The IJIS Factor
Blog Home All Blogs
The IJIS Factor is the IJIS Institute's blog that covers technology and information sharing and safeguarding topics, including national standards and initiatives.

 

Search all posts for:   

 

Top tags: information sharing  corrections  NIBRS  cybersecurity  interoperability  justice-to-health  mid-year briefing  CJIS  CTA  FBI  Global  ijis  NG911  standards  standards coordinating council  Alliance Partner  APCO  APPA  CAD  courts  CPAC  DHS  Geospatial  HIPAA  iCERT  Internet of Things  IoT  ndex  NIEM  OASIS 

Building High-value Data Solutions in Silicon Valley

Posted By Richard Gold, Tuesday, December 11, 2018

The Silicon Valley Regional Data Trust (SVRDT) was founded with the intent of establishing a multi-county network of trust and ethical data sharing in the Silicon Valley region. SVRDT brings together data from numerous public agencies that serve children and families, including: education, child and family services, mental health, juvenile justice/probation, and technology; with adjacent interest in school safety.

The SVRDT mission is about stimulating change in the culture and practice of how data is responsibly used to develop actionable solutions to critical educational and social problems that confront children and families. SVRDT involves multiple counties in the Silicon Valley region and is funded by a foundation grant to the Santa Clara County Office of Education.

In partnership with the Santa Clara County Office of Education, the IJIS Institute is bringing its experience in justice and public safety information sharing to the development of an integrated policy and technology architecture for the SVRDT. IJIS is leveraging our expertise in the design and development of a data management and data integration framework for SVRDT, including expertise to define access security and data protection requirements, that can be confidently replicated for other regions.

Recognizing the sensitivity of the data, the SVRDT architecture inherently integrates extensive Rules of Use as developed in accordance with legal, regulatory, and local requirements with data management and technology services. These Rules of Use for data are required for each participating organization and are expressed in a series of common agreements: an Enterprise Memorandum of Understanding, a Multi-Agency Sharing Agreement, and a Universal Consent. IJIS is providing ongoing consultation and development of these policy/legal agreements.

The IJIS Institute is applying this legal, policy and technical expertise to create the SVRDT Secure Data Environment (SDE). The SDE automates the multi-agency coordination of services for children and families. For case workers, this will clarify the myriad factors influencing the lives of the children being served, thus improving the effectiveness of services and academic outcomes for all children, especially for those children from underserved communities.

The SDE platform and web services infrastructure will connect and make data available across the SVRDT participating agencies. Access to SVRDT data and services is controlled by the agencies responsible for the stewardship of the data that is made available by SVRDT. SVRDT data protection embraces three major design principles that are inherent in the SDE services architecture: 1) Minimize exposures of data, 2) Enforce Rules of Use, as defined by agreement, through Codes of Conduct administered by the operational authority in each participating organization, and 3) Monitoring of use via active transaction logging.

The value of SVRDT is further enhanced through a research partnership with the University of California at Santa Cruz. The research team uses data to perform longitudinal analysis of the efficient, effective, and ethical use of SVRDT data. The research agenda will be coupled with the SVRDT Change Integration Working Group for monitoring and measuring of SVRDT operational adaptation. The initial implementation of SVRDT will be in San Mateo County, in cooperation with the Santa Clara County Office of Education, providing education data for all the participating counties and administering the MS Azure-based hosted services platform.

Governance of SVRDT is provided by executives and the elected Boards of Education and Supervisors from the participating counties. Program direction is provided by an appointed Leadership Working Group that is comprised of the agency and department heads. Specialized working groups have been assembled and will continue providing guidance across the policy/legal, practice, research, and technological dimensions of the program.

In summary, the success potential for SVRDT will change the culture of public services in the Silicon Valley. For this reason, the IJIS Institute is working to ensure that this type of solution is replicable across the United States for other organizations that are working toward solving similar challenges. If you are interested in learning more about SVRDT, and/or how this solution might benefit your organization, please see www.SVRDT.org or contact us at info@ijis.org.

Tags:  data integration  data management  information sharing  secure data environment  svrdt 

Share |
PermalinkComments (0)
 

DC Criminal Justice Coordinating Council’s Information Sharing Forum

Posted By Ashwini Jarral, Friday, November 2, 2018

On October 31st, several members of the IJIS Institute attended the District of Columbia Criminal Justice Coordinating Council’s Third Annual Information Sharing Forum. The theme of the Forum was Criminal Justice System Information Sharing: Pathways and Challenges. Mannone A. Butler, Esq., the executive director of the Criminal Justice Coordinating Council, opened the Forum describing the goals of the event and noted that CJCC is an independent District agency that identifies issues and their solutions, proposes actions, and facilitates cooperation to improve public safety in the District of Columbia.

