cross roads bank belgium

Crossroads Bank for Social Security:some further strategic orientations

Frank RobbenGeneral manager Crossroads Bank for Social SecurityGeneral manager SmalsSint-Pieterssteenweg 375B-1040 BrusselsE-mail: [email protected] CBSS: www.ksz.fgov.bePersonal website: www.law.kuleuven.ac.be/icri/frobben

CBSSSmals

mailto:[email protected]



http://www.ksz.fgov.be/

http://www.law.kuleuven.ac.be/icri/frobben



2Frank Robben The Hague, 31 July 2007

Some further strategic orientations

evolution towards a network of service integrators- integrated service delivery via multisectoral value chains- re-use of basic services, components and authentic sources

optimization of mutual consistency and quality of information in authentic sources

cooperation with new actors, e.g.- regions and communities- instances delivering supplementary benefits based on the social

security status of a person- tax administration- external prevention services- health care providers


Towards a network of service integrators

InternetInternet

Extranetregion or

commmunity

Extranetregion or

commmunity

FEDMANFEDMAN

Servicesrepository

FPS

FPS

FPS

ASS

ASS

Servicesrepository

Extranetsocialsector

ASS

RPS

RPS

Servicesrepository

VPN, Publi-link, VERA,

…

VPN, Publi-link, VERA,

…

City Province

Municipality

Servicesrepository

Serviceintegrator(FEDICT)

Serviceintegrator(CBSS)

Serviceintegrator(Corve,

Easi-Wal, …)



re-use of the crossroads bank model in other sectors- health care- justice

new services for companies, e.g.- E-box- optimized feedback mechanisms- maximal abolition of enquiries for statistical reasons- further simplification of declaration of social risks via further

harmonization of basic concepts- simulation system for benefits in case of employment of a specific

person - pan-european service for declaration of temporary or partial

professional activities by foreign employees or self-employed persons on the territory of other countries



new services for citizens- further automatic granting of benefits- after authentication via the electronic identity card

• electronic access to personal data, the processing status and the status of service delivery

• access to career planning system

– information about possibilities of career planning

– implication of choices made on the individual social and tax status

• access to loggings related to information exchanges

cooperation platform for social inspection services, with e.g.- co-ordinated planning- risk analysis based on data mining

eGovernment training/coaching: possible objectives and topics

Frank RobbenGeneral manager Crossroads Bank for Social SecurityGeneral manager SmalsSint-Pieterssteenweg 375B-1040 BrusselsE-mail: [email protected] CBSS: www.ksz.fgov.bePersonal website: www.law.kuleuven.ac.be/icri/frobben

CBSSSmals




http://www.ksz.fgov.be/





Types of use of training/coaching

instrumental use- immediate valorization- answer to a concrete question

conceptual use- valorization in the long run- support to development of policy or strategy

legitimating use- legitimation of a proper position or proposal


Useful topics

expectations of stakeholders of eGovernment- citizens- companies- political decision makers- intermediaries- interest groups

possible objectives of eGovernment- strategic: gains in effectiveness, user satisfaction, democracy,

transparency, …- operational: gains in efficiency and productivity, cost reduction, …

methods to set the objectives- open co-ordination- co-ordinated planning- …


Useful topics

critical success factors- political- organizational- process optimization or re-engineering- architectural and technical- legal- security and privacy protection- change management, training and coaching- cooperation between all stakeholders- user implication- multidisciplinary approach- project management- measurement and monitoring


Useful topics

good practices related to- information management

• information modelling• unique collection and re-use of information• validation of information (information quality)• management of information• sharing of information• protection of information

- process optimization or re-engineering- governance structures with involvement of

representatives of the stakeholders/users- financing


Useful topics

ICT-architecture- layered, service oriented architecture- interoperability

• technical• syntactical• semantic• functional – processes – services• legal• organizational

- based on• components• open specifications• open standards


Layered, service oriented architecture

Basic servicesBasic services

ApplicationsApplications

DataData

PresentationPresentation

Business Business servicesservices


Useful topics

legal aspects- standardization of legal concepts- basic principles relating to information management- information security and privacy protection- protection against ICT crime- unique identification keys- probative value of electronic information- electronic signature- equal access to public services- transparency of administrations- ...


Useful topics

basic skills- participation in policy making process- negotiation techniques- management of heterogeneous groups- communication with

• policy makers• business people• ICT people• lawyers

- program and project management- change management- measuring instruments- financial management


Beyond training/coaching ?

benchmarking

cooperation platforms

re-use of basic services

natural way to cooperative governance

basis for support in the own country


Benchmarking stimulation of development of metrics related to the own

institution/sector/country- cost and efficiency- quality- customer orientation- effectiveness- innovation

comparison with metrics related to the best practices in the own country or other countries

as a basis for- giving comparative account about the own performance- knowledge of strengths, weaknesses, opportunities and threats

(SWOT-analysis)- permanent and structural improvements- evaluation of management and collaborators


Cooperation platforms

eGovernment is about integration- integrated service delivery to citizens and companies- integrated policy support

thus, need for cooperation between- government institutions- government institutions, companies and citizens- government levels- countries

multidisciplinary (see critical success factors) based on

- shared objectives- co-ordination and division of tasks, rather than centralisation- trust and transparency


Re-use of basic services

reason- cost control- concentration on core business- faster time to market- flexibility to adapt

examples- network- user and access management- transformation- routing- process orchestration- state machines


Example: user and access management

identification of physical and legal persons authentication of the identity of physical persons management and verification of characteristics

(e.g. a capacity, a function, a professional qualification) of persons

management and verification of mandates between a legal or physical person to whom an electronic transaction relates and the person carrying out that transaction

management and verification of authorizations


Policy Enforcement Model

User

Policy

Enforcement

(PEP )

