Difference between revisions of "DMIA"

From wiki
Jump to navigation Jump to search
 
(28 intermediate revisions by 2 users not shown)
Line 1: Line 1:
  
  
= '''HC and PHAC MoA''' =
+
= '''HC and PHAC Memorandum of Agreement (MoA)''' =
[[File:Banner 1.png|alt=|center|thumb|1256x1256px]]
+
[[File:Banner 33.png|alt=|center|thumb|1266x1266px]]
 +
 
 +
=== '''Context''' ===
 +
The Public Health Agency of Canada (PHAC) needs effective and efficient means to provision digital data services to Canadians. These means must provide opportunities to achieve parity across jurisdictions, timely and transparent public health reporting to all communities, and gain a foothold in international circles. 
 +
 
 +
Health Canada (HC) and PHAC are exploring opportunities to modernize the data analytics capabilities of public health data scientists, in response to 2019 Office of Auditor General recommendations and the experience of managing data throughout the COVID-19 pandemic.   
 +
 
 +
In January 2022, building on the PHAC Data Strategy, CDSB (Corporate Data and Surveillance Branch) received endorsement from PHAC Executives to implement a distributed network of Data Service Teams (DSTs), linked together with an enterprise-level data fabric that facilitates effective and secure data management, sharing, integration and analysis. 
 +
 
 +
These efforts led to a Memorandum of Agreement (MOA). The purpose of this Agreement is to set forth and define the roles and responsibilities (R&R) of the PHAC-CDSB and HC-DTB (Digital Transformation Branch). These R&R define building and sustaining data capacity in PHAC through the adoption of a federated model for data capacity delivery. They also allow CDSB to have access to jointly manage IT infrastructure and application services, and outline compliance and governance mechanisms between both organizations
 +
==='''Presentation of the MOA'''===
 +
This MOA is, in effect since June 30, 2022, and, limited to the relationship between HC-DTB and PHAC-CDSB. It doesn't replace the Shared Services Partnership Framework Agreement (SSP) . 
 +
 
 +
==== Scope: ====
 +
* Identification and delineation of responsibilities, accountabilities and collaboration between HC-DTB and PHAC-CDSB
 +
* Duty to comply with Government of Canada IM/IT and security direction, policies, standards, and guidelines
 +
* Support required for PHAC-CDSB to rapidly develop client-centered self-serve in its own cloud environment
 +
* Authority, coordination and support for PHAC’s hiring of IT-classified employees in support of PHAC-CDSB business activities
 +
* Provisioning of IT security services to protect Crown assets
 +
 
 +
==== Guiding Principles ====
 +
 
 +
* '''Alignment to enterprise-wide authorities'''. Staffing and IM/IT services are delivered conform (to corporate GC-wide) relevant standards, policies, and procedures.
 +
* '''Mutual co-operation'''. Both HC-DTB and PHAC-CDSB recognize that this is a growing partnership in a rapidly changing space.
 +
* '''Iterative refinement'''. This MoA and partnership will begin as a '''Minimal Viable Product''' and evolve as priority decisions are made to support actions.
 +
* '''Clear line of accountability'''. Both organizations agree to work towards the continuous definition and alignment of roles and responsibilities. Risk ownership and management will align to this delineation.
 +
* '''Shared value'''. Communities of practice will be strengthened by each organization contributing their area of expertise.
 +
 
 +
==== Classification, hiring and the management of IT employees ====
 +
This MOA grants the Centre for Data Management, Innovation and Analytics (DMIA) the authority to staff IT positions.
 +
 
 +
PHAC IT Group employees will be mapped to the HC-DTB business centres (IT security, cloud operations, information architecture, etc.) and will take part in operational meetings, common learning and relationship building activities to ensure common working foundations for working.
 +
 
 +
Three DTB resources (infrastructure, security, and digital solutions delivery) will ensure that PHAC-CDSB activities are aligned to broader PHAC-HC and Government of Canada architecture and security practices and guidelines and will ensure alignment across a variety of stakeholder groups within the health portfolio.
 +
 
 +
The Director General of PHAC-DMIA is responsible for:
 +
 
 +
* Alignment with all GoC and HC-DTB security policies and practices.
 +
* Meeting or exceeding GoC standards in the agile development and deployment of data services residing on IT infrastructure.
 +
* Active participation in the delivery and fulfillment of GoC IT initiatives in cooperation with HC-DTB.
 +
* Proactive support of the HC-DTB’s Chief Information Officer’s delegated accountability for IT management, governance, and planning.
 +
* Adherence to and shared development of corporate hardware, software, and architectural standards.
 +
* Participation in relevant HC-DTB IM/IT governance and oversight bodies.
 +
 
 +
The Director General(s) / Chief Information Officer of Health Canada/PHAC are responsible for:
 +
 
