Compliance hurdles to data sharing? GenAI offers answers
Regulatory compliance makes establishing governance policies for data sharing tough, but generative AI offers potential, explains Maximus’ James Bench.
No matter your job or the federal organization where you work, data likely affects what you do and how your team — or your agency writ large — achieves its mission objectives.
But challenges arise when it comes to culling and exchanging the right information, whether internally, with other federal or state and local agencies, or even with nongovernment partners and academia.
Despite the government’s work to increasingly use data to inform mission and decision-making, “as far as data sharing goes today, it’s still for the most part fairly siloed,” said James Bench, managing director of technology consulting services at Maximus.
Yes, there’s extensive sharing of data by agencies in some areas, for instance for homeland security efforts to identify potential threats, he acknowledged. “But for a lot of the citizen data — within IRS or the Health and Human Services Department — that data doesn’t tend to be shared very often interagency.”
Bench talked with Federal News Network for our Forward-Thinking Governmentseries about the data sharing challenges that agencies face and offered advice on how agencies can push ahead. Not surprisingly, he sees potential for artificial intelligence paired with current computational power as a smart tactic on the near horizon.
Data sharing and navigating regulatory compliance
Number one among the data sharing challenges agencies face is in addressing regulatory compliance and overall data governance as a whole.
“Different agencies will have various levels of maturity around how far they are along that spectrum,” Bench said.
Agencies in the initial stages of developing data governance programs, particularly those trying to do so on shoestring budgets, find it tougher going as they align their policies with specific compliance requirements, he said. “It’s very hard to put the right controls, processes and regulatory compliance over the data so that you can be really precise about what is allowed to be shared and what cannot be shared,” he said.
Agencies with more mature programs have begun to see the value of very granular approaches to their data, Bench said. For instance, an attribute of data could be the item under regulatory control that can’t be shared. Mature organizations can apply the proper access controls.
“For less mature agencies, it’s often simpler to block sharing the entire dataset because they lack that level of maturity and governance and understanding around how sensitive an element of data is,” he said.
Right now, there are multiple data sharing standards, but he expects that increasingly the government will move to one standard, which will help all agencies in more readily sharing data across organizations.
Until then, agencies need to focus on establishing that approach at least within their own broader enterprise, he recommended. That way, agencies can begin to “make data exchange a little bit easier and a little bit more fluid between systems, and they will understand that this element means the same thing across their systems,” Bench said.
And don’t despair if the agency is in the initial stages. “If you aren’t able to build a full governance team and get everyone who’s required to participate, if you’re not able to do that, then really the first step is do a point-to-point data exchange,” he advised. But do so while planning for a future of broader sharing by picking an exchange model that will scale over time, Bench said.
Data sharing, technology and artificial intelligence
Sweating the regulatory details is frankly more challenging than implementing the technology to enable data sharing, he said.
“There’s good practices around cloud native architectures, microservices to really create data services and then put your policy controls on top of the services themselves to manage the security, the access requests, what information can be exchanged,” Bench said. “I honestly feel like that is the easy part.”
What’s more, the evolution of artificial intelligence combined with cloud and increased computational power will provide agencies a leg up in addressing the hard part: establishing end-to-end regulatory controls.
“There’s really not a lot of limits. Creativity is going to be the limiting factor,” he said. “When we’re putting on the lens of data interoperability, AI could really help enforce those policy rules, help navigate complex data elements, help classify them for you.”
Bench also expects that generative AI large language models will help level the playing field when it comes to data sharing maturity across agencies.
“There’s a world where the AI models can actually understand your regulatory controls and rules and help create the policies and interfaces,” he said. “It would take an agency that isn’t far along on that journey and really put them close to the high end with not a ton of effort.”
Vanessa Roberts crafts content for custom programs at Federal News Network and WTOP. She’s been finding and telling B2B, government and technology stories in the nation’s capital since the era of the “sneakernet.” Vanessa has a master’s from the Columbia Graduate School of Journalism.
Related Stories
OSC launches $1 billion loan program to strengthen industrial base