Ontario’s Digital and Data Directive, 2021
Ontario's Digital and Data Directive ensures the delivery of high-quality digital services and access to public government data, unless it is exempt for legal, privacy, security, confidentiality or commercially-sensitive reasons.
Overview
The directive sets out key principles and requirements for the design of digital services and the sharing of open government data assets created and managed by Ontario ministries and provincial agencies.
Introduction
Ontarians want to seamlessly interact with government and have the confidence that investments in public service delivery are efficient and effective while protecting the security and privacy of information and systems. Achieving this requires transparency and a coordinated approach to the governance and management of information, information technology and a commitment to putting the needs of the user first.
Ontario is working to become the most digitally advanced province in Canada, and the most digitally advanced jurisdiction in the world. The Simpler, Faster, Better Services Act, 2019 (SFBSA) is a key policy driver in achieving this objective.
This directive sets out the specific requirements and roles and responsibilities stemming from the legislation. Additional operational requirements will be achieved through the issuance of policies and standards to support the adoption of digital and open data practices.
This directive is supported by a policy framework that outlines operational expectations and technical standards pursuant to it. This directive exists alongside The Governance and Management of IT Directive (2021) and The Governance and Management of Information Assets Directive (2021). The three directives outline domain-specific requirements, support the achievement of aligned outcomes, and are linked together by a common glossary.
The directive is to be implemented in a manner that is consistent with existing legal obligations, restrictions and requirements, including but not limited to, the Simpler, Faster, Better Services Act, 2019, the Archives and Recordkeeping Act, 2006, the Freedom of Information and Protection of Privacy Act, 1990, the Personal Health Information Protection Act, 2004, the Anti-Racism Act, 2017 the French Language Services Act, 1990, the Accessibility for Ontarians with Disabilities Act, 2005 and other applicable legislation.
The Digital and Data Directive is a Management Board of Cabinet Directive, issued under the Management Board of Cabinet Act.
Purpose
The purpose of this directive is to ensure delivery of high-quality digital services, transparency of and access to government data.
Application and Scope
This directive applies to all Ontario ministries and provincial agencies. Where a specific requirement applies to either ministries or provincial agencies, that is indicated in the text.
This directive applies to all ministry and provincial agency digital services and all ministry and provincial agency data assets.
This directive outlines requirements for ministries and provincial agencies for the design and delivery of digital services and for the proactive sharing of government data assets.
Administration
This directive is issued under subsection 3 (3) of the Management Board of Cabinet Act and is meant to be read and applied in its entirety.
The Secretary of Treasury Board/Management Board of Cabinet is responsible for approving mandatory operational policies that are consistent with this directive.
Ministries and provincial agencies must seek Treasury Board/Management Board of Cabinet (TB/MBC) approval if, in exceptional circumstances, they require an exemption from all or part of this directive. The rationale for the exemption must be documented.
Before any program area may seek approval to issue a new or revised operating policy that will inherit its authority from this directive, the Ontario Digital Service must be consulted.
Principles
The following principles support the requirements of this directive and are intended to guide ministries in interpreting and applying the directive.
Prioritization of user needs
The needs of the user, determined through research and testing, are the first consideration in digital service delivery and the release of open data.
Transparency
Government operates in a way that is easy for others to see what, why and how something is done.
Equitable access
Access is equally available to all users.
Data informed
The use of data is considered in decision-making.
Continuous improvement
Government works in a way that demonstrates on-going, iterative improvement that is responsive to user need and supportive of the realization of benefit.
Requirements
In order to support the government in achieving its objectives ministries and provincial agencies must address the following requirements.
Digital Services
Ministry and provincial agency digital services, whether internally built or procured, must be designed, delivered and implemented according to Ontario’s Digital Service Standard (DSS).
