- wireless applications & uses
- wireless technology options
- wireless standards
- wireless security
- wireless network management & performance
- wireless installation & maintenance
PUBLICATIONS | Chronological List
All publications are available in PDF format. Click here to download acrobat reader.
Cloud-based file sharing solutions have become very popular and certainly a growing and significant part of day-to-day computing. It is easy to see why these services are attractive to state government users after using them in many facets of their personal life. With a wide variety of choices in the market, these solutions are easy to access, configure and use. They support multiple devices (especially mobile), and data in multiple formats. The most important consideration for state employee users – these file sharing services are free. Since the release of the 2012 NASCIO and Deloitte Cybersecurity Study, more security and policy questions have been raised on the use of free cloud services by states. In addition to the May 2012 Capitals in the Clouds IV guidance on rogue cloud users, states have continued to seek out leading practices on how to put the proper controls in place, meet security standards, craft acceptable use policies, and identify the open records and legal concerns regarding terms of service. This brief helps to provide real experience from Commonwealth of Pennsylvania on free cloud services.
NASCIO’s 2004 publication NASCIO on Unlimited Liability - Gaining Traction on the Road to "Win-Win" recommended changes to the state IT procurement policy regarding limitations on liability, and research from 2010 and 2012 show subtle changes have occurred in the states. This infographic indicates which states have limitations on liability in statute, which states have none, and which states are able to negotiate limitations on a case by case basis, and compares the current situation to previous NASCIO research.
As state leaders act to streamline services, consolidate IT infrastructure and perform more efficiently, trusted digital identities and their authentication becomes a critical enabler with the digital ecosystem. All levels of government and the private sector, are confronted by this challenge and are working together to create common policy, guidelines, standards, and responsibilities to protect cyber assets and ensure appropriate mechanisms are in place for a coordinated identity ecosystem. This guidance presents the value proposition along with key factors for establishing an enterprise-wide approach to identity management.
Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.
This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers conducted by NASCIO in partnership with Deloitte in July and August of 2012. Both a repeat and extension of a Deloitte-NASCIO survey originally conducted in 2010, it documents the relative strengths and weaknesses of the security programs that protect state governments’ vital systems and data. The study identifies areas of concern expressed by state CISOs, and provides a call to action for state CIOs and policy officials on the critical need to support and enhance cybersecurity programs.
NASCIO, TechAmerica, and Grant Thornton LLP have collaborated on the third annual survey of state government IT leaders. Since the last survey of state chief information officers (CIOs) in 2011 - A New C4 Agenda (Consolidation, Collaboration, Clout, and Change) – we find that CIOs continue to be confronted with myriad responsibilities and leadership challenges. Some of these focus on continuing to provide many high-quality IT services to state agencies and employees (such as email and networking) as well as to citizens (such as online registration and licensing). Others focus on procuring, implementing, and managing new IT services, such as cloud platforms, mobile devices and applications, and social media. CIOs must maintain a balancing act, not allowing either the old or the new to dominate their attention.
Collaboration is a major part of the solution to sustaining and thriving government organizations and services. But it has to be done correctly so it is effective, can sustain through the life of the initiative’s intent, and can adapt with changing environmental circumstances. No matter what service area, mode of delivery, management area, or technology, collaborative arrangements should be considered as an alternative that may deliver the most effective outcomes.
NASCIO is actively investigating existing collaboratives in order to promote collaborative arrangements across government and to uncover operating discipline and best practices that make for successful collaboratives.These best practices support strategy, governance, program and project management, organization, operations and effective application of technology.Collectively these best practices are imbedded in the enterprise architecture of successful collaboratives.
The State Identity and Credential Access Management (SICAM) Guidance and Roadmap outline a strategic vision for state-based identity, credential, and access management efforts, and emphasizes the importance of implementing the SICAM architecture and services in support of the challenges associated with trust, interoperability, security, and process improvement. States can, and should, provide a secure, auditable environment for the processing and exchange of information across the entire spectrum of state business. This guidance promotes an enterprise approach and it is essential that state governments take the initiative to ensure the integrity of the data entrusted to them and provide a high level of security and privacy to citizens, customers, and partners.
Maintaining and increasing government service delivery in the current economic circumstances is nearing the impossible. What is the answer? Part of the answer is the formation of collaborative relationships across agencies and jurisdictions to share and in some circumstances consolidate investments. State and local governments can not afford to go it alone. Through collaborative governance structures, jurisdictions can pool funding, increase buying power, remove or reduce redundant investments in technology and actually make significant gains in the quality of service.
The volume and velocity of data creation is at all time high – and is accelerating. State government is a veritable data engine creating vast amounts of data from a vast number of sources. That data is being used to comply with regulations; uncover fraud, waste and abuse; and ultimately improve the lives of citizens. The sky is the limit in terms future data generation based on the growth in mobile applications, sensors, cloud services and the growing public private partnerships that must be monitored for performance and service levels, according to NASCIO’s latest in its series of issue briefs on analytics - “Is Big Data a Big Deal?”
In this issue brief, the universe of “big data” will be explored in order to:
- Create a foundation preliminary to further description and exploration in future briefs, conference sessions and innovations forums.
- Set common characteristics of big data versus simply lots of data.
- Emphasize the necessity of data governance and data management within a broader state government enterprise architecture.
- Present some early recommendations for state government regarding big data.
This is the second in a series of briefs on IT procurement modernization. The brief focuses on performance bond trends for state IT projects and is intended to give an overview of how the surety market has significantly changed because of a wave of factors external to the IT industry. The amount of readily available performance bonds has become a challenge and, in some instances, bond companies have begun to require companies to partially or fully collateralize performance bonds with bank letters of credit. In order for states to lower costs and create a competitive procurement pool, states need to consider finding ways of leveraging existing protections and adjusting performance bond requirements if necessary. This brief was developed in partnership with TechAmerica and with contributions from the National Association of State Procurement Officials (NASPO).
This brief seeks to present an overview of how the discipline of Enterprise Architecture (EA) can be used to improve and lower costs of state IT procurement. The degree of EA maturity in states can vary as much as the very rules that govern IT procurement, but a closer look will provide guidance on alignment of these vital functions of government. As stewards of tight budgets, it is imperative that state chief information officers (CIOs), state procurement officials, and other state leaders find the best values and are accountable for IT investments. State leaders should consider the benefits of aligning IT procurement and enterprise architecture not only as a way to deliver IT services more effectively, but also as a way to find savings through streamlined investments. This brief was developed in partnership with TechAmerica and with contributions from the National Association of State Procurement Officials (NASPO).
This is an unprecedented time for health IT in the United States, and the backbone of achieving lower costs, better health outcomes, and system interoperability relies on an enterprise view. In response to the CMS release of Medicaid Information Technology Architecture (MITA) 3.0, the NASCIO Health Care Working Group has formulated guidance to states as they navigate Medicaid IT transformation. NASCIO continues to be an advocate for enterprise solutions and view the MITA framework as a way state CIOs can decouple legacy systems and break down existing silos in state government. State CIOs grasp the importance of modernizing the Medicaid enterprise in a way that is flexible, interoperable, and takes into consideration emerging technologies like cloud computing. In addition to emphasizing conformity to the MITA vision, the report calls attention to emerging security threats in the states and the importance of protecting personally identifiable information and personal health information.
