The one point of the written agreement that I'm not sure about or that I would put as a question to you to think about is that when information-sharing practices are set up, it seems to me that it's not just about having an agreement in place that you write up: you're going to have some technical tools for dealing with the data, especially if you're dealing with large amounts of data that you're sharing in different ways, so what's the oversight for the technical system that you're setting up?
The written agreement seems like an advance over what the situation is now. I agree with the Office of the Privacy Commissioner's submissions on that point, but isn't there also oversight of the technical infrastructure that we're creating? How do you make sure that it is reviewed properly as well, and in a transparent manner? That is something to think about.