DMIA
HC and PHAC Memorandum of Agreement (MoA)
Context
The Public Health Agency of Canada (PHAC) needs effective and efficient means to provision digital data services to Canadians. These means must provide opportunities to achieve parity across jurisdictions, timely and transparent public health reporting to all communities, and gain a foothold in international circles. To date, however, PHAC has thus far operated in a context that is limited by technology choices and influenced by external stakeholders’ risk appetite, reducing opportunities for innovation.
PHAC and Health Canada (HC) are currently exploring opportunities to modernize the data analytics capabilities of public health data scientists, in response to 2019 Office of Auditor General recommendations and the experience of managing data throughout the COVID-19 pandemic.
In January 2022, building on the PHAC Data Strategy, CDSB (Corporate Data and Surveillance Branch) received endorsement from PHAC Executives to implement a distributed network of Data Service Teams (DSTs), linked together with an enterprise-level data fabric that facilitates effective and secure data management, sharing, integration and analysis.
These activities are occurring while defining the new relationship between PHAC’s Corporate Data Surveillance Branch and HC’s Digital Transformation Branch, borne out of the context of the Memorandum of Agreement, signed in June 2022, providing increased autonomy in technologist (IT) hiring and technology direction for the Agency.
Presentation of the MOA
This MOA is, in effective since June 30, 2022, and, limited to the relationship between HC-DTB and PHAC-CDSB. It doesn't replace the Shared Services Partnership Framework Agreement (SSP) . It has the following Scope:
- Identification and delineation of responsibilities, accountabilities and collaboration between HC-DTB and PHAC-CDSB
- Duty to comply with Government of Canada IM/IT and security direction, policies, standards, and guidelines
- Support required for PHAC-CDSB to rapidly develop client-centered self-serve in its own cloud environment
- Authority, coordination and support for PHAC’s hiring of IT-classified employees in support of PHAC-CDSB business activities
- Provisioning of IT security services to protect Crown assets
Guiding Principles
- Alignment to enterprise-wide authorities. Staffing and IM/IT services are delivered conform (to corporate GC-wide) relevant standards, policies, and procedures.
- Mutual co-operation. Both HC-DTB and PHAC-CDSB recognize that this is a growing partnership in a rapidly changing space.
- Iterative refinement. This MoA and partnership will begin as a Minimal Viable Product and evolve as priority decisions are made to support action.
- Clear line of accountability. Both organizations agree to work towards the continuous definition and alignment of roles and responsibilities. Risk ownership and management will align to this delineation.
- Shared value. Communities of practice will be strengthened by each organization contributing their area of expertise.
Principles of partnerships
The core principle of the CDSB-DTB MoA is that of mutual co-operation. Both HC-DTB and PHAC-CDSB recognize that this is a growing partnership in a rapidly changing space and will require Iterative refinement.
Both groups are committed on alignment to enterprise-wide authorities, notwithstanding exceptional circumstances. Both organizations will ensure that all staffing and IM/IT services delivered conform to relevant standards, policies, and procedures (e.g., security policies and procedures, accessibility standards, bilingualism).
This means a commitment to shared value. Communities of practice will be strengthened by each organization contributing their area of expertise (data science, IT security, enterprise architecture, cloud, DevOps, agile development). It also means continual learning and sharing of best practices to make both orgs stronger; integrating technology, policy, patterns, etc. to increase capabilities.
Mindset shift towards a new working way
Moving away from a “command and control” model, toward a model that champions flexibility and responsiveness via a delegated responsibility model allowing for increased capacity and teams placed closer to business problems.
Collaborative Governance
Outcome of the MOA
Recognizing the space that PHAC occupies within the public health ecosystem nationally and reflecting on the difficulty of aggregating like-data for critical public services, the Agency is looking to establish a standards-based approach to health system interoperability and is working on strengthening partnerships with key players across jurisdictions to enable this change.
DMIA will be working on building modular and loosely coupled services, using distributed architectures and purpose-built isolation between projects to minimize the “blast radius” of security events.
PHAC is going to work with leading Cloud Service Providers (e.g., Google, Amazon Web Services (AWS)), which provides additional exposure to SMEs (Subject Matter Experts) and opportunities to leverage an ever-growing ecosystem of technology assets, and managed Platforms.
This approach prioritizes exposing PHAC services’ functionality through public data interfaces (APIs), and an identity-based security model with strong authentication requirements (Zero Trust).
- The Way Forward: “Digitally Enabling” Our Partners