I kicked off the Forum with a session titled The Justice Information Sharing Landscape: National and District Perspectives. I was joined by Imran Chaudhry, CJCC’s CIO. In this session, I discussed the overall objective for sharing information among partners within the criminal justice system, provided an overview of national and local landscapes among the criminal justice community, and highlighted some of the challenges faced when sharing criminal justice information. The challenges discussed were primarily policy, legal, and regulatory issues such as HIPAA, The Privacy Act, and FISMA as well as technology standards (NIST, NIEM) and, of course, cyber security. I highlighted the work IJIS has done to stand up Information Sharing Environments (ISE) and stressed the importance that the sharing provide operational value to the parties sharing. I also discussed the importance of true interoperability and the consistent application of principles and standards to address specific mission problems. I also talked about scalability – a challenge we are working on in the justice community – and stressed that interoperability is about automation and mapping to business processes, organizational mission, and goals.

IJIS arranged for Verne Rinker, a health information privacy specialist with the HHS Office for Civil Rights (OCR), to present about HIPAA and how it applies to law enforcement. Verne leads OCR’s administration and enforcement for the Patient Safety and Quality Improvement Act of 2005 in addition to various policy aspects of the HIPAA rules. He also serves as the OCR representative to the HHS Privacy Incident Response Team. Verne reviewed the Act, its purpose, common myths, and permitted disclosures for law enforcement such as court orders, specific administrative subpoena, specific information to identify a suspect, fugitive, material witness, or missing person, specific imminent threat, and much more. He also provided a link for an FAQs regarding disclosures for law enforcement
https://www.hhs.gov/hipaa/for-professionals/faq/disclosures-for-law-enforcement-purposes/index.html

The Forum concluded with a Breakout Session – Case Study where attendees divided into small groups to address a case study based upon the information covered in the first two sessions.

Download File (PDF)

Tags:  hipaa  information sharing  ISE  justice  privacy 

Share |
PermalinkComments (0)
 

Nlets Implementers Workshop

Posted By Michael Alagna, Monday, September 24, 2018
Updated: Thursday, September 13, 2018

I attended the Nlets Implementers Workshop representing the IJIS Institute. The event was held September 10-12 in Tempe, AZ, and I got the opportunity to provide a snapshot of IJIS and Nlets joint strategic projects.  

Nlets is a private, nonprofit corporation owned by the States that was created more than 50 years ago by the 50 state law enforcement agencies. The user population is made up of all the US and its territories, all Federal agencies with a justice component, selected international agencies, and a variety of strategic partners that serve the law enforcement community in cooperatively exchanging data.

The types of data being exchanged varies from motor vehicle and drivers' data, to Canadian and Interpol database located in Lyon France, to state criminal history records and driver license and corrections images. Operations consist of more than 1.6 billion transactions a year to over 1 million PC, mobile and handheld devices in the U.S. and Canada at 45,000 user agencies and to 1.3 million individual users.

The Nlets Implementers Workshop provides attendees the opportunity to exchange ideas, learn about new technologies and national standards, share implementation successes and failures, and create new contacts. Discussion topics included Nlets technology initiatives, security updates from CJIS and Nlets, and several new resources available to law enforcement. 

The IJIS Institute is a long-standing strategic partner of Nlets, and we are working to help address several important technology challenges. IJIS is launching the Computer-Aided Dispatch Interoperability and Technology Working Group (CAD-ITWG), in collaboration with public safety practice associations to improve interoperability of emergency incident information in the public safety communications environment. To participate on the CAD-ITWG, please email me at michael.alagna@ijis.org

Tags:  Alliance Partner  CAD  CJIS  information sharing  Nlets 

Share |
PermalinkComments (0)
 

WIS3 Highlights Cooperation and Coordination in Info Sharing

Posted By Ashwini Jarral, Monday, April 4, 2016

The Workshop on Information Sharing and Safeguarding Standards (WIS3) is an annual event sponsored by the Standards Coordinating Council (SCC) and the IJIS Institute. The 2016 event was held on 17 March at the Hyatt Regency Hotel in Reston, Virginia.

This year’s WIS 3 was an interactive workshop that brought together more than 100 government and industry leaders to chart the future for architecture and standards frameworks for the national information sharing environment.

The workshop opened with an introduction from Victor Harrison, senior VP of Object Management Group (OMG). WIS was co-located with the OMG Technical Meeting.