Ministry and provincial agency digital services must be:
- designed in a user-centred manner, address user needs and be supportive of the users’ journey from end to end as determined through active user research
- continuously evaluated and improved in an iterative manner
- made with technology that is scalable, interoperable, secure, accessible and open
- designed to take advantage of reusable technology and data where available
- designed in an iterative manner by a multi-disciplinary team that is empowered to prioritize incremental work and make decisions in the open whenever possible and designed to make the most effective use of data
In procuring a digital service, ministries must include Digital Service Standard requirements in their procurement documents. As best practice, provincial agencies should consider including Digital Service Standard requirements in their procurement documents.
Digital Governance
All ministry digital services and all ministry IT projects in excess of $1M (whether built internally or procured) must:
- Be evaluated against the DSS through digital and IT governance processes (for example, Digital First Assessments, Architecture Review Board, or other governance processes as established)
Assessment against the DSS must occur at each phase in the digital service design cycle.
Measurement
Ministry and provincial agency digital services must demonstrate their contributions to broader service or policy outcomes and establish evaluation and analytics approaches to support continuous improvement.
At a minimum, all digital services must:
- identify the service or policy outcomes to which the digital service is contributing and how the digital service will be evaluated throughout service design and post launch
- use service analytics to understand user behaviour across channels
- define performance metrics for the service up-front, early in the design process
- analyze performance and identify actionable data insights as early as possible
- monitor and report on the realization and sustainment of benefits as applicable
Data
Ministries and provincial agencies must be fully transparent about their data assets and the ways in which they are acquired and used.
Ministry and provincial agency data assets are open by default unless exempted from release in limited and specific circumstances as set out below:
- Data that is subject to statutory confidentiality requirements, (for example, exempt from publication under the Freedom of Information and Protection of Privacy Act, 1990, the Personal Health Information Protection Act, 2004, the Anti-Racism Act, 2017 and/or other statutes).
- Data that should not be disclosed for legal, security, confidentiality, privacy or commercial sensitivity reasons as identified by expert assessors (for example, legal counsel, ITS security or privacy professional) as described in the Open Data Guidebook (2015).
Directors closest to the data must ensure the appropriate expert assessment occurs prior to the publication of data and approve its release.
Ministries and provincial agencies ensure exempted data remains secure and is managed responsibly.
Open data must be accurate, timely, openly accessible, interpretable, coherent, de-identified, primary and released in accordance with the principles in the International Open Data Charter.
In considering data for publication, ministries are required to prioritize data that meets standards set for the release of data by the Chief Digital and Data Officer (CDDO) and subsequent to that to release data that would be of high value to users, including across jurisdictions.
Ministries are required to consult and comply with the Open Data Guidebook. Provincial agencies should use the Open Data Guidebook as an example of best practices to adopt.
Data Inventory
Ministries and provincial agencies are responsible for keeping their inventory list up-to-date on an ongoing basis and keeping the CDDO informed of changes.
In exceptional cases, ministries and provincial agencies may exclude a data asset from their inventory where the organization is prevented from disclosing the data asset by law or it is authorized by law to refuse to confirm or deny the existence of data.
Ministries
All ministry data assets need to be listed on the government-wide data inventory, regardless of open status, with sufficient metadata for broad understanding of its nature, purpose and use by the government.
Each ministry who has custody or control of data assets must contribute to the government-wide data inventory by providing to the CDDO a listing of all data assets, including those data assets which are exempt from being made open per the reasons listed above.
Provincial Agencies
Each provincial agency who has custody or control of data assets must prepare their own inventory of these assets, share that inventory with the CDDO for inclusion in an provincial agency data inventory dataset on the Ontario Data Catalogue and post their inventory on their own website, or the website of their parent ministry if they do not have their own.
Open Data Publication
All ministry data assets made publicly available must be accessible through the Ontario Data Catalogue.
Provincial agency open data must be made available through their own website or that of their parent ministry if they do not have a website.
All open data must be released in an open format.
