A Policy Framework on the Dissemination of Government Electronic Information: Some Remarks

Vincent M. DeSanti*

This article, a companion to the “Interagency Workshop on Public Access,” provides an outline from which an analytical framework guiding dissemination planning might emerge.

A policy framework on the dissemination of government electronic information would provide Federal agencies with general guidance on public access issues. However, an analytical framework guiding dissemination planning, such as the one proposed in the “Interagency Workshop on Public Access,” must address a number of issues and questions. The purpose of this article is to identify selected issues and questions, thereby encouraging others to build on this modest beginning.

A dissemination policy should consider ethical issues relating to the appropriate uses of information and information technologies. These uses must reflect the public interest. Such ethical issues relate to data access and relevancy, accuracy and security, monitoring of information management activities, and possibilities for data recombination, and fraud and abuse. For example, computer matching makes it easy to manipulate information collected for one use to suit another purpose. Technology also makes it easy to modify information in electronic records, disseminate information that has not been verified or qualified as to source or validity, and access sensitive or restricted information. Clearly, information managers need to become aware of their ethical responsibilities in this arena.

Information dissemination does not exist apart from information management. If we persist in separating the two, we merely add to the fragmented patchwork that already exists. Because dissemination is part of the information life cycle, it warrants

* Direct all correspondence to: Vincent M. DeSanti, Assistant Director, Information Management and

Techno1og.v. General Accounting Office. 441 G Streei, N. W., IMTEC-Techworld, Room 10010. Washington. DC 20548.

Government Information Quarterly, Volume 10, Number 2, pages 255-260. ISSN: 0740-624X.

2.56 GOVERNMENT INFORMATION QUARTERLY Vol. 1 O/No. 2/l 993

the same management considerations of organization, planning, control, and review as the other phases of the life cycle.

MANAGING ELECTRONIC DISSEMINATION: A LIFE-CYCLE PERSPECTIVE

Four major uses determine the information flows in an organization. These are: strategic planning, ongoing management, operations, and historical documentation. Each of these uses involves an information life cycle. Information dissemination is but one phase of the life cycle of a particular information flow or product. Dissemination is usually the end phase of an integrative process that applies, develops, and optimizes information resources (data, people, and technology) to meet the agency’s information needs.

The major functions of the information life cycle include:

l Information creation or gathering; l Data management and information processing; l Security management; l Transmission and dissemination; and l Final disposition.

Each phase of the life cycle represents a field of specialized activity. Many of these activities have specialized languages and skills not easily understood by others, and they operate in different time frames. Careful development of competence in individual stages will not lead to outstanding results unless the linkages are well understood and well managed. Rather, when these activities are managed as fragmented, independent fiefdoms, a heavy price is exacted not only in service delivery and cost but also in agency performance-slow response, inflexibility, and ineffective use of capital and human resources.

Disseminating electronic information to the public cannot adequately be managed apart from all the other functions associated with that information-from its genesis to final disposition. In other words, we cannot manage its dissemination until we have determined how to retrieve it. We cannot retrieve it without first considering how to organize, store, and safeguard it. We cannot accomplish these tasks until we have determined who should have it and how to collect or create it. Decisions in almost every phase of the life cycle affect the others, particularly in the use of technology. Although technology is the medium, not the driver of information management, the effective use of technology requires an adroit passing of the baton from one stage to another.

The wide range of information management functions and processes associated with a product’s life cycle include requirements analysis; feasibility studies; planning; system design, acquisition, development, maintenance, and operations; data administration; establishment of policies, standards, and procedures; and training. The boundaries separating these activities cannot be sharply drawn, yet each line represents an interface that must be crossed. In all phases of the life cycle, there are tradeoffs, in terms of resources required, efficiency of operations, costs, and benefits-all of which have a direct bearing on the format, transmission medium, time frames, service delivery, and fees associated with the final product and its dissemination, and final disposition.

257 Dissemination of Government Electronic Information

MANAGEMENT OBJECTIVES

For agencies to make sound managerial, technical, and economic decisions in developing information dissemination systems, they need to accomplish five basic objectives:

Ensure system effectiveness. An information dissemination system exists to serve some higher agency or program mission, such as informing the public on toxic releases in the environment or providing technical reports to researchers in the aerospace community. A system is effective when it accomplishes this mission, and when it provides its intended users with reliable, timely, and usefully- formatted and assimilable information.

Promote system economy and efficiency. An economical and efficient system uses the minimum number of scarce information resources-data, people, hardware, software-to accomplish organizational missions and goals and satisfy user needs.

Protect data integrity. Whether a system’s output is to make sound managerial decisions or to inform the public, agencies need properly authorized, complete, accurate, and reliable data. To have data integrity, agencies must establish adequate controls over how data are collected, entered, transmitted, processed, stored, and disseminated.

Safeguard information resources. An agency’s information resources, i.e., data, people, hardware, software, are often concentrated in specific physical locations,

e.g., a data or communications center, or personal computer. As with all valuable assets, these resources need to be protected against unauthorized use, waste, loss, fraud, and abuse.

Comply with laws and regulations. Federal laws, central Executive Branch agency regulations, and individual agency policies and procedures have been established governing the management and use of information and information technology. Ensuring compliance with these laws, regulations, and policies will help achieve the other four objectives cited above and will promote Federal policy goals.