The opening keynote presentation was given by a special guest, Michael Echols, director of the Cyber Joint Program Management Office, National Cybersecurity Policy and Risk Management, Department of Homeland Security. He spoke about the recent executive orders on cybersecurity and what progress has been made. He had two important points that he emphasized to participants: 1) that cybersecurity is a team sport with many communities of interest that are involved and 2) that public/private partnerships are essential for success in improving the state of cyber security in this country.

Of particular interest to the WIS3 attendees and the SCC, Echols noted that, “standards are how we empower the weakest team members and make the networks that link us strong.”

Echols went on to discuss the need for information sharing platforms to be linked. He discussed the need for more organizations and individuals to get involved in the Information Sharing and Analysis Organization (ISAO) Standards Organization, www.isao.org. He went on to say that, “we want to move cyber threat information to the right people at the right place in the right time,” and that realizing this would start with standards and mean working with organizations in the community of interest.

The first panel of the workshop was Project Interoperability 2.0. The panelists provided the vision for Project Interoperability 2.0 activities. The panel was moderated by Kshemendra Paul, program manager, Information Sharing Environment (PM-ISE), Office of the Director of National Intelligence (ODNI) and the panelists were:

  • Steve Ambrosini, executive director, IJIS Institute
  • Mark Reichardt, president and CEO, Open Geospatial Consortium (OGC)
  • Jamie Clark, general counsel, Organization for the Advancement of Structured Information Standards (Oasis)
  • Ashwini Jarral, director of operations, IJIS Institute

At the start of the panel, Paul reviewed PM ISE’s perspective on the future of Project Interoperability and the role of PM ISE in that effort. He also discussed the development and importance of the Information Sharing and Safeguarding (IS&S) Playbook, http://www.standardscoordination.org/iss-playbook, and how the Playbook interacts with the work of the SCC and Project Interoperability.

Ambrosini discussed IJIS’ role and interest in the SCC and Project Interoperability and noted that through the SCC, organizations can send out relevant standards to communities of interest, public and private, to encourage use and adaptation.

Reichardt discussed that OGC’s interest in the SCC is access across standards development organizations (SDOs) and different communities of interest so that standards created worldwide by OGC are not created in a vacuum. He provided an example of this, noting that earlier versions of the National Information Exchange Model (NIEM) were able to transmit location information but not within the frameworks of the GIS providers. OGC conducted a pilot to use NIEM to transmit location information and now the changes discovered through this process are a part of NIEM 3.0. He stated that engaging industry in the creation of tools and testing things in real operational situations are examples of success through SCC. OGC is an international organization and the international connections help them enable information sharing across national boundaries. OGC is planning pilots in the international space to further these important efforts.

Jamie Clark build on this concept using an analogy that all the SDOs are out there creating tools, but if you put a toolbox in front of people without any experience with a hammer, they won’t be able to make any sense out of the 45 different hammers in the box. The SCC can be thought of as a way to help guide those people to understand what is in that toolbox and ways it can be used, ultimately encouraging people to reach in the box and use the tools effectively instead of being overwhelmed and closing the box. Clark encouraged people from other SDOs to participate in the SCC so we can help the greater information sharing community properly use the toolbox.

Clark also had a real-world example; OASIS was working on XACML and through their involvement in the SCC they discovered that OGC was working on the geospatial component of XACML. The two organizations ended up working together to both organization’s and both standard’s benefits.

Jarral discussed how the many pieces that were discussed so far, like the SCC, Project Interop, and others, fit together and interrelate.

Following the panel presentation, a town hall-type session was held to allow the audience to provide comments and ask questions of the panelists about the SCC and Project Interoperability. It was a very lively session that went to the last minute with audience questions and comments.

The next panel was a discussion of information sharing and interoperability in the maritime domain. The moderator for the panel was Doc Holliday from the PM-ISE and the panelists were:

  • Dr. Mark Haselkorn, professor of human-centered design and engineering, University of Washington, and director, Center for Collaborative Systems for Security, Safety, and Regional Resilience (CoSSaR)
  • Bradford Clark, Mission Integration and Capability Development Division, Office of Shore Forces (CG-741), U.S. Coast Guard

Haselkorn and Clark educated participants on how Federal partners have co-sponsored and teamed with the University of Washington to analyze the Puget Sound operational sharing environment, how Project Interoperability tools and resources are being employed there, and how the results of this work, in addition to being shared across the greater maritime community of interest.

Haselkorn noted in his presentation that we aren’t designing systems for users because users are a part of the system; it is more like we are designing Interventions to close the socio-technical gap. His presentation also focused on the work of the CoSSaR. He went on to state that the intent of the work being done should be the development of a common operational picture instead of hoping that someday there would be one big system that everyone used, as that was not a possible scenario.

