Data Protection

About the session

The digitalisation of government depends on citizen consent for data use. How can government align data protection measures with legacy IT infrastructure, ensure compatibility with future IT innovation, keep up-to-date with changing regulations, and managing the costs associated with data protection strategies? Only by answering this can government organisations demonstrate that they can be trusted to safeguard the citizen data that they collect, process, and store.

1. Data Classification: Understanding what data you have and classifying it based on its sensitivity and importance is the first step to data protection. How should public sector organisation best identify and classify data based on sensitivity and importance? What kind of frameworks could be most effective for our organisation in applying suitable protection measures to different data categories?

2. Data Security Technologies: What specific data security technologies and tools are we leveraging to protect our data? How can we further optimise the use of encryption, tokenisation, anonymisation, and other protective measures to secure sensitive information? And what can be done to fortify our defensces against external threats with firewalls, anti-malware software, and intrusion detection systems?

3. Access Controls: How are we managing access to our data? Are our current measures such as password policies, two-factor authentication, and role-based access controls sufficient, or are there areas that need strengthening to ensure that access is limited to authorised individuals?