Application

Policy Decision

(PDP)

Action on

application Decisionrequest

Decisionreply

Actionon

applicationPERMITTED

Policy Information

(PIP )

Informationrequest/

reply

Policy Administration

( PAP )

Policyretrieval

Authentic source

Policy Information

(PIP )

Informationrequest/

reply

Policy

repository

Actionon

applicationDENIED

Manager

Policymanagement

Authentic source


Policy Enforcement Model Policy Enforcement Point (PEP)

- intercepts the request for authorization with all available information about the user, the action being requested, the resources and the environment

- passes on the request for authorization to the Policy Decision Point (PDP) and extracts a decision regarding authorization

- grants access to the application and provides relevant credentials

Policy Decision Point (PDP)- based on the request for authorization received, retrieves the

appropriate authorization policy from the Policy Administration Point(s) (PAP)

- evaluates the policy and, if necessary, retrieves the relevant information from the Policy Information Point(s) (PIP)

- takes the authorization decision (permit/deny/not applicable) and sends it to the PEP


Policy Enforcement Model

Policy Administration Point (PAP)- environment to store and manage authorization

policies by authorised person(s) appointed by the application managers

- puts authorization policies at the disposal of the PDP

Policy Information Point (PIP)- puts information at the disposal of the PDP in order to

evaluate authorization policies (authentic sources with characteristics, mandates, etc.)


Natural way to cooperative governance

governments reason in terms of (legal) competences

eGoverment needs cooperation thus, need for cooperative governance models

that permit real cooperation with respect for division of competences

platforms for eGovernment training and coaching could naturally evolve towards this kind of structure


Basis for support in the own country

gaining authority and trust- good results of benchmarks- recognition as an international best practice

arguing the own proposals- alignment with international common vision and best

practices- elements of comparison

possible export of national vision, solution methods or even services to the international level


How to share eGovernment experience ?

official bodies, needed for- formal approval of common objectives, standards and specifications- formal approval of task sharing- preparation of legal framework

less formal cooperation platforms- training/coaching- exchange of information and experiences- mutual help- operational cooperation

instruments- meetings- training/coaching- databases of best practices- interactive collaborative tools- networks of advisors


Possible participants

policy makers

government workers

academics

service suppliers, if no direct commercial objective


Points of attention

most useful knowledge is tacit knowledge => need for extraction and coding

comparability of best practices knowledge harmonization guaranteeing knowledge quality problem of distributed knowledge

- finding the relevant knowledge- finding the right person who can help

usefulness of a common assessment framework for eGovernment ?


Common assessment framework

Leadership

Processand

changemanagement

Keyperformance

results

Humanresources

management

Strategy andplanning

Partnershipsand

resources

Staff results

Customer-orientedresults

Societyresults

ENABLERS RESULTS

INNOVATION AND LEARNING


More info

personal website- http://www.law.kuleuven.ac.be/icri/frobben

Crossroads Bank for Social Security- http://www.ksz.fgov.be

Smals- http://www.smals.be


Good practices

information modelling

unique collection of re-use of information

management of information

electronic exchange of information

protection of information


Information modelling

information is being modelled in such a way that the model fits in as closely as possible with the real world

information modelling takes as much account as possible of anticipated use of information

the information model can be flexibly extended or adapted when the real world or the use of the information changes


Unique collection and re-use of information information is only collected for well-defined purposes

and is targeted to meet the requirements of these purposes

all information is collected once, from as near to the authentic source as possible

information is collected according to the information model and following uniform guidelines

with the possibility of quality control by the supplier before the transmission of the information

the collected information is validated once according to established task sharing criteria, by the institution that is most entitled to it or by the institution which has the greatest interest in correctly validating it

it is then shared and re-used by authorized users


Management of information

a task sharing model is established indicating which institution stores which information as an authentic source, manages the information and maintains it at the disposal of the authorized users

information is stored according to the information model

information can be flexibly assembled according to ever changing legal concepts

every institution has to report probable errors of information to the institution that is designated to validate the information


Management of information

every institution that has to validate information according to the agreed task sharing model, has to examine the reported probable errors, to correct them when necessary and to communicate the correct information to every known interested institution

information is only retained and managed as long as there exists a business need, a legislative or policy requirement, or, preferably anonimized or encoded, when it has historical or archival importance


Electronic exchange of information

once collected and validated, information is stored, managed and exchanged electronically to avoid transcribing and re-entering it manually

electronic information exchange can be initiated by- the institution that disposes of information- the institution that needs information- the institution that manages the interoperability framework

(service integrator)

electronic information exchanges take place on the base of a functional and technical interoperability framework that evolves permanently but gradually according to open market standards, and is independent from the methods of information exchange


Electronic exchange of information

available information is used for- the automatic granting of benefits- prefilling when collecting information- information delivery to the interested parties


Protection of information

security, integrity and confidentiality of government information is ensured by integrating ICT measures with structural, organizational, physical, personnel screening and other security measures according to agreed policies

personal information is only used for purposes compatible with the purposes of the collection of the information

personal information is only accessible to authorized institutions and users according to business needs, legislative or policy requirements

the access authorization to personal information is granted by an independent institution, designated by Parliament, after having checked whether the access conditions are met


Protection of information

the access authorizations are public every actual electronic exchange of personal information

is preventively checked on compliance with the existing access authorizations by an independent institution managing the interoperability framework

every actual electronic exchange of personal information is logged, to be able to trace possible abuse afterwards

every time information is used to take a decision, the information used is communicated to the person concerned together with the decision

every person has right to access and correct his/her own personal data

cross roads bank belgium

Technology