The next panel was a use case about law enforcement deconfliction and request for information. The panel was moderated by Hank Oleyniczak from the PM-ISE and the panelists included:

  • Alan Rosenhauer, CTO, RISS Technology Center
  • Glenn Fueston, associate deputy director, Intelligence and Information Sharing Initiative, Washington/Baltimore High Intensity Drug Trafficking Area

Deconfliction is becoming a standardized term within the law enforcement community. The panelists discussed the varying degrees of what deconfliction represents in the law enforcement community and reviewed a successful implementation interconnecting three nationally-recognized event deconfliction systems (RISSafe, Case Explorer, and SAFETNet).

The panelists described the three types of deconfliction: 1) Event Deconfliction is agencies avoiding an event at the same time in the same place, 2) Case/Subject/Target/Entity Deconfliction is law enforcement provider to law enforcement provider communications about issues, and 3) a Request for Information is a generic request for info about a topic in a general sense.

Both presenters reinforced the necessary ingredients between partners for deconfliction activities are  building trust, enabling interoperability with security/safeguarding, and achieving scalability as deconfliction efforts move from event to general requests for information and all within the framework of countering terrorism and enhancing homeland security.

Rosenhauer discussed future plans for enhancements involve investigating potential connections with the Drug Enforcement Agency, cyber organizations, FBI, N-DEx, and other national and regional partners. More about their project can be learned at www.ncirc.gov/deconfliction.

The fourth panel was entitled Scaling Trust and Interoperability: Lessons from Federating Identity and Access. The panel was moderated by John Wandelt, fellow and division chief, Information Exchange and Architecture Division, Georgia Tech Research Institute (GTRI). The panelists were:

  • Alan Rosenhauer, CTO, RISS Technology Center
  • Marc-Anthony Signorino, JD, CIPP, executive director, Identity Ecosystem Steering Group, Inc.
  • Bill Phillips, security specialist, Nlets
  • Tom McCarty, director, Identity, Credential and Access Management (ICAM) Program Management Office (PMO), Information Sharing Environment Office, Office of the CIO, DHS
  • Jim Derry, IT Manager, Tennessee Methamphetamine & Pharmaceuticals Task Force

Scaling trust and interoperability across autonomous federal, state, and local partner organizational boundaries is a fundamental requirement of the information sharing and safeguarding environment to support the counterterrorism and homeland defense mission. The panelists explores experiences, lessons learned, and strategies from existing trust framework operators and stakeholders during the implementation of the federated identity use case.

The fifth and last panel of the day was called New National Initiatives: Leveraging Project Interoperability and Standards to Create Information Sharing Momentum. The moderator for this panel was Ashwini Jarral, director of operations, IJIS Institute, and the panel included:

  • Laurie Flaherty, Coordinator of the National 911 program, Department of Transportation
  • Vernon Mosley, Senior Cybersecurity Engineer, Cybersecurity and Communications Reliability Division, Public Safety and Homeland Security Bureau, Federal Communications Commission (FCC)
  • Peter Shebell, Deputy Director for Standards Policy and Coordination, Office of Standards, Capability Development Support Group, Science and Technology Directorate
  • Jeff Bratcher, CTO, FirstNet
  • Richard Spires, CEO, Learning Tree International (former DHS CIO)

The panelists discussed opportunities and challenges around interoperability, standards, and building trust within their community. Panelists provided their perspective on using different components of Project Interoperability and SCC resources to develop an information sharing and safeguarding environment. The panel also addressed the policy and procurement challenges that agencies face as they develop standards-based capabilities.

The workshop closed with a wrap up of the day’s events and view for the future by Paul from the PM-ISE.

Planning has already started for the 2017 WIS3. Please visit www.standardscoordination.org for event information as well as other SCC information and activities.

Tags:  cybersecurity  information sharing  interoperability  WIS3 

Share |
PermalinkComments (0)
 

Promoting Meaningful Information Sharing

Posted By Robert L. May II, Monday, February 29, 2016

Earlier this month I was invited to speak at a special event hosted by the City of Denver Department of Human Services Crime Prevention and Control Commission. The event, Promoting Meaningful Information Sharing, was held in Denver on 23 February intended to help participants:

  • Ensure accurate information on Health Insurance Portability and Accountability Act (HIPAA) and 42-CFR laws.
  • Understand current interpretations and practices regarding HIPAA and 42-CFR laws.
  • Develop common practices used across and within Denver and Colorado agencies.
  • Discuss how Wellness Recovery Action Plans (WRAP) can be used across systems in a digital form.

