Title
Title
Judicial Branch Technology | Identity and Access Management (Action Required)
body
Summary
Summary
The Judicial Council Technology Committee and Information Technology Advisory Committee (ITAC) recommends that the Judicial Council accept the Identity and Access Management Workstream final report. The judicial branch has been rapidly implementing digitally driven processes and enabling information sharing to meet increasing expectations and a growing reliance on digital access to court information. Acknowledging these important changes, ITAC initiated the Identity and Access Management Workstream led by executive sponsor Snorri Ogata, Chief Information Officer from the Superior Court of Los Angeles County, to explore and make recommendations related to providing and safeguarding access to court information. The workstream presents three recommendations in support of the goals and objectives defined in the Tactical Plan for Technology, all of which support the overarching goal to increase access to justice. The recommendations outline a common framework for courts that participate to provide a uniform way for the public, attorneys, court partners, and others to access online court information and services across California. Implementation of the framework is dependent upon additional one-time and ongoing funding.
body
Recommendation
Recommendation
The Technology Committee and Information Technology Advisory Committee recommends that, effective immediately, the Judicial Council accept the attached workstream report, Branchwide Identity and Access Management Workstream: Findings and Recommendations (2021) and approve the workstream recommendations. The Identity and Access Management Workstream report is included as Attachment A.
In summary, the workstream’s recommendations are:
1. Establish ongoing governance and a process for policy and technology decisions regarding identity and access management.
2. Develop and deploy a branchwide identity management platform and program supported by Judicial Council Information Technology (JCIT) that would:
(1) Create a branchwide ID (CalCourtID) with clearly defined minimum identity attributes and the ability for users to control sharing.
(2) Establish a process for identity proofing where the judicial branch will be the authentication authority for public users (business-to-consumer, B2C), and authentication for courts and justice partners with MOUs (business-to-business, B2B) will be federated.
(3) Enable migration of existing identity management implementations used by courts and other service providers.
(4) Implement multifactor authentication (MFA), and use it everywhere.
(5) Provide litigants and attorneys the ability to temporarily delegate their access levels to another registered user. Delegated access should be reaffirmed every six (6) months, and the delegator should have access to delegee activities.
(6) Include provisions in branchwide RFPs that mandate use of branchwide identity management.
3. Establish funding for branchwide identity management buildout and support.
body