CIO Strategy Council Advances National Standards for Responsible Data Sharing

OTTAWA, February 16, 2021 — Organizations have compelling reasons to share data, from improving operational efficiencies and reducing costs to generating new insights and sharpening decision-making. Failure to adhere to responsible data protection and sharing practices, however, can damage the company’s reputation and threaten its viability.

In response, the CIO Strategy Council’s Standards Policy Committee recently approved the development of three new Parts to a series of national standards concerning data governance. It tasked the Council’s Technical Committee on Data Governance to begin its work on developing these new Parts. The new Parts in development include:

  1. Data Governance – Part 7: Operating model for responsible data stewardship (CAN/CIOSC 100-7) aims to specify minimum requirements for the architecture and governance of responsible data trusts, collaboratives, and cooperatives. It applies to the fiduciary stewardship, accountability, and management in the collection and exchange of data.
  2. Data Governance – Part 8: Framework for Geo-Residency and Sovereignty (CAN/CIOSC 100-8) aims to specify the minimum requirements for organizations to protect data and assets that reside in foreign jurisdictions, while taking advantage of global technology ecosystems.
  3. Data Governance – Part 9: Zero Copy Integration (CAN/CIOSC 100-9) aims to specify implementation methods for zero copy integration, sharing, and exchange of data.

Interested parties are welcome to join the Council’s Technical Committee on Data Governance, comprised of 200+ thought leaders, policy makers, regulators, industry leaders, academics, and civil society representatives from coast-to-coast-to-coast.

Last year, the Technical Committee published national standards and specifications including:

  1. Data governance – Part 1: Data protection of digital assets (CAN/CIOSC 100-1) specifies minimum requirements for the data protection of all digital assets at-rest, in-motion, and in-use across platforms (e.g., endpoints, mobile, cloud), facilitating secure sharing and collaboration across different IT systems within and between organizations.
  2. Data governance – Part 2: Third party access to data (CAN/CIOSC 100-2) specifies minimum requirements and a set of privacy controls for third-party access to data. This Standard applies to all organizations, including public and private companies, government entities, and not-for-profit organizations.
  3. Data governance – Part 4: Specification for Scalable Remote Access Infrastructure (CIOSC/PAS 100-4) provides a vendor-agnostic framework and set of characteristics which, when adopted, enable the secure and rapid scale-up of the infrastructure needed to support remote work requirements.

Other standards under development by the Technical Committee are addressing the de-identification of data (CAN/CIOSC 100-3), a capability framework for health data and information (CAN/CIOSC 100-5), and the responsible collection and use of digital contract tracing and monitoring data in the workplace (CAN/CIOSC 100-6).

About CIO Strategy Council
The CIO Strategy Council is Canada’s national forum that brings together the country’s most forward-thinking chief information officers and executive technology leaders to collectively mobilize on common digital priorities. Cutting across major sectors of the Canadian economy – public, private, and not for profit – the Council harnesses the collective expertise and action of Canada’s CIOs to accelerate Canada’s digital transformation. In 2019, the Standards Council of Canada accredited the CIO Strategy Council to develop National Standards of Canada supporting the data-driven economy. Learn more at

About CIO Strategy Council Standards Policy Committee
The Standards Policy Committee governs the Council’s standardization policies, sets standardization priorities and is responsible for coordinating standards development activities by establishing, dissolving and assigning responsibility to technical committees; approving new technical work; determining priorities; and maintaining the Council’s standards policies, procedures and other rules for the technical work.

About CIO Strategy Council Technical Committee on Data Governance
The Technical Committee is responsible for the development of standards and specifications for the acceptable and ethical use of data within and exchanged between organizations, including its availability, collection, usability, consistency, integrity, and security.


For media inquiries:

Katie Gibson
Vice President, Strategy and Partnership
CIO Strategy Council

Share This Article

Scroll to Top

This website uses cookies to improve your experience. By using our website you agree to our Cookie Policy

This website uses cookies to improve your experience. By using our website you agree to our Cookie Policy