Digital Pa Piano, from one time to security and privacy by design

In the Official Gazette, the decree of the Minister of Technological Innovation and Digital Transformation, approving the three-year plan for information technology in public administration 2021-2023.

Public administrations must avoid asking citizens and businesses for information already provided, they must do so only once, and digital services must be designed and delivered in a secure manner and guarantee the protection of personal data. These two principles, once and security and privacy by design, are contained in the three-year plan for information technology in public administration 2021-2023 approved by decree of the Minister Vittorio Colao and published May 6 in the Official Gazette. In the past, the document was notified to the European Commission in view of the changed context attached to the implementation of PNRR in the field of digital transformation, in contrast to what happened to previous editions.

The three-year plan for IT in the Administration sets out the lines of action to promote the public sector’s and the country’s digital transformation.

Three-year plan for IT in public administration 2021-2023: the main points

Let us review the main points of the three-year plan for IT in public administration 2021-2023.

During the three-year period, approx. 200 actions: carried by AgID and Department of Digital Transformation, other institutional subjects and others charged to central and local PAs.

The 2021 – 2023 update represents the natural evolution of the previous edition. In particular:

  • consolidates attention on the implementation of the planned actions and on the monitoring of the results;
  • introduces some new elements related to the implementation of PNRR and the oversight of PA’s digital transformation commitments.

The 8 guiding principles in the plan are:

  • digital and mobile first for serviceswhich must be accessible only with digital identity systems defined in the legislation, which as a minimum ensure access via SPID;
  • cloud first (cloud as the first option): public administrations, when defining a new project and developing new services, primarily use the cloud paradigm, taking into account the need to prevent the risk of lock-in;
  • inclusive and accessible services that they meet the different needs of people and individual territories and are interoperable by design so that they can operate in an integrated state and without interruption throughout the internal market by revealing the relevant APIs;
  • security and privacy by design: Digital services must be designed and delivered in a secure manner and guarantee the protection of personal data;
  • user-centered, data-driven and agile: Administrations develop digital services that provide agile methods for continuous improvement, based on the user experience and based on continuous measurement of performance and use, and make relevant digital public services available across borders according to the cross-border urban design principle
  • only once: Public administrations must avoid asking citizens and businesses for information already provided. For example. the register certificates, which can now be downloaded from ANPR, must not be returned to the PA offices, but only to private individuals.
  • public data a common good: public administration information assets are a fundamental asset for the country’s development and must be valued and made available to citizens and businesses in an open and interoperable form;
  • open codePublic administrations should prefer the use of open source software, and in the case of software developed on their behalf, the source code should be made available.

Leave a Comment