This brief presents an emphasis on the cultural and organizational aspects of cloud computing. “Cloud services” imply shared services. When agencies come together to share such a resource there will necessarily have to be an evaluation of the variance in security policies in place in the various partner agencies. Engaging external cloud services can be quite risky if such services have not been properly vetted by state security staff. Much education, awareness, and ongoing communication will be required to ensure state government employees are fully aware of the risks of external cloud services. The imperative for states is to stay connected and maintain the dialogue, sharing intentions and solutions, as state government moves forward with adoption of cloud services. Cloud is not the only solution or avenue for sharing resources. When it is the right solution, it must be employed with proper attention to the security aspects of cloud services, particularly with external cloud services.
Cloud computing will continue to be an invaluable resource for state and local governments in their efforts to rationalize and optimize computing resources. Cloud computing should be seen as an IT innovation that can support rationalization and optimization of business services as well as IT services. Due diligence prescribes the necessity of exploring and evaluating jurisdictional issues in order to ensure long term sustainability and growing adoption of collaborative government operations in state and local government.
To ensure that IT security remains robust in the current difficult budget environment, the National Association of State Chief Information Officers (NASCIO) has identified a taxonomy of core, critical IT security services to facilitate the analysis of requirements, sourcing options, and costs for delivering appropriate security. For each of the twelve services that were identified, the brief includes a description, a list of the key activities associated with the service, and a list of tools that commonly support service delivery.
Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.
Released in conjunction with NASCIO's Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Fast Track Solutions; Enterprise IT Management Initiatives; Improving State Operations; Information Communications Technology (ICT) Innovations; Open Government Initiatives; and Risk Management Initiatives.
NASCIO partnered with TechAmerica and Grant Thornton LLP to survey state and territorial chief information officers (CIOs) on their most challenging issues and significant opportunities. At a high level, the survey reveals this to be a time of evolving roles, changing organizational capabilities and demanding workloads for the CIOs. The themes that emerge from the 2011 survey results center on consolidation, collaboration, clout and change — a new state CIO agenda. The report, which is the second Annual Survey of State Chief Information Officers, is titled: “A New C4 Agenda: Perspectives and Trends from State Government IT Leaders.”
Cloud computing brings with it opportunities, issues and risks. One major consideration that must be addressed is the management of data – governance, stewardship, consistency, ownership and security. Data is the lifeblood of state government operations and critical for service delivery. With the fiscal stress and operational pressures that are driving state and local governments toward serious consideration and adoption of cloud computing, the data must not be ignored. These pressures must be managed intelligently to avoid pushing government into a future situation that could constitute greater cost, and more difficulty in achieving interoperability of government lines of business and government jurisdictions.
For the 2011 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cyber Security Awareness,Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cyber security awareness, training, and education initiatives.
The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.
Public Technology Institute has published CIO Leadership for State Governments: Emerging Trends and Practices, a book that illuminates the role of the state CIO, and shares leading technology practices and innovative programs in state government.
Published in partnership with the National Association of State CIOs (NASCIO), this is the first book written exclusively by and for the state CIO.
While NASCIO has continued to track the role of the State CIO in Health Information Exchange (HIE), the recently released issue brief highlights the importance of a sustainable public HIE. Included in the brief are best practices for creating potential revenue streams, considerations for systems development, and innovative options that may reduce maintenance and lower costs. State CIOs and state policy officials need to consider the business drivers that will ensure that revenues exceed costs to plan, implement and operate an interoperable HIE. State CIOs recognize that there is no better opportunity than now for carrying out these goals, but continued ingenuity will be imperative in ensuring a state-run HIE is independently sustainable when public grants may no longer be available.
Cloud computing has arrived as a serious alternative for state government. There are outstanding issues that must be faced and dealt with in order to maintain the reliability, responsibility, security, privacy, and citizen-confidence in government services. Government is exploring technology and business process innovations that will make the way for government to deliver existing services more economically. Cloud computing provides a number capabilities that have the potential for enabling such innovation.
Despite the contentious debate over national health care reform there seems to be one trend that has gained some degree of consensus at the state level – planning for implementation of state health benefit exchanges. The Patient Protection and Affordable Care Act (PPACA) has already provided $2.8 billion in funding to states to build benefit exchanges, expand Medicaid eligibility and continue prevention efforts. In addition to the substantial amount of funding states have already received, they will receive billions more during 2011 and beyond. The Affordable Care Act provides states with the unique opportunity to either develop and run their own exchange or default to the federal government to establish and operate the exchange. State CIOs will play varying roles in health care reform, but irrespective of their responsibilities it will be imperative to provide sound leadership and provide feedback to governors on any IT gaps that may exist during this momentous time.
NASCIO Recommends State Government Adopt the National Information Exchange Model (NIEM) to Enable Government Information Sharing
The National Information Exchange Model (NIEM) provides a broad range of products and capabilities for planning and implementing enterprise-wide information exchanges. Government effectiveness and citizen centric government services require effective cross line of business collaboration and communication. Use of national standards will avoid redundant investment and unnecessary variation. What is needed is a common discipline for information sharing that is employed by all government lines of business. NIEM exists as that discipline for federal, state and local government.
In 2007, state CIOs had offered anecdotal evidence that states could face a potential shortage of government IT workers in the near future due to anticipated retirements of baby boomers and a waning interest in government IT employment from a younger generation. To revisit this looming issue, in November 2010 NASCIO conducted a web-based survey for state CIOs to assess the landscape of the state IT workforce. The results of the survey State IT Workforce: Under Pressure have been compiled and NASCIO members should use the results as a tool in identifying and addressing state IT workforce trends. The state responses provide a broad perspective on state IT workforce issues as a whole, and also allow CIOs to further assess the IT employment outlook within their respective states.
Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.
People put a lot of trust in state governments to collect, maintain and protect the appropriate information necessary to execute their programs, protect individual rights, and ensure public safety. The volume of that information expands at an ever-increasing pace, and maintenance and protection of that information, particularly where it involves Personally Identifiable Information (PII) and Personal Health Information (PHI), becomes more and more challenging. The 2010 Deloitte-NASCIO Cybersecurity Study finds that states need to do more to secure citizen data and maintain public trust.
Released in conjunction with NASCIO's 2009 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Digital Government – G to G; Enterprise IT Management Initiatives; Improving State Operations; Information Communications Technology (ICT) Innovations; Open Government Initiatives; and Risk Management Initiatives.
In the summer of 2010, NASCIO’s Social Media Working Group implemented a survey of social media adoption by state governments to clarify existing use of social media by states and extend its knowledge of how the tools are being deployed in state governments across the country. The survey examined adoption trends, current applications and expectations of social media technologies, the extent to which implementation is governed by formal policies or individual agency initiative, and perceptions of risk associated with social media tool use. This brief reports on the survey results, and makes recommendations about next steps states need to take as they adapt these tools to expand engagement with citizens and improve government programs.