The event began with general discussions on HIPAA and 42-CFR Part 2 and then I provided the information on criminal justice provisions within HIPAA and 42-CFR. Following my session, there was a presentation on electronic health data exchange and then the rest of the session included scenarios and responses to participant questions.

Also speaking at the event were:

  • Drew Labbo, Chief Information Security Officer & Privacy Officer at Denver Health and Hospital Authority, and he owner and principal of Rocky Mountain HIPAA Guru, which offers HIPAA consulting and HIPAA advisory services.
  • Charles Smith, PhD, Regional Administrator for the Substance Abuse and Mental Health Services Administration (SAMHSA), U.S. Department of Health and Human Services - Region VIII (CO, MT, ND, SD, UT, and WY). Dr. Smith is a Licensed Psychologist and the former Director of the Colorado Division of Behavioral Health and Deputy Commissioner of Mental Health and Substance Abuse for the State of Colorado.
  • Hyla Schreurs, U.S. Department of Health and Human Services, Office for Civil Rights, Rocky Mountain Region, Supervisory Equal Opportunity Specialist. Ms. Schreurs is licensed to practice law in Colorado.
  • Jennifer Hill, Program Coordinator at the Colorado Mental Wellness Network.
  • Lyn Snow, Compliance Officer for Colorado Human Services, Office of Behavioral Health.
  • Kate Tipping, Public Health Advisor and privacy lead on SAMHSA’s Health IT Team. PATRICK FOX
  • Patrick K. Fox, MD,  Chief Medical Officer for the Colorado Department of Human Services and Deputy Director of Clinical Services for the Office of Behavioral Health.
  • Toria Thompson, Behavioral Health Information Exchange Coordinator at CORHIO and is responsible for implementing solutions for the secure exchange of Behavioral Health data within CORHIO’s HIE.

The combined PowerPoint presentations are attached to this post as a resource, and the following were provided as web resources for further information on the topics discussed.

OFFICE OF CIVIL RIGHTS (OCR): http://www.hhs.gov/ocr/hipaa/

  • Full text of Privacy, Security, and Breach Rules
  • HIPAA Privacy Rule summary
  • Covered entity "decision tool" to assist individuals and entities in making these determinations
  • Over 200 frequently asked questions
  • Fact sheets
  • Information about the OCR enforcement program

Substance Abuse& Mental Health Services Administration (SAMHSA): http://www.samhsa.gov/healthprivacy/docs/EHR-FAQs.pdf and http://www.samhsa.gov/about/laws/SAMHSA_42CFRPART2FAQII_Revised.pdf

  • To help providers in the behavioral health field better understand privacy issues related to Health IT, SAMHSA, in collaboration with ONC has created two sets of Frequently Asked Questions (FAQs).

IJIS AND URBAN INSTITUTE:

Opportunities for Information Sharing to Enhance Health and Public Safety Outcomes

GLOBAL STRATEGIC SOLUTIONS WORK GROUP:

Prioritizing Justice-to-Health Exchanges Task Team Final Report

GLOBAL STANDARDS COUNCIL – JUSTICE /HEALTH:

Aligning Justice-To-Health Priority Exchanges Task Team Final Report

Corrections and Reentry:

Protected Health Information Privacy Framework for Information Sharing https://csgjusticecenter.org/corrections/publications/corrections-and-reentry-protected-health-information-privacy-framework-for-information-sharing/

 

Download File (PDF)

Tags:  corrections  HIPAA  information sharing  justice-to-health  mental health  substance abuse 

Share |
PermalinkComments (0)
 

Another Successful Corrections Technology Forum

Posted By Robert L. May II, Thursday, December 31, 2015

The Corrections Technology Forum was held earlier this month, 11-13 December, and brought together state corrections administrators, corrections CIOs, probation administrators and technologists, and a limited number of sponsoring industry representatives to engage in direct dialog about current information sharing initiatives and solutions and solutions on the horizon.

Held in Arlington, Virginia, the event was attended by correctional leaders and technologists from 15 state corrections agencies, 5 community corrections agencies and 5 large jail systems. Partnering organizations for the event were the American Correctional Association (ACA), the American Probation and Parole Association (APPA), and the Corrections Technology Association (CTA). The American Jail Association also partnered with IJIS for the 2015 Forum and invited administrators and technologists from 5 large jail systems.

