Difference between revisions of "DMIA"

From wiki
Jump to navigation Jump to search
 
(4 intermediate revisions by the same user not shown)
Line 11: Line 11:
 
In January 2022, building on the PHAC Data Strategy, CDSB (Corporate Data and Surveillance Branch) received endorsement from PHAC Executives to implement a distributed network of Data Service Teams (DSTs), linked together with an enterprise-level data fabric that facilitates effective and secure data management, sharing, integration and analysis.   
 
In January 2022, building on the PHAC Data Strategy, CDSB (Corporate Data and Surveillance Branch) received endorsement from PHAC Executives to implement a distributed network of Data Service Teams (DSTs), linked together with an enterprise-level data fabric that facilitates effective and secure data management, sharing, integration and analysis.   
  
These efforts led to a Memorandum of Agreement (MOA). The purpose of this Agreement is to set forth and define the roles and responsibilities (R&R) of the PHAC-CDSB and HC-DTB (Digital Transformation Branch). These R&R touch building and sustaining data capacity in PHAC through the adoption of a federated model for data capacity delivery. They allow CDSB to have access to jointly manage IT infrastructure and application services, and outlines compliance and governance mechanisms between both organizations
+
These efforts led to a Memorandum of Agreement (MOA). The purpose of this Agreement is to set forth and define the roles and responsibilities (R&R) of the PHAC-CDSB and HC-DTB (Digital Transformation Branch). These R&R define building and sustaining data capacity in PHAC through the adoption of a federated model for data capacity delivery. They also allow CDSB to have access to jointly manage IT infrastructure and application services, and outline compliance and governance mechanisms between both organizations
 
==='''Presentation of the MOA'''===
 
==='''Presentation of the MOA'''===
This MOA is, in effective since June 30, 2022, and, limited to the relationship between HC-DTB and PHAC-CDSB. It doesn't replace the Shared Services Partnership Framework Agreement (SSP) .   
+
This MOA is, in effect since June 30, 2022, and, limited to the relationship between HC-DTB and PHAC-CDSB. It doesn't replace the Shared Services Partnership Framework Agreement (SSP) .   
  
 
==== Scope: ====
 
==== Scope: ====
Line 26: Line 26:
 
* '''Alignment to enterprise-wide authorities'''. Staffing and IM/IT services are delivered conform (to corporate GC-wide) relevant standards, policies, and procedures.  
 
* '''Alignment to enterprise-wide authorities'''. Staffing and IM/IT services are delivered conform (to corporate GC-wide) relevant standards, policies, and procedures.  
 
* '''Mutual co-operation'''. Both HC-DTB and PHAC-CDSB recognize that this is a growing partnership in a rapidly changing space.
 
* '''Mutual co-operation'''. Both HC-DTB and PHAC-CDSB recognize that this is a growing partnership in a rapidly changing space.
* '''Iterative refinement'''. This MoA and partnership will begin as a '''Minimal Viable Product''' and evolve as priority decisions are made to support action.
+
* '''Iterative refinement'''. This MoA and partnership will begin as a '''Minimal Viable Product''' and evolve as priority decisions are made to support actions.
 
* '''Clear line of accountability'''. Both organizations agree to work towards the continuous definition and alignment of roles and responsibilities. Risk ownership and management will align to this delineation.
 
* '''Clear line of accountability'''. Both organizations agree to work towards the continuous definition and alignment of roles and responsibilities. Risk ownership and management will align to this delineation.
 
* '''Shared value'''. Communities of practice will be strengthened by each organization contributing their area of expertise.
 
* '''Shared value'''. Communities of practice will be strengthened by each organization contributing their area of expertise.
Line 33: Line 33:
 
This MOA grants the Centre for Data Management, Innovation and Analytics (DMIA) the authority to staff IT positions.  
 
This MOA grants the Centre for Data Management, Innovation and Analytics (DMIA) the authority to staff IT positions.  
  
