A list of Scottish Government policy and strategy related to digital delivery.
This document summarises the key Scottish Government strategies related to the delivery of online services. It’s primary purpose is to provide an overview of the strategic context for delivery. Reading this document is not a substitute for reading the documents themselves and the whole team should have an understanding of the digital strategic landscape.
- Digital Public Services Strategy
- High Level Operating Framework
- Data Hosting and Data Centre Strategy
- Open Source and Open Standards
- Data Vision and Strategic Action Plan
- Open Data Strategy
- Green ICT Strategy
- Identity Management and Privacy Principles
- Cyber Resilience Strategy
- Digital participation: A National Framework for Local Action
Digital Public Services Strategy
The Scottish Government is working with the wider public sector to achieve public services that are high quality, continually improving, efficient and responsive to local needs.
This strategy sets out:
- our vision—what success will look like;
- why we are doing this—drivers for development of digital public services;
- who will deliver—the public sector working with the ICT industry to achieve success;
- what we will do;
- how we will ensure delivery.
The strategy has four areas of focus, summarised in the following sections.
Public services will be:
- available online wherever they can be so;
- accessible through a wide range of devices from, for example, computers, smartphones and televisions;
- accessible through a single, though not exclusive, point of entry to public services to help navigate through the public sector landscape;
- available with assisted access to take into account the differing capacities of users, including by telephone or face-to-face
- secure, reliable, resilient, high quality and high performing
- use systems of assuring identity that are secure and give access to all public services
- be shaped by the needs of users and involve service users directly in their design
- use ICT to enable personalisation of services and self management
- be designed to take account of the methods and capabilities already provided by the private sector that are used extensively and intuitively by citizens
- be joined up through the use of common technology applications
- work because they rest on common standards that comply with appropriate local, national, UK, European and international requirements
- be supported by delivery of the Scottish Government’s digital participation ambitions set out in Scotland’s Digital Future
Privacy and Openness
In handling personal data we will:
- protect identity and privacy in line with legal requirements, e.g. the Human Rights Act and the Data Protection Act, and good practice as set out in the Scottish Government’s Identity Management and Privacy Principles
- create, use and encourage the use of systems that allow self management of data by citizens and businesses
- share data, in line with legal requirements, such as the EU Directive on the Re-use of Public Sector Information and good practice, in order to improve the quality and efficiency of our services and enable personalisation to ensure that services are appropriate to needs
We will also:
- re-use data from our systems, safely anonymised, to support the research and analysis which can itself contribute to the development of approaches which better meet desired outcomes
- publish as much information as possible concerning the data we hold, and how and when we will make that data available in re-usable form
- open up access to data created and held by the public sector to make our services more transparent and accountable
- open up access to data created and held by the public sector to provide businesses with the opportunities to develop new products and services and therefore grow the economy
- agree with users and suppliers of ICT systems the most effective common standards to use for publishing and sharing data, to support the linking of data between datasets regardless of source
- make data accessible in formats that allow and encourage re-use, with re-use possible under licence terms that are clear, fair, transparent and where possible free
A Skilled and Empowered Workforce
- collaborate in the development of the wider public sector workforce to support digital public service delivery to ensure that employees can be confident and assured in delivering services anywhere through any device - this will form part of our overall approach to public service workforce development
- collaborate in the deployment of our ICT staff in order to maximise the impact of their skills and use resources efficiently
- develop shared approaches to enhancing the skills of the ICT workforce, and using those skills where most useful, to support the delivery of digital public services
Collaboration and Value for Money
- participate in the development of a High-Level ICT Operating Framework to support re-use and sharing of existing assets as a priority, ensure any investment in ICT is bought with sharing in mind and to support investment avoidance
- agree common network and connectivity requirements which will support a catalogue of services that make communication, sharing and service provision more cost-effective
- demonstrate savings on ICT spend that are delivered through our new approach to ICT procurement, building on the Procurement Reform Bill
- encourage convergence and consolidation of applications in the deployment of technology and ensure interoperability where convergence is not feasible
- where cost-effective, use transaction/usage-based payment by exploiting new ways of working including cloud computing and an ‘any device anywhere’ approach
- further consolidate data centres to reduce investment and energy use costs
- utilise management information and benchmarking to identify excellence and support such performance nationally and sectorally
High Level Operating Framework
The High Level Operating Framework (HLOF) was prepared in response to a commitment made within the strategy Scotland’s Digital Future - Delivery of Public Services. The purpose of the document is for public sector organisations to follow when delivering their ICT solutions. Its adoption will bring about benefits that will achieve National Outcome 16 “public services that are high-quality, continually improving, efficient and responsive to local needs”.
The principles of the framework are as follows:
- The design of applications and services will be user focused and with a presumption of alignment with the technical standards and design principles of the full version of MyGovScot.
- The design of new applications and services shall not restrict service consumers from accessing the new functionality from currently known or defined access devices.