The 2015 Forum included the following topics/discussions:

  • Dr. Alan Shark of the Public Technology Institute spoke about Future Management Schemes for Technology Leadership,
  • Mike Roosa of the Bureau of Justice Assistance presented on the topic of Use of Body Worn Cameras in Corrections,
  • Kshemendra Paul, Program Manager, Information Sharing Environment, provided the luncheon keynote on National Information Sharing – Value to Corrections,
  • Brian Hill of Edevo presented on Secure Connectivity in Corrections,
  • Kamala Mallik-Kane of the Urban Institute talked about Health and Continuity of Care,
  • Innovative Technology for Offender Programming was presented by Heather Erwin,
  • Criminal Intelligence and Collaboration with Correction Agencies was presented by Glenn Fueston, Associate Deputy Director, Washington-Baltimore HIDTA, and
  • Cybersecurity in Corrections was presented by Mike Alagna of Sidetalk Solutions, LLC. 

Industry participants and sponsors included the following IJIS Member companies: Amazon Web Services, CNTinfotech, Esri, LEINTEL, Marquis Software, Microsoft Corporation, Securus Technologies, and Social Solutions. I would like to send them a special word of thanks for their support and participation of this important event.

The 2015 Corrections Technology Forum was the second successful Corrections Forum hosted by the IJIS Institute. The 2013 Forum was attended by practitioners from 21 state corrections agencies and 5 large county probation agencies. Partner organizations in 2013 included ACA, the APPA, and CTA.

There are plans in the works for the 2016 Corrections Technology Forum. If you are interested in sponsoring the Forum next year, please contact me at robert.may@ijis.org.

Tags:  ACA  APPA  Corrections  CTA  information sharing 

Share |
PermalinkComments (0)
 

Information Sharing and Safeguarding (IS&S) Environment Playbook

Posted By Ashwini Jarral, Thursday, November 12, 2015

The IJIS Institute led the development of the Information Sharing and Safeguarding (IS&S) Environment Playbook to address the question, “if we need to create an IS&S environment and have the resources, what do we do next?”

This question got the Program Manager of Information Sharing Environment (PM-ISE) leadership and the Standards Coordinating Council (SCC) members thinking about the lack of guidance for communities of interest from different missions (including all levels of governments and industry) to standup their own IS&S environment. At the request of the PM-ISE leadership, the IJIS Institute was asked to review the U.S. Digital Services Playbookhttps://playbook.cio.gov/ and develop something similar for the IS&S environment. Within a few weeks the IS&S Environment Playbook was born and now resides on the SCC’s website at http://www.standardscoordination.org/iss-playbook.

The IS&S Environment Playbook used the U.S. Digital Services Playbook as the foundational framework and extends on the key principles required to create and sustain an IS&S environment. The Playbook identifies 15 key plays based on field experience, best practices, and standards identified by the government and the private sector.

The IS&S Environment Playbook is meant to be flexible for all types of users. It is functional at a starting-from-scratch level; however, the Playbook is also intended to allow users at any point in their process to pick up the document, identify where they are in the process, and then move forward. For organizations in beginning stages, the plays serve as a roadmap and incorporate the tried and tested processes of more experienced communities. For more advanced users, the plays that are before a point of entry still may have relevance to a development effort and may contain ideas and actions to improve a development process. In addition, the IS&S Environment Playbook is iterative. Users may complete a play and then have to go back to it as more is learned later in a development effort. Users may have a phased development approach that brings the project back to a certain point in the plays as phase milestones are crossed.

This IJIS Institute developed the IS&S Environment Playbook for all kinds of mission partners (such as law enforcement, public safety, intelligence, homeland security, and many others) who want to get together to address the IS&S challenges and develop communities of practice that can use and reuse these plays to advance IS&S mission. Considering this broad range of users with varying missions, the Playbook promotes the application of privacy and civil liberties controls, data transparency,  and responsible information sharing as stated in the National Strategy for Information Sharing and Safeguarding (https://www.whitehouse.gov/sites/default/files/docs/2012sharingstrategy_1.pdf) in the creation of an IS&S environment.

The IS&S Environment Playbook can be accessed at http://www.standardscoordination.org/iss-playbook and feedback is definitely encouraged! You can submit your feedback via email at info@standardscoordination.org or complete the structured feedback form online at http://www.standardscoordination.org/content/iss-environment-playbook-structured-feedback.

Tags:  information sharing  interoperability  playbook  standards  standards coordinating council 

Share |
PermalinkComments (0)
 

The Internet of Things (IoT) is transforming the technology landscape.

