Delinquency Prevention, and the Office for Victims ofCrime.

The mission of BJA is to provide leadership and assistance in support oflocal criminal justice strategies to achieve safe communities. BJA's overallgoals are to (1) reduce and prevent crime, violence, and drug abuse and(2) improve the functioning of the criminal justice system. To achieve thesegoals, BJA programs emphasize enhanced coordination and cooperation offederal, state, and local efforts.

http://www.comcare.org

ComCARE stands for Communications for Coordinated Assistance andResponse to Emergencies. ComCARE's goal is to promote an integrated,coordinated approach to emergency communications and support thedevelopment of a comprehensive "end-to-end system" to link the public toemergency agencies, and to link those agencies together. ComCAREseeks to enhance the ability to respond to individual and mass emergen-cies of all types by creating a network of survival which links existing tech-nologies in homes and businesses, smart cars and trucks equipped withtelematics, warning devices, wireless telecommunications, intelligenttransportation systems, and advanced emergency care. Introducing 21stCentury information and communications technologies to the often-anti-quated communications infrastructure of emergency agencies will savethousands of lives each year, substantially reduce the severity of injuriesand enhance homeland security.

http://www.cslj.net/

CSLJ at the University of New Orleans, provides technical assistance,research, and training to criminal justice managers and other law enforce-ment personnel in cooperation with the Bureau of Justice Assistance.

http://www.ojp.usdoj.gov/BJA/

http://www.comcare.org

http://www.cslj.net/


Center forTechnology inGovernment

Department ofHomeland Security

Department ofJustice

Federal EnterpriseArchitectureProgramManagement Office

http://www.ctg.albany.edu/about/

The Center for Technology in Government works with government to developinformation strategies that foster innovation and enhance the quality and coor-dination of public services.

The Center carries out this mission through applied research and partner-ship projects that address the policy, management, and technology dimen-sions of information use in the public sector.

http://www.dhs.gov/dhspublic/index.jsp

DHS leads the unified national effort to secure America. DHS will preventand deter terrorist attacks and protect against and respond to threats andhazards to the nation. DHS will ensure safe and secure borders, welcomelawful immigrants and visitors, and promote the free-flow of commerce.

http://www.usdoj.gov/

The mission of the Department of Justice is to enforce the law and defend theinterests of the United States according to the law; to ensure public safetyagainst threats foreign and domestic; to provide Federal leadership in pre-venting and controlling crime; to seek just punishment for those guilty ofunlawful behavior; to administer and enforce the Nation's immigration lawsfairly and effectively; and to ensure fair and impartial administration of justicefor all Americans.

http://www.whitehouse.gov/omb/egov/

The Federal Enterprise Architecture Program Management Office (FEA-PMO) was established on February 6, 2002, in accordance with directionissued by the Associate Director for Information (IT) and E-Government,Office of Management and Budget (OMB). The lack of a Federal EnterpriseArchitecture had been cited by the 2001 Quicksilver E-Government TaskForce as a key barrier to the success of the 24 Presidential Priority E-Government initiatives approved by the President's Management Council inOctober 2001.

http://www.ctg.albany.edu/about/

http://www.dhs.gov/dhspublic/index.jsp

http://www.usdoj.gov/

http://www.whitehouse.gov/omb/egov/


Global JusticeInformation SharingInitiative

Global Justice XMLData Model

http://it.ojp.gov/global/childTopic.jsp?topic_id=59&parent_id=2

The efforts of the Global Justice Information Sharing Initiative (Global)Advisory Committee (GAC) have direct impact on the work of more than 1.2million justice professionals. The importance of the organization's mission,however, positions Global to impact citizens of the U.S., Canada, andbeyond. Global's mission—the efficient sharing of data among justice enti-ties—is at the very heart of modern public safety and law enforcement.

Global is a ''group of groups,'' representing more than thirty independentorganizations spanning the spectrum of law enforcement, judicial, correc-tional, and related bodies. Member organizations participate in Global outof shared responsibility and shared belief that, together, they can bring aboutpositive change in inter-organizational communication and data sharing.

