It is not news to hear that good decision making is informed by the quality of information available to the decision maker at the time. The flow of timely information to the people that need it is often a challenge; but in most cases the value created by sharing or exchanging information far outweighs the challenges involved.
At a time when there is an abundance of information and data available, it is important to focus on the fitness of information in use and understand how value can be derived through sharing or exchange.
For example, the exchange of information between healthcare professionals can increase a patient’s safety, reduce delays in patient triage, inform future clinical practice and reduce the potential for adverse medical effects. In the wrong context, sharing the same information could be detrimental to the wellbeing of a patient.
So how do you navigate information sharing?
Information sharing within an organisation is usually relatively simple. Most governance frameworks are well suited to internal information sharing.
Information captured and stored in corporate systems normally conforms to well understood internal requirements, and the surrounding processes embed these requirements as information flows through an organisation.
Roles, responsibilities and accountabilities are usually clearly articulated, the regulatory environment is understood, the controls defining information use are business-as-usual and the metadata providing context is attached.
Processes for information classification which define the required level of information security, role based access to systems, workflow approvals etc. are generally in place.
Typically, it is when information is shared between organisations or flows outside of an organisation that challenges arise. In many cases this happens when a tension develops between providing access to information; and control over who can access the information and for what purpose. This is where the value of information planning and management skills can never be underestimated.
A broad-brush governance approach may not be adequate for specific domains of information when taken out of the context in which that information was created. The level of fitness of the information to the purpose for which it is being used changes with each use case.
What should information sharing consider?
The attributes of relevance, comprehensiveness, timeliness and validity (amongst others) come into question when exchanging information outside of organisational boundaries. Retaining the integrity of information in different contexts is key. The need to protect the privacy of an individual and understand the confidentiality of information is also paramount and must be factored into the organisation’s accountability framework.
Properly classifying information is essential to determine where along the spectrum of access the information fits. This spectrum ranges from closed access (highly protected or sensitive information which has the potential to cause serious damage), to shared or group access to information within set parameters, to open or publicly accessible information such as that found on an internet site.
What, when and how?
Knowing how to navigate the challenges presented by information sharing and exchange enables improved collaboration, better service delivery and more informed decisions. Effective information sharing is a true example of the sum of the parts being greater than the whole.
Good governance provides the handrails to work your way through the perils of information sharing. When you are thinking about information sharing, asking some simple questions (such as the set below) can help to ensure that information is shared effectively and improves decision making:
- What is the purpose of sharing or exchanging information?
- What potential outcomes can be achieved?
- What is the information security classification?
- What controls apply to the information as it progresses through different stages of its lifecycle?
- What are the privacy impacts of exchange?
- How will the information be re-used?
- Who will have access to the information?
- How long will the information be retained?
- Is there an audit trail of the exchange?
- Who is responsible and accountable for the information once it has been shared?
- How do decisions get escalated, and to whom?
- Will integrity of the information be impaired if it is shared?
Good governance enables information sharing
Fit for purpose governance is the key to ensuring that information is shared effectively and for best effect, both inside and outside an organisation. Embedding the processes, roles, standards and metrics of a governance framework will ensure that the most value is realised from your information, while at the same time reducing risks (such as compliance, loss or breaches), and costs (arising from storage and unnecessary duplication of information).