Investment in business intelligence and business analytics must be driven by enterprise strategic intent. Proper leverage of analytics should start with a clear understanding of the outcomes state government is trying to achieve. This issue brief presents the rationale for analytics using the NASCIO Enterprise Architecture Value Chain as a framework for organizing the thinking and the questions which eventually drive investment in analytics capabilities. It builds on the foundational concepts discussed in NASCIO’s first issue brief on this subject, and strongly recommends an enterprise approach. Without an enterprise approach to analytics, investment across the enterprise is un-orchestrated and uncoordinated. That creates redundant investment in tools and training, and creates barriers to cross line of business collaboration. State government can not afford redundant and disconnected investment. One of the values of enterprise architecture is the management, optimization and simplification of investment within state government. Proper investment and application of analytics is essential to deploying effective and efficient government services. Finally, the level of complexity of analytical methods and tools depends on the complexity of the decisions and the issues.
Since Profiles of Progress was last released in April of 2009, there has been a tremendous flurry of activity due to the Office of the National Coordinator for Health Information Technology (ONC) announcing the recipients of the State Health Information Exchange Cooperative Agreement Program (State HIE). In addition, the funding from the American Recovery and Reinvestment Act (ARRA) has started to be dispensed to state and regional efforts across the nation and will be used to invest, solidify and make sustainable health IT efforts in the states. The updated compendium, “Profiles of Progress 4: State Health IT Initiatives,” serves as a snapshot of how states are responding to the challenge of leading the implementation of health IT and what role, if any, the state CIO is playing in these efforts. The numerous revisions within the compendium reflect the expeditious growth and adoption of health IT over the past year. As government leaders increasingly support Health IT as a means to improve patient care and reduce costs it is imperative that states implement an enterprise-wide architecture for the statewide exchange of health information.
Just as information technology undergirds every aspect of doing business in the corporate sector, so is it now a mainstay of state government. NASCIO has joined forces with the Grant Thornton and TechAmerica to survey state and territorial CIOs or their equivalents on their most challenging issues -- from tight budgets to the continual flow of new technologies. Results are based on the responses of 40 participants, or about three-fourths of eligible jurisdictions. The 39-question survey covered a range of topics:
- IT governance: Many CIOs shoulder much of the responsibility for statewide IT governance but do not have the same level of authority.
- IT investments and budgets: Two-thirds of CIOs expect lower IT budgets in 2011 through 2013.
- Statewide IT business models and sourcing strategies: In the next three years, most CIOs plan to expand IT shared services and managed services.
- Procurement and procurement reform: CIOs give state IT procurement processes a grade of C and say processes and practices need updating.
- Emerging technologies: Half of CIOs are investing in cloud computing, and one-third are running active or pilot cloud projects.
Due to the pervasive use of personally owned smartphones in the U.S., practical concerns have arisen around state employee requests to use these devices for state business. The potential for security incidents and data breaches is a practical concern that state CIOs and CISOs must address when establishing security standards. While these devices make the work lives of employees less complicated, and perhaps reduce state IT acquisition costs, officials must once again face the classic dilemma of balancing risks and rewards. Policies on the Use of Personally Owned Smartphones in State Government highlights the trend toward states establishing security policies and standards for connecting personally owned smartphones to government networks.
As state CIOs continue to deploy IT solutions, it is important to recognize the fiscal benefits of transforming the procurement process to meet the needs of a smaller workforce, budget constraints, and consolidation efforts. Because of current economic factors the state CIO is faced with not only budget constraints for needed IT goods and services, but also advocating for procurement reform that meets the needs of the 21st century. Gaining Traction on the Road to Win-Win presents the challenges associated with unlimited liability, and encourages the inclusion of risk management strategies for state IT contracts. The report also calls attention to the fact that state CIOs are better equipped to provide services to the state when flexible terms and conditions for procurement provisions are in place.
Business analytics provides an evidence-based approach for decision making. With the current emphasis on transparency and visibility into the operations of government, government leaders need to anticipate more questions and evaluation related to not only what decisions are being made, but also what rationale was applied in making those decisions. As stated in this issue brief, intuition alone is not adequate for evaluating alternatives and making decisions. Effective implementation of a business analytics capability will promote an enterprise-wide culture of fact-based decision making. State government is encouraged to seriously look at business analytics as a means for fully understanding current circumstances and make predictions about the future. The predictive nature is particularly important as we continue to face ongoing fiscal challenges and increasing demand for state government services.
Released in conjunction with NASCIO's 2010 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Business Continuity and Disaster Recovery ; Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Digital Government – G to G; Enterprise IT Management Initiatives; Information Communications Technology Innovations; Information Security and Privacy; and IT Project and Portfolio Management.
Transparency initiatives and websites are proliferating across government and industry globally. One aspect of the transparency trend is broader access to government data. NASCIO has published this report as initial guidance and recommendations to help state governments get started with data transparency portals. This guidance presents the value proposition along with principles and guidance on how states should move forward.
For the observance of the sixth annual National Cyber Security Awareness Month, NASCIO has created a Resource Guide of examples of state awareness programs and initiatives. The compendium augments previously gathered information with data from a just-completed, short survey of state CISOs. It includes links to state security awareness pages, contact information for state CISOs, and information describing cyber security awareness, training, and education initiatives that target four categories: Executives/Elected Officials; Citizens; State Workers; and IT Security Personnel.
The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.
In recent years, health information technology has grown from a burgeoning trend to a top policy priority for NASCIO as state CIOs from across the nation have become increasingly involved in health IT initiatives in their states. With billions of dollars now allocated to flow into health IT and health information exchange (HIE) initiatives around the country under the American Recovery and Reinvestment Act (ARRA), this trend is only poised to accelerate. HITECH in the States: Action List for State CIOs examines the impact on states—and the implications for state CIOs—of the HITECH Act (ARRA’s health IT requirements) and outlines four broad areas in which state CIOs can have an immediate, and long-term, impact in regards to HIE: Planning, Governance, Financing/Sustainability and Policy. Additionally, this brief highlights the questions that state CIOs should be asking as they work to begin exploring their role within these HIE efforts and also features the affect of the HITECH Act on the Medicaid IT Architecture (MITA) initiative.
The business of government is increasingly conducted or supported by mobile computing devices as states adopt these tools to un-tether traditional office workers from their desks or employ them for a wide variety of purposes in the field. Use of mobile devices is so widespread that it is difficult to imagine how state governments can operate without them, given their increased computing power and the ease with which they may be integrated with state networks and databases via the Internet. At the same time, however, mobile devices are unusually vulnerable to loss, theft, mis-use, or misconfiguration, which can and does lead to the loss of sensitive data. Security at the Edge highlights the risks associated with uncontrolled use of mobile devices, and targets the standards and procedural controls that allow state CIOs to better secure them.
This issue brief presents the concept of frameworks that describes what constitutes a data governance program, with a focus on frameworks from the Data Management Association (DAMA), the Data Governance Institute (DGI), and IBM. Use of frameworks can assist state government in planning and executing on an effective data governance initiative. They assist in achieving completeness in a program. In any subject or discipline frameworks and maturity models assist in describing the scope – both breadth and depth – of an initiative. This holds true as well for data, information and knowledge management.
