Government data does not mean data governance: Lessons learned from a public sector application audit
© 2015 Elsevier Inc. Public sector agencies routinely store large volumes of information about individuals in the community. The storage and analysis of this information benefits society, as it enables relevant agencies to make better informed decisions and to address the individual's needs mor...
| Main Authors: | , , |
|---|---|
| Format: | Journal Article |
| Published: |
2016
|
| Online Access: | http://hdl.handle.net/20.500.11937/28913 |
| _version_ | 1848752663610523648 |
|---|---|
| author | Thompson, Nik Ravindran, R. Nicosia, S. |
| author_facet | Thompson, Nik Ravindran, R. Nicosia, S. |
| author_sort | Thompson, Nik |
| building | Curtin Institutional Repository |
| collection | Online Access |
| description | © 2015 Elsevier Inc. Public sector agencies routinely store large volumes of information about individuals in the community. The storage and analysis of this information benefits society, as it enables relevant agencies to make better informed decisions and to address the individual's needs more appropriately. Members of the public often assume that the authorities are well equipped to handle personal data; however, due to implementation errors and lack of data governance, this is not always the case. This paper reports on an audit conducted in Western Australia, focusing on findings in the Police Firearms Management System and the Department of Health Information System. In the case of the Police, the audit revealed numerous data protection issues leading the auditors to report that they had no confidence in the accuracy of information on the number of people licensed to possess firearms or the number of licensed firearms. Similarly alarming conclusions were drawn in the Department of Health as auditors found that they could not determine which medical staff member was responsible for clinical data entries made. The paper describes how these issues often do not arise from existing business rules or the technology itself, but a lack of sound data governance. Finally, a discussion section presents key data governance principles and best practices that may guide practitioners involved in data management. These cases highlight the very real data management concerns, and the associated recommendations provide the context to spark further interest in the applied aspects of data protection. |
| first_indexed | 2025-11-14T08:12:12Z |
| format | Journal Article |
| id | curtin-20.500.11937-28913 |
| institution | Curtin University Malaysia |
| institution_category | Local University |
| last_indexed | 2025-11-14T08:12:12Z |
| publishDate | 2016 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | curtin-20.500.11937-289132018-03-29T09:08:11Z Government data does not mean data governance: Lessons learned from a public sector application audit Thompson, Nik Ravindran, R. Nicosia, S. © 2015 Elsevier Inc. Public sector agencies routinely store large volumes of information about individuals in the community. The storage and analysis of this information benefits society, as it enables relevant agencies to make better informed decisions and to address the individual's needs more appropriately. Members of the public often assume that the authorities are well equipped to handle personal data; however, due to implementation errors and lack of data governance, this is not always the case. This paper reports on an audit conducted in Western Australia, focusing on findings in the Police Firearms Management System and the Department of Health Information System. In the case of the Police, the audit revealed numerous data protection issues leading the auditors to report that they had no confidence in the accuracy of information on the number of people licensed to possess firearms or the number of licensed firearms. Similarly alarming conclusions were drawn in the Department of Health as auditors found that they could not determine which medical staff member was responsible for clinical data entries made. The paper describes how these issues often do not arise from existing business rules or the technology itself, but a lack of sound data governance. Finally, a discussion section presents key data governance principles and best practices that may guide practitioners involved in data management. These cases highlight the very real data management concerns, and the associated recommendations provide the context to spark further interest in the applied aspects of data protection. 2016 Journal Article http://hdl.handle.net/20.500.11937/28913 10.1016/j.giq.2015.05.001 restricted |
| spellingShingle | Thompson, Nik Ravindran, R. Nicosia, S. Government data does not mean data governance: Lessons learned from a public sector application audit |
| title | Government data does not mean data governance: Lessons learned from a public sector application audit |
| title_full | Government data does not mean data governance: Lessons learned from a public sector application audit |
| title_fullStr | Government data does not mean data governance: Lessons learned from a public sector application audit |
| title_full_unstemmed | Government data does not mean data governance: Lessons learned from a public sector application audit |
| title_short | Government data does not mean data governance: Lessons learned from a public sector application audit |
| title_sort | government data does not mean data governance: lessons learned from a public sector application audit |
| url | http://hdl.handle.net/20.500.11937/28913 |