Seven key roles from Chief Data Officer to Cyber Security Advisor. Features the complete seven-step workflow from Applying safeguards through monitoring, with specific responsibilities and approval levels based on data classification.
Purpose
Provide a streamlined, logical workflow for publishing open government data with appropriate safeguards.
Key Roles and Responsibilities
Has administrative or legislative responsibility for a business function to which the data is integral
Key Responsibilities
- Oversight: Approves the collection and release of data
- Strategic Direction: Champions the data prioritisation and release program
- Governance: Provides oversight of the open data process
- Escalation: May seek further approval for high public interest datasets
Manages the data and has technical knowledge of databases and information systems
Key Responsibilities
- Stewardship: Develops and maintains specified datasets
- Compliance: Ensures legal and policy requirements are met
- Access Management: Determines conditions for use and sharing
- Documentation: Maintains metadata and documentation
Has technical, detailed knowledge of the data
Key Responsibilities
- Content Verification: Monitors changes to subject matter
- Quality Assurance: Reviews data for quality and accuracy
- User Support: Responds to enquiries about published data
Has operational oversight of technology or applications
Key Responsibilities
- Resource Assignment: Assigns data custodian roles
- Technical Support: Ensures technology resources support data collection and management
- System Management: Oversees system implementation
Responsible for publishing the open data
Key Responsibilities
- Distribution: Distributes data through designated channels
- Usage Analytics: Monitors data use and public response
- Quality Control: Can unpublish data if issues are discovered
Provides legislative interpretation and advice
Key Responsibilities
- Collection Guidance: Advises on data collection statements
- Regulatory Review: Identifies legal restrictions for data distribution
- IP Management: Advises on intellectual property rights
Agency cyber security specialist
Key Responsibilities
- Security Assessment: Provides advice on the NSW Cyber
- Security Policy Risk Management: Assesses security risks in data publication
Note: This process model serves as a framework that can be adapted to fit each agency's specific structure and requirements.
| Step | Reason | Actions | Role | Completed By |
|---|---|---|---|---|
| Step 3: Apply Safeguards | Implement appropriate data protection measures based on classification | Determine handling requirements based on classification level | Data Custodian | |
| Apply necessary de-identification techniques | Data Custodian | |||
| Implement aggregation where required | Data Custodian | |||
| Remove sensitive fields | Data Custodian | |||
| Test effectiveness of safeguards | Data Custodian, Subject Matter Expert | |||
| Document all applied safeguards | Data Custodian | |||
| Document all data transformations and enrichments with rationale | Data Custodian | |||
| Step 4: Approve for Release | Obtain formal authorisation | Verify absence of sensitive information | Data Custodian, Legal Advisor | |
| Confirm third-party rights clearance | Legal Advisor | |||
| Document public interest justification | Data Custodian | |||
| Obtain approval based on classification level: | ||||
| OFFICIAL (Public) data: Business Unit Executive Director | Chief Data Officer | |||
| OFFICIAL: Sensitive (de-identified): Department Secretary or delegate | Chief Data Officer | |||
| PROTECTED (aggregated): Department Secretary with legal review | Chief Data Officer | |||
| CONFIDENTIAL or above: Not suitable for release | Chief Data Officer | |||
| Step 5: Prepare Documentation | Create supporting materials for users | Develop metadata statement | Data Custodian | |
| Create data quality statement | Data Custodian | |||
| Build data dictionary | Data Custodian, Subject Matter Expert | |||
| Assign appropriate license | Data Custodian, Legal Advisor | |||
| Document update frequency, transformation methodology, and rationale for any data enrichment | Data Custodian | |||
| Step 6: Design Delivery Systems | Create technical infrastructure for data delivery | Select appropriate delivery channels | Data Custodian, Business System Owner | |
| Design data pipelines | Business System Owner | |||
| Develop APIs if needed | Business System Owner | |||
| Create machine-readable formats | Business System Owner | |||
| Document data flows and architecture | Business System Owner | |||
| Step 7: Test and Validate | Ensure systems and data function as expected | Develop and execute test plan | Business System Owner | |
| Validate data accuracy and formats | Data Custodian, Subject Matter Expert | |||
| Test data pipelines and APIs | Business System Owner | |||
| Implement monitoring checks | Business System Owner | |||
| Conduct user acceptance testing | Business System Owner, Data Publisher | |||
| Step 8: Publish and Promote | Release data and maximise its discovery | Publish to designated channels | Data Publisher | |
| Notify stakeholders and communities of interest | Data Publisher | |||
| Create discovery pathways (e.g., portal listings) | Data Publisher | |||
| Develop user guidance materials | Data Publisher, Subject Matter Expert | |||
| Step 9: Monitor and Maintain | Ensure ongoing data quality and relevance | Implement usage monitoring | Data Publisher | |
| Establish feedback collection system | Data Publisher | |||
| Create regular review schedule | Data Custodian | |||
| Develop incident response plan | Data Custodian, Data Publisher | |||
| Update data according to established frequency | Data Custodian |
Final Publication Authorisation
I confirm that all steps in the Open Data Publishing Process have been completed in accordance with the NSW Open Data Policy, NSW Government Information Classification, Labelling and Handling Guidelines, and all applicable legislation.
| Name | Role | Date | Signature |
|---|---|---|---|
| Chief Data Officer | |||
| Data Custodian | |||
| Legal Advisor (if required) |