The passage of the American Recovery and Reinvestment Act (ARRA), which allocated billions of dollars to flow into health IT initiatives across the country, has ushered forth a new era for health IT. This is an unprecedented moment for healthcare stakeholders and government, at all levels, to invest significant resources toward health IT and health information exchange initiatives. This compendium, “Profiles of Progress 3: State Health IT Initiatives,” is a product of NASCIO’s Health IT Working Group. It provides a state-by-state “snapshot” of progress that each state has made toward developing and implementing health information exchange and other health IT initiatives. It specifically examines the role of the state CIO in these efforts, and also includes an overview of the implications for health IT since the passage of the ARRA.
State CIOs, chief security officers, and the IT security professionals who work with them face a challenging and sometimes confusing array of security frameworks – these may be pushed down by Federal agencies, issued by national or international standards bodies, promoted by industry as best practice, or in some instances, be written into law or federal regulation. Desperately Seeking Security Frameworks provides an overview of the primary security standards, regulations, and laws that impact state IT security programs, highlights how states have used the frameworks to shape their security architectures, policies, standards, and controls, and identifies the key issues for CIOs as they establish and maintain IT security programs.
Data governance maturity models provide a foundational reference for understanding data governance and for understanding the journey that must be anticipated and planned for achieving effective governance of data, information and knowledge assets. This report continues to build on the concepts presented in Data Governance Part I. It presents a portfolio of data governance maturity models.
States are proven leaders in the green movement. In the face of tightening budgets that demand a departure from business as usual, states are demonstrating leadership through an array of green initiatives.
Government runs on IT. And green IT is a growing movement that requires attention from government leaders. State governments, with their state CIO, can start greening IT practices today.
This short, informational video Taking the Lead: Green IT in the States is designed to help state CIOs assist government leaders in demonstrating that, by exploring these opportunities now, states can lead by example.
How green is your IT?
Order a complimentary copy on DVD.
A product of NASCIO's Legacy Systems & Modernization Working Group, this report is based on the findings of its 2008 national survey of state CIOs. The report provides an assessment of states’ primary points-of-concern as they relate to legacy system modernization and provides insight into strategies, options and approaches states are considering as they move towards a modern IT enterprise environment.
Released in conjunction with NASCIO's 2008 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Business Continuity and Disaster Recovery ; Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Digital Government – G to G; Enterprise IT Management Initiatives; Information Communications Technology Innovations; Information Security and Privacy; and IT Project and Portfolio Management.
Based on a survey of the states, this report examines the use of innovative, alternative and financing funding models for technology projects that enable states to deliver savings, and improve IT services to citizens. The results update NASCIO’s 2003 report on innovative funding, "Innovative Funding for Innovative State IT: New Trends and Approaches for State IT Funding," and provide state CIOs with information and insights for the facilitation of innovative funding initiatives in their own states. A product of NASCIO’s 2008 Innovative Funding for State IT Working Group, this report was developed based on results from an all states survey of state CIOs; thirty-one states responded concerning their IT funding initiatives.
This brief underlines the criticality of managing states’ digital assets and identifies key, high-level elements for establishing better data security programs within states. The brief covers data ownership and governance issues, recommends grounding data protection efforts in states’ enterprise architecture frameworks, and outlines nine primary elements that a comprehensive data protection program must incorporate or address. It describes data classification frameworks that have been developed in both state and federal agencies, and includes summaries of operational data classification and security initiatives in the states of
Medicaid transformation, and incorporating information technology into these efforts, is among the fastest-growing trends in healthcare today. With the introduction of the federal Medicaid IT Architecture (MITA) initiative, states are beginning to assess their current Medicaid systems and explore how the MITA initiative can foster information exchange and improve healthcare quality outcomes. This brief, a product of NASCIO’s Health IT Working Group, examines the ways in which state CIOs can play a role in the MITA effort, and how their enterprise view contributes to the holistic vision that MITA promotes across state agencies and all levels of government.
Geospatial resources refer to a whole discipline around managing data with a spatial orientation or component to support better decision making. Geospatial resources include a field of knowledge, people, policies, processes, standards, and technology that are not only necessary for everyday decision making but also critical for continuity of operations and disaster recovery. A new emphasis on location aware is evidenced further as State CIOs named “GIS” on their Top Ten list of Priority Technologies for 2008. Geospatial resources are so ubiquitous anymore that state government as well as citizens and industry think “where?” regarding almost every issue. This issue brief explores government’s demand for geospatial resources and offers recommendations and calls to action for the state Chief Information Officer to meet that demand.
States continue to struggle with new challenges presented by a growing portfolio of electronic records and digital content that must be preserved. Within this context, the issue of electronic records management has emerged as a high-priority policy and technology issue for State CIOs. This issue is now driven by emerging trends such as of new Web 2.0 collaboration tools that create e-records in forms that are transitory, yet still document the business of government, the vulnerability of essential e-records during disasters and a growing emphasis on transparency and accountability in state government, including online public access to records on spending, performance, procurements and contracts. This research brief underscores the need for enterprise collaboration for e-records management, provides information on fundamental concerns, outlines a framework for action and provides best practice examples from the states.
Green IT has become one of the fastest-growing trends in IT today, across all sectors and levels of government. Examining the ways in which state CIOs can become involved in shaping and promoting green IT practices and policies, this brief explores the critical role that state CIOs play in reducing their state’s carbon footprint. Featuring examples of successful green IT initiatives in state enterprise practices today, this brief highlights the many ways in which states are managing their IT hardware as well as utilizing technology to reduce their carbon footprint. With the states taking the lead in many aspects of green efforts nationwide, state CIOs have an opportunity to move the green benefits of an initiative to the forefront of strategic thinking and project planning, and this brief provides several starting points from which state CIOs can begin on the path to incorporate green IT efforts into their enterprise practices.
Data governance entails a universe of concepts, principles, and tools intended to enable appropriate management and use of the state’s investment in information. Part I on data governance presents an introduction that describes the basic concepts. Governance, and particularly data governance, is an evolutionary process. It begins with an understanding of the current investment and then manages that investment toward greater value for the state.
An upcoming shortage of state IT government workers is predicted by many to be evident and quickly approaching. As the state IT workforce begins to face the challenges of a potential worker shortage, and as it evolves to reflect the modern workforce of the future, employee recruitment and retention tactics must be examined in order to attract and retain top IT talent. A product of NASCIO’s State IT Workforce Working Group, this brief focuses on these recruitment and retention tactics for state CIOs by examining traditional and innovative recruitment strategies, successful retention initiatives and state best practices in each of these areas. By taking steps to augment a potential state IT worker shortage, state CIOs will be better prepared to face these challenges as they arise.
IT Governance is all about ensuring that state government is effectively using information technology in all government lines of business. This requires that the decision rights for IT investments and deployment are properly shared between the business and IT functions within state government. This issue brief provides an introduction to this very broad topic.
