7. Create a secure service

Why it’s important

Services must protect sensitive information, privacy, and keep data secure. Evaluate what data your service will be collecting, storing and providing, and consult with experts about security level, privacy concerns, and risks associated with the service.

What to consider

  • Does the service collect, use or share personal information about the user? How is the user notified? How does a user access, correct, or remove personal information?
  • Does it collect more information than necessary? Could the data be used in ways a user wouldn’t expect?
  • Have you conducted a risk assessment on the information system and the data?
  • How is the service tested for security vulnerabilities? How often?

Toolkit: Principles and practices worksheet
Capture info as you work through each of the principles.

Contact us
Get in touch with the DoIT Interoperability Team to start your interoperability project.

Dig deeper into this principle

The Office of Cybersecurity can help you with security, legal responsibilities, privacy concerns and risks associated with the service.

Please send feedback to the DoIT Interoperability Team. We welcome your input!