CITO juggling ICT on one foot, on a wall

Information & Communication Technology

Australian Access Card - Needs a Governance Framework

Marghanita da Cruz

The Australian Access Card has been proposed as a way to reduce fraud in the Publically (Government) funded Health and Welfare payment system. These payments are for medical and hospital services to Australian Residents and War Veterans as well as direct and income tax related welfare benefits. The welfare benefits include child support, private health insurance rebates, transport and other concessions, accomodation rental assistance, disability and low or no income support benefits.

The stakeholders changing and diverse interests will need to be balanced in order to acheive the objectives of this project. A budget of around $1billion dollars has been identified and will require a very effective governance framework to manage the risks associated with a project of that scale.

AS8015 Australian Standard for Corporate Governance of ICT provides a high level framework - of a model principles and vocabulary which if adopted would provide a good foundation for effective governance of the project.

KPMG Access Card Business Case - Public Release states that "KPMG consulted extensively in the preparation of this business case. We found widespread support for the introduction of smart card technology and the corresponding changes to registration and improved standards for POI."

Though this document includes a risk analysis and mentions the Australian Standard 4360, it does not elaborate on the mechanisms it will adopt to mitigate the risks. It also raises the spectre that if the smart card is not implemented the risks are far greater. However, it makes no mention of evaluating or comparing the proposed smart card solution to others - including simplification of the current benefit scheme.

Simplifying and Rationalising the current schemes would provide two benefits - it would increase the chances of successfully implementing a new system and it would also reduce "leakage" from processing errors - some of which no doubt arise from confusion in the minds of the recipients as well as those processing claims.

AS8015 proposes a model of ongoing monitoring-evaluation-direction of ICT projects against changing business needs and pressures. This needs to be done at the highest level as it requires comprehensive knowledge and perspective of the environment in which the project is operating.

Metrics are critical for the effective governance - they provide both guidance on objectives as well as an indication when these objectives are not being acheived and action is required.

AS8015 provides six principles for good governance of ICT, some are already being tested:

  1. Establish Clearly Understood Responsibilities for ICT
  2. Plan ICT to best support the organisation
  3. Acquire ICT validly
  4. Ensure that ICT performs well, whenever required
  5. Ensure ICT conforms with formal rules
  6. Ensure ICT respects human factors

There has already been speculation that the estimated cost of the project is too low - which questions the validity of any acquisitions. The cross city tunnel and 10 year appeal and cross appeals in the Unisys vs RACV are just two examples of Government and IT projects, where the contractual arrangements with suppliers have ended in protracted court cases.

The proposed project will cross agency as well as state and federal government boundaries. Without clear allocation of responsibilities the project could easily deteriorate into a political football, at Tax Payers expense.

Usability of the proposed system is another signficant issue and simplification could provide invaluable benefits here too. If savings are to be derived from recipients accessing funds through ATMs, noting that currently most benefits are paid directly into bank accounts, then uptake may take some time and any savings from face to face contact may take longer to realise. There is ofcourse the need to cater for the situations where recipients are not capable of using the technology directly. It has also been suggested that the system could assist in disaster management, though this possibility would be reliant on the systems remaining operational and the victims having their access cards with them.

While the amalgamation of 17 cards would appear to provide obvious efficiencies - whether smart card technology is the best solution, the processing systems can be adapted cost effectively and the privacy concerns can be addressed satisfactorily is yet to be demonstrated.

More Information

  1. Backlash fear sparks ID card rethink, March 16 2007
  2. Parliament of Australia:Senate:Committees:Finance and Public Administration Committee:Human Services (Enhanced Service Delivery) Bill 2007 [Provisions], 15 March 2007
  3. New boss in ID card rush, 13 March 2007
  4. A new tool to fight welfare fraud in Australia, 2 February 2007
  5. Your data private? Access all areas is on the cards, Tanya Plibersek, December 27, 2006
  6. Link Mailing List - See Archive for May/June/July... 2006
  8. Volume 44 - ACSW Frontiers 2005, Remote Revocation of Smart Cards in a Private DRM System
  9. ACS Australian Column, Tuesday 28 February 2006, PHILIP ARGY
    Are Australians ready for a national identity card? If so, how might it look?
    These are questions the Federal Government must answer as it seeks solutions to the growing cost of identity crime and new tools in the war against terror.
  10. Card for a crisis,The Daily Telegraph, Sydney. June 29, 2006
  11. Germany's team, 21 Jun 2006, Philipp Gr�tzel
    The German health IT industry is increasingly shifting its focus away from its faltering national smartcard programme towards regional electronic health record
  12. Consumer Privacy Taskforce
  13. Hockey hits out at smartcard critics, laggard banks, Rodney Gedda, Computerworld,28/06/2006 12:36:15
  14. New card same as Australia Card, Karen Dearne and James Riley,JUNE 13, 2006,The Australian
  17. KPMG (2006) Health and Social Services Smart Card Initiative, Vol 1: Business Case (Public Extract), released 6 June 2006
  18. Smart card could access Govt payments through ATMs: Hockey ABC News
  19. During 2004-06, a project was running that was intended to convert Medicare cards from magnetic-strip to smartcard technology.
    The Minister also signalled the possibility that the Medicare card could then also work as a more general "government services card", for example for accessing social security benefits through Centrelink, or for storing or accessing a consolidated health record.
  20. Smart Card Summit Transcript - The Government's vision for a Single Health and Social Services Smartcard
  21. Aust Parl Lib: Medicare - Background Brief,issued 9 May 2003; last updated 29 October 2004
  22. Aust Parl Lib: HIH Insurance Group Collapse E-Brief: Online Only issued Date 29 November 2001
  23. ERG Transit Systems
  24. Hong Kong Smart Card System - Information on the Hong Kong Smart Card System provided by AESPRODATA, the Railroad-Technology Journal and MTR Corporation.
  25. The Smartcard Driver Licence Interoperability Protocol (SLIP) Working Group reports to the Austroads Registration and Licensing Task Force. The SLIP Working Group has been given the specific task of achieving smartcard based driver licence interoperability, via the use of appropriate standards and specifications.