Policy on Access to Information and Electronic Services

The Policy on Access to Information and Electronic Services aims to establish the general framework for use and to define the rules and standards followed in this regard, including:

• • Encouraging beneficiaries to use electronic services.
• • Ensuring ease of access for beneficiaries to information and electronic services.
• • Defining the controls governing access to information.
• • Defining the controls governing the use of electronic services..
• • Protecting data and maintaining its confidentiality.
• • Setting out disciplinary procedures for violations of the policy.
• • Saving time and effort.

The policy defines the importance of applying the rules of access to information and electronic services, given that the procedures related to them must be governed by specific controls according to the following procedures:

• • The mechanism for accessing information.
• • The mechanism for benefiting from electronic services.
• • The documents and requirements supporting the request for any of the electronic services available on the portal.

• The Essential Cybersecurity Controls issued by the National Cybersecurity Authority.
• The controls and policies issued by the National Data Management Office.
• The controls and policies issued by the Digital Government Authority.
• The policies issued by the Communications, Space & Technology Commission.

Principle: Transparency

This policy is based on the principles of transparency and clarity in the mechanisms for access to information and electronic services, and in making the rules of use and their implications known.

Principle: Reliability

Appropriate controls and standards are applied to ensure the protection of data and its sharing in a secure and reliable environment.

The policy applies to the direct use of the official website, the services of the Tawasul electronic portal, and other digital platforms.

This policy applies to all beneficiaries and users of the Emirate’s official website and the Tawasul e-portal services who need to apply for certain services available on the portal, or to review descriptions of services, procedures, and requirements for each service, as well as other digital platforms.

First: External Beneficiary (Citizen or Resident)

• • Access must be through the National Single Sign-On in order to verify the identity of the beneficiary so that they can use the services available on the Tawasul electronic portal.
• • The applicant for the service must be the owner of the request or have a valid legal power of attorney.
• • It is prohibited to submit more than one request on the same subject.
• • The beneficiary may use more than one electronic service.
• • Access to information and the use of electronic services are subject to cybersecurity controls and policies.

Second: Internal Beneficiary (Employees of the Emirate, governorates, and affiliated centers)

• • The beneficiary must obtain their login credentials for the Emirate’s electronic services and platforms from the competent department.
• • The beneficiary must use electronic services only within the scope of work needs and requirements.
• • Login credentials for systems must be safeguarded and not made available to any other person for use or benefit.
• • Confidentiality of data and information that the employee is authorized to access and view must be maintained.
• • Use of the Emirate’s platforms and electronic services is subject to cybersecurity controls and policies.

Third: Specialists at the General Department of Information Technology

• • Required access privileges for employees must be granted by their departments, in line with their work needs, to access the Emirate’s platforms and electronic services.
• • Access privileges granted to employees for platforms and electronic services must be reviewed periodically, and the ongoing need for such access must be verified in coordination with their departments.
• • Confidentiality of data and information that the employee is authorized to access and view must be maintained.
• • Use of the Emirate’s platforms and digital services is subject to cybersecurity controls and policies.

Policy Owner:

Responsibility : General Administration of Information Technology.

Tasks : Circulating, publishing, and updating information technology policies

Policy Implementation and Application:

Responsibility : Public Relations and Media Department - Applications and Systems Development Department- Cybersecurity Department.

Tasks : Circulating, publishing, and updating information technology policies

Policy Compliance:

Responsibility : All beneficiaries and the responsible department.

Tasks : Mandatory compliance with policy provisions.