BETWEEN: SSC and Participating Science-Based Departments and Agencies.
(“Participants” are referred to as workspace lead, workspace collaborator, workspace administrator, and workspace data steward.)
November 2024
Federal Science DataHub
The Federal Science DataHub (FSDH) is a robust data solution designed to meet the specific needs of federal scientists and researchers. It is a secure enterprise-level platform that supports world-class data infrastructure and tools, complex analysis and seamless collaboration across the Government of Canada (GC) science community.
Purpose
The Terms and Conditions apply to individual participants’ use of FSDH. The terms form an agreement between Shared Services Canada (SSC) and the participant and include service terms, responsibilities, governance, and support model for the FDSH. The Terms and Conditions is a living document that may need to be adapted to reflect updated legislative requirements and policies, as well as changes in the business environment.
Terms and Conditions
FSDH provides rapid access to scalable data storage and analytics toolsets in the cloud, enabling data management, storage, sharing, and collaboration capabilities for federal scientists. By using the FSDH platform , you agree to the terms set out herein. If updates are required to the terms and conditions of use due to system or policy changes, users will be provided with an updated version automatically, which they will need to accept to continue accessing FSDH.
Users of FSDH are required to conform to the following criteria:
Security classification: The FSDH workspaces are authorized for Unclassified use. “Unclassified” denotes non-sensitive data and information that carries no injury to personal, industry, or government interests if released to the public. It is each workspace lead’s responsibility to ensure all data and information in their workspace is unclassified before uploading it to the FSDH and while using it in the FSDH. Please refer to the following important information security guidelines:
The workspace lead should develop a security categorization report to ensure data or information stored in the workspace falls within the approved security classification. For guidance, please refer to https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=32614. The workspace lead is responsible for consulting departmental security, ATIP and privacy teams for all information or data posted.
Individual security classification: To access the FSDH platform, participants (government and non-government) must hold a valid Government of Canada (GC) security classification of at least Enhanced Reliability. The workspace lead is responsible for ensuring all individuals working in the workspace have a minimum valid GC Enhanced Reliability status. For more information on this, please see: https://www.tpsgc-pwgsc.gc.ca/esc-src/protection-safeguarding/niveaux-levels-eng.html
Roles and Responsibilities: Shared Services Canada (SSC) is the FSDH product owner, and Environment and Climate Change Canada (ECCC) is the FSDH business owner. SSC will develop and maintain the FSDH platform and associated infrastructure. Participating science-based departments and agencies (SBDAs) are responsible for complying with all applicable statutes, regulations, and policies concerning the security and management of GC information, records, resources, and other relevant policies, such as the Policy on Service and Digital. Participating departments must also comply with the roles and responsibilities outlined in the Responsibility, Accountability, Consultation, and Information (RACI) Chart in Annex 1.
Information Management (IM): Participants are responsible for all IM recordkeeping-related activities within the FSDH and, hence, are responsible for ensuring information resources of business value (IRBV) are moved to their departmental official corporate repository(ies). Any data or information within the FSDH workspaces must not be of critical business value. All decisions and decision-making processes that are IRBVs or critical to the business must be documented in the departmental corporate repository and not within the FSDH to account for and support the continuity of departmental operations, permit the reconstruction of the evolution of policies and programs, support litigation readiness, and allow for independent evaluation, audit and review. Participants are responsible for all retention and disposition activities. Participants are responsible for conducting any activities associated with the Access to information or litigation/legal requests made for data or information stored within the FSDH.
Data Management: SSC is responsible for enabling data management capabilities, such as features or tools, to allow participants to manage their data. Participants are responsible for ensuring all data management activities, such as managing data, completing proper metadata, defining proper retention periods, establishing data sharing agreements with partners, storing data of business value in departmental repositories, and backing up their data in accordance with their departmental policies. For further guidance, consult the departmental Data Management or Information Management team.
Legal: The data and information used within the FSDH must comply with all other relevant legal, regulatory, contractual, and policy requirements (e.g., it is confirmed that there are no relevant legal, contractual, or third party policy restrictions or limitations to use the data or information). Participants are responsible for ensuring data and information stored or used within their workspace is free of any litigation hold. If you have any questions, consult the Access to Information and Privacy (ATIP) team and the Legal team within your respective department.