It is important to understand the distinctions among these five basic objectives, but it is equally important to recognize that they are interrelated and need to be balanced carefully in the design, acquisition, and implementation of information systems.

LIFE-CYCLE MANAGEMENT POINTERS

The following outline of life-cycle considerations offers an analytical framework for establishing an information dissemination service.

Information Creation/Gathering

l What is the primary mission and programmatic goal to be served by the information dissemination service? What are the basic social needs or problems that the agency must address?

258 GOVERNMENT INFORMATION QUARTERLY Vol. 10iNo. 211993

0

0

Who are the major stakeholders and primary beneficiaries of the agency’s dissemination service? Is the information already available in fulfillment of the agency’s program mission? Does the information have value to the public; i.e., contribute to the efficient and effective delivery of programs and services, as well as assist citizens in understanding and evaluating what government is doing? Does the information have to be re-collected or re-created to make it accessible and useful? If so, what are the resource requirements in terms of personnel, equipment, and contracted work; what are the collection burdens imposed on the public; and what are the costs and the benefits? What must the agency do administratively and programmatically to anticipate and respond to user needs? Do societal, legal, or economic issues pose opportunities or threats to public access, or necessitate major new data generation or collection initiatives? Does the information (1) duplicate what is available from other sources, (2) create an undue burden on those who must provide the information, or (3) constitute unfair competition with businesses? 1s the information or product useful, reliable, accurate, complete, and of consistent high quality? How is the agency organized to manage the information generation/collection process, and how adequate are current inventories of data files, systems, and personnel to support this phase of the life cycle?

Data Management/Information Processing

What are the agency’s policies regarding information sharing, ownership, data management, and information management tools, such as locator systems and data dictionaries? Is there a data architecture for distributed processing, information sharing, and electronic access, which defines logical data structures and data models, separating logical and physical data relationships? How is the agency structurally organized to manage the information resources and management process in place for accomplishing this phase of the information cycle? If information systems projects are involved, what are the related major tasks and time frames, and who has overall responsibility and accountability? Does the agency have an information systems architecture to define formats. network structures, communications protocols, user interfaces, standards for hardware, software, and connectivity? Are there effective working relationships among line managers, service providers, and information systems support personnel?

information Security

To what extent has the agency established an effective information access, security, and risk management program to protect the integrity, confidentiality, and availability of information?

Dissemination of Government Electronic information 259

0

0

0

0

0

0

0

0

0

0

0

0

0

0

l

0

Has the agency established the necessary physical controls to protect against unauthorized physical access and environmental hazards? Has the agency established the necessary logical controls (software) to ensure user identification, authentication, and authorization, and an audit trail of system usage? To what extent does the agency’s security program cover organization and resources, policies and procedures, classification and ownership of data, risk assessment, user awareness and training, and contingency planning?

Transmission and Dissemination

How “user friendly” is the dissemination or public access service? To what extent will the system provide browsability, simple interfacing capability, good organization of the subject matter, formatting to facilitate scanning and retrieving of information, and physical access and availability when the user needs it? To what extent can the user be assured of the reliability of the information or data being disseminated-its accuracy, preciseness, and validity. How current or timely will the data or information be for making decisions and taking actions? What is adequate response time-is it real-time or some other time period specified by the users? To what extent is the disseminated data or information understandable-in terms

of format, labelling, and context-for decision making? To what extent will it be relevant to the actions and decisions it supports? To what extent will the system link the user to other information or other sources of information than what is stored in the agency’s system? How flexible will the system be in allowing users to work interactively with data and information in a file or to search for more relevant information? To what extent will the dissemination system withstand scrutiny by mass media, respond to crisis situations, and general public scrutiny requiring accountability mechanisms, in addition to internal requirements of the agency? Will the system be capable of handling special queries for aggregating data in ad hoc ways, and producing special reports and analyses in short time frames? To what extent has the agency designed an evaluation strategy and approach for assessing the value, effectiveness, and success of the dissemination service? To what extent will the agency provide information locator tools to enhance the information sources and services available to both employees and external information customers?

Final Disposition

Has the agency established an electronic records management program? Are the dissemination products media-dependent, relying on hardware, software, documentation, and technical expertise to be accessed, read, and used? To what extent has the agency involved records managers in the design and the implementation of electronic public access systems? Does the agency understand that records management considerations affect system memory requirements, online response capabilities, storage costs, space management, and the entire system environment?

260 GOVERNMENT INFORMATION QUARTERLY Vol. lo/No. Z/1993

l Does the agency’s records management design and implementation entail procedures for auditing information processed by the system, or designating responsibilities for ensuring that records management procedures are followed, and have periodic review for adopted records management practices?

CONCLUSION

Information dissemination is but one phase of an information system’s life cycle. When considering the development of a policy framework for the dissemination of government electronic information, it is essential to recognize that plans for disseminating information must be built into the design, development, and implementation process of a system’s evolutionary life cycle. Understanding the relationship between life-cycle processes and the five basic management objectives is a key to managing information resources successfully in electronic-based systems. The practices used in acquiring and developing an information system throughout its life cycle will help ensure that agencies:

l Acquire/ develop dissemination systems that meet user requirements; l Select systems that optimize resource use and minimize cost; l Design and implement systems with adequate controls and audit trails; l Protect information resources from waste, loss, or unauthorized use; and l Comply with applicable laws and regulations.