Open data must be released at no charge to the user (for example, for-profit business, researcher or interested party etc.) and under the Open Government Licence – Ontario (See Appendix) and/or a similar open licence in consultation with users and on the advice of counsel.
No data assets released as open data are to be deleted or removed from public access except where it was published in error.
Ministry open data is to be published to the Ontario Data Catalogue in the language in which it was collected. The dataset title, description, and all accompanying supporting information must be available simultaneously in both English and French.
Open Data Engagement
Ministries and provincial agencies must develop plans to promote open data under the guidance of the Ontario Digital Service and their specific communication branches.
Ministries and provincial agencies should communicate the strategic value of open data to stakeholders and the public.
Roles and Responsibilities
Treasury Board/Management Board of Cabinet
- approve changes to this directive
- approve exemptions from this directive in whole or in part through submission of a business case
Secretary, Management Board of Cabinet
- approve operational policies pursuant to this directive
- approve any exemptions from the requirements outlined in those policies
- periodically receive reports on the status of operational policies to demonstrate due diligence, risk management, and strategic decision making
- periodically recommend updates to this directive to MBC
Chief Digital and Data Officer
- work with TB/MBC to set digital strategy transformation priorities and ensure transformation initiatives are taking digital, lean and data driven approaches
- provide advice and guidance to government/ministries on potential opportunities to derive value from data, while still abiding by the principles of this directive
- report publicly on ministry and provincial agency compliance with the directive as directed by the Minister responsible for Digital
- regularly review this directive and recommend any changes
- develop policies and standards for digital service delivery and open data, subject to the approval of TB/MBC
- develop guidance for digital service delivery and open data
- establish and oversee governance of digital services
- establish, coordinate and maintain a comprehensive government-wide inventory of data assets (including those data assets which are exempt from being made open). This inventory will be published online and will be accessible to the public
- work with the Chief Information Security Officer and the Chief Privacy Officer to ensure alignment between open data and data protection requirements and policies
- work with the Corporate Chief Information Officer to embed digital and data policies, guidelines and standards across and into the IT Organization
Ontario Digital Service
- maintain this directive and support its implementation
- develop and maintain digital and open data policies, guidelines and best practices that align to this directive as required
- operationalize the governance process of digital services
- work with TBS IT Governance, Office of the Corporate Chief Information Officer and Architecture Review Board to identify at-risk digital services under development and prepare quarterly reports to Deputy Minsters Committee on Transformation and Technology (DMCTT)
Deputy Ministers or CEOs/Chairs of Provincial Agencies
- adhere to and promote the principles and requirements in this directive and ensuring that ministry or provincial agency staff do the same
- put in place processes that support the directive
- approve the removal of datasets from the Ontario Data Catalogue
Deputy Ministers’ Committee on Technology and Transformation (DMCTT)
- receive and review quarterly reporting on at-risk digital services under development
Corporate Chief Information Officer
- provide strategic leadership, advice and direction to ministries on technology to enable digital service delivery
- ensure that all data management platforms, applications and solutions acquired or built have open data features as a core function, in accordance with this directive
- embed digital and data policies, guidelines and standards across and into the IT organization
Program Directors
- ensure that a risk-based assessment process following the Open Data Guidebook is applied prior to the release of open data
- approve the release of open data as set out in this directive
Definitions
A common glossary has been developed for this directive as well as the other two related directives, The Governance and Management of Information Technology (2021) and The Governance and Management of Information Assets Directive (2021). This glossary can be found in an online format on the Ontario Public Sector intranet where the directives are also available.
- Data
- A type of information that is facts and statistics collected together for reference or analysis; things known or assumed as facts, making the basis of reasoning or calculations. Data may be analogue or digital and may be structured or unstructured.