PHAC IT Group employees will be mapped to the HC-DTB business centres (IT security, cloud operations, information architecture, etc.) and will take part in operational meetings, common learning and relationship building activities to ensure common foundations for working.
+
PHAC IT Group employees will be mapped to the HC-DTB business centres (IT security, cloud operations, information architecture, etc.) and will take part in operational meetings, common learning and relationship building activities to ensure common working foundations for working.
  
 
Three DTB resources (infrastructure, security, and digital solutions delivery) will ensure that PHAC-CDSB activities are aligned to broader PHAC-HC and Government of Canada architecture and security practices and guidelines and will ensure alignment across a variety of stakeholder groups within the health portfolio.
 
Three DTB resources (infrastructure, security, and digital solutions delivery) will ensure that PHAC-CDSB activities are aligned to broader PHAC-HC and Government of Canada architecture and security practices and guidelines and will ensure alignment across a variety of stakeholder groups within the health portfolio.
Line 42: Line 42:
 
* Meeting or exceeding GoC standards in the agile development and deployment of data services residing on IT infrastructure.
 
* Meeting or exceeding GoC standards in the agile development and deployment of data services residing on IT infrastructure.
 
* Active participation in the delivery and fulfillment of GoC IT initiatives in cooperation with HC-DTB.
 
* Active participation in the delivery and fulfillment of GoC IT initiatives in cooperation with HC-DTB.
* Proactive support of the HC-DTB’s Chief Information Officer’s delegated accountability for IT management, governance, and planning
+
* Proactive support of the HC-DTB’s Chief Information Officer’s delegated accountability for IT management, governance, and planning.
 
* Adherence to and shared development of corporate hardware, software, and architectural standards.
 
* Adherence to and shared development of corporate hardware, software, and architectural standards.
 
* Participation in relevant HC-DTB IM/IT governance and oversight bodies.  
 
* Participation in relevant HC-DTB IM/IT governance and oversight bodies.  
Line 48: Line 48:
 
The Director General(s) / Chief Information Officer of Health Canada/PHAC are responsible for:
 
The Director General(s) / Chief Information Officer of Health Canada/PHAC are responsible for:
  
* Leading and partnering with PHAC-CDSB 3to ensure the agile, flexible, responsible and secure development and delivery of data services in PHAC.
+
* Leading and partnering with PHAC-CDSB to ensure the agile, flexible, responsible and secure development and delivery of data services in PHAC.
 
* Maintaining the appropriate oversight and governance of HC and PHAC IM and IT activities.
 
* Maintaining the appropriate oversight and governance of HC and PHAC IM and IT activities.
 
* Supporting PHAC-CDSB in its ability to operate autonomously in both sandbox and production cloud environments, such as granting of permissions on corporate infrastructure.
 
* Supporting PHAC-CDSB in its ability to operate autonomously in both sandbox and production cloud environments, such as granting of permissions on corporate infrastructure.
Line 74: Line 74:
  
 
=== References ===
 
=== References ===
 +
<references />
 
1- [https://www.oag-bvg.gc.ca/internet/English/parl_oag_202103_03_e_43785.html Pandemic Preparedness, Surveillance, and Border Control Measures]
 
1- [https://www.oag-bvg.gc.ca/internet/English/parl_oag_202103_03_e_43785.html Pandemic Preparedness, Surveillance, and Border Control Measures]
=== Principles of partnerships ===
 
  
==== Mindset shift towards a new working way ====
+
[[Collaborative Governance|2- Collaborative Governance]]
Moving away from a “command and control” model, toward a model that champions flexibility and responsiveness via a delegated responsibility model allowing for increased capacity and teams placed closer to business problems.
 
  
==== [[Collaborative Governance]] ====
 
  
=== '''Outcome of the MOA''' ===
+
 
 +
<!-- End of the MoA description -->=== '''Outcome of the MOA''' ===
 
Recognizing the space that PHAC occupies within the public health ecosystem nationally and reflecting on the difficulty of aggregating like-data for critical public services, the Agency is looking to establish a standards-based approach to health system interoperability and is working on strengthening partnerships with key players across jurisdictions to enable this change.  
 
