What prerequisites must be met for the development of proactive e-services?
When discussing the creation of proactive e-services, it is vital to understand the maturity level of your organisation in providing services. The narrative may vary by country and organisation. On the one hand, we can talk about the next step for an already mature digital society in adopting e-services. On the other hand, and in contrast, we can discuss the development path of the digital society with low maturity that it must undergo.
This article starts from the perspective of low maturity and addresses the basic prerequisites for the creation and development of e-services, aiming ultimately to achieve proactive event-based services.
Public services can be provided as over the counter services, meaning the customer physically turns up, completes an application, submits additional documents, and an official verifies their identity. If all goes well, they receive the value associated with the service (e.g, child benefit or a suitable date for marriage registration).
On the other hand, services can be delivered using digital channels where direct contact with the customer is minimal, and the individual's intention is verified through a digital application. Value is provided after the application is approved.
Proactive services take the digital service a step further and assume that the customer wishes to receive a benefit, even if they are not yet aware of it. For proactive services, the prerequisites for receiving the benefit are checked without the person's explicit intention.
If the conditions are met, the benefit is offered to the customer, and their task is to say whether they wish to accept or refuse it. With proactive services, the effort made by the customer to receive the benefit is eliminated. We have discussed proactive event- based services and the value they bring in more detail in our previous blog article "Proactive event-based services, i.e., the next step in the Estonian digital transformation".
The value propositions of e-services and proactive services are as follows:
- E-service value lies in its independence from physical location. Services can be offered both domestically and internationally. Physical channels won't disappear immediately, and their complete elimination shouldn't necessarily be the goal. However, over time, customers will transition to digital channels. E-services allow both the consumer and provider to save time.
- The value of proactive services lies in greater automation and time savings for both the service provider and the customer. It also eliminates the need for the customer to be aware of the service and to apply for it at the right time. For instance, various supports associated with the birth of a child – the customer no longer needs to seek them out.
We are accustomed to traditional state services where we must initiate contact with the state in regard to the events in our life (e.g., birth of a child, property acquisition, retirement). In Estonia, there's a direction towards developing proactive services, and currently, two proactive event –based services have been established.
The first is the birth of a child, where, upon birth registration, parents are offered benefits and maternity leave. The second is marriage, where, upon expressing the desire, opportunities are provided for establishing property relations, changing names, and choosing a date for marriage registration.
Service Management Maturity Model
In the analysis "Unified Portfolio Management of Public Services", a model was developed to describe the technological maturity of public services.
At the lower levels, the focus is on making service information accessible. As maturity rises, application forms become accessible, and then they can be submitted via email. Moving forward, online forms and self-service portals come into use. It's crucial to note here that proactive services represent the highest level of maturity.
Figure 1. Technological Maturity Model of Public Services (PricewaterhouseCoopers 2014)
When considering the maturity model, it is essential to understand that each lower level creates prerequisites for achieving higher-level maturity. For example, the second level of maturity establishes certain formats that can be seen as standardised datasets.
The fourth level presupposes a system capable of receiving data, while the fifth level turns the procedure entirely electronic. At the sixth level, proactiveness is achieved. It is impossible to skip maturity levels, but they can be navigated more swiftly.
5 Key Preconditions for Creating e-Services
1. Unique Identifier for Individuals and Enterprises
It is crucial to identify whether an individual is who they claim to be. In Estonia, the identifier for individuals is a personal code, and for legal entities, it's a company code. To trust an identifier, there must be a management system in place to ensure that an individual can not have multiple identities and that the unique identifier is reliable.
Ensuring the reliability of the identifier issuance process is crucial. In Estonia, the digital population register holds the identifiers of individuals, while the digital Business Register (including public sector entities) holds that for legal entities.
A lesson from Estonia’s past is that individuals received the unique identifier and they could not opt out. It should also be noted that the identifier is the same for digital and physical realms. The identifier used for individuals in Estonia is based on gender, date of birth, and place of birth. This in turn means that information systems can extract facts about the birth date and gender from the registration code. For legal entities, the identifier is a technical registration code.
2. Digital Authentication
Authentication requires combining several factors that would not be easily stolen by a third party. In Estonia, one such factor is a physical ID card combined with passwords. Alternatives are mobile-ID and Smart-ID. However, authentication can also be based on a collection of a person's biometric indicators - fingerprints, iris images, etc.
Additionally, a technical service is needed to allow people to authenticate using digital devices. Part of Estonia's success was probably the plastic ID card that served as a physical identification tool, but also could be used for digital authentication. The ID card was issued to everyone, including those who might not have acquired it voluntarily. Over time people became willing to try digital authentication, since they already had a tool for it.
The entry barrier for adopting digital authentication must be low. This ensures that over time a significant number of people will engage with the system. In Estonia, an essential push in this direction was when banks abandoned PIN calculators and code cards or imposed significant restrictions on transactions made with them.
