ESTONIA A SUCCESSFULLY INTEGRATED POPULATION-REGISTRATION AND IDENTITY MANAGEMENT SYSTEM DELIVERING PUBLIC SERVICES EFFECTIVELY IDMS PR NOVEMBER 2015 Map of Estonia ESTONIA: A SUCCESSFULLY INTEGRATED POPULATION-REGISTRATION AND IDENTITY MANAGEMENT SYSTEM DELIVERING PUBLIC SERVICES EFFECTIVELY November, 2015 CONTENTS Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v Acronyms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Why Estonia? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix Why focus on the health sector?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x Organization of the report. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi 1  Background. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Democracy and openness. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Demographic challenges: Aging and population decline . . . . . . . . . . . . . . . 2 Wide-spread innovative Information and Communication Technology (ICT). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2   Principles of Integration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Main goal: Providing legal identity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Rationale: Why integration is a good practice?. . . . . . . . . . . . . . . . . . . . . . 6 Fundamental building blocks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 3   Overview of PR and ID systems integration.. . . . . . . . . . . . . . . . . . . . . . . 9 Evolution of integration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 1. Demand for identification (1991–1992). . . . . . . . . . . . . . . . . . . . . 10 2. Design and early implementation (1992–2000) . . . . . . . . . . . . . . . 10 3. Roll-out and completion (2000–2005). . . . . . . . . . . . . . . . . . . . . . 11 Governance architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 4   Population registration and register-based statistics in Estonia. . . . . . . . . 15 Guiding principles of the Estonian population registration system. . . . . . 16 Population register: Structure and operation . . . . . . . . . . . . . . . . . . . . . . 16 Birth registration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 Death and cause of registration process . . . . . . . . . . . . . . . . . . . . . . . . . . 20 Best practices: population-based registration system. . . . . . . . . . . . . . . . . 22 iv Estonia: A Successfully Integrated Population-Registration and Identity Management System 5   Estonia Identification Management System. . . . . . . . . . . . . . . . . . . . . . . 23 The structure and operation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 A constitutional right: Personal data protection. . . . . . . . . . . . . . . . . . . . 24 Personal ID code (PIC). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Electronic Identification card (eID). . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 e-Residency. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Best practices: eIDM system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 6   X-Road: The bridge between PR, ID card and service delivery. . . . . . . . . 29 7   Key enablers and critical success factors for integration . . . . . . . . . . . . . . 35 Governance and legal framework. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Information technology and Public Key Infrastructure (PKI). . . . . . . . . . 36 The role of Public-Private Partnerships (PPPs). . . . . . . . . . . . . . . . . . . . . 37 8  Applied case: Improving health care delivery through an integrated identification system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Overview of the Estonian health system. . . . . . . . . . . . . . . . . . . . . . . . . . 39 eHealth: An integrated health information system. . . . . . . . . . . . . . . . . . 40 Interconnection of the health insurance registry and the population register . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 Health insurance since birth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 9   Lessons learned . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 10  References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 ACKNOWLEDGMENTS T his report was prepared by Ana Milena Aguilar Rivera, Health Economist, Health, Nutrition and Population Global Practice (HNP), World Bank Group (WBG), and co-authored by Dr. Kristjan Vassil, University of Tartu. Dr. Vassil provided excellent analytical inputs, review of legal documentation, and the construction of figures about X-Road transactions and data requests. Technical guidance was provided by Dr. Samuel Mills, Senior Health Specialