Ossian Smyth TD is the Irish Minister of State responsible for the Office of the Government Chief Information Officer (OGCIO) and the Office of Government Procurement (OGP). He is also the Government spokesperson on Cyber-Security and Telecommunications.
A Green Party politician, he was appointed in 2020.
His first year in office was dominated by the rollout of new tech solutions to assist in the Irish vaccination campaign, as well as a major cyber-attack in May 2020, which caused a complete shutdown of Ireland’s public health service (HSE).
He speaks to GovTech times on how important it is for Ireland to ensure a successful digital transformation.
When I was appointed the Minister of State responsible for Digital Government and Procurement some 21 months ago, I had little idea how my tenure was going to be shaped by two cataclysmic events. The first of these, the pandemic, had obviously been around for several months at that point and it was very clear that it was going to dominate Government planning for the (then) foreseeable future. Moreover, our success in building one of the best contact tracing Apps in the world, demonstrated by its take-up in Ireland and then adoption by other countries, indicated the role that technology was able to play in the battle against the pandemic. But that was only a foretaste of what we were to go on to achieve. And, ironically, the second event played a large part in that process.
I was made aware of the scale and severity of the cyber-attack on the HSE on the morning of Friday 14 May 2021. The criminals had used the Conti ransomware to infiltrate HSE IT systems (PCs, servers, etc.). This forced the HSE to invoke its Critical Incident Process, which in turn resulted in the decision to switch off all HSE IT systems and disconnect the National Healthcare Network from the internet in order to contain and assess the impact of the cyber-attack.
The detail of the attack and the response is well documented but I must again pay tribute to the perseverance, commitment and skills demonstrated by the public and private sector staff involved in the remedial programme. However, the incident created another significant Government dilemma – we were required by EU Regulation to build the capability to produce certificates of proof that an individual had either been fully vaccinated or recovered from COVID, or had received a negative PCR test result within the last 72 hours. We also had to be able to verify the certificates from any other EU/EEA country. Moreover, we had to build this in a matter of weeks and we could not rely on HSE resources to help us, as they were pre-occupied with the post-attack restoration and repair activities.
Barry Lowry is the government’s Chief Information Officer
“Our experiences over the last couple of years have really reinforced the value of partnerships, especially when working towards a shared goal, of the potential of technology when closely aligned to specified outcomes and of the importance of data quality to service excellence and responsive policy,” he told GovTech Europe.
To me our response became the perfect example of GovTech: five government bodies, including my own department, and four private sector companies were brought together to deploy cutting-edge technologies, including QR codes, APIs, Phone Apps and Cloud, to deliver what was arguably the most successful technical response to the Digital COVID certificate challenge anywhere in Europe. We were able to very quickly deliver millions of certificates to enable people to travel; we were able to use a phone-based system to verify the certificates of people coming into the country; we enabled people to download their certificate onto their phone or COVID App; we re-purposed the verifier to enable indoor hospitality to re-open in a way that exposed only a minimum data set; we extended the process into the private sector to enable the production of testing certificates; and we build a solution to enable Irish citizens vaccinated abroad to get EU certificates. And we did all this using an agile approach, including daily stand-ups involving people who never got to be in the same room!
And what have we learned from this that will inform the way forward?
Firstly, that innovation works best when addressing difficult problems – because you have no other choice but to be brave!
Secondly, new technologies help us think differently about how we might solve problems – for example, Ireland was one of the first advocates for a QR code-based approach to the EU Digital COVID certificate.
Thirdly, the Cloud is essential for fast and agile service provision. It is also inherently secure – the cloud-based CoVax Vaccination support system worked throughout and after the cyber-attack, which was critical to the successful vaccination roll-out and the subsequent DCC production.
Fourthly, we need the best of Ireland’s start-ups and SMES to work alongside the larger and more established technology companies to solve Government problems – both have so much to offer and one of my priorities going forward will be to create the procurement conditions that let both play a key part in our GovTech eco-system.
Fifth, digital does not understand the concept of siloes – indeed, neither do our customers! One of our ambitions going forward is to deliver what we call a Life Events portal. In other words, the major events in our lives, such as births, bereavements and coming to Ireland, should not require people at times of stress to have to deal with numerous public service bodies; we should be told of these events once and the do the necessary bureacracy for people – where they want us to of course.
Sixth, Digital Government without good quality, joined-up data is doomed to fail. The development of the CoVax system showed us what is possible when we have good quality data. But it also showed us the difficulties caused to our people when our records are not fully accurate. This is why the Government is committed to the once-only principle and has delivered legislation (the Data Sharing & Governance Act) and the Data Strategy to make this ambition real.
Seventh, Digital Government is totally dependent on us being absolutely sure of the identity of the person making the transaction. MyGovID has demonstrated that it can support this ambition, and the public’s response – we presently have the fastest growth in take-up and usage in the world – demonstrates its usefulness. I am delighted that we now have agreement with the Data Protection Commission that it can lawfully be used across Government.
Finally, Digital Government is only really successful when the user, the people, are put at the centre. If we are to achieve our ambition of ensuring that 90% of applicable services will be consumed online by 2030, then we have to give the public what they want in the way they want it. That is why I intend to ask the public to choose their priority services for review and/or digitisation. This will inform our priority programme. Then, we will consult the public to ensure the services work in the way that they would prefer. And if we achieve our 90% target, then we free up resources to give a better offline or assisted digital service to those who need it most. In other words, everyone can benefit from strong digital Government!
My time in this role might only be brief but it has shown me what we can achieve when we work to a shared vision. Our new National Digital Strategy (‘Harnessing Digital – The Digital Ireland Framework’) and Public Service Digital Strategy (‘Connecting Government 2030: A Digital and ICT Strategy for Ireland’s Public Service’) set out the Vision and approach. It’s time to once more roll our sleeves up!