dazzaji · December 21, 2015 02:59
diff --git a/gistfile1.html b/gistfile1.html
 DRAFT UNREVIEWED City of Boston Open and Protected Data Policy  UNREVIEWED DRAFT 

 <h1>I Open Data </h1>

 This policy is authorized by and exists to effectuate the City of Boston Executive Order on to Open Data and Protected Data Sharing.  This policy shall remain valid and effective unless and until it is repealed or amended.  

 <p>

 This policy is intended and shall be construed to promote realization of the public policy commitment by the City of Boston to Open Government as a key means for enabling public participation, transparency, collaboration and effective government, including by ensuring the availability and use of Open Data, appropriate security and sharing of Protected Data, effective use of Identity and Access Management and engagement of stakeholders and experts toward the achievement of Open Government.

 <p>

 The City of Boston Chief Information Office (CIO), in consultation with City departments, is authorized and directed to develop and issue this policy.  
 
 <p>

 All Departments shall publish their public record data sets on the City of Boston open data portal to the extent such data sets are determined to be appropriate for public disclosure through this portal and method.  

 <p>

 The Open Data Manager of City of Boston is responsible for publication of Open Data-Set in accordance with this Policy. The Open Data Manager shall identify Open Data of or held by City of Boston and facilitate the preparation, loading, approval and publication of said data through the data.City of Boston.org.  

 <p>

 In addition or in the alternative to publication via the City of Boston open data portal, Departments may, if appropriate and consistent with API, format, accessibility and other guidance, publish public record data through other methods including third party systems, partner governmental systems or other avenues presenting special value, efficiency or effectiveness. 

 <p>

 The Legal Counsel of City of Boston is responsible for determining whether publication of said data is permitted or prohibited.  

 <p>

 The data owner, data custodian or other data steward of City of Boston shall cooperate with and provide to the Open Data Manager a) a batch file of, online access to or other method of transmission of said data in preparation for publication, b) description of the syntax, structure and semantics of said data, c) description of other interdepedent. high value or especially relevant data sets, if any, and d) the key populations, organizations or individuals for whom publication of said data is important, including to the extent reasonably feasible, the names, contact information and mannor of relevance for the key stakeholders.

 <p>

 The Open Data Manager shall document and publish conspicuously with said data any information arising from items a, b and c from the preceding sentence and any relevant stipulations arising from the following sentence, in order to provide data accessors a basis making inform assumptions about, access to salient parts of and analysis upon said data.    

 <p>

 Within a reasonable period from the date of request by the Open Data Manager for approval to publish said data, Legal Counsel shall approve, approve with stipulations, request further information or prohibit publication.  

 <p>

 The Open Data Manager shall ensure no data is published unless and until approved by Legal Counsel and shall publish as soon as practicable in accordance with approval by Legal Counsel.  

 <p>

 The Open Data Manager shall notify Legal Counsel of any material change in the data or circumstances that may impact the basis upon which approval was provided and in any event shall cooperate with Legal Counsel to ensure a full review of the approval status for such data is conducted no less than once every 24 months.  

 <p>

 The Legal Counsel may require granular and frequent publication approval or may provide standing approval authorizing publication of said data without additional subsequent express approval, subject to such permissions, restrictions, scope or other stripulation as appropriate.  

 <p>

 The Open Data Administrator shall maintain a running manifest of all data published, stipulations applicable to such data, if any and other data that is in the process of preparation for approval and publication or that has been prohibited to be published and shall publish for internal access within City of Boston the contents of said manifest.

 <h1>II Protected Data </h1>

 1. Stub: applicable to non-public data, such as health data, educational records and other protected data; 

 <p>

 2. Management of Protected Data, i

 <p>

 A. Security and Controls for safeguard Protected Data, 

 <p>

 B. Identity and Access Management 

 <p>

 C. Required sharing of Protected Data with Authorized Parties upon the Grant of Consent or by operation of law or when otherwise so required; 

 <h1> III Approval by Counsel </h1>
 3. Method of approval by the Corporation Counsel of the City of Boston related to Protected Data disclosed in accordance with the Policy.

