Case:Interoperability Platform Valencia
From TriasWiki
|
Contents |
Contexts
This case is an example from the EU Goodpractice Framework.
Basic outline
In Spain there are mainly three authority levels, the national, the regional and the local level, and the competences of each one are defined in the constitutional legal framework (Constitución Española, Estatutos de Autonomía and Ley Reguladora de las Bases del Régimen Local - Ley 7/1985, de 2 de abril, Reguladora de las Bases del Régimen Local). Whereas some competences are exclusive for the national level such as foreign affairs and defence, many others are decentralised and correspond to regional or local governments. This distribution of competences is of key importance for the provision of public services through electronic means and enforces the adoption of IOP solutions between administrations.
This case study deals with the IOP solution adopted by the Regional Government of Valencia (Generalitat Valenciana). This region is situated in eastern Spain. It has 518 km of coastline with the Mediterranean see, covers 23,255km2 of land, and has 4.7 million inhabitants out of about 44 million altogether in Spain. The Regional Government has approximately 110,000 officials and more than 12 million € of budget (2005), and is competent to provide important public services such as health, education and justice services (Generalitat Valenciana, 2006).
On the other hand, the Region of Valencia has 542 Local Governments out of 8,109 altogether in Spain. 489 Local Governments in the Region of Valencia have less than 20,000 inhabitants which equates about 31% of all inhabitants in the Region. According to the Spanish law the Local Governments are responsible for the keeping and maintenance of key personal data such as the updated address. Actually, every Spanish resident has to be officially registered at his/her place of residence (municipality). I.e., in case of relocation, every citizen is obliged to register her/his new address at the local Register Office.
This implies that, if a regional administration needs to get or check the validity of the name and address of a citizen in order to provide a concrete service, the data have to be retrieved from the local authority. This is the case of many of the regional public services such as the Health ID Card, the provision of which is the application of this IOP case study. For example, the municipality of Valencia (the most important city in the region), issues approximately 200,000 census certificates per year, 30% of which are used for procedures related to the Regional Government.
Despite these difficulties, it seems clear that the Regional Governments in Spain have the required competences to provide most of the public services, and as a consequence, to offer them electronically. In concrete the Regional Government of Valencia released an action plan to modernise the health system, the Strategic plan for Health Information Systems in the Region of Valencia (Plan Estratégico de Sistemas de Información Sanitaria de la Comunidad Valenciana, PESISV). Some of the key projects to implement this plan have been the Population Information System (Sistema de Información Poblacional, SIP) and the Health ID Card.
The SIP is a central database containing the data of the population covered by the Valencian Regional Health Agency. This central registry includes the citizen identification data, the address, and the range of health services that are accessible for this citizen in the Region of Valencia. The overall objective of SIP is to be a tool to modernise both the front- and the back-office of the Regional Health Agency and thus improve the quality of the health services to the citizen. One of the main benefits of this system is to help to assign resources by taking into consideration the real needs of the population.
The SIP is complemented with the Health ID Card, which is the physical element that uniquely identifies a citizen as a user of the public health services, both in the Region of Valencia and in the rest of Spain. The Health ID Card is a personal ID document and has an outreach of 100% of the population as every citizen that lives in the Region of Valencia has the right to access to the regional health services. The provision of the Health ID Card has been deployed gradually, and is supported by a 24h call centre service and a web portal (see also consultation website: http://www.san.gva.es/val/ciud/homeciud.html).
Formulated Goal
The main objective of the SIMAC IOP platform is to achieve organisational, semantic and technical (including syntactic) interoperability between those public entities that provide services to citizens and businesses in the Region of Valencia. This category includes the departments of the Regional Government, the Local Councils, the State Government, the Provincial Councils, the professional organisations, the commerce and enterprise organisations etc. As an indirect objective, the use of the IOP platform by the different organisations leads to back-office reorganisations and IT system developments that contribute to improve public services.
The IOP solution adopted by the Regional Government of Valencia has also to meet the two types of IOP requirements namely, the vertical integration between different stages of a supply chain and the horizontal integration between different services referring to the same applicant and resorting to common data.
Finally as practical objective for this case study, the IOP platform has to link the Regional Health Agency with the Register Office of the Municipality of Valencia to eliminate the need to attach a census certificate to the application for the Health ID Card provision.
Case Issues
Stakeholders
Technology
The main resources enabling the seamless and secure exchange of data between the organisations linked to the IOP platform are the corporate network, the Public Key Infrastructure of the Regional Government, and the IOP platform technologies.
The corporate network of the Regional Government is the telecommunication infrastructure that links all the agencies and departments of the Regional Government. The corporate network uses different types of technologies depending on the requirements and the localisation of the premises to be linked. Gigabit Ethernet and ATM are the technologies used to connect the main buildings of each department (backbone network), whereas Ethernet over Fibre, ADSL or point-to-point technologies are used to connect the peripheral dependencies (access network).
In order to meet IOP requirements, the network planning is centralised under a unique department, the Regional Secretary of Telecommunications and Information Society. This department is also responsible for the management of the procurement contract of communication services for all the departments of the Regional Government.
The PKI constitutes the key element to guarantee the security in the information exchange process. To this purpose, the PKI provides mainly the service of Digital Certificate Lifecycle Management for public and private organisations. Additionally, the Valencian PKI provides also other services such as cross-certificate validation at national level, time stamping, message encryption, and document archiving (note: 'only' process data are archived in the IOP Platform, no content related data are stored). All these services are supported and managed by a public entity, the Regional Certification Authority (ACCV) which is responsible for the certificates delivery, and users and developers support etc. (more information at http://www.accv.es).
The PKI is complemented by a legal framework to guarantee the privacy of personal data. Actually a legal agreement between the Regional Government and the Local Government of Valencia is going to be signed to this purpose. Besides this, a general legal framework is going to be released in order to validate the transactions through the IOP platform.
Finally the IOP platform uses among others, these types of technologies:
- Service-Oriented Architecture (SOA). This is a software architecture that defines the service use to give support to
software users requirements. SOA offers a methodology and a framework to document business capabilities and can give support to integration and consolidation activities.
- D_SIG is a standard to guarantee the security at message level to guarantee message integrity and authentication during the
transmission process (could be during or after the transmission). This security level is based on digital signature, using XML Digital Signature. The XML message includes the contents of the digital signature as well as the X.509. This data is included in the SOAP headers of the documents.
- Business Process Execution Language (BPEL) is an XML based language designed for web service orchestration with some
added business logic.
