Sri Lanka navigating digital ID transition through governance and robust framework

Before the Sri Lanka Unique Digital ID project transitioning from planning to implementation at scale, it is essential to establish a comprehensive framework encompassing governance, legal, technical, and operational readiness, according to Deputy Minister of Digital Economy Eranga Weeraratne.

“Clear governance and accountability must be defined, with specific roles assigned to the Disaster Recovery Plan (DRP) as the custodian/controller, GovTech Sri Lanka for technical delivery, and established escalation paths for whole-of-government coordination under the Ministry of Digital Economy,” Weeraratne told Biometric Update.

He emphasized that legal and policy instruments should be thoroughly completed, addressing essential areas including privacy, purpose limitation, data retention, governance of sharing and integration, mechanisms for citizen redress, and protocols for enforcement.  “The technical architecture must be approved, incorporating security and data protection measures, a system resilience framework that includes disaster recovery and business continuity planning, and conformity with explicit acceptance criteria and testing plans covering security, performance, interoperability, and operational readiness.”

He also noted that an operational model must be developed, specifying enrollment and validation workflows, standard operating procedures, staffing and training plans, device and connectivity readiness, and support and incident response procedures. “Additionally, a validated data migration strategy is necessary, ensuring data quality readiness, a cutover and coexistence approach during the transition, and a phased roll-out plan with measurable milestones and timelines.”

Article Topics

biometrics  |  cybersecurity  |  data protection  |  digital government  |  digital ID  |  SL-UDI  |  Sri Lanka