 +
* Leading and partnering with PHAC-CDSB to ensure the agile, flexible, responsible and secure development and delivery of data services in PHAC.
 +
* Maintaining the appropriate oversight and governance of HC and PHAC IM and IT activities.
 +
* Supporting PHAC-CDSB in its ability to operate autonomously in both sandbox and production cloud environments, such as granting of permissions on corporate infrastructure.
 +
* Supporting, championing, and protecting the flexibility of PHAC-CDSB to procure and maintain data infrastructure and IT staff.
 +
* Approval and processing for all IT asset procurement requests.
 +
* Clear and timely communication of all corporate IT initiatives affecting or requiring input from PHAC-CDSB.
 +
 
 +
==== Governance, oversight, monitoring, and dispute resolution ====
 +
CDSB and DTB commit to a '''shared governance reporting relationship''' to build and sustain a common vision and strategy, cohesive operations and execution, and the strong relationships and commitment needed to modernize data operations in the health portfolio. This may include:
 +
 
 +
* '''Standing management and oversight meetings.''' At the Director level meetings will address: the ongoing activities, progress and issues. Meetings at the Director General level to address: strategic direction and alignment of the two organizations, resourcing and capacity challenges, and operational planning requirements.
 +
 
 +
* '''Shared leadership and governance''': This will:
 +
** Provide oversight, governance and prioritization of Data Service Teams
 +
** Inform investment planning activities
 +
** Align briefings and advice to PHAC Tier 1 and Tier 2 governance
 +
 
 +
* '''HC-PHAC Architecture Review Board''': CDSB will present a target architecture and any subsequent updates, additions to, or modifications of HC or shared infrastructure for approval, to a joint HC/PHAC Architecture Review Board.
 +
* '''Duration and Modification of the Agreement''': the agreement will be reviewed annually
 +
* '''Modification''': this agreement, once signed, remains in force until modified or terminated. It can be modified anytime upon agreement of both parties.
 +
* '''Termination:''' of this agreement requires mutual agreement between the ADM and the VP.
 +
* '''Issues:''' Failing mutual agreement between DTB and CDSB, issues and options will be jointly presented to respective ADM and VP for resolution.
 +
 
 +
 
 +
 
 +
=== References ===
 +
<references />
 +
1- [https://www.oag-bvg.gc.ca/internet/English/parl_oag_202103_03_e_43785.html Pandemic Preparedness, Surveillance, and Border Control Measures]
 +
 
 +
[[Collaborative Governance|2- Collaborative Governance]]
 +
 
 +
 
 +
 
 +
<!-- End of the MoA description -->=== '''Outcome of the MOA''' ===
 +
Recognizing the space that PHAC occupies within the public health ecosystem nationally and reflecting on the difficulty of aggregating like-data for critical public services, the Agency is looking to establish a standards-based approach to health system interoperability and is working on strengthening partnerships with key players across jurisdictions to enable this change.
 +
 
 +
 
 +
'''DMIA will''' be working on building modular and loosely coupled services, using distributed architectures and purpose-built isolation between projects to minimize the “blast radius” of security events.
 +
 
 +
PHAC is going to work with leading Cloud Service Providers (e.g., Google, Amazon Web Services (AWS)), which provides additional exposure to SMEs (Subject Matter Experts) and opportunities to leverage an ever-growing ecosystem of technology assets, and managed Platforms.
  
'''Context'''
 
* Why it’s needed
 
* Describing the MOA
 
** Principles of partnerships
 
** Governance and Oversight Processes
 
* The Way Forward: “Digitally Enabling” Our Clients
 
*
 
 
*  
 
*  
+
*
[[Health Canada|GC Cloud Infocentre]]
 

Latest revision as of 16:13, 2 December 2022


HC and PHAC Memorandum of Agreement (MoA)

Context

The Public Health Agency of Canada (PHAC) needs effective and efficient means to provision digital data services to Canadians. These means must provide opportunities to achieve parity across jurisdictions, timely and transparent public health reporting to all communities, and gain a foothold in international circles.

Health Canada (HC) and PHAC are exploring opportunities to modernize the data analytics capabilities of public health data scientists, in response to 2019 Office of Auditor General recommendations and the experience of managing data throughout the COVID-19 pandemic.

In January 2022, building on the PHAC Data Strategy, CDSB (Corporate Data and Surveillance Branch) received endorsement from PHAC Executives to implement a distributed network of Data Service Teams (DSTs), linked together with an enterprise-level data fabric that facilitates effective and secure data management, sharing, integration and analysis.

These efforts led to a Memorandum of Agreement (MOA). The purpose of this Agreement is to set forth and define the roles and responsibilities (R&R) of the PHAC-CDSB and HC-DTB (Digital Transformation Branch). These R&R define building and sustaining data capacity in PHAC through the adoption of a federated model for data capacity delivery. They also allow CDSB to have access to jointly manage IT infrastructure and application services, and outline compliance and governance mechanisms between both organizations

Presentation of the MOA

This MOA is, in effect since June 30, 2022, and, limited to the relationship between HC-DTB and PHAC-CDSB. It doesn't replace the Shared Services Partnership Framework Agreement (SSP) .

