On a two day seminar on personalised services, the partners learned more about policy, privacy and technical issues involved in building this kind of services. The partners of the Kortrijk city and region presented their plans, to be developed in the Smart Cities project. An overview.

Day 1: Why develop personalised services?

Professor Filip De Rynck (University Ghent) presented research which showed IT-competences and organisational development should go along to be effective.
Organisational interoperability, semantic operability and technical interoperability are needed to work integrated. Governance capacities are important to stimulate this.
The research in 30 Flemish municipalities showed all these municipalities are situated at an other place in a scale of organisational and IT evolution. Size of the municipalities matters, but is not decisive. In bigger organisations the issue of organisational development is more prominent on the agenda, but in smaller municipalities this can be also a big issue, depending on the drive of the municipal organisation.
Question is: is ICT a powerful incentive for the creation of a group of islands in the organisation and/or is ICT a powerful management tool for organisational and organisation-wide innovation?

Profiling

The UK local government counts more than 400 local authorities. These provide hundreds of services: arts and leisures, corporate services, education, environmental services, fire and emergency, housing, revenues and social services. ESD Toolkit is the framework for evidence based improvement of locally delivered services in the UK Public sector, Mike Thacket (Porism Ltd) explained.
Structured information sharing of service descriptions and customer profiling information leads to a better understanding of customer needs and the local authority product delivery. This model leads to a better targeting of services.
What services are worth putting online: cost savings, will customers use the web, is there an improved customer experience? How do we encourage channel swap? And how does it help personalisation? These are the questions towards online services.
Transaction costs analysis shows there is a big difference between face to face, telephone and web visits. But the cost advantages of an online channel are only meaningful if the front-office application is combined with a back-office solution, if by other words: the whole process and channel works integrated.
Customer profiling shows also for each service which customers could possibly shift (propensity) from one to another channel. The esd toolkit shows preferences of groups for web, phone and face-to-face. Analysis of commercial internet use (banking) and internet use for government applications shows for each group what is possible in terms of channel swap.
When improving the customer experience we should ask ourselves the question if we are saving customer time (prefer the web, quickly identify ineligibility online), if there is avoidable contact and/or if the service better mediated?
Profiling research on direct.gov.uk – a national government initiative who links citizens to the right online services – gives a better view on who uses online services, based on the postcode citizens enter, and this leading to profiles. This makes it possible to make service / channel propensity calculations.
Improving web-take-up can be ensured by identifying the groups you want to reach: those amenable to the web but not currently using it. Decide your messages, and present the messages through channels these groups access (targeted e-mail, advertisements, posters in selected sites, selected publications, commercial radio). And promote baskets of services based on the customers profile.

Identity management

In the panel about electronic identity management Filip Meuris (Leiedal) invited Peter Strickx (Fedict) and Hans Arents (Corve) to share their vision on current and future realisations and support for municipalities.
Fedict starts with the second round of the identity card in 2009, and is focussing on new applications. The single point of contact of government should be the local government because of the proximity. The electronic identity card can help for this. Based on the national register you can base lots of services. The security of the card is outstanding, but Fedict will focus also on security of the applications.
The Flemish community is grateful for the eid, because it is an easy way to identify securely. Corve wants to use the eid as a means for accessing portal sites. Personalising services means changing back offices, and this is a long-term job. Also processes and authentication should be reviewed in order to provoke channel swap from paper work to online services.
What the people in the municipalities should do is to detect the processes where customer relations are needed, how transactions work, and the level of authentication needed. Just identifying the processes and identifying the data used is already a big task to start with. Prefilled forms will already lead to bigger customer satisfaction. An eid is useful for confidential information, but not for simple tasks.
Fedict is working on a longer-term project to build an electronic identity. How could we use other means other than the eid to create strong authentication, like the use of mobile phones or other widespread tools.
The Flemish government would like to open data used on that level to the municipalities. And for that and eid is needed because it is personal information.
Fedict could provide the federal service bus, usable to interrogate authentic sources. But the regional government has to allow this.
An other service is the federal authentication service. Already 65 municipalities use that service, which allows identity management doing checks on authentication. Fedict does the authentication, the authorisation can be done by the local government. It should take 2-5 days of programming, so it is not a big task to do. Everybody with a federal token or eid can access this service.
The Flemish government uses the federal authentication service for the Flemish service officers. The government wants to invest in municipal products, like a service catalogue, shared data using Magda.

