Information & Ethics committee  That's a good question. I can't think of any risks in terms of adopting a model around sound data governance and sound data management. I believe that by having these controls and these methodologies and processes, you're really setting the government up for a win-win scenario.

Information & Ethics committee  Thank you for that question. It is actually an excellent question, as the importance of change management should not be underestimated as you go from having a traditional service to a digital service. You fundamentally are introducing many new things to an existing set of stakeholders who aren't necessarily aware of how these technologies work, why they should use them and how it is going to impact their lives.

Information & Ethics committee  Are you referring to the risks of adopting a consistent approach?

Information & Ethics committee  Just so I understand, was the question about implementing systems and what are the risks?

Information & Ethics committee  It definitely requires a layered approach from the infrastructure to be able to do this. Having security privacy embedded into that design is really critical. Certainly in the Estonian model there is discussion around the use of blockchain as being a potential opportunity to enable that.

Information & Ethics committee  I totally agree with Ms. Mason. Artificial intelligence and machine learning are technologies that can actually enhance privacy, because they take out that human element. I also would like to reiterate the importance of having that use case and staying very true to the use case.

Information & Ethics committee  I believe doing a pilot makes practical sense for a number of reasons. Just the sheer scale of trying to onboard folks and communicate and educate individuals about what this means would be untenable. In terms of conducting a pilot, however, I would urge that it be on an opt-in basis, for the purpose of developing something with the intention of iterating, so ensuring that you're not trying to bite off everything and be perfect, but just beginning that engagement.

Information & Ethics committee  I believe the concept of sharing intelligence is going to be increasingly important, and sharing intelligence across sectors is going to be something that will be very important to consider. Within various industry sectors there are limitations in terms of information being shared.

Information & Ethics committee  That's an excellent recommendation. Essentially, if you assess once, you can apply it multiple times, and that's an important efficiency play. As I mentioned earlier, Canada Health Infoway has a structure whereby they certify a technology. This essentially enables others to leverage that technology within the health care industry without having to do the same assessment over and over again.

Information & Ethics committee  I just want to make sure I understand the question. It's about the horizon to implement technologies in a safe way. I believe it's an ongoing process, so I don't necessarily believe there's a specific time element tied to this. Technologies are not all on an equal playing field right now.

Information & Ethics committee  Sorry, do you mind if I add to that?

Information & Ethics committee  Symcor provided a submission to that call for papers as well. Our recommendations really came down to what I had outlined earlier this afternoon in terms of recommendations primarily around privacy by design and security by design. As well, we had a framework to assess all actors in that ecosystem, with the concern potentially being vulnerabilities, essentially the weakest link vulnerabilities, so having an appropriate assessment process to ensure everyone in that ecosystem was maintaining at least a minimum level of privacy and security.

Information & Ethics committee  So—

Information & Ethics committee  The term “trusted provider” to me is really that you have a commitment to what your values and standards are right from the get-go, and that you have support from the top of the organization all the way to every layer. Essentially, that's necessary to actually do what you promise to do.

Information & Ethics committee  Absolutely.