- Where possible, the solution architecture and design shall leverage existing central security services (rather than creating application- specific security). Access will be granted once the requester (human or computer) has been authenticated and authorised. The requester shall only be given enough privileges to execute those tasks needed to perform a specified job activity or function; no more and no less.
- The Scottish public sector produces huge amounts of data. There is ,however, relatively little open publishing of that data. By making non-personal information more accessible and encouraging its publication and reuse, opportunities exist to maximise its economic and social value.
- The Scottish public sector produces huge amounts of data. There is , however, relatively little sharing of that data. Opportunities exist to benefit from and/or improve services via better use of the data, whilst complying with privacy requirements.
- To increase the capability of ICT professionals at all levels in the public sector to support digital public service delivery.
- The design of solutions must seek to maximise reuse of existing services across the Scottish Public Sector. If existing services do not meet the business requirements and cannot be extended cost- effectively, then a supplier will be sought to provide that product or service and make it available for reuse across the sector. If there are no existing services to reuse or suitable COTS packages that can be obtained cost-effectively, then bespoke solutions that strictly conform to the architecture principles will be considered.
- Collaboration is now the default choice in the design and delivery of services and in the procurement and deployment of ICT infrastructure to support this.
- The governance framework for all applications and services shall be owned and managed by a cross sector Governance Forum.
Data Hosting and Data Centre Strategy
A series of studies have been undertaken to understand the current and future requirements of organisations and it is clear from the findings that as technology has moved on, the public sector in Scotland needs to prioritise cloud computing, virtualisation and consolidation to deliver on future requirements. The strategy therefore sets the direction and principles against which organisations will shift to service consumption, and cloud provision and away from an individual silo approach by using aggregated demand and economies of scale.
The strategy sets out how the public sector will adopt the following approaches for achieving significant efficiency and energy savings: cloud computing, virtualisation and co-location.
The public sector’s High Level Operating Framework sets out the high level principles for delivering ICT in the public sector. This data centre strategy is aligned with the principles of this Framework.
The principles of the strategy are as follows:
- Organisations review their current ICT data centre and hosting arrangements;
- Cost of running data centres and hosting is known;
- Utility and cloud computing is considered in assessing the appropriateness of current arrangements and future investment plans, and a shift to the cloud takes place when this is the most cost-effective option that delivers business requirements;
- Co-location in existing world class data centres is considered where cloud options cannot meet business needs or are not cost-effective;
- No new data centres should be built to meet the needs of an individual or small number of organisations with new centres only considered if, in line with principles 3 and 4, cloud or existing data centre options do not meet business needs;
- Organisations measure and continually improve on their data centres PUE.
Open Source and Open Standards
Open source software (OSS) is computer software where the underlying source code is made available under a license. This can allow individuals and organisations who use the software to modify it, either to improve the software or adapt it to better meet their needs. This report was produced by the Scottish Government to examine the role which OSS could play in the Scottish public sector.
The key elements of this policy are as follows:
- The Scottish public sector should consider OSS solutions alongside proprietary ones in ICT procurements. Contracts will continue to be awarded on a best value basis.
- The Scottish public sector should make open standards a prerequisite for all interoperability software development, thus contributing to the ease with which OSS can be implemented and adapted.
- The Scottish public sector should seek to avoid lock-in to solutions that may prohibit the delivery of efficient public services.
- The Scottish public sector should consider obtaining full rights to bespoke software code or customisations of COTS (commercial off-the-shelf) software it procures wherever this achieves best value for money.
- Where software is produced in-house by the Scottish public sector, or through publicly funded research and development projects, consideration should be given to making this available as OSS.
Note that a revision of the existing (2007) policy is currently underway.
Data Vision and Strategic Action Plan
The digital public services strategy (see above), sets out our aspirations for the effective management and use of data.
In April 2014 the Data Management Board published a Data Vision for Scotland and set the overarching objective as being:
to champion, and unleash across Scotland, trustworthy uses of data for public benefit.
The vision sets out where we want to be by 2020 and sets out 10 guiding principles to achieving this.
The Strategic Action Plan has been developed with and for the Scottish public sector to help realise the Data Vision. The Plan will be reviewed annually, to track and assure progress.
Open Data Strategy
The amount of data that the public sector holds is continually growing. The data ranges from sensitive personal information held to allow delivery of personalised services (e.g. health and social care) to non-personal information (e.g. environmental data). This data has value for the organisation collecting and holding it but there is potential to add value by making appropriate data available to others to re-use. We call this making data “open”.
Open data is non-personal and non-commercially sensitive.1 Open data is easily discoverable, accessible to anyone and able to be freely used, re-used and redistributed by anyone. Open Data is data made available, via the internet, in an electronic format which supports its ready re-use, and with open licensing which allows its reuse.
