To ensure compliance with the relevant regulatory frameworks, those governing, hosting, and managing a CIS need to understand and determine what types of data are being processed and what types of data are stored in the system. This includes questions of information ownership and potentially conflicting disciplinary standards.
How does the system ensure an effective and safe information exchange between partners? What types of data can the system handle?
Where are these data stored, who owns them and who/how can ensure the quality of such information exchanges?
One way to ensure a safe information exchange is by producing an information inventory that determines:
- types of data producers are those organizations that create, compile, aggregate, package, and provide information to be inserted into an information processing system;
- what types of data are processed (e.g., weather forecast, personal information, structured, semi-structured, and unstructured information);
- purposes for collecting information (e.g., situation awareness, decision making process);
- flows of information; and
- status/ sensitivity of information (confidential, sensitive personal data).
It is also important to discuss the attribution of information ownership prior to launching the CIS. To ensure the quality of information it is recommended to clarify the responsibilities of the engaged actors/ organizations. The practice shows that better information quality is ensured if actors own the data they generate and create (e.g., the automotive industry). The attribution of data ownership also may help to answer questions about the control of the information flow, the cost of information, and the value of information.
Furthermore, it is important to consult the existing standards used in a particular field. Numerous technical, operational and cultural standards exist in the field of theIn order to avoid a lack of interoperability of information system in crisis situations and restrictions on information exchange across different actors, it is recommended to consult available regional and international standards. Consulting standards may be considered not only a good practice but also it may lead to a harmonisation of procedures carried out in order to provide disaster relief.
Related Key Terms