- Data Asset
- A type of information asset that is any aggregation or grouping of facts and figures stored in a structured format (
dataset
), as well as the additional information necessary for its management, access, and use. This includes database structure, algorithms, calculations, and computational models, or any other means used alone or in part to use data to inform government decisions, programs or services. - Digital Service
- a government service delivered by means of the internet or other technology. Including but not limited to:
- Transactional services
- Information services
- Web applications
- Extranets
- Governance
- Rules, systems and accountability structures that enable an organization to ensure that service development and delivery activities comply with all applicable regulations and legislation, optimize investments and risk, ensure the achievement of benefits and deliver on government mandate/priorities, while remaining mindful of user needs.
- Information Asset
- An aggregation or grouping of information, including data, records, and publications, that can be defined and managed as a single unit so that it can be understood, shared, protected, and used effectively. Information assets have recognizable and manageable value, risk, content, and lifecycles.
- Open Data
- data that has been made proactively publicly available without charge, in a machine-readable format and released under an open licence which allows it to be used, re-used, built upon, and shared without additional permission.
- Open Format
- a set of specifications used to store and transmit digital data that is platform independent, machine-readable and vendor-neutral.
- Personal Information
- Recorded information about an identifiable individual, as defined by the Freedom of Information and Protection of Privacy Act, 1990 (FIPPA).
Appendix
Open Government Licence
Using Information under this licence
- Use of any information indicates your acceptance of the terms below.
- The information provider grants you a worldwide, royalty-free, perpetual, non-exclusive licence to use the Information, including for commercial purposes, subject to the terms below.
You are free to:
- Copy, modify, publish, translate, adapt, distribute or otherwise use the Information in any medium, mode or format for any lawful purpose.
You must, where you do any of the above:
- Acknowledge the source of the information by including any attribution statement specified by the information provider(s) and, where possible, provide a link to this licence.
If the information provider does not provide a specific attribution statement, or if you are using information from several information providers and multiple attributions are not practical for your product or application, you must use the following attribution statement:
Contains information licensed under the Open Government Licence – Ontario.
- The terms of this licence are important, and if you fail to comply with any of them, the rights granted to you under this licence, or any similar licence granted by the Information Provider, will end automatically.
Exemptions
- This licence does not grant you any right to use:
- personal information;
- information or records not accessible under the Freedom of Information and Protection of Privacy Act (Ontario);
- third party rights the information provider is not authorized to license;
- the names, crests, logos, or other official symbols of the information provider; and
- information subject to other intellectual property rights, including patents, trade-marks and official marks.
Non-endorsement
- This licence does not grant you any right to use the Information in a way that suggests any official status or that the information provider endorses you or your use of the information.
No warranty
- The information is licensed "as is", and the information provider excludes all representations, warranties, obligations, and liabilities, whether express or implied, to the maximum extent permitted by law.
- The information provider is not liable for any errors or omissions in the information, and will not under any circumstances be liable for any direct, indirect, special, incidental, consequential, or other loss, injury or damage caused by its use or otherwise arising in connection with this licence or the Information, even if specifically advised of the possibility of such loss, injury or damage.
Governing Law
- This licence is governed by the laws of the Province of Ontario and the applicable laws of Canada.
- Legal proceedings related to this licence may only be brought in the courts of Ontario.
Definitions
- In this licence, the terms below have the following meanings:
- Information
- means information resources or records protected by copyright or other information or records that are offered for use under the terms of this licence.
- Information provider
- means Her Majesty the Queen in right of Ontario.
- Personal information
- has the meaning set out in section 2 (1) of Freedom of Information and Protection of Privacy Act(Ontario).
- Records
- has the meaning of "record" as set out in the Freedom of Information and Protection of Privacy Act (Ontario).
- You
- means the natural or legal person, or body of persons corporate or incorporate, acquiring rights under this licence.
Versioning
- This is version 1.0 of the Open Government Licence – Ontario. The information provider may make changes to the terms of this licence from time to time and issue a new version of the licence. Your use of the information will be governed by the terms of the licence in force as of the date you accessed the information.