This strategy seeks to create a Scotland where non-personal and non-commercially sensitive data from public services is recognised as a resource for wider societal use and as such is made open in an intelligent manner and available for re-use by others. Making data open will support:
- Delivery of improved public services through public bodies making use of the data
- Wider social and economic benefits through innovative use of the data
- Accountability and transparency of delivery of our public services
Principles of this strategy include:
- Those holding public data should make it open and available for others to re-use, by default;
- Published data will be supported by metadata so that consumers of the data understand it and are aware of any limitations within it;
- We will seek to release data in a timely and frequent manner;
- Data should be published in a manner which supports both easy discovery and easy re-use of the data;
- We will use our data to improve the services and policies we deliver;
- We will encourage and empower others to make use of the data we release to develop new products and services.
Green ICT Strategy
The services delivered in Scotland’s public sector are extensive and underpinned by ICT. Consequently the ICT estate is considerable, consisting of hundreds of data centres, thousands of applications and a great many end user devices. Such a large ICT estate offers great potential to contribute to a greener environment by reducing waste and improving efficiency. The environmental impact of ICT is more than just the energy it uses in operation, it spans from procurement, through operation to eventual reuse, recycling and disposal. It is essential that the Scottish public sector ICT infrastructure is operated in a green and cost effective manner.
The strategy recognises the dual role of ICT in respect of environmental issues. On the one hand, ICT generates significant greenhouse gas emissions. On the other, ICT is an enabler to change the way government operates and provides services and realise efficiency and environmental improvements on a much wider and a larger scale. For example, by making use of technologies such as teleconferencing, an organisation can reduce travel costs, improve productivity and produce lower carbon emissions.
Green ICT is a frequently used term that commonly refers to ways of managing climate change due to ICT. Green ICT aims at reducing emissions and other waste produced across the ICT lifecycle - from procurement, operation of ICT in an organisation and disposal.
The principles of the strategy include:
- Consider extending the life of existing systems;
- Go for services not assets: cloud services, virtualise, consolidate;
- Packaging reduction, reuse, repair and recycling methods;
- ICT Operations:
- Minimise power consumption;
- Follow data centre standards for efficient operations to help reduce power consumption;
- Develop a road map for the transition from hosting own data to hosting in cloud based services to further reduce power consumption;
- Reduce paper consumption;
- Embed green behaviours in operational practices and services;
- Repair - if broken fix it;
- Reuse, refurbish for other purposes;
- Clean and re-sell/donate - charitable and registered voluntary and community groups;
- Dispose in line with regulations.
Identity Management and Privacy Principles
People are often asked by public service organisations to prove that they are who they say they are - either to prevent fraud or to show that they are entitled to receive a particular service or benefit, for example, free bus travel.
People want to know that public authorities and other organisations respect their privacy and recognise the harm which may be done if personal information is collected or held unnecessarily, or lost or misused. These Principles have therefore been developed by the Scottish Government for policy makers and practitioners in public service organisations, to help ensure that respect for privacy is central to the way public services prove identity or entitlement. They will also help public service organisations to comply with data protection and human rights legislation. That legislation governs personal information management by providing privacy protection. These Principles do not impose a requirement on public bodies to introduce policies that go beyond legal requirements. However, they will enable public organisations to build on these requirements and to achieve best practice.
The Principles cover the following five topics:
- Proving identity and entitlement;
- Governance and accountability;
- Risk management;
- Data and data sharing;
- Education and engagement.
Cyber Resilience Strategy
The growth of the internet and online technologies offers speed, agility, efficiency and access that has transformed the way we do business, the way we spend our leisure time, the way our public services run and the way our national infrastructures operate.
Cyber resilience is all about being confident in your own knowledge and how to keep your information and that of others safe. It is the actions or steps taken to mitigate and respond to threats from cyberspace (sometimes referred to as “cybercrime” or “cyber attacks”). It means being able to prepare for, adapt to, withstand as well as rapidly recover and learn from disruptions caused by cybercrime.
The Scottish Government have proposed a Cyber Resilience Strategy for Scotland and this document is currently under public consultation.
This consultation takes forward our commitment to building cyber resilience amongst our communities, our businesses and our public services. It seeks views from individuals and organisations, across sectors, on how Scotland can become even more resilient from cyber attacks and crime when using online technologies. It has been produced by the Scottish Government, with input from a wide range of partners across the public and private sectors.
Digital participation: A National Framework for Local Action
The National Framework for Local Action sets out how Scottish Government is working in partnership with public, private and third sector organisations to ensure that all sections of Scottish society are able to make confident use of digital technologies and the internet.
The document makes it clear that digital technology cannot be allowed to reinforce social and economic inequalities. Actions will remove barriers to digital participation, tackle inequalities, help people to engage with online public services and provide opportunities to develop skills required for active digital citizens.
The approach is based on a national collaborative movement with those organisations and agencies closest to the people who need help to get online.