Financial arrangements: The FSDH operates on a cost recovery basis defined during onboarding with the GC Hosting Services portal.
Governance: The FSDH operations will be directed by a director-level committee responsible for providing leadership and guidance for the activities and decisions of the FSDH, approving funding, and establishing strategic directions.
License: The data, information, and source code must respect the appropriate license, and any embargo periods identified with the data or information being consumed/used within the FSDH workspace.
Intellectual property and copyright: The data and information used within the workspace must respect the appropriate copyright and intellectual property rights.
Access to Information: The data or information used within the workspace is not subject to any exemptions or exclusions under the Access to Information Act, or redactions under appropriate sections of the Act that have been applied in consultation with the ATIP teams. If you are unsure whether or not the data or information is subject to any exemptions under the Access to Information Act and/or free of personal information in compliance with the Privacy Act, please contact the ATIP team within your respective department. The workspace lead is responsible for consulting departmental security, ATIP and privacy teams for all information or data posted.
Privacy: The data or information used within the workspace is not subject to any exemptions or exclusions under the Privacy Act, or redactions under appropriate sections of the Act that have been applied in consultation with the ATIP team within your department. If you are unsure whether the data or information is subject to any exemptions under the Access to Information Act, and/or is free of personal information, in compliance with the Privacy Act, please contact the ATIP team within your department for guidance. The workspace lead is responsible for consulting departmental security, ATIP and privacy teams for all information or data posted.
Workspace: Each workspace in the FSDH is a restricted/private space open only to individuals specified by the workspace lead. The FSDH administrators will also have access to workspaces upon approval by the Workspace owner for a limited time period. The workspace lead may also authorize temporary access for the FSDH technical team to provide support.
Authority to Use: The participant has the mandate, legislative authority, or permission from a third-party provider to use the data or information used within their workspace in the FSDH.
Metadata: The participant must complete all mandatory relevant metadata.
Resource Management: The workspace lead and workspace administrator(s) are responsible for resource management of their workspace(s). If processes need to be shut down at night, that is the participant's responsibility.
Support Hours: Support services are available from 8:00 a.m. to 4:00 p.m. Eastern Time (ET). For more information on guidance, refer to the FSDH Operational Service Levels.
Service Level: The Science Program at SSC aims to maintain maximum availability during service hours (Monday to Friday 08:00-16:00 ET). Outside of these times, some server environments may be available for use, although without the levels of support and target response and resolutions as shown. For more information, refer to the FSDH Operational Service Levels.
Official Language: Participants are responsible for ensuring official content and content intended for broad dissemination are provided in both official languages and respect the Official Language Act.
Accessibility: Participants are responsible for the accessibility of the applications and visualizations developed within their workspace in the FSDH. They are responsible for compliance with the Accessibility Act.
Policies: Participants are required to follow and comply with policies, directives, standards, and guidance relevant to the subject area they are working with.
Access Controls: The workspace lead is responsible for granting permissions to their workspace(s) and maintaining access controls to their workspace(s). The workspace lead is responsible for ensuring they are following the guidance provided in Client Guidance to manage the access controls. In addition, the workspace lead is responsible for following their departmental access control procedures and developing additional procedures as needed, including those regarding the use of non-government managed devices. The workspace lead should consult the departmental IT security team to review all access control procedures. Workspace users are also advised that if any portable data storage is used, they must follow the guidance: Portable Data Storage Requirements.
Incident Management: The workspace lead is responsible for reporting incidents concerning their workspaces through their departmental incident reporting process. In addition, the workspace lead is responsible for consulting the departmental IT security team for any incident that occurs in their workspace and to ensure coordination with the SSC FSDH team as required. The FSDH Client Guidance and Portal and Workspace Incident Management SOP outlines the recommended process to ensure proper reporting and coordination.
Virus and Malware Protection: The workspace lead and all users are responsible for running an antivirus scan on data or information files (using the departmental endpoint anti-virus solution) before uploading them to the workspace. If an infected file is detected, it must not be uploaded.
