Make better use of data
Use data more effectively by improving your technology, infrastructure and processes.
To meet point 10 of the Technology Code of Practice (TCoP) your plans must show you’ve considered:
- how you will manage data throughout its lifecycle
- if any data you need is already available in government in part or in full
- how you collect and use data to continually improve your services
- how you can make your data accessible across government
- how the public can access your data
- how you will meet any relevant regulations
If you’re going through the spend control process you must explain how you’re trying to meet point 10.
The Central Digital and Data Office is currently collecting feedback on the Technology Code of Practice. The aim is to improve the content and make sure it meets user needs. If you want to add your feedback, please complete this short survey.
How making better use of data use will help your programme
Your programme will benefit from:
- saving time and money, by reusing open data that is already available
- reducing the risk of error and fraud, such as using standard identifiers for properties and streets to catch invalid addresses
- infrastructure and services containing consistent information
- a more consistent experience for citizens when they use government services online, which builds trust
- only collecting the data you need and only collecting it once
- making datasets interoperable to make data easier to share within your organisation and across other government organisations
Follow the required data regulations
When using data you must follow the Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR).
Make sure you only hold data for specified purposes and consider the:
- Data Ethics Framework when considering ethical issues around using and assessing data
- Open Data Principles
- ICO’s Data Protection Impact Assessment when assessing if you’re following GDPR
- UK Digital Strategy
- the National Cyber Security Centre’s Protecting bulk personal data guidance
- point 9 of the Service Standard on creating a secure service
Plan how you will manage your data throughout its lifecycle
Make sure your data is not dependent on the lifecycle of your technology or service. Define and manage your data’s lifecycle and storage in line with the rest of your organisation’s data estate so that you can continue to use the data for as long as you need it.
Consider using open standards to make sharing and reusing data easier. You should aim to make any of your data associated with your technology or service reusable by other government organisations. This does not include data that falls under GDPR rules or highly classified data.
Choosing the right technology, processes and training
You will need to choose the right data tools for collecting, storing, analysing, sharing and retiring data. Your choice should take into consideration the skills and capabilities you have within your organisation.
You should make sure your data collection practices meet user needs. You should also make sure your data tools and infrastructure are scalable and encourage collaboration.
Your data tools and infrastructure should:
- be understandable and accessible to staff who need to use them
- help ensure your data is current and accurate
- meet security requirements
Also consider whether your business processes include:
- training for staff
- recording the data you have and how you share it
- planning for data use across technology and services
- standardising data after collection so it’s easier to make it interoperable
- a purchasing strategy which considers the total cost of a technology tool or service through its full lifecycle
- automated decision making using the Ethics, Transparency and Accountability Framework for Automated Decision-Making
Agreeing and exiting supplier contracts
When you are using a supplier, you should make sure the contract provides you with access to all your data. Your contract must also specify the exit and renewal arrangements for your data. This includes making sure the supplier returns your data:
- in an open data standard format from the underlying database
- through an API that follows the API technical and data standards
If you are agreeing a contract of over £20 million, the supplier must provide this API, as outlined in the Model Services Contract guidance.
Storing and standardising your data
The Government’s Data Standards Authority and the Open Standards Board have approved a number of open standards for data for use by the government. Where possible and appropriate, you should use these standards to make it easier to analyse data and share it with other departments.
You should use the API technical and data standards and consider:
- where you will store your data and whether the location meets your organisation’s security requirements
- having a cloud hosting strategy
- making sure your chosen technology is scalable and adaptable for changing requirements
- making sure your data has audit trails that show how individual data records are accessed and updated
- how your organisation uses data and how easy it is to scale areas such as storage to meet your needs
Publishing and sharing your data
Follow the Data Ethics Framework to make sure you’re using data based only on user needs.
Where possible you should work in the open and publish your data. If you plan to publish data, you should consider how you will follow the:
- Open Data Principles to ensure your data is open by default
- government metadata standards to improve data sharing across government
- Information Commissioner’s Office Code of Practice for data sharing to ensure you make the right decisions when sharing personal data
- API technical and data standards and the API design guidance when developing an API to publish your data
- guidance on managing your data for access and reuse
You should also consider:
- using Open Standards to make any future data analysis easier, and where appropriate, share data with other departments
- where you publish your data
- how you can share your non-sensitive data to help minimise duplicate data sets
- what data tools and infrastructure you need to keep pace with user needs and encourage collaboration
Archiving, deleting or renewing data
You should only keep data for as long as necessary. You will need to put a process in place to help you decide when to update, delete, retire or archive your data. You should have processes to:
- decide when it is right for your organisation to retire or archive data
- decide what data you can delete and replace with new or updated data
- meet the GDPR requirement to delete an individual’s data on their request
- securely delete data when it’s no longer needed
Next: Technology Code of Practice Point 11 - Define your purchasing strategy
Policies and guidance available includes:
- Government technology standards and guidance
- Data Ethics Framework
- Publish and use government’s open data
- Unlocking the power of data in the UK economy and improving public confidence in its use - part 7 of the UK Digital Strategy
- Making better use of data - part of the Government Transformation Strategy 2017-2020
- Government transformation strategy - better use of data
- EU General Data Protection Regulation (GDPR)
- Data Protection Act 2018
- API technical and data standards
- Local Government Association - better use of data
- Open Standards for government data and technology
- Open data principles
- Digital Economy Act 2017 part 5: Codes of Practice
Last updated 31 March 2021 + show all updates
Addition of a temporary research survey to get user feedback on the Technology Code of Practice.
Updated content to align with the Data Standards Authority.
This guidance has been updated based on user research and cross-government feedback.
Addition of content about audit trails