 <h1> IV Advisory Panel </h1>

 4, [Regional?  Cross-Boundary?  Metro-Boston?  Municipal?] Open Government Advisory Panel 

 <p>

 Stub: The City of Boston CIO is authorized and directed to establish a Municipal Open Government Advisory Panel consisting of experts, thought leaders and key stakeholders for the purpose of proposing options for the implementation of policies and practices provided, arising under or related to this Executive Order.  Said Panel may provide feedback on drafts of policies and practices upon request of the CIO. 

 <h1> V Disclaimer </h1>

 5. This Policy and associated Guidance or other materials are not intended to diminish or alter the rights or obligations afforded under the Massachusetts Public Records Law, Chapter 66, Section 10 of the Massachusetts General Laws and the exemptions under Chapter 4, Section 7, Paragraph 26.  Additionally, this Executive Order is intended to be interpreted consistently with Federal, Commonwealth, and local laws and regulations regarding the privacy, confidentiality, and security of data.  Nothing herein shall authorize the disclosure of data that is confidential, private, exempt or otherwise legally protected unless such disclosure is authorized by law and approved by the Corporation Counsel of the City of Boston.  

 <h1> APPENDIX: KEY TERMS </h1>

 ATTACHMENT:  Roles, Glossary, Key References... 

 <p>

 Actors: Open Data Manager; Legal Counsel; Data Steward; 

 <p>

 Action: Approval or Prohibition to Publish Open Data-Set; Publication of Open Data-Set; Internal Publication of Data-Set Publication Manifest

 <p>

 Approver: Legal Counsel;

 <p>

 Authoritative: Authoritative sources of law upon which this policy is based are [e.g. the rules process governing publication or prohibiting disclosure of public records: http://www.sec.state.ma.us/pre/prepdf/guide.pdf ] 

 <p>

 ====
 <h1> APPENDIX II: Guidance and Practices </h1>

 Departmental Guidance on Classification of Data Sets 

 <p>

 Public Records 

 <p>

 Open Data 

 <p>

 Protected Data 

 <p>

 Reporting Data classification to the CIO.  

 /END/
	DRAFT UNREVIEWED City of Boston Open and Protected Data Policy UNREVIEWED DRAFT

	<h1>I Open Data </h1>

	This policy is authorized by and exists to effectuate the City of Boston Executive Order on to Open Data and Protected Data Sharing. This policy shall remain valid and effective unless and until it is repealed or amended.

	<p>

	This policy is intended and shall be construed to promote realization of the public policy commitment by the City of Boston to Open Government as a key means for enabling public participation, transparency, collaboration and effective government, including by ensuring the availability and use of Open Data, appropriate security and sharing of Protected Data, effective use of Identity and Access Management and engagement of stakeholders and experts toward the achievement of Open Government.

	<p>

	The City of Boston Chief Information Office (CIO), in consultation with City departments, is authorized and directed to develop and issue this policy.

	<p>

	All Departments shall publish their public record data sets on the City of Boston open data portal to the extent such data sets are determined to be appropriate for public disclosure through this portal and method.

	<p>

	The Open Data Manager of City of Boston is responsible for publication of Open Data-Set in accordance with this Policy. The Open Data Manager shall identify Open Data of or held by City of Boston and facilitate the preparation, loading, approval and publication of said data through the data.City of Boston.org.

	<p>

	In addition or in the alternative to publication via the City of Boston open data portal, Departments may, if appropriate and consistent with API, format, accessibility and other guidance, publish public record data through other methods including third party systems, partner governmental systems or other avenues presenting special value, efficiency or effectiveness.

	<p>

	The Legal Counsel of City of Boston is responsible for determining whether publication of said data is permitted or prohibited.

	<p>

	The data owner, data custodian or other data steward of City of Boston shall cooperate with and provide to the Open Data Manager a) a batch file of, online access to or other method of transmission of said data in preparation for publication, b) description of the syntax, structure and semantics of said data, c) description of other interdepedent. high value or especially relevant data sets, if any, and d) the key populations, organizations or individuals for whom publication of said data is important, including to the extent reasonably feasible, the names, contact information and mannor of relevance for the key stakeholders.

