?ll? City of Seattle Office of the Mayor City of Seattle Bruce A. Harrell, Mayor Executive Order 2017-05: Examining and Managing Risks Related to Data Controlled by the Seattle Information Technology Department An Executive Order directing the Chief Technology Officer to assess the risks related to the management, sharing, and protection of data under the control of the Seattle Information Technology Department, and to make recommendations for areas of improvement. WHEREAS, I, Bruce A. Harrell, Mayor of Seattle, acknowledge the City?s role as steward of the public?s data, with special concern for vulnerable individuals and communities including victims of sexual assault and domestic violence; and WHEREAS, data generated and collected by the City is a target for malfeasance and theft with potentially significant negative consequences to individuals we serve; and WHEREAS, we are aware of data breaches occurring at the national level such as the recent Equifax exfiltration of personal and financial information affecting millions of people; and WHEREAS, the City receives more than 250 public record requests each week across all departments, ranging from emails to body?worn camera video and other documents, and increasingly requests are for large volumes of records; and WHEREAS, the City frequently enters into data sharing agreements with government, business and researchers to partner in projects to improve quality of life for the City?s population; and WHEREAS, pursuant to the February 2016 Open Data Policy, the City is committed to making the data it generates and collects openly available to the public and is committed to making data available to the City?s Open Data Portal, data.seattle.gov; and WHEREAS, the City passed Resolution 31570 on February 23, 2015 establishing a set of Privacy Principles to guide a City?wide Privacy Program to earn the public?s trust in how the City collects and uses personal information; NOW, THEREFORE, 1, Bruce A. Harrell, Mayor of Seattle, state the City?s commitment to securing and managing the information in our control using best practices and technology by ordering the following actions: Office of the Mayor 600 Fourth Avenue, PO. Box 94749, Seattle, WA 98124 206?684?4000 I seattle.gov/mayor Section 1. IT Data Management Risk Assessment. Beginning immediately, the Chief Technology Officer (CTO) shall undertake an effort to assess the risks related to the management, sharing, and protection of data under the control of or supported by the Seattle Information Technology Department on behalf of the City. This shall include assessing how data in its possession is protected, how data in response to public records requests is provided, how it shares data by agreement, and how data is published to the City?s open data portal, data.seattle.gov. Section 2. Data Management Report. The CTO shall report to this Office findings and recommendations for future data management, sharing, and protection improvements. This shall occur no later than November 15, 2017. Inquiries by City Departments, grantees, and contracted service providers regarding this Executive Order should be directed to Michael Mattmiller, ChiefTechnology Officer at (206) 233- 7937. Dated this 15th day of September, 2017. Bruce A. Harrell Mayor, City of Seattle Page 2 of 2