Technology makes so much possible for government. Yet, when a security breach disrupts government operations—the results can be disastrous.
How serious are the threats against government operating in a digital age? It is like fighting a storm that never ends. The threats are everywhere—outside and inside—and they are there all the time. Always changing and adapting.
Is your government ready to deal with security risks in a digital age?
In its September 2007 Issue Brief entitled “Seek and Ye Shall Find? State CIOs Must Prepare Now for E-Discovery!”, NASCIO raised the importance of State CIO involvement in e-discovery and the need for collaborative state electronic records management activities to properly address e-discovery requests. In this follow-up Research Brief, NASCIO provides starting points for State CIOs to improve the state’s ability to successfully address legal requests for electronic information.
- Getting Started on Electronic Records Management
- Managing an Electronic Records Management Initiative
- The Role of Records Retention Schedules · The Challenge of Retrieving Electronic Information
- Electronic Records Management Training and Awareness for State Employees
Citizen demand for efficient government often drives state agencies to seek out opportunities to deliver traditional services in non-traditional ways. Engaging in cross-boundary collaboration can be a way for states to leverage costs while providing citizens with streamlined services. Such collaboration is inevitable for state CIOs and this brief, a product of NASCIO’s Cross-Boundary Collaboration Committee, explores the unique challenges and opportunities of cross-boundary collaboration between state and local government entities. Highlighting successful examples of state-local collaborations already underway, this brief features the governance and financial models that were utilized for these collaborations. In addition, this brief examines the unique challenges facing state-local challenges and explores the ways in which states and localities can work together to achieve success and to lay the groundwork for future collaborative efforts.
Without the flow of electronic information, government comes to a standstill. When a state’s data systems and communication networks are disrupted, the problem can be serious and the impact farreaching. The consequences can be much more than an inconvenience. Serious disruptions to a state’s IT systems can lead to public distrust, chaos, fear and potential loss of life. Traditionally, IT disruptions are planned for based on anticipated disasters both natural and manmade that can physically damage facilities and equipment. However, we live in a time that holds the potential for a pandemic outbreak in your city, state or possibly the nation. What would you do as state chief information officer (CIO) if one day your staff did not come to the office because of a pandemic outbreak?
Electronic Records Management and Digital Preservation: Protecting the Knowledge Assets of the State Government Enterprise
Part III: Management Leads and Technology Follows – But Collaboration is King!
This research brief concludes the current NASCIO series on the subject of electronic records management and digital preservation. This subject area is very broad and has multiple dimensions, perspectives and challenges for the state IT community. The objective for the series is to highlight some of the key issues and make relevant recommendations to the state CIO. Ultimately, electronic records management and digital preservation must be a shared responsibility with understanding and support from the state CIO. Everyone within state government must play their part in managing the digital assets of the state.
The predicted shortage in the state government IT workforce has been discussed and debated for a decade. A product of NASCIO’s Corporate Leadership Council (CLC) Public Private Partnership Working Group, State IT Workforce: Here Today, Gone Tomorrow? is a research survey that was designed to assess the current and future landscape of the state IT workforce. Covering such topics as anticipated state IT workforce retirements, employee recruitment and retention, and options for future state IT staffing and service structures, this online survey garnered 46 state responses—among the highest response rates of any NASCIO survey. The results of this survey provide states with a broad perspective on state IT workforce issues as a whole, and also allow CIOs to further assess the IT employment outlook within their respective states.
Released in conjunction with NASCIO's 2007 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Business Continuity and Disaster Recovery ; Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Digital Government – G to G; Enterprise IT Management Initiatives; Information Communications Technology Innovations; Information Security and Privacy; and IT Project and Portfolio Management.
State governments are increasingly utilizing health information technology initiatives in order to reduce healthcare cost and improve patient care. A product of NASCIO’s Health IT Working Group, this compendium provides a state-by-state “snapshot” of progress that each state has made in introducing health information technology (HIT) initiatives. Each individual state profile features ways in which states are working toward HIT development and implementation. An updated version of NASCIO’s 2006 document, this compendium highlights the rapid growth of state health IT initiatives and specifically examines the role of the state CIO in these efforts.
In increasingly consolidated state technology environments, State CIOs may have heightened responsibility for the storage, preservation and retrieval of electronic information in response to e-discovery requests. Since government information is a knowledge asset, State CIOs must ensure the proper management of state information assets in addition to the technological infrastructure for locating and retrieving that information. This issue brief explains the impact for State CIOs of e-discovery requests and encourages State CIOs to pursue a holistic approach to enterprise records management as part of a team of state government stakeholders, including state legal counsel, archivists, records managers, and agency business leaders.
Most state government employees use technology to do their daily work, yet they may not realize the dramatic consequences that can flow from one mistake. As data breaches and security incidents that originate from within state government appear to be on the rise, cultural change is needed. All state employees need to understand that IT security is everyone’s job and understand how to use the state’s IT resources in a way that does not create the risk of a security incident. NASCIO’s Research Brief, "IT Security Awareness and Training: Changing the Culture of State Government" , highlights awareness and training activities that State CIOs can implement to avoid internal threats that can lead to a full-on state government crisis. To assist CIOs in pursuing these efforts, this brief includes many examples of awareness and training activities that are currently taking place with the states. This brief is a product of NASCIO’s Information Security and Privacy Committee.
A product of NASCIO's Infrastructure and Services Committee, this survey report provides an overview of the challenges states’ indicated they are facing in considering and implementing enterprise IT data center consolidation initiatives. NASCIO surveyed twenty-nine states concerning their data center consolidation initiatives. The survey, conducted through June 22, 2007, represents approximately 46 percent of the nations’ population. Participation included a wide distribution in geography, population, and budget.
A product of NASCIO’s Health IT Working Group, this brief examines the ways in which state CIOs can be involved in RHIO efforts in their states and emphasizes the importance for state CIOs to be aware of developments in health information exchange. It also explores the opportunities and challenges that all RHIOs face, despite the unique characteristics they each hold, and features real-world examples of how state CIOs are already involved in their state’s RHIO efforts.
NASCIO continues its series on electronic records management and digital preservation with Part II which focuses on economic, legal, and organizational issues and recommended actions for State CIOs. Part II builds on the theme that the state CIO and the state enterprise architect will need to view electronic records management and digital preservation as disciplines that comprise an enterprise architecture domain. Partnering with the state’s archivists, librarians, and records managers to fully leverage their expertise will help ensure the state’s knowledge assets are managed for value with a long term view. eDiscovery and offshoring present significant challenges to the state enterprise. CIOs will need to build their awareness of these subject areas and author necessary compliance and risk management strategies.
A product of NASCIO's Disaster Recovery Working Group, this tool-kit is designed to assist state CIOs and their staff in IT disaster recovery and business continuity planning. It is an updated and expanded version of business continuity and disaster preparedness checklists utilized for a brainstorming exercise at the “CIO-CLC Business Continuity/ Disaster Recovery Forum” at NASCIO’s 2006 Midyear Conference.