Recognizing the space that PHAC occupies within the public health ecosystem nationally and reflecting on the difficulty of aggregating like-data for critical public services, the Agency is looking to establish a standards-based approach to health system interoperability and is working on strengthening partnerships with key players across jurisdictions to enable this change.  
  
Line 90: Line 89:
 
PHAC is going to work with leading Cloud Service Providers (e.g., Google, Amazon Web Services (AWS)), which provides additional exposure to SMEs (Subject Matter Experts) and opportunities to leverage an ever-growing ecosystem of technology assets, and managed Platforms.  
 
PHAC is going to work with leading Cloud Service Providers (e.g., Google, Amazon Web Services (AWS)), which provides additional exposure to SMEs (Subject Matter Experts) and opportunities to leverage an ever-growing ecosystem of technology assets, and managed Platforms.  
  
This approach prioritizes exposing PHAC services’ functionality through public data interfaces (APIs), and an identity-based security model with strong authentication requirements (Zero Trust).
 
* '''The Way Forward: “Digitally Enabling” Our Partners'''
 
 
*  
 
*  
 
*
 
*

Latest revision as of 16:13, 2 December 2022


HC and PHAC Memorandum of Agreement (MoA)

Context

The Public Health Agency of Canada (PHAC) needs effective and efficient means to provision digital data services to Canadians. These means must provide opportunities to achieve parity across jurisdictions, timely and transparent public health reporting to all communities, and gain a foothold in international circles.

Health Canada (HC) and PHAC are exploring opportunities to modernize the data analytics capabilities of public health data scientists, in response to 2019 Office of Auditor General recommendations and the experience of managing data throughout the COVID-19 pandemic.

In January 2022, building on the PHAC Data Strategy, CDSB (Corporate Data and Surveillance Branch) received endorsement from PHAC Executives to implement a distributed network of Data Service Teams (DSTs), linked together with an enterprise-level data fabric that facilitates effective and secure data management, sharing, integration and analysis.

These efforts led to a Memorandum of Agreement (MOA). The purpose of this Agreement is to set forth and define the roles and responsibilities (R&R) of the PHAC-CDSB and HC-DTB (Digital Transformation Branch). These R&R define building and sustaining data capacity in PHAC through the adoption of a federated model for data capacity delivery. They also allow CDSB to have access to jointly manage IT infrastructure and application services, and outline compliance and governance mechanisms between both organizations

Presentation of the MOA

This MOA is, in effect since June 30, 2022, and, limited to the relationship between HC-DTB and PHAC-CDSB. It doesn't replace the Shared Services Partnership Framework Agreement (SSP) .

Scope:

  • Identification and delineation of responsibilities, accountabilities and collaboration between HC-DTB and PHAC-CDSB
  • Duty to comply with Government of Canada IM/IT and security direction, policies, standards, and guidelines
  • Support required for PHAC-CDSB to rapidly develop client-centered self-serve in its own cloud environment
  • Authority, coordination and support for PHAC’s hiring of IT-classified employees in support of PHAC-CDSB business activities
  • Provisioning of IT security services to protect Crown assets

Guiding Principles

  • Alignment to enterprise-wide authorities. Staffing and IM/IT services are delivered conform (to corporate GC-wide) relevant standards, policies, and procedures.
  • Mutual co-operation. Both HC-DTB and PHAC-CDSB recognize that this is a growing partnership in a rapidly changing space.
  • Iterative refinement. This MoA and partnership will begin as a Minimal Viable Product and evolve as priority decisions are made to support actions.
  • Clear line of accountability. Both organizations agree to work towards the continuous definition and alignment of roles and responsibilities. Risk ownership and management will align to this delineation.
  • Shared value. Communities of practice will be strengthened by each organization contributing their area of expertise.