MyBelgium.be

Belgian Federal Minister of ICT Vincent Van Quickenborne started with the announcement of an eid-roadshow, where a bus with eid-driven applications are shown on mass events. Already 600 applications work, based on eid authentication.
In some weeks mybelgium.be will be launched. That website will recognise your data on your eid and connect you to your local website and provide you with information kept federal.
The Minister wants citizens to give the choice between face-to-face and online services, the last channel especially for frequently asked services. Giving citizens the possibility to follow the status of their files. The ultimate dream is an eid built in your mobile phone, because this solves the expensive card reader problem, and it uses a wide spread medium.
The access to the internet stays a challenge, an action programme should solve this. Especially blue collar workers are an important target group. A private pc programme is one of the solutions proposed by the federal government. For extremely poor people there is a programme for recycled computers, distributed by the municipal sociale welfare organisations. In August back to school packages will be launched. We should be able to rise the use of internet and computers this way.
When you look at mobile phones there is not a digital divide. This is the second step to do. For phone costs the Minister launched a check-tariff-website, and this provoked after one month lower rates.
Berlin and Groningen are nice examples of wireless services ambitions. Infrastructure is an important basis for service delivery. The public government should be involved in building or providing this infrastructure, because this infrastructure has the status of roads. IT is the best way to get out of the crisis, but everyone has to get on board.

MijnKortrijk

Hans Verscheure (Kortrijk) and Bart Noels (Leiedal) presented the project of a personalised online portal, with eid integration and links to the back office applications used by Kortrijk and other municipalities. Questions raised were the right choice of services with real added value for customers and the degree of authentication to be used. See other project descriptions in the Smart Cities website.

Dutch Strategy

The Netherlands cope with the same problems with e-government initiatives and service delivery. So told Jeffrey Gortmaker from Egem. Egem – a publicly funded organisation – helps the municipalities with their e-policy. Luckily, there is a national implementation programme made by the national government. Issues are e-access, e-authentication, numbers, authentic registrations and e-information exchange.
Also some example projects are defined: integrated environment permit, customer file, one-stop-shop for school drop-outs, applications for social services, risk indexes for high-risk youth and the services directive.
The national departments have budgets for doing this and provide help to the municipalities for the implementation. The municipalities signed an agreement for cooperating on this.
Egem invests in architecture, based on European, national architecture and data formats. Architecture helps canalize municipal initiatives and phase ambitions, take control of supplier-solutions. Egem works on case- and process- based service delivery, the use of authentic registrations (do not ask what the government already knows). Focus on processes instead of departments and sectors: from bridging to tilting to a customer perspective. Egem invests on one-stop-shopping for government, including reengineering front and back office. They help municipalities in a grow towards service orientation.

Privacy

The scope of the privacy law was explained by Koenraad Allemeersch and Rita Van Nuffelen of the Belgian Privacy Commission: the law is applicable when personal data is automatically is processed or filed. There is a controller and a processor. Some of the obligations are: to process with a specific purpose, do not process more data than necessary. There are also some special categories: health, sensitive (ethnic, trade union, sex life,…) data, judicial data. Also the rights of the so-called “data subject” (=the person) are defined: to be informed, to access, to rectification, to object, to deletion, to redress and the right not to be subject to computerised individual decisions.
There is a commission recommendation related to access and user management in the public sector: use the eid for identification and authentication and not for characteristics and mandates. Develop circles of trust. The advice of the commission is: privacy by design.

Sigurd Vandebuerie, ICRI (Interdisciplinary Centre for Law & ICT) , University of Leuven gave an overview which shows there is a difference between theory and practice. He describes the role and the access and the use of the national register of persons. From a privacy perspective the data is organized as much as possible in a decentralised way.