The GAC advises the nation's highest-ranking law enforcement officer, theU.S. Attorney General. Global aids its member organizations and the peo-ple they serve through a series of important initiatives. These include thefacilitation of the Global working groups; development of technology stan-dards, such as the Global Justice XML Data Model, Version 3.0; creation ofwhite papers on data sharing issues, such as the National CriminalIntelligence Sharing Plan; and the dissemination of information via theGlobal Web site.

The work of the GAC has implications of the highest importance—makingit the foremost voice for justice information sharing.

http://it.ojp.gov/topic.jsp?topic_id=170

The Office of Justice Programs (OJP), together with the Global JusticeInformation Sharing Initiative (Global), has officially issued a newer versionof the Global Justice Extensible Markup Language (XML) Data Model(Global JXDM) to the justice community—Version 3.0.2. This latest releaseof the Version 3.0 Global JXDM series is enhanced to increase the abilityof justice and public safety communities to share justice information at alllevels—laying the foundation for local, state, and national justice interoper-ability.

http://it.ojp.gov/global/childTopic.jsp?topic_id=59&parent_id=2

http://it.ojp.gov/topic.jsp?topic_id=170


George WashingtonUniversity HomelandSecurity PoliceInstitute

Integrated JusticeInformation SystemsInstitute(IJIS)

Justice InformationExchange Model(JIEM)

Justice InformationSharingProfessionals(JISP)

http://www.homelandsecurity.gwu.edu/dhs/programs/policy/

The Homeland Security Policy Institute (HSPI) draws on the expertise ofThe George Washington University and its partners from the academic,non-profit, policy and private sectors for a common goal of better preparingthe nation for the threat of terrorism. HSPI frames the debate, discussespolicy implications and alternatives and recommends solutions to issuesfacing America's homeland security policymakers. By linking academiciansand scientists to decision makers at all levels of government, the privatesector and the communities we live in, HSPI is working to build a bridgebetween theory and practice in the homeland security arena.

http://www.ijis.org/

The mission of the IJIS Institute is to apply the expertise of industry to assistjustice agencies in the innovative use of advanced technologies to bettershare information in a way that benefits industry, the public sector, and soci-ety as a whole.

http://www.search.org/programs/technology/jiem.asp

This project, funded by the Bureau of Justice Assistance, U.S. Departmentof Justice, is designed to facilitate the development of integrated justiceinformation systems planning and implementation throughout the nation.Integration of justice information systems refers to the justice community'sability to access and share critical information at key decision pointsthroughout the justice process. It is through identification of these key deci-sion points and development of information exchange models thatSEARCH will further nationwide integration efforts.

http://www.jisp.us

JISP is a National Network of state and local justice and public safety inte-grators responsible for the facilitation, collaboration, and advocacy of infor-mation sharing.

http://www.homelandsecurity.gwu.edu/dhs/programs/policy/

http://www.ijis.org/


http://www.jisp.us


Kalamazoo CriminalJustice Council(KCJC)

National Associationof State ChiefInformation Officers(NASCIO)

http://www.kcjc.org/

The Kalamazoo Criminal Justice Council (KCJC) is a multi-disciplinary, col-laborative organization of countywide justice system and community lead-ers, who encourage local planning activities, enhance interagency cooper-ation, efficiency, effectiveness, and innovation.

The KCJC's vision is "to become and continue to be the best criminal jus-tice system in America" by:

� Ensuring a safe community for all, � Fostering fair and impartial treatment of all involved in the justice sys-

tem, � Effectively holding offenders accountable and restoring victims, � Guiding offenders toward being responsible, contributing, and valued

citizens, � Initiating and supporting crime control and prevention efforts, and � Serving as responsible stewards of public resources.

http://www.nascio.org

NASCIO represents state chief information officers and informationresource executives and managers from the 50 states, six U. S. territories,and the District of Columbia. State members are senior officials from any ofthe three branches of state government who have executive-level andstatewide responsibility for information resource management.Representatives from federal, municipal, and international governmentsand state officials who are involved in information resource managementbut do not have chief responsibility for that function participate in the organ-ization as associate members. Private-sector firms and non-profit organi-zations may join as corporate members.

http://www.kcjc.org/

http://www.nascio.org


National LawEnforcementTelecommunicationsSystem (NLETS)

Public HealthInformatics Institute(PHII)

Public HealthInformation Network(PHIN)

http://www.nlets.org

The National Law Enforcement Telecommunication System (NLETS) wascreated by the principal law enforcement agencies of the states nearly 35years ago. Since the founding, NLETS role has evolved from being prima-rily an interstate telecommunications service for law enforcement to a morebroad-based network servicing the justice community at the local, state,and federal levels. It is now the pre-eminent interstate law enforcementnetwork in the nation for the exchange of law enforcement and related jus-tice information.

The mission of NLETS is to provide, within a secure environment, an inter-national justice telecommunications capability and information services thatwill benefit to the highest degree, the safety, the security, and the preser-vation of human life and the protection of property. NLETS will assist thosenational and international governmental agencies and other organizationswith similar missions that enforce or aid in enforcing local, state, or inter-national laws or ordinances.

http://www.phii.org/about.html

Through fostering collaboration, innovation and action, the institute willadvance the public health practitioners' ability to strategically apply andmanage information systems. The institute provides service, educatesstakeholders, informs policy, and conducts research on appropriate use ofpublic health information systems.

http://www.cdc.gov/phin/

The Public Health Information Network (PHIN) is this framework. Throughdefined data and vocabulary standards and strong collaborative relation-ships, the Public Health Information Network will enable consistentexchange of response, health, and disease tracking data between publichealth partners. Ensuring the security of this information is also critical asis the ability of the network to work reliably in times of national crisis. PHINis composed of five key components: detection and monitoring, data analy-sis, knowledge management, alerting and response.

Creating a strong network that continues to define shared data standardsto support the exchange of key health data is critical for a more effectiveand response-oriented public health system. The Public Health InformationNetwork will serve as the framework supporting this new system, a systembetter positioned to respond to the changing needs of public health andconsequently the nation.

http://www.nlets.org

http://www.phii.org/about.html

http://www.cdc.gov/phin/


The NationalConsortium forJustice Informationand Statistics(SEARCH)

http://www.search.org/

SEARCH helps state and local justice agencies with their information andidentification technology needs through effective planning and implementa-tion assistance, high tech crimes investigation training, and criminal historypolicy. SEARCH developed the Justice Information Exchange Model(JIEM) tool for modeling information exchanges. JIEM has dynamic refer-ence capability to the Global Justice XML Data Dictionary. To learn moreabout JIEM see http://www.search.org/programs/technology/jiem.asp

http://www.search.org/



appendix

References

NASCIO ReportInformation Privacy:A Spotlight on KeyIssues

Principles forManaging Privacy

NASCIO EnterpriseArchitecture Tool-Kit

https://www.nascio.org/publications/index.cfm#privacyguide

This publication, produced by the NASCIO Privacy Committee, serves asa resource for states developing privacy policies that protect citizen infor-mation and are compliant with federal and state legal requirements. Thispublication highlights key issues in the following areas of privacy:

� Children's Information � Drivers' Information � Health Information � Financial Information � Education Information � Social Security Numbers � Homeland Security-Related Information � Website Privacy Policies � Government Data Matching Activities and Agreements.

In addition, the publication includes state examples for many of theseareas of information privacy, an overview of recent privacy events at thefederal level and a glossary of privacy related terms.

http://www.privacy.gov.au/publications/npps01.html

The office of the federal privacy commissioner has extracted principlesfrom the Privacy Act of 2000.

https://www.nascio.org/publications/shoppingCart/

NASCIO has published version 3 of its Enterprise Architecture Tool-Kit.This document presents approaches to governance, business architec-ture, process architecture, data architecture, and technology architecture.

https://www.nascio.org/publications/index.cfm#privacyguide

http://www.privacy.gov.au/publications/npps01.html

https://www.nascio.org/publications/shoppingCart/

GOVERNMENT INFORMATION SHARING - SEARCH - Volume 2 - Government.pdf · GOVERNMENT INFORMATION...

Documents

Transcript of GOVERNMENT INFORMATION SHARING - SEARCH - Volume 2 - Government.pdf · GOVERNMENT INFORMATION...