Posted By Martha Hill, Friday, September 4, 2015

The Internet of Things (IoT) is transforming the technology landscape. From environmental monitoring, transportation and infrastructure management, to manufacturing, health care and building automation, IoT is providing sensing and data sharing capabilities that were unimaginable a decade ago. Now the Department of Homeland Security Science and Technology Directorate (S&T) has launched a pilot to apply IoT to the challenge of vastly improving responders’ situational awareness during emergencies. That pilot, the Incident Management Information Sharing (IMIS) Internet of Things Pilot, kicked off at a two-day meeting July 9-10 at the Integrated Justice Information Systems (IJIS) Institute on the campus of the George Washington University Virginia Science and Technology Center.

The IoT is the rapidly expanding network of objects embedded with sensors able to gather, communicate and exchange data with other devices. It includes everything from “smart” household appliances to sensors monitoring traffic flow and municipal water systems. For responder use, new types of low-cost wireless sensors are emerging that can quickly make a wide range of observations of an incident, its environment and its effects on people, including the responders themselves. Among those types are in situ environmental sensors (e.g., temperature, wind, radiation and toxic substance detectors), wearable sensors (e.g., cameras, explosives detectors and vital signs monitors) and imaging sensors (e.g., visible light and infrared cameras) on mobile platforms such as unmanned aerial systems and autonomous vehicles.

Evolving networking technology enables these sensors to connect automatically as soon as they are deployed. Simple connectivity, however, is not enough to meet the needs of emergency responders. Responders require access to continually updated observations, analysis, alerts and predictions from emergency response information systems and mobile devices to ensure they have an accurate shared view of conditions. Many current sensor platforms need too much preplanning and infrastructure set-up to work in rapidly evolving situations. Their nonstandard integration systems can prevent information sharing. Responders need standardized technology that makes sensors easily and immediately identifiable, accessible, usable and useful across all teams and information management platforms involved in an incident response.

Such technology is S&T’s goal.

S&T’s objective is to harness the potential of the IoT as part of its
Next Generation First Responder (NGFR) Apex program. Under its contract with S&T, IJIS is acting as prime contractor on the pilot and has brought the Open Geospatial Consortium (OGC) and its members onboard to provide the technical expertise required to develop interoperability solutions that employ lightweight, low-cost wireless sensors to support incident response and management. This partnership has enabled S&T to assemble a working group of nine organizations from around the world, including Botts Innovative Research (Huntsville, Alabama), Compusult (Nova Scotia, Canada), Envitia (West Sussex, United Kingdom), GEO Huntsville (Huntsville, Alabama), Noblis (Falls Church, Virginia), Northrup Grumman (McLean, Virginia), SensorUp (Alberta, Canada), the University of Melbourne (Victoria, Australia) and 54 North (Műnster, Germany). Their goal is to develop and demonstrate a prototype IMIS IoT architecture tailored to the real-world requirements of the emergency response community by the end of December 2015.

Acknowledging the extraordinary technical challenge the team faces, NGFR Apex Program Director John Merrill advised team members to “see the world through responders’ eyes” when planning and developing their prototype. He enumerated the unique needs of responders in critical incidents, especially the need to “get the right information to the right person at the right time.” He added that too much or unnecessary information can be a dangerous distraction to responders in emergency situations, and that reliability is essential for any technology to earn and keep responders’ trust. Finally, he focused on integration. “The NGFR Apex program has 40-plus technology projects in the works, and to be useful to the first responder community those technologies all have to work together seamlessly. The necessity for reliability and interoperability,” he said, “makes standards a primary focus and foundation for this pilot program.”

Throughout the two-day meetings, discussions and white board brainstorming enabled the group to refine their understanding of responder requirements. An emergency scenario and associated use cases involving a collision between a train and a chemical tank truck served as a structure for identifying the situational awareness and information exchange challenges responders face. The team identified a wide array of needed sensors, platforms and data technologies required to meet those challenges. A clear road map is in place.

“It’s a really talented team,” said Merrill, “and the proof is going to be when they plug in their prototype in December and it does exactly what it’s expected to.” 

NOTE: This blog first appeared on firstresponder.gov.  It has been reposted with the approval of the Department of Homeland Security.

Tags:  DHS  Homeland Security  information sharing  Internet of Things  IoT 

Share |
PermalinkComments (0)
 

Mid-year Briefing Spotlight: Industry and Corrections Moving Forward

Posted By Andrea A. Walter, Saturday, August 1, 2015

Want to see a small bit of the content from yesterday’s Mid-year Briefing in Atlanta, Georgia. Here are some highlights of Tom Herzog's Luncheon Keynote.