Electronic records management and digital preservation are necessary disciplines for managing the knowledge assets of the enterprise. Attention to these disciplines must be part of every IT investment decision. The lifecycle of "born digital" is presented with emphasis on the decision making process at each major phase. The series will present the current issues and recommendations for action. This first release in this series deals with the principles of records management, and highlights the most significant challenges facing the states.
State agencies are increasingly crossing organizational boundaries and combining resources in order to achieve joint goals, produce innovation and serve citizens. This brief examines the drivers behind cross-boundary collaboration and outlines the top ten considerations for state CIOs at the outset of collaboration. This brief not only illustrates why state CIOs should consider cross-boundary collaboration and how collaboration begins, but also identifies various types of collaboration, and provides tangible success stories and lessons learned.
This white paper reviews contemporary ideas surrounding the subject of organizational transformation, presents a state perspective on the issue, and provides the state CIO with relevant recommendations and calls to action. The accompanying research summary provides a short overview of the research findings presented in the white paper.
The paper illustrates that change is an ongoing process that requires organizations to become change competent. It emphasizes that as with enterprise architecture, the best approach to organizational change involves incremental, step-by-step transformation that is effectively delivered through valued relationships involving all stakeholders.
This brief examines the often overlooked threats from within. Media attention has focused primarily on external threats with federal government and industry reports revealing alarming hacking and identity theft statistics. However, threats from within both public and private sector organizations may be even more prevalent than external threats and can have equally if not more serious consequences.
This brief discusses five significant insider threats and provides insight on ways to prevent, detect and respond to them. The threats are as follows:
- Malicious Employees
- Inattentive, Complacent or Untrained Employees
- Contractors and Outsourced Services
- Insufficient IT Security Compliance, Oversight, Authority and Training
- Pervasive Computing-Technology is Everywhere and Data is on the Move
Without the flow of electronic information, government comes to a standstill. When a state’s data systems and communication networks are damaged and its processes disrupted, the problem is serious and the impact far-reaching.
The consequences can be much more than an inconvenience. Serious mistakes may lead to public distrust, chaos and fear. It can mean a loss of vital digital records and legal documents. A loss of productivity and accountability. And a loss too of revenue and commerce.
How real is the possibility? It’s not a question of if—but a question of “who” and “when."
Copyright © NASCIO 2007. All rights reserved. Public distribution is prohibited without express written NASCIO permission.
This brief explores how state web portals have matured and examines the impact of the 2003 expansion of the dot-gov domain to state and local governments; trends in state portal domain naming conventions; trends in Internet portal branding and marketing; the alignment of agency websites and state email addressing with the state portal; areas of cross-boundary collaboration for online services; and areas for future progress in cross-boundary collaboration for online services.
This issue brief calls attention to the change in Daylight Savings Time in 2007, as a provision of the United States Energy Policy Act of 2005, and gives pointers to state CIO’s about how the change may affect their applications and systems.
State government is becoming increasingly more complex. Policy makers are facing significant challenges ranging from global economics to rising citizen expectations to ongoing fiscal crisis. How can today's policy maker manage the complexity of state government in today's world? The answer is the discipline of enterprise architecture.
A product of NASCIO’s Recognition Awards program, this compendium highlights the most innovative initiatives and best practices identified from this year’s record number of submissions. Included are the complete nomination materials from the twelve award-winning initiatives as well as the projects commended with honorable mentions.
This brief covers the topic of utilizing CRM strategies and tactics to sustain and grow relationships with agencies once the CIO has established buy-in for consolidated and shared enterprise services.
A product of NASCIO’s Health IT Committee, this compendium provides a state-by-state “snapshot” of progress that each state has made in the health information technology (HIT) implementation process. Each individual state profile highlights the steps that states are taking in regards to HIT issues, from Executive Orders and legislative-driven initiatives to public/private or public/non-profit partnerships. Most importantly, the compendium examines the roles and responsibilities the state CIO has in these efforts.
Released in conjunction with NASCIO's 2006 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following areas: Business Continuity; Cross-Boundary Collaboration and Partnerships; Data, Information and Knowledge Management; Digital Government – G to B; Digital Government – G to C; Digital Government – G to G; Enterprise Architecture; Enterprise IT Management Initiatives; Information Communications Technology Innovations; and IT Project and Portfolio Management.
This brief, developed by NASCIO's State IT Project Management (PM) Forum, addresses several of the top state government challenges including portfolio management and strategic planning, PM skill maturity, political risks, structures/organizations, procurement processes/rules, as well as funding models and spending cultures particular to government.
This Research Brief examines how privacy in the state government context has evolved as a defining issue in response to rapidly changing technological advances and the complexities of a fast-paced world. The brief then explores some initial areas in which a state CIO may encounter privacy issues, including in the context of IT governance, enterprise architecture, policy, security and business processes, and offers some potential ways of addressing those issues.
This brief provides an overview of the challenges state CIOs face when promoting enterprise services under statewide IT consolidation and shared services initiatives. The brief also identifies methods for achieving strategic initiatives using proven customer service strategies and examines the types of business processes used to successfully launch and promote consolidation and shared enterprise services.
These aggregate survey results reflect a snapshot of the state CISO role as of summer 2006. The survey results indicate that the state CISO position has become highly prevalent and is evolving into a state IT security policy and strategy leader. The survey was conducted during the preparation of NASCIO's July 2006 Research Brief entitled Born of Necessity: The CISO Evolution-Bringing the Technical and the Policy Together.
This brief highlights the continued evolution of the broadband environment and the need for states to understand both the enhanced public service opportunities and citizen expectations of high-speed Internet access.
This brief examines the role of the state Chief Information Security Officer (CISO) as it has evolved in response to the growing complexities of the IT threat environment, homeland security concerns, and the increasing demands for enhanced citizen services. Specific points this brief addresses include critical success factors for state CISOs, the importance of a CISO’s relationship-building across the state and among levels of government, and a few predictions on the future evolution of the state CISO.
This research brief explores the role of public-private partnerships in the increasingly technology-driven public sector. It also provides a look at best practices and building blocks for successful public-private partnerships.
This CD contains audio and presentation files from the 2006 NASCIO Enterprise Architecture Committee's webinar series on Services-Oriented Architecture. Topics include:
- SOA and Decision-Support Services for Government Operations
- The Value Add of a Spatially Enabled Service Oriented Architecture
- SOA - Making It A Reality
- Deploying SOA for Criminal Justice: Iowa & Colorado Case Studies
- Delivering Greater Government Flexibility with Service Oriented Architecture
- Service Infrastructure: A Practical Approach to SOA for an Enterprise
- SOA Adoption Model and SOA-Based Project Methodology: Emerging Best Practice for SOA Governance
This brief identifies what state CIOs need to know now regarding Service Oriented Architecture (SOA), including its business value, the vision for SOA, SOA governance, SOA as a program and SOA security.
This brief takes a holistic approach to constructing the case for enterprise IT security investment by outlining for the state CIOs the following steps:
- Understanding state government’s IT environment that drives the need for security
- Starting with an enterprise-wide IT risk assessment
- Making the case for IT security through demonstrating the risks (bolstered by the IT risk assessment results), the benefits of security, and how security aligns with the state’s business needs.