	<p>

	The Open Data Manager shall document and publish conspicuously with said data any information arising from items a, b and c from the preceding sentence and any relevant stipulations arising from the following sentence, in order to provide data accessors a basis making inform assumptions about, access to salient parts of and analysis upon said data.

	<p>

	Within a reasonable period from the date of request by the Open Data Manager for approval to publish said data, Legal Counsel shall approve, approve with stipulations, request further information or prohibit publication.

	<p>

	The Open Data Manager shall ensure no data is published unless and until approved by Legal Counsel and shall publish as soon as practicable in accordance with approval by Legal Counsel.

	<p>

	The Open Data Manager shall notify Legal Counsel of any material change in the data or circumstances that may impact the basis upon which approval was provided and in any event shall cooperate with Legal Counsel to ensure a full review of the approval status for such data is conducted no less than once every 24 months.

	<p>

	The Legal Counsel may require granular and frequent publication approval or may provide standing approval authorizing publication of said data without additional subsequent express approval, subject to such permissions, restrictions, scope or other stripulation as appropriate.

	<p>

	The Open Data Administrator shall maintain a running manifest of all data published, stipulations applicable to such data, if any and other data that is in the process of preparation for approval and publication or that has been prohibited to be published and shall publish for internal access within City of Boston the contents of said manifest.

	<h1>II Protected Data </h1>

	1. Stub: applicable to non-public data, such as health data, educational records and other protected data;

	<p>

	2. Management of Protected Data, i

	<p>

	A. Security and Controls for safeguard Protected Data,

	<p>

	B. Identity and Access Management

	<p>

	C. Required sharing of Protected Data with Authorized Parties upon the Grant of Consent or by operation of law or when otherwise so required;

	<h1> III Approval by Counsel </h1>
	3. Method of approval by the Corporation Counsel of the City of Boston related to Protected Data disclosed in accordance with the Policy.

	<h1> IV Advisory Panel </h1>

	4, [Regional? Cross-Boundary? Metro-Boston? Municipal?] Open Government Advisory Panel

	<p>

	Stub: The City of Boston CIO is authorized and directed to establish a Municipal Open Government Advisory Panel consisting of experts, thought leaders and key stakeholders for the purpose of proposing options for the implementation of policies and practices provided, arising under or related to this Executive Order. Said Panel may provide feedback on drafts of policies and practices upon request of the CIO.

	<h1> V Disclaimer </h1>

	5. This Policy and associated Guidance or other materials are not intended to diminish or alter the rights or obligations afforded under the Massachusetts Public Records Law, Chapter 66, Section 10 of the Massachusetts General Laws and the exemptions under Chapter 4, Section 7, Paragraph 26. Additionally, this Executive Order is intended to be interpreted consistently with Federal, Commonwealth, and local laws and regulations regarding the privacy, confidentiality, and security of data. Nothing herein shall authorize the disclosure of data that is confidential, private, exempt or otherwise legally protected unless such disclosure is authorized by law and approved by the Corporation Counsel of the City of Boston.

	<h1> APPENDIX: KEY TERMS </h1>

	ATTACHMENT: Roles, Glossary, Key References...

	<p>

	Actors: Open Data Manager; Legal Counsel; Data Steward;

	<p>

	Action: Approval or Prohibition to Publish Open Data-Set; Publication of Open Data-Set; Internal Publication of Data-Set Publication Manifest

	<p>

	Approver: Legal Counsel;

	<p>

	Authoritative: Authoritative sources of law upon which this policy is based are [e.g. the rules process governing publication or prohibiting disclosure of public records: http://www.sec.state.ma.us/pre/prepdf/guide.pdf ]

	<p>

	====
	<h1> APPENDIX II: Guidance and Practices </h1>

	Departmental Guidance on Classification of Data Sets

	<p>

	Public Records

	<p>

	Open Data

	<p>

	Protected Data

	<p>

	Reporting Data classification to the CIO.

	/END/