  • Business is a relationship and government relies upon its private sector business partners to help foster and promote innovation. IJIS is an organization that helps to promote and accelerate these efforts.
  • Public/private partnerships are the backbone of innovation in public sector work and critical to public safety work.
  • "Government needs business partners, not vendors. Vendors are people from whom we buy hotdogs, not software and services!"
  • 10 Value Propositions for Corrections in 2015-16:
  1. Body worn cameras - and the data management of the outputs
  2. Education of incarcerated individuals - using video and tablets as accelerators of innovation in corrections education.
  3. Family Reunification through video conferencing - another opportunity for tablet use.
  4. Medical - among the highest cost centers for the corrections industry, EMS and EHR are critical business drivers to help contain and reduce operating costs.
  5. Complex Analytics - use of new and powerful computing techniques will allow DOC administrators to open previously closed or untapped data sources to provide analytics to better understand prison violence and program success.
  6. Cell Phone Detection - contraband cell phones continue to be among the preeminent threats to correctional safety.
  7. Information sharing with LEOs - corrections rich data stores, which include known associates, STGs, visitors, persons called, and money transfers are critical data elements to assist in crime fighting.
  8. Legacy Renewal/Conversion - many correctional systems are still operating on 1970's computing technology, including mainframe and cool based systems.
  9. Email for incarcerated individuals.
  10. Telephones and improved analytics for persons called and recorded calls.
  • Five Future Value Propositions for industry work with Corrections:
  1. Prison population reduction and the value proposition of community supervision with enhanced technology.  
  2. Bail Reform and how technology can be used to help ensure safe pre-trial, pre-adjudication release to the community.
  3. Smart Apartments that make use of new monitoring techniques to help facilitate community supervision.
  4. Group Sourcing software to help enlist public input into new initiatives and place-based policy initiatives.
  5. Public/Private partnerships that make use of new performance-based funding options to include ideas like Social Impact Bonds (SIBs) and Purpose-based economic alternatives.

For more information contact Tom at any of the following or post your comments here on the blog:

  • Email:     Tom.Herzog@gmail.com
  • Twitter:    @tomherzog3
  • LinkedIn:  Thomas Herzog
  • Phone:      (518) 506-0000

Tags:  analytics  body worn cameras  Corrections  information sharing  Mid-year briefing 

Share |
PermalinkComments (0)
 

A Different Cyber Perspective at InfoSec World 2015

Posted By Steve Ambrosini, Thursday, May 14, 2015
Updated: Monday, May 11, 2015

A few weeks ago I attended InfoSec World 2015. The IJIS Institute is an association partner of the event and this was our first visit to this annual conference and expo. It is put on by the MIS Training Institute (MISTI).

InfoSec World 2015 was a great experience and it provided a different perspective on the very large topic of cybersecurity that we are used to seeing at the IJIS Institute events. The conference is focused on the perspectives of technologists and Certified Information Systems Security Officers (CISSO) in the quest for cybersecurity. I am more accustomed to hearing discussions about front end access to systems and Identity Management (ICAM) issues versus the deep technology dives at InfoSec. It was a refreshing change of pace to look at this topic from another angle.

Two quick thoughts regarding InfoSec World 2015:

  • There was a lot of discussion at the event about understanding the vulnerability contours in the world of open source, and how pervasive and continuously growing the use of open source is even with known vulnerabilities. Some of the environments that we might consider the most secure are still using open source components with known vulnerabilities. As open source is essential and obviously here to stay, the path forward looks like the same path one might use to eat an elephant…focusing on one bite at a time by bolstering the immediate lines of defense with operating system component patches.
  • The term incident response, as in cyber incident response, was thrown around a lot at this conference. Assistant Special Agent in Charge Ari M. Baranoff, U. S. Secret Service/Criminal Investigative Division, gave a fantastic keynote address on organized cybercrime, and stepped through the cyber incident response steps of investigation, arrest, and prosecution. It struck me that the world of law enforcement/criminal justice incident response and cyber incident response are not as different as you might think at first glance. I recently heard about companies using the Incident Command System, borrowed from the fire service, to manage cyber incident response. What things can law enforcement/public safety and cyber crime fighters learn from one another about incident response?

It was a great time to immerse myself in this cybersecurity perspective at InfoSec World 2015 considering that the IJIS Institute, through the Standards Coordinating Council, is getting more and more involved in the defense against cyber attacks through the development of standards for sharing cyber incident information. Stay tuned to the IJIS Factor blog for more on the SCC and Executive Order 13691 on Promoting Private Sector Cybersecurity Information Sharing.

Tags:  cybersecurity  ICAM  information sharing  standards coordinating council 

Share |
PermalinkComments (0)
 
Page 1 of 2
1  |  2