This indicated a shift in the entire ecosystem: suddenly, national authentication wasn't just a tool for interacting with the government but it came a natural part of everyday life. Therefore the benefits of authentication reached private sector and citizens.
Digital authentication wasn't just a technical solution; it was supported by the legal framework. Digital actions and signatures of authenticated users were considered to have equal evidential value to those given physically.
3. Data Exchange Layer between systems
The inter-system data exchange layer allows for data sharing between different parties. It's quite likely that a country already has procedural systems in place before the introduction of this exchange layer. Taking Estonia as an example, almost all systems that were created before the advent of the exchange layer had to be overhauled.
Otherwise, it wouldn't have been possible to achieve compatibility. Having the exchange layer before creating procedural systems allows to take into account the interoperability requirements form data exchange layer.
Creating a data exchange layer is a technical task, and it's relatively straightforward. A significantly more complex problem is the knowledge about existence and format of information available through data exchange layer. This issue has not been completely resolved in Estonia. As the number of systems integrated with the exchange layer increases, so does the volume of available datasets.
In state-commissioned service design and analysis projects we have quite often mapped the data of other institutions systems to determine if we could use it for project in question.. Ideally the information about available datasets should and ought to be centrally accessible without additional mapping effort. This does not mean that data itself should be always freely available but the knowledge about datasets is vital.
Although Estonia has established RIHA (Administration system for the state information system) for this purpose, it does not fulfil its intended goal because the information it contains is either incomplete or outdated. Although it must be noted that the work on it is ongoing. This lack of insight into existing data makes it more leads us back to the principle of submitting data only once.
Without knowing whether the relevant data already exists, the same data is repeatedly requested from customer. For instance, in Estonia, there was project called Analysis of 20 e-services. During it we organised a workshop with service owners and during it they discovered that they gathered quite a lot of overlapping data for their surprise.
From a legal standpoint, the issue of consent must also be resolved. How can you determine whether it's permissible to ask for certain data to initiate a service, without the individual's consent of even the knowledge about the public service? Theoretically it can be based on individual’s anticipated will.
It means that it would be logical to assume that if person is aware of a value provided by public service, they would like to have it. This approach is actually supported by GDPR but not widely used. Nonetheless, in Estonia, a data event is legally an undefined term, which somewhat complicates the creation of event-based services.
4. Sector-specific Base Systems
By this, we mean the initial systems that are integrated with the data exchange layer to provide services or data. In the context of Estonia, we find two primary systems significant:
- Population Register – in Estonia, individual's details are stored in the Population Register. This encompasses names, unique IDs, addresses, power of representation, familial relationships, and other connections between individuals. This data is necessary to start offering e-services targeted at individuals and for creating an authentication system.
- Business Register – essentially the counterpart to the Population Register but geared towards legal entities. If a country's focus is to be a corporate hub a destination where businesses move their headquarters, this is one of the central systems to start offering services for legal entities. Usually there needs to be a link to the Population Register to maintain information about business owners, shareholders, and key persons.
5. Self-service System
Self-service can be viewed from multiple perspectives. Here, we discuss systems and business services that ensure trust and transparency.
The development of business services should align with the country's objectives. For example, if the nation wishes to become an international hub for company headquarters, higher priority should be given to business-targeted services. If the aim is to improve people's lives, then social sector systems impact the most individuals.
As the number of e-service providers increases, individuals lose track of which parties are accessing their data and for what purposes. Trust is a fundamental prerequisite for individuals to share their data with state and to use e-services.
Trust must be earned over time via transparency and and continually demonstrated.
Consideration should also be given to the fact that increased transparency can cause discomfort to those who exploit its absence. For example, if an individual is receiving the same social benefits from multiple municipalities, with the advent of transparency, this can be identified and thus, the benefits revoked.
Regardless of the primary focus of development, subjects should be provided an overview of e-services offered by the state and municipalities. In Estonia, a national portal was once created for this purpose where municipal and state services could be found.
Once business services are realized in the first self-service information systems, the fifth maturity level or fully automated e-service level is achieved. Then, in theory, there's readiness to progress to the sixth level of proactive public services.
Summary
Let's wrap up the article with a checklist of significant factors to consider if you're planning to create proactive event services:
- Event- based services are not an end in themselves but should stem from a business need. In some respects, they're about convenience, sparing the subject from spending more time and needing to know about the service's existence.
- Proactive services are reached gradually as maturity grows.
- For the creation of event-based services, both individuals and legal entities subjects need to be uniquely identifiable.
- There needs to be a trustworthy authentication system to offer digital services.
- To create event-based services, there's a need to exchange information from different sources through the data exchange layer without necessarily asking the subject’s consent.
- Sector-specific systems making basic data available for other systems must exist.
- A proactive public service is an advanced digital service and presupposes a reasonably high standardization level.
- Legal framework needs to change and keep a pace with the growing complexity of public services.
- If you're keen on developing proactive event-based services, we recommend reading our earlier blog post titled "Proactive event-based services, i.e., the next step in the Estonian digital transformation."