Scope:

  • Identification and delineation of responsibilities, accountabilities and collaboration between HC-DTB and PHAC-CDSB
  • Duty to comply with Government of Canada IM/IT and security direction, policies, standards, and guidelines
  • Support required for PHAC-CDSB to rapidly develop client-centered self-serve in its own cloud environment
  • Authority, coordination and support for PHAC’s hiring of IT-classified employees in support of PHAC-CDSB business activities
  • Provisioning of IT security services to protect Crown assets

Guiding Principles

  • Alignment to enterprise-wide authorities. Staffing and IM/IT services are delivered conform (to corporate GC-wide) relevant standards, policies, and procedures.
  • Mutual co-operation. Both HC-DTB and PHAC-CDSB recognize that this is a growing partnership in a rapidly changing space.
  • Iterative refinement. This MoA and partnership will begin as a Minimal Viable Product and evolve as priority decisions are made to support actions.
  • Clear line of accountability. Both organizations agree to work towards the continuous definition and alignment of roles and responsibilities. Risk ownership and management will align to this delineation.
  • Shared value. Communities of practice will be strengthened by each organization contributing their area of expertise.

Classification, hiring and the management of IT employees

This MOA grants the Centre for Data Management, Innovation and Analytics (DMIA) the authority to staff IT positions.

PHAC IT Group employees will be mapped to the HC-DTB business centres (IT security, cloud operations, information architecture, etc.) and will take part in operational meetings, common learning and relationship building activities to ensure common working foundations for working.

Three DTB resources (infrastructure, security, and digital solutions delivery) will ensure that PHAC-CDSB activities are aligned to broader PHAC-HC and Government of Canada architecture and security practices and guidelines and will ensure alignment across a variety of stakeholder groups within the health portfolio.

The Director General of PHAC-DMIA is responsible for:

  • Alignment with all GoC and HC-DTB security policies and practices.
  • Meeting or exceeding GoC standards in the agile development and deployment of data services residing on IT infrastructure.
  • Active participation in the delivery and fulfillment of GoC IT initiatives in cooperation with HC-DTB.
  • Proactive support of the HC-DTB’s Chief Information Officer’s delegated accountability for IT management, governance, and planning.
  • Adherence to and shared development of corporate hardware, software, and architectural standards.
  • Participation in relevant HC-DTB IM/IT governance and oversight bodies.

The Director General(s) / Chief Information Officer of Health Canada/PHAC are responsible for:

  • Leading and partnering with PHAC-CDSB to ensure the agile, flexible, responsible and secure development and delivery of data services in PHAC.
  • Maintaining the appropriate oversight and governance of HC and PHAC IM and IT activities.
  • Supporting PHAC-CDSB in its ability to operate autonomously in both sandbox and production cloud environments, such as granting of permissions on corporate infrastructure.
  • Supporting, championing, and protecting the flexibility of PHAC-CDSB to procure and maintain data infrastructure and IT staff.
  • Approval and processing for all IT asset procurement requests.
  • Clear and timely communication of all corporate IT initiatives affecting or requiring input from PHAC-CDSB.

Governance, oversight, monitoring, and dispute resolution

CDSB and DTB commit to a shared governance reporting relationship to build and sustain a common vision and strategy, cohesive operations and execution, and the strong relationships and commitment needed to modernize data operations in the health portfolio. This may include:

  • Standing management and oversight meetings. At the Director level meetings will address: the ongoing activities, progress and issues. Meetings at the Director General level to address: strategic direction and alignment of the two organizations, resourcing and capacity challenges, and operational planning requirements.
  • Shared leadership and governance: This will:
    • Provide oversight, governance and prioritization of Data Service Teams
    • Inform investment planning activities
    • Align briefings and advice to PHAC Tier 1 and Tier 2 governance
  • HC-PHAC Architecture Review Board: CDSB will present a target architecture and any subsequent updates, additions to, or modifications of HC or shared infrastructure for approval, to a joint HC/PHAC Architecture Review Board.
  • Duration and Modification of the Agreement: the agreement will be reviewed annually
  • Modification: this agreement, once signed, remains in force until modified or terminated. It can be modified anytime upon agreement of both parties.
  • Termination: of this agreement requires mutual agreement between the ADM and the VP.
  • Issues: Failing mutual agreement between DTB and CDSB, issues and options will be jointly presented to respective ADM and VP for resolution.


References

1- Pandemic Preparedness, Surveillance, and Border Control Measures

2- Collaborative Governance


Outcome of the MOA

Recognizing the space that PHAC occupies within the public health ecosystem nationally and reflecting on the difficulty of aggregating like-data for critical public services, the Agency is looking to establish a standards-based approach to health system interoperability and is working on strengthening partnerships with key players across jurisdictions to enable this change.


DMIA will be working on building modular and loosely coupled services, using distributed architectures and purpose-built isolation between projects to minimize the “blast radius” of security events.

PHAC is going to work with leading Cloud Service Providers (e.g., Google, Amazon Web Services (AWS)), which provides additional exposure to SMEs (Subject Matter Experts) and opportunities to leverage an ever-growing ecosystem of technology assets, and managed Platforms.