First published by Local Government Lawyer, 17 March 2016
Public sector organisations are under huge pressure to deliver the same, or even more, services for less. This often means that difficult decisions need to be made and sometimes innovative solutions are disregarded in favour of 'risk free' traditional routes.
Rather than closing the door to different approaches, which may be considered expensive or too risky, the need to assess internal IT spend and procurement can provide an opportunity to think differently and embrace change.
Collaborative procurement and system and platform sharing
There is nothing new about public sector organisations working together in procuring common goods and services or shared services; think of procurement hubs, shared back office services and legal services panels as good examples. But these services are often organised on a national or regional basis, which can disenfranchise local providers and organisations.
What can be often overlooked is how the process of collaborative procurement can be employed at a local level in relation to IT and telecoms systems, software and services.
Although a number of national frameworks and procurement vehicles exist for organisations to take advantage of, it is not uncommon to be advising a public sector body on its own procurement of a system or services outside these national vehicles.
This is often due to a number of circumstances, including:
- A belief that the particular system is unique or specific to their circumstances;
- A mistrust of nationwide procurements;
- A need for a rapid deployment, which cannot be operated through reliance on a larger procurement process, gating and operational requirements; and
- A desire for the supplier market to retain individual contracts and customers.
Acknowledging that these concerns are very real and often well founded, public sector organisations are starting to consider collaborating on a more local level either with similar organisations to themselves or across the sector, for example, two local authorities or a local authority and a police force.
There have been some recent examples of where this local collaboration approach has worked well, particularly when it comes to IT and telecoms. The London boroughs often work together to share IT assets, systems and resources in order to save costs and standardise the way in which they work. This is also true of telecoms services where clear categories of services such as broadband connection types can be easily called off from a menu of available services by one or more co-operating local authorities.
When entering into these types of arrangements it is important to bear in mind the following legal and operational considerations so that each organisation steps into the collaboration aware of the basis on which it will best operate.
- Be clear on the relationship between the collaborating organisations from the start – is there a lead organisation and what are the ground rules in working together?
- Decide how the contract structure will operate and clearly demarcate boundaries of responsibility and liability. These arrangements are often frameworks entered into by one organisation from which other organisations can call off as a separate and distinct contract. But this is not the only way to operate a collaborative model.
- Consider the Public Contracts Regulations and the requirements that they impose on the use and creation of framework contracts and who will run the procurement and take the lead role. Each organisation may need to ensure that it has appropriate advice and public procurement law cover under the proposed arrangements.
- Consider whether the lead organisation charges other participating organisations for the administrative effort involved in being the lead or whether the supplier provides the lead organisation with enhanced commercial terms.
- Decide at the outset how the termination and transition of the contract will operate between each of the participating organisations. Also consider whether it is possible for one organisation to terminate independently of the others and whether future plans procurement plans can be align to deliver a controlled exit period.
- Ensure that payment and delivery obligations are clear for each participating organisation to avoid the lead organisation becoming legally or operationally responsible for the delivery of the whole project/service.
- Align contractual expectations and needs early in the process so there is a common approach when negotiating with the supplier.
- Use governance processes effectively by creating joint forums to avoid the lead organisation imposing its views and to encourage ownership by all organisations.
- Seek to standardise software and platforms and use configuration to allow for differences to be delivered.
- Build applications and services with a view to interoperability and open standards from the start.
- Consider output based objectives and services rather than prescribing technology solutions to give the supplier sufficient freedom to deliver in the most effective way it can whilst meeting organisational needs and keep pace with the change in technology.
Collaboration through data
Another area of possible public sector collaboration is in relation to data sharing and analytics. In 2015 a report by Gartner predicted that on a worldwide basis 30% of digital government projects will treat any data as open data by 2018 and that it will take a decade before the projects make the most of the opportunity open data offers.
The real value of data can be difficult to quantify, and therefore justify expenditure, but public sector organisations are a vast collector and repository of a wide range of data sets. This data could not only be shared with public and private organisations through open data initiatives such as data.gov.uk, but could also be more effectively shared with other public sector organisations and services.
Collaboration through data sharing provides great potential for public organisations to work more efficiently within the constraints of limited budgets whilst improving outcomes for public services.
Due to new and more affordable technologies for processing and analysing huge amounts of complex data such as edge analytics and scalable data centre infrastructure, the ability for public sector organisations to make the most of what they have and focus resources as a group of providers is now within reach.
The big question is whether this opportunity will be seized. Often the perception of the legal constraints around use of data puts a paralysing fear into public organisations relating to data protection and compliance. This fear is often not justified, and the legal framework less constraining than you may think. Equally, not all data is equal in the context of the Data Protection Act and sometimes the reaction to all data being personal data can be a misconception which prevents open collaboration.
Some of the legal and practical issues, which should be considered when sharing data across organisations, are:
- Is the data being shared really personal data? The data to be shared should be analysed carefully. This is to identify whether it could be considered personal data under the Data Protection Act or is in fact it operational/statistical information or can be effectively anonymised whilst retaining its usefulness.
- What is the legal basis for sharing data? Public sector organisations may be under a legal requirement to share certain data in any event but if not, they will need to be able to obtain consents or demonstrate a legal justification allowing them to share personal data. This legal basis should be documented so that it can be relied on.
- How will the data be used? The organisations should agree what the data will be used for and by whom and document the data flow and data set that will be shared. Consider the applicability and compliance with the Data Sharing Code of Practice produced by the Information Commissioners Office.
- Have you agreed a data sharing agreement? Agree a formal data sharing agreement between the organisations, which stipulates the conditions of use of the data, how it must be treated/protected and the legal balance of risk between the parties.
- Have the necessary consents been obtained? The collecting organisation will need to ensure that the appropriate consents have been obtained from any individuals whose personal data may be contained within the data being shared. Be clear with those individuals on what the data will be used for and by whom.
- Is the data sharing agreement being effectively managed? Both parties should manage the data sharing agreement, keeping it under review as to the data being shared and the purposes for which it is being used.
- Do both organisations have the necessary information security measures in place? Ensure that appropriate organisational and technical measures are in place within the sharing and receiving organisations to protect the data being shared. Also from a general information security perspective make sure that civic data is being secured appropriately.
- What will the data deletion/retention policy be? Each organisation should review its retention and deletion policies in respect of the data being shared and used. If personal data is being shared how any data subjects will be able to request the information being held.
A willingness to grasp the technological advancements available combined with a change in mind-set to the sharing of data and busting the myths around the legal constraints that may or may not apply, could help to bring the 10-year opportunity window a little bit closer.
This publication is intended for general guidance and represents our understanding of the relevant law and practice as at March 2016. Specific advice should be sought for specific cases. For more information see our terms & conditions.