Supply Chain Integrity: The workspace lead is responsible for ensuring that any code utilized in the workspace is shielded from malicious attackers and adopting techniques that ensure code integrity is maintained throughout its lifecycle. Please consult Protecting your organization from software supply chain threats - Canadian Centre for Cyber Security and Securing your software supply chain - GitHub Docs for additional information.
Data Integrity. No data is to be uploaded to the FSDH that contains malware or has originated from a compromised network or come in contact with data from a compromised network unless it has been sufficiently cleansed to IAW CCCS guidelines (scrubbed using a 16 AV engine)
These Terms and Conditions govern your access and use of the FSDH. You represent that you have full authority to accept, and agree to be bound by, these Terms and Conditions, either in your own name or if you are accepting on behalf of the department. By accepting these Terms and Conditions, we grant you access to the FSDH.
SSC retains the right to disable or deactivate a workspace/account from the FSDH that does not comply with the Terms and Conditions. SCC will notify the affected participants and work with them to find a resolution.
Applicable Policies
Policy on Service and Digital: https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=32603
Policy on Government Security: https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=16578
Policy on Official Languages: https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=26160
Annex 1 Roles within FSDH
The following are roles within FSDH, the responsibilities are outlined in Annex 2.
Role | Description |
|---|---|
DataHub Team Member | A role within the DataHub platform, providing administrative privileges to users. |
Workspace Lead | The workspace lead within the department is responsible for: |
Workspace collaborator | The workspace collaborator is invited to the workspace by the workspace lead and is responsible for contributing to the overall project objectives and deliverables to ensure it is successful. They are also responsible for ensuring all guidelines, standards, directives, and policies are followed for the data or information they are working with. |
Workspace administrator | The workspace administrator has management authority within the project and is responsible for administrating and granting access to the workspace. |
Workspace Data Steward | The workspace data steward is invited to the workspace by the workspace lead and is responsible for managing the data within the workspace and is the subject matter expert for the data or information within the workspace. |
Workspace Guest | The workspace lead or administrator invites the workspace guest. The guest only has read access to the applications developed within the workspace. |
Annex 2 Responsible, Accountable, Consulted, and Informed (RACI) Chart
Note(s):
In the following table, ECCC is the business owner, SSC is the product owner and the Participants are Science-based departments using FSDH.
Participants are referred to as Workspace Lead, Workspace Collaborator, Workspace Administrator, and Workspace Data Steward.
Theme | Activity | ECCC | SSC | Participants |
|---|---|---|---|---|
Governance management | Engagement of the governance activities for FSDH. Establishing FSDH operational policies and standards | I,C | A, R | I,C |
Strategic leadership | Providing strategic leadership and direction for FSDH. | R, C | A, R | I, C |
Financial management | Developing and implementing funding model | R,I | A,R | I,C |
Product management | Product management of FSDH such as Incident Management, Product development, Policies & Guidance etc. | C,I | A,R | C,I |
Workspace management | Ensuring workspace is being managed, these activities could include reviewing the cloud consumption, ensuring a data stewards is assigned to the workspace, following policies and guidelines etc. | I | I,C | A,R |
Communications/Engagement | Communication and Engagement activities associated to FSDH. | I,C | A,R | I |
Onboarding management | Onboarding: planning and intake, technical onboarding etc. | C | A,R | I |
Information management | Information management activities. | I,C | I,C | A,R |
Data management | Data management activities such as data life cycle, data quality etc. | I,C | I,C | A,R |
Security management of Portal | Security management of the Portal is ensuring the FSDH portal meets all the security requirements, | I,C | A,R | I,C |
Security management of workspace | Security management of the workspace is the management of the data or information within the workspace. In addition it includes all security related activities in terms of applications, API etc. | I,C | I,C | A,R |
Workspace management | Workspace Leads or Administrators are responsible for: | I,C | I,C | A,R |
Storage Management/Database Management | Storage management or Database management includes all activities related to the app service or the database service. This also includes the management of database credentials. The workspace lead is responsible for the proper management and storage of the DB credentials and storage tokens. | I,C | I | A,R |
Annex 3 Funding Model
To be provided when ready.
