4 Pa. Code § 7a.152

Current through Register Vol. 54, No. 49, December 7, 2024
Section 7a.152 - Responsibilities

The Governor's Office of Administration (OA) shall be responsible for the following:

(a) Creating the position of a Chief Data Officer tasked with establishing and maintaining a master data management plan that will be made available to the public, updated annually and incorporates the following:
(b) Creating an advisory group (which should include, among others, agency Chief Information Officers, Information Security Officers, Data Stewards, architects, privacy officers, risk managers and legal representation) to advise OA, Office for Information Technology regarding overall data governance.
(c) Creating frameworks that include policies, processes and standards that adhere to commonly accepted principles and legal requirements for data governance, data development, and the quality, sourcing, use, access, content, ownership, licensing of relevant data and Enterprise data sharing.
(d) Creating a maintenance plan for the Enterprise Open Data Portal for the Enterprise and public access.
(e) Providing guidance to the Enterprise regarding the procurement and standardization of technologies and services related to the subject matter of this subchapter through the use of Information Technology Policies.
(f) Communicating with the public both by publishing Enterprise open data plans and policies and by soliciting or allowing for public input, or both, on the subject matter of this subchapter.
(g) Examining internally the Commonwealth data sets for business, confidentiality, privacy and security issues, and the reasonable mitigation of those issues, prior to the data's release for open data purposes.
(h) Developing and facilitating the approach of the Enterprise to engagement with private and other public stakeholders, including, but not limited to, arranging for and expediting data-sharing and data access agreements, such as Memoranda of Understanding, and encouraging and facilitating cooperation and substantive and administrative efficiencies.
(i) Prioritizing and coordinating data privacy and protection efforts across the Enterprise to maximize the privacy and protection of all data and to reduce the risk of public exposure of private or protected data.
(j) Identifying other potential areas of risk related to data storage, processing, access and sharing, and creating ways to manage that risk.
(k) Creating a framework for internal and external entities of the Enterprise to enable data access between citizen profiles and systems of record, data sharing, improve data portability and access, inventories, and analytics, and address barriers to implementing the framework.

4 Pa. Code § 7a.152