Day 2: How to build online personalised services

Luk Vervenne from the company Synergetics started the second day of the academy with a summary of IT-standards issues.
Building infrastructures using personal data used in a cycle of events needs thorough thinking on the way you construct data, and how to handle databases. For now these data are kept in separate databases, without much transparency. Mr Vervenne proposed a personal data store, exchanging information with content providers. The personal data is exchanged following rules of access. A personal data store is not a personal pc or a hosted personal file, it is about securely sharing services: trusting others with your sensitive data, while you keep in control.
A personal data storage is a possibly distributed collection of data about you to which you hold the access control key. User-centricity means that the user holds the key to the data but that does not mean the user owns the data or is the authorative source. Without the user turning the key, the data center cannot even read the data. A trust network with trust services should guarantee the security.
The TAS3 project integrates research on authentication, authorization, privacy and trust in an IT platform, leading tot trust services. For authentication there already enough services doing this on all kind of security levels. Authorization requires an policy enforcement point and a process, the same with trustworthiness. Compliance with data protection regulation also.
The architecture will be tested in some cases: the employability platform Limburg: a project where a personal portfolio is build, providing information for workers, learners, employers, education, professional organisations,… this should be the start of an regional knowledge infrastructure.
More information: see www.tas3.eu

The Ghent experience

The government owned IT-company Digipolis is active in the cities of Ghent and Antwerp (Belgium). Erik Evrard showed the situation in the city of Ghent where lots of applications and data were being used, with no clear sight on the data streams. A master data programme would solve this issue. Master data is shared across systems, it decouples master information from applications.
One of the experience is to not to wait for higher authorities to provide easily accessible webservices. Grab the data from conventional sources. A real comprehensive data system is still not available. Also do not thrust authentic sources to be hundred percent correct, errors are inevitable. Do also not forget to implement all characters from other languages. Be cautious with names, and also by using smart numbers as identifier. Even the national register can be changing: dates of birth not always known, gender can change,…
Data normalisation is very important. When making personalised services and doing data integration, don’t take this light. You need a good analysis and a good architecture.
A lightweight step Ghent took was a central address database. About 200 applications in Ghent used address data. Analysis showed there are a lot of common types of data (persons, organisations, businesses...), and there can be found a common denominator.
There is no standard solution, so this had to be solved by custom development. The data model is 90% complete for now, the user interface is in development. This should be realised in 2009-2010.
The data model contains descriptions, relations and roles. For privacy and security reasons, every database has an owner who controls rights, and some fields are protected at an user level.
Dutch IT architecture
The Dutch based government organisation for ICT-improvement in municipalities Egem developed a reference architecture: an exchange language, a data model for integrating authentic registry’s, electronic form specifications and standardised e-processes.
The process architecture comprises three levels with different building blocks: customer contact (inform, intake and delivery), orchestrator (service delivery manager busy with process management, case file administration and monitoring and escalation) and specialist (process, decide, process and decide integrally).
The mid office in the model contains customer contacts and details, documentary data, access management to core registration and management and monitoring requests.

MijnKortrijk technical

Managing and sharing contact information led to the new project of building personalised services, Raf Buyle explained in his session about IT-architecture. Keeping data records separate in different databases is inefficient and leads to bad publicity. Pogo is a midware concept for the exchange of contact information without keeping records centrally. Pogo – persons and organisations online - is not a central database, it is an information model and an exchange format. It only contains shared contact data.
Pogo contains single sign-on, session maintenance, access management, entitlement management, a service connector and distributed reporting. It has been used in Kortrijk already for internal use (staff administration), in a provincial tourism company and an organisation for housing. Persons and roles are combined, and related tot back office applications.
You need a flexible tool for your front office, because requirements can change fast and to respond on this. But you need a tool behind – an architecture of participation – which handles rights and roles to relate to your back office. The advantage of pogo is that you not have to integrate applications and data in a centralised solution. The focus stays on the applications. The Mypage Kortrijk wants to develop is a dashboard giving access to all kind of services and data. It looks like one application, but it the transaction data stays in the original applications.