Throughout the COVID-19 pandemic, agencies have had to adjust to working in remote environments and understanding the impact of the health crisis to make data-driven decisions. The Department of Health and Human Services (HHS) has worked to leverage data as a strategic asset to ensure the government continued to operate.
“With COVID I think that really kicked us off in terms of understanding a lot of our areas that we do need to address with respect to data,” said HHS Office of the Secretary CISO Kamran Khaliq during the Splunk Gov Summit today.
“In the beginning of COVID, we realized that we really need to have all the data sets, all the data points out there. So, we set up some systems to identify data, open data throughout the United States at this, this included local government, city, state, and any other jurisdiction out there within the United States that had a website, had data that was open, available.”
HHS, Khaliq said, had to learn how to operate outside of the organization during the shift to telework and figure out how to securely share files and sensitive data. This included access management with external partners including tribal entities, territorial entities, state and local governments, nonprofits, health associations, and “essentially anyone that was involved in the healthcare field” that HHS needed to be able to access its system login and “appropriately gain access” to the amount of data that [HHS] needed access control.
“One thing that we did identify with collecting of data and data sharing is that we didn’t necessarily have the means or the functions to coordinate and work with folks outside of HHS,” said Khaliq. “So, our identity management really was in place to support and serve as HHS employees and agency contractors within our network boundary. We really needed a means to allow authentication identity management of our external partners that were working on COVID response.”