NASCIO is pleased to announce the release of its survey summary publication, NASCIO’s Survey on IT Consolidation and Shared Services in the States: A National Assessment. A product of NASCIO's 2005 IT Governance & Service Reform Committee, this survey summary provides an overview of the challenges states’ indicated they are facing in considering and implementing enterprise IT consolidation and shared services initiatives.
The NIEM initiative is in its beginning stages but is already anticipated to be a major breakthrough initiative, which will have a tremendous impact on how government interoperates with the intention of making possible the communication among government lines of business at all levels of government.
The brief is intended to help state CIOs—along with other stakeholders and policymakers—determine the appropriate role of the state CIO in guiding their states’ enterprise IT in keeping with the larger national effort to save lives and money in healthcare.
This research brief provides an overview of the challenges states face in developing communications interoperability initiatives and also attempts to answer questions such as, "What needs to be addressed when contemplating a communications interoperability initiative; and what is being done at the state and federal levels to develop communications interoperability governance models?" It includes other factors that are impacting governance in interoperability and offers references to models that have been successfully completed by other states.
The National Association of State Chief Information Officers (NASCIO) surveyed state IT project managers concerning their approaches to IT project management in August-September of 2005. The trends discovered in responses from 34 state project management offices reveal a baseline regarding perceived success of project management as an overarching discipline in state government.
NASCIO conducted a survey or "census" of the U.S. states to assess the level of enterprise architecture (EA) adoption and the experience with the NASCIO EA portfolio of products. NASCIO and the U.S. Department of Justice are interested to know the progress made in building awareness and EA capabilities at the state level. This survey effort and report supports the NASCIO program management function, which is responsible for measuring ongoing progress and effectiveness of NASCIO programs and initiatives.
Released in conjunction with NASCIO's 2005 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of innovative state government programs in the following eight areas: Communications Infrastructure, Digital Government – G to B, Digital Government – G to C, Digital Government – G to G, Enterprise Information Architecture, Innovative Use of Technology, Security & Business Continuity, and State IT Management Initiatives.
This brief highlights the benefits of a closer alignment between IT Procurement and Enterprise Architecture (EA), which includes improving and streamlining IT investment decisions in a way that supports the state’s overall strategic goals and intent. It also identifies “touchpoints” at which these two disciplines can establish stronger ties and concludes with recommendations on how states can start down the path to greater EA-IT Procurement alignment.
NASCIO has collected success stories from a variety of sources including its various awards programs. NASCIO members have found that success stories provide an invaluable dimension of the underlying analysis when presenting the business case for EA related projects. These are now being made available to the greater NASCIO community to provide anecdotal information for developing a strong business case for EA. Much can be learned from these experiences and the reader is encouraged to contact the original source for any additional information or comment regarding those success stories that are most relevant.
Part I identifies the privacy implications of wireless technologies in the state workplace, including the privacy implications of mobile technologies such as laptop computers, PDAs and other similar devices.
NASCIO has identified the need for a repository for sharing a variety of enterprise artifacts, presentations, and white papers across the NASCIO community. CORE.gov is the preferred repository for meeting the needs of state and territorial government. This research brief describes the issues, constraints, options and recommendations.
NASCIO’s IT Governance & Service Reform Committee is proud to present IT Management Frameworks: A Foundation for Success. This research brief provides an overview of four successful IT Management frameworks that can improve investment decisions, accountability, and management of IT organizations. These successful frameworks represent a variety of management approaches that emphasize the different disciplines of investment management, service oriented management, and line of business or process management. They include the North Carolina Framework for Managing IT Investments; the Government Accountability Office IT Investment Management Framework; the IT Infrastructure Library; and, the Federal Business Reference Model.
NASCIO’s Interoperability & Integration Committee is proud to present Connecting the Silos: Using Governance Models to Achieve Data Integration. This research brief attempts to answer questions such as, “What needs to be addressed when contemplating an information integration initiative, and what is being done in the states and at the federal level to develop information integration governance models?” It also includes other factors that are impacting governance in integration and offers references to models that have been successfully completed by other states and links to resources on information sharing. The committee is currently exploring the following topics for future briefs: Interoperability Governance; Legal Ownership of Shared Data; Data Standards; Master name Indices; and Integration Maturity Models.
This brief explores the privacy implications of Instant Messaging (IM) applications—both consumer and enterprise-grade—in the context of the state workplace. It also addresses the privacy implications of text messaging and chat technologies.
This publication was co-produced by NASCIO and NASPO (National Association of State Procurement Officials). This brief provides a broad view of how a variety of stakeholders can use the RFP (Request for Proposal) process to the state’s and the citizens’ benefit.
The keen interest in Voice over Internet Protocol (VoIP) and Internet Protocol (IP) Telephony and its accelerated adoption rate has led to the realization that the long-established Public Switched Telephone Network (PSTN) voice business model will be facing its end of life in the next 10 to 15 years. This report, a product of NASCIO's Infrastructure Subcommittee, is intended to provide an understanding of the fundamental issues facing organizations as they assess VoIP and IP Telephony. It contains a description of the operation and functionality of the legacy PSTN, an explanation of voice transport over the Internet and IP Telephony, and a discussion of the issues and drivers associated with the migration from the PSTN to converged voice and data networks.
The Most Complete Compilation of Objective Data on Digital Government in the States
NASCIO is proud to announce the release of the 2004-05 Compendium of Digital Government in the States, a great reference source for government decision makers, IT solutions providers, consultants, and academic researchers as well as the nation's emerging digital citizenry. The Compendium is your source for up-to-the-minute information on digital government initiatives in the states, including:
- Executive IT Authority
- Enterprise IT Management
- IT Financial Management and Funding
- Access, Usability, and Visibility
- Privacy, Security, and Reliability
- Application Development, E-Commerce, and Internal Automation
Complimentary copies of this publication are available to government and academic organizations. Contact Shawn Karrick at email@example.com.
These recommendations seek to identify state and contractor interests regarding the ownership of IP and suggest realistic considerations to help make the negotiation of IP rights easier and more successful for all involved.
NASCIO is pleased to announce the release of a new publication on the subject of information sharing. NASCIO has pulled together interviews and articles from a variety of contributors from integrated justice, homeland security, environmental protection, transportation, public health and economic development. Perspectives includes discussions from federal, state and county government. Not so surprisingly, according to the contributors to this first issue of Perspectives, technology is not the major barrier. This report presents barriers to information sharing and the “Calls to Action” to overcome these barriers.
This brief explores the privacy implications for state government created by the threats of spam, phishing and spyware and potential ways of preventing and mitigating this triple threat to state IT systems.
This brief addresses the security, privacy, citizen trust and business process-related implications of spyware and other forms of malware for state government IT systems and suggests some potential technical, legal and awareness-raising solutions for the menace of malware.
The enhancements in the third version of the Tool-Kit result from the expertise and continued dedication of enterprise architecture practitioners from all levels of government and the private sector. Version 3.0 incorporates an updated governance architecture framework with added roles and responsibilities and a focus on multi-level communication. Process models with explanatory narrative are included for governance and the architecture lifecycle. The Tool-Kit also includes fully populated security domain and application domain blueprints.
