Case Study: Government of Jersey
How Calligo supported the government’s response to COVID-19 by assisting the data leadership’s data governance ambitions, while maintaining data privacy adherence throughoutDownload Case Study
The Government of Jersey is the central government of Jersey in the Channel Islands, responsible for the safety, wellbeing and security of approximately 100,000 citizens.
In March 2020, when the global COVID-19 pandemic struck, the Government of Jersey (GoJ) needed to move quickly to protect its population.
This would require new processes, performed at speed and using sensitive data in ways never previously considered nor provisioned for. And all against a backdrop of the last 5-10 years of growing sensitivities around the use of personal data.
It was the ultimate test of data governance strategy and data privacy adherence, executed accurately and rapidly, and with the highest stakes.
Continuous data privacy protection, no matter what
With the data architecture deployed, the imperative was now to ensure that its practical use in the field was as respectful of data subjects’ rights as its initial design.
“Data governance and data privacy are intrinsically linked – the former is the bedrock of the latter”
John Quinn, Chief Operating Officer at the Government of Jersey
Early during the COVID-19 crisis, Calligo was appointed as the Government of Jersey’s outsourced Data Protection Officer (DPO) to ensure that its immediate and ongoing use of personal data adhered to all pertinent obligations. Under its DPO as a Service, Calligo used its mix of legal, data governance, security and technical expertise to ensure the continuous protection of the personal data of Jersey citizens and visitors in a variety of unprecedented situations.
At the start of the pandemic, our immediate reaction was that this was a healthcare problem, so it must therefore be a healthcare data problem. We assumed we would match test results to personal data collected at the point of testing and combine this with medical records held in the island’s healthcare systems, creating a ‘single source of the truth’ – usually the goal of any data governance endeavour. But this was different.
COVID-19: A data governance challenge
The Government of Jersey’s original plan would combine three types of data into a single dataset:
But the GOJ quickly realised that using the healthcare systems to store and manage the flow of all this intermingled data of varying sensitivities would be a challenge. Plus, it was not a suitable platform for near-simultaneously booking hundreds of traceable test appointments for citizens and inbound visitors at a time
The original plan was unfeasible, and created a serious likelihood of personal data breaches.
Instead, the GoJ would adopt a policy they named ‘Disowning for Privacy’, effectively a practical manifestation of the principles of Privacy by Design.
The three separate data sources would be kept distinct but integrated, and query-able between them using unique identifiers such as Jersey social security numbers (‘JY numbers’), but the extent of the sensitivity of the data revealed would be role-based and limited according to the need.
This scenario was a dangerous clash of public interest with personal data – we had to adapt. We realised that if we could architect our data sources correctly and responsibly, creating clear delineations and making any interactions between them limited and rule-based, then it would naturally support the protection of data privacy. If the data sources were intermingled and inter-reliant, then it would be almost impossible to truly control the data’s flow and exposure.
Liaison with local Regulator
Calligo’s data privacy expertise allowed them to engage openly with our regulator, creating a positive working relationship built on transparency and trust – crucial to us remaining consistently on the right side of the law.
Sharing personal data with Police
Data compliance professionals have a reputation for saying ‘no’, especially in the face of innovation. Instead, Calligo’s aim as our DPO was to work out legitimate, defensible and ethical ways to say ‘yes’ wherever possible.
Co-operation with industry
Calligo’s ability to find that ethical middle ground between keeping our data subjects protected and preventing businesses being disproportionately burdened was crucial to the acceptance and observance of our policies.”
Liaison with the local regulator
Throughout this entire endeavour, the Jersey Office of the Information Commissioner (JOIC) was understandably anxious to see how the GoJ would navigate the seemingly conflicting goals of personal privacy and public interest.
Calligo’s team acted as an internal advisor and scrutineer of processes, representing data subjects’ interests throughout the COVID-19 response – including the Test and Trace scheme – as the public protection programmes evolved.
In the interests of expediency and public assurance, Calligo actively brought the JOIC on board throughout the process, explaining intentions, reasoning and risk mitigation in advance. It was a philosophy of collaboration, rather than keeping the regulator at arm’s reach, and it led to the faster creation of stronger protections of data subjects’ rights.Learn more
Calligo’s data privacy expertise allowed them to engage openly with our regulator, creating a positive working relationship during the crisis built on transparency and trust. Their understanding of data governance and technology also allowed them to accurately present the rationale behind our approach, field questions and ensure the JOIC understood and could approve our strategy, even as it evolved. This mix of skills was crucial to us remaining consistently on the right side of the law, without our legal obligations impeding us from achieving our goals. It was a fine balance, in the most difficult circumstances.
Sharing data with States of Jersey Police
The sensitive data held by the GoJ was doubtless crucial to the States of Jersey Police in their role in containing the virus and keeping communities and teams safe. But could they legitimately be allowed access to it, and if so, to what degree?
Ultimately, it came down to whether the data would be defined as ‘clinical health data’, in which case it could not be shared without warrants, or ‘public health data’ in which case it could be shared, though only in specific cases of pandemic-related enforcement – which would be the preferred route, but only if all parties could agree the underlying mechanisms and assurances.
Calligo’s team defined a strict legal framework and Technical and Organizational Measures (TOMs) for its access, in consultation with the JOIC and the States of Jersey Police, and successfully made it possible for the police to access the GoJ data under well-defined mutually-agreed circumstances, supporting their mission to keep the public safe but without infringing the rights of the data subjects.Learn More
Data compliance professionals have a reputation for saying ‘no’, especially in the face of innovation. Instead, Calligo’s aim as our DPO was to work out legitimate, defensible and ethical ways to say ‘yes’ wherever possible. Crucially, they worked closely with our regulator and internal stakeholders to ensure universal comfort with our justifications, policies and technical and organizational measures, while always keeping the defence of data subjects’ rights at the core of our decision-making.
Co-operation with industry bodies & businesses
As part of the government response to the COVID-19 crisis, the GoJ would at times require businesses and public venues to collect employee and customer data in order to support the tracing scheme. However, such initiatives risked placing substantial burdens on those venues, and each time the stipulations changed, so would the data collection requirements.
Calligo worked closely with venues and industry associations to find ways that would provide the GoJ with the information they needed, without placing excessive obligations on businesses and unduly hampering their customers’ experience, all while ensuring data subjects’ rights were suitably protected and JOIC approval was retained. Calligo then drafted the official guidance and explanatory materials on behalf of the GoJ, ensuring that policies were not only legally robust, but also easily-comprehensible and practically feasible.Learn More
Data privacy is a vital public right and is paramount in all our dealings with any sensitive data. But equally it cannot become a barrier to legitimate operations. Calligo’s ability to find that ethical middle ground between keeping our data subjects protected, our regulator satisfied and preventing businesses being disproportionately burdened was crucial to the acceptance and observance of our public policies, which in turn allowed the wheels of our economy to keep turning throughout the crisis.
Our response to COVID-19 was a once in a lifetime challenge of data collection, access, security, privacy and speed. A powerful combination of Privacy by Design and a well-thought-out data architecture would give us a strong grounding from which to respond as the crisis evolved. We needed a team that was experienced enough to appreciate the reasoning behind our data architecture, skilled enough to augment the approach, and then able to help us deploy initiatives off it into the public domain professionally, rapidly, responsibly and ethically – a team like Calligo.
More about the services in this case study
Contact our consultants to discuss how Calligo can make your data work harder for youGet in Touch