This section of the guidelines provides a high-level reference point for the management of information security and privacy in social security institutions. The eight guidelines which follow form a starting point from which institutions can develop their own policies and plans, and will assist in addressing the challenges of information security through a consistent and standards-based approach. They are also intended to raise awareness of the security risks to information assets and to indicate how to deal with them.

The institution defines technical standards for interoperability technologies to foster the consistency and compatibility of ICT systems.

The institution develops interoperable shared data services (basic registries) in accordance with the interoperability application model.

Shared data services play an essential role in the implementation of integrated social security systems. This includes the sharing of core social security data. Typically shared is data on benefits granted to beneficiaries, beneficiaries’ family links, employees’ worked periods, salaries and contributions, employers and contracted employees.

The institution implements a strategy on developing information resources that fosters semantic interoperability and mainly consists of metadata systems.

Semantic interoperability concerns the non-ambiguous definition of core concepts used in the institution. It has a key impact on the success and quality of system interconnections as well as on the shared use of common information systems.

The institution defines a service-oriented architecture (SOA)-based model to guide the application of interoperability in the implementation of integrated social security systems.

In order to provide practical benefits to implementation, the model comprises key components such as basic registries and interoperability services.

The institution has a workplan to manage the overall implementation of interoperable social security programmes.

Implementation may depend on prior steps having been achieved, such as developing supporting information systems, signing agreements with other organizations and installing enabling technologies. The workplan should cover all required information resources and products and facilitate economies of scale in implementation.

The institution establishes an interoperability framework to formalize a systematic and standardized approach to the implementation of integrated social security systems.

The framework covers all levels of the organization and specifies the political and legal context, the business processes and concepts involved in interoperability operations, and the technologies used to implement them.

This section of the guidelines provides a high-level reference point for social security institutions applying interoperability techniques. The six guidelines which follow form a starting point from which institutions can develop their own policies and plans, and will assist in addressing the challenges of interoperability through a consistent and standards-based approach. The guidelines canvass the five dimensions of interoperability: political, legal, organizational, semantic and technical. The specific guidelines in this section are:

The institution implements effective and efficient mechanisms for information retrieval and analysis which provide the means to exploit existing data assets, especially to support decision-making.

The effectiveness and efficiency of processes using information will, therefore, strongly depend on the mechanisms to retrieve and analyse the information.