Released in honor of NASCIO's 2004 Best Practices in the Use of Information Technology in State Government Awards, this booklet contains summaries of eight innovative government programs in the areas of Communications Infrastructure, Digital Government, Enterprise Information Architecture, Innovative Use of Technology, Security and Business Continuity, and State IT Management Initiatives.
This brief examines the business benefits and privacy issues related to government’s use of data-mining technologies. It also takes a look at high-profile government data-mining programs and suggests ways to infuse privacy protections and transparency into government’s use of data-mining technologies.
These recommendations are intended to elucidate the various state and vendor interests that are involved in negotiating liability limitations and to help states and vendors negotiate better IT contract liability limitations that are “win-win” for both sides.
The use of wireless technology in our personal lives has become almost commonplace with the proliferation of cell phones, personal digital assistants and wireless PC modems. Our demand for anytime, anywhere communications and access to information is quickly spreading to the workplace. Wireless local area networks (WLANs) and Wi-Fi “hot spots” are sprouting up everywhere, yet many individuals and organizations fail to fully understand the security risks of this inherently open technology and expose their systems unnecessarily.
This publication is intended to help government enterprises make informed decisions about wireless technology and guide IT professionals through the opportunities and challenges of working in the wireless world. It highlights key issues such as:
NASCIO is pleased to announce the release of its newest publication, Information Privacy: A Spotlight on Key Issues. This publication, produced by the Privacy committee, serves as a resource for states developing privacy policies that protect citizen information and are compliant with federal and state legal requirements. This publication highlights key issues in the following areas of privacy: Children’s Information, Drivers’ Information, Health Information, Financial Information, Education Information, Social Security Numbers, Homeland Security-Related Information, Website Privacy Policies, and Government Data Matching Activities and Agreements.
An adaptive, dynamic enterprise architecture enables the enterprise to change and manage the complexities inherent in large government enterprise. Enterprise architecture brings an operating discipline to the organization and prescribes the necessary traceability from strategic intent to the capabilities that enable that intent. These capabilities include both business and technology components. Enterprise architecture doesn’t happen at once. It is an iterative, maturing discipline that provides management the operating discipline for organizing and engaging business and technology components to fulfill the mission of the organization. This maturity model provides a scale or metric for understanding where the organization is in its evolving discipline, and what steps are required to take it to the next level of maturity.
The NASCIO Enterprise Architecture Maturity Model provides a path for architecture and procedural improvements within an organization. As the architecture matures, predictability, process controls and effectiveness also increase. Development of the enterprise architecture is critical because it provides the rules and definition necessary for the integration of information and services at the design level across agency boundaries. Enterprise architecture includes business processes and representations, and supportive technology components. At its fullest maturity, enterprise architecture becomes an inter-enterprise concept and prescribes the infrastructure for inter-enterprise business processes and provides the design for allowing data to flow from agency to agency, just as water flows through the pipes and electricity flows through the wiring of a well planned home.
During the past several years, many states have found it increasingly difficult to obtain funding for state IT projects through traditional means, such as via appropriations from the state general fund. In spite of these tight economic times, citizens’ demand for improved ways of doing business with state government and 24 x 7 access to government services has remained strong. The purpose of Innovative Funding for Innovative State IT: New Trends and Approaches for State IT Funding is to provide states with innovative avenues of funding so that they can provide citizens with the government services they demand. This publication details eleven innovative funding models and provides case studies on how each model has been implemented by a state. Innovative Funding for Innovative State IT also includes a study conducted by NASCIO’s Corporate Leadership Council (CLC) that surveyed the states on the types of funding models they are currently using. The survey results from the twenty-three states that responded are included in this publication.
Innovative Funding for Innovative State IT is divided into three main sections, the first of which describes eleven innovative funding models as well as baseline requirements for implementing each model and the benefits each model may bring. The second section includes the compiled results of the CLC’s survey regarding states’ current use of innovative funding models. This section also details trends in state IT funding identified from the CLC’s survey. The third section includes case studies from nine states that exemplify how each innovative funding model has been implemented. The states that provided case studies for this publication are: Massachusetts, Texas, Minnesota, Tennessee, Ohio, Missouri, Delaware, Arizona and Hawaii. The appendices include checklists to give states a starting point for implementing each funding model as well as a chart of the CLC’s survey results and a list of other innovative funding resources.
ConOps provides a discipline-specific focus for justice information sharing, which in turn can be used to identify and expose broader IT architectural and infrastructure issues that must be addressed by CIOs. While this ConOps focuses primarily on information sharing in the justice arena, the concepts are applicable to any business domain.
ConOps defines the discipline-specific, business functions for integrated justice and explores the architectural implications for state CIOs, who are responsible for planning the IT enterprise architecture. Additionally, ConOps defines fundamental concepts, principles, functions and operational requirements for integrated justice information sharing, presents a scenario of integrated justice information sharing and a general methodology for states to use in validating their IT architecture for information sharing characteristics. Finally, this document articulates an action plan for the validation, implementation and expansion of this ConOps to other disciplines.
To help states identify and assess federal laws that may have privacy implications for their information systems and policies, the NASCIO Privacy Committee has developed the Federal Privacy Law Compendium, Version 1.0. It is intended to serve as a resource for summaries of federal laws that may have an impact on the privacy of citizens’ information that is entrusted to state government. The Federal Privacy Law Compendium provides a starting point for states in their assessment of whether the summarized federal privacy laws will impact state information system operations and/or policies.
The Federal Privacy Law Compendium summarizes ten federal laws that deal with the privacy of information and highlights instances of potential impact on state government. The federal privacy laws summarized are:
- The Children’s Online Privacy Protection Act of 1998
- The Computer Fraud and Abuse Act of 1984
- The Computer Matching & Privacy Protection Act of 1988 & Amendments of 1990
- The Driver’s Privacy Protection Act of 1994
- The Electronic Communications Privacy Act of 1986
- The Fair Credit Reporting Act of 1970
- The Family Educational Rights and Privacy Act of 1974
- The Gramm-Leach-Bliley Financial Services Modernization Act of 1999
- The Health Insurance Portability and Accountability Act of 1996
- The Privacy Act of 1974
This primer provides tools, concepts and a framework for addressing a number of critical challenges facing state Governors, CIOs and enterprise information technology (IT) organizations. These include leadership transitions in the offices of many Governors and in state legislatures, increasing budget deficits, the departure and replacement of state CIOs and a number of other long term concerns. These challenges will likely impact state government's ability to maintain the momentum of e-government implementation and meet the policy and service goals of the Governors in areas such as education, economic and workforce development, public safety, healthcare and the environment. Most importantly, these challenges may impact states' ability to deliver services to citizens and customers.
This brief provides an overview of the Proposed Rule promulgated by the U.S. General Services Administration (GSA) that made the .gov Top-Level Internet domain available for states, local governments and Native Sovereign Nations to register domain names for their official government websites.