Classification, hiring and the management of IT employees

This MOA grants the Centre for Data Management, Innovation and Analytics (DMIA) the authority to staff IT positions.

PHAC IT Group employees will be mapped to the HC-DTB business centres (IT security, cloud operations, information architecture, etc.) and will take part in operational meetings, common learning and relationship building activities to ensure common working foundations for working.

Three DTB resources (infrastructure, security, and digital solutions delivery) will ensure that PHAC-CDSB activities are aligned to broader PHAC-HC and Government of Canada architecture and security practices and guidelines and will ensure alignment across a variety of stakeholder groups within the health portfolio.

The Director General of PHAC-DMIA is responsible for:

  • Alignment with all GoC and HC-DTB security policies and practices.
  • Meeting or exceeding GoC standards in the agile development and deployment of data services residing on IT infrastructure.
  • Active participation in the delivery and fulfillment of GoC IT initiatives in cooperation with HC-DTB.
  • Proactive support of the HC-DTB’s Chief Information Officer’s delegated accountability for IT management, governance, and planning.
  • Adherence to and shared development of corporate hardware, software, and architectural standards.
  • Participation in relevant HC-DTB IM/IT governance and oversight bodies.

The Director General(s) / Chief Information Officer of Health Canada/PHAC are responsible for:

  • Leading and partnering with PHAC-CDSB to ensure the agile, flexible, responsible and secure development and delivery of data services in PHAC.
  • Maintaining the appropriate oversight and governance of HC and PHAC IM and IT activities.
  • Supporting PHAC-CDSB in its ability to operate autonomously in both sandbox and production cloud environments, such as granting of permissions on corporate infrastructure.
  • Supporting, championing, and protecting the flexibility of PHAC-CDSB to procure and maintain data infrastructure and IT staff.
  • Approval and processing for all IT asset procurement requests.
  • Clear and timely communication of all corporate IT initiatives affecting or requiring input from PHAC-CDSB.

Governance, oversight, monitoring, and dispute resolution

CDSB and DTB commit to a shared governance reporting relationship to build and sustain a common vision and strategy, cohesive operations and execution, and the strong relationships and commitment needed to modernize data operations in the health portfolio. This may include:

  • Standing management and oversight meetings. At the Director level meetings will address: the ongoing activities, progress and issues. Meetings at the Director General level to address: strategic direction and alignment of the two organizations, resourcing and capacity challenges, and operational planning requirements.
  • Shared leadership and governance: This will:
    • Provide oversight, governance and prioritization of Data Service Teams
    • Inform investment planning activities
    • Align briefings and advice to PHAC Tier 1 and Tier 2 governance
  • HC-PHAC Architecture Review Board: CDSB will present a target architecture and any subsequent updates, additions to, or modifications of HC or shared infrastructure for approval, to a joint HC/PHAC Architecture Review Board.
  • Duration and Modification of the Agreement: the agreement will be reviewed annually
  • Modification: this agreement, once signed, remains in force until modified or terminated. It can be modified anytime upon agreement of both parties.
  • Termination: of this agreement requires mutual agreement between the ADM and the VP.
  • Issues: Failing mutual agreement between DTB and CDSB, issues and options will be jointly presented to respective ADM and VP for resolution.


References

1- Pandemic Preparedness, Surveillance, and Border Control Measures

2- Collaborative Governance


Outcome of the MOA

Recognizing the space that PHAC occupies within the public health ecosystem nationally and reflecting on the difficulty of aggregating like-data for critical public services, the Agency is looking to establish a standards-based approach to health system interoperability and is working on strengthening partnerships with key players across jurisdictions to enable this change.


DMIA will be working on building modular and loosely coupled services, using distributed architectures and purpose-built isolation between projects to minimize the “blast radius” of security events.

PHAC is going to work with leading Cloud Service Providers (e.g., Google, Amazon Web Services (AWS)), which provides additional exposure to SMEs (Subject Matter Experts) and opportunities to leverage an ever-growing ecosystem of technology assets, and managed Platforms.