7. Access Controls and Data Management

Introduction

In the previous session we tried and tested different frameworks and tools that are all an integral part of responsible data management. Today’s session will look at data security as part of responsible data management for cities and municipalities. Of course government institutions have a particular responsibility in safeguarding the information they gather. On the one hand because citizen trust them to handle sensitive information about them, and on the other hand because in many cases the archives, registered and data they hold are considered as trusted sources by the public. So if this information is not protected properly this leads to reputational damage, but might also undermine the trust towards information provided by the government.

This session will not focus on the hardening of IT systems, the implementation of malware scans or the cryptographic protection of data, which are all important specialized part of an organizational digital security framework. This is only one part of the digital security, the other part is about people.

Have you heard stories of people losing USB drives filled with classified information in taxis, or where sensitive files were printed but not stored properly or taken home, or that the Human Resource Department is hesitant to share resumes? These are all important human components of privacy, data protection and digital security. Today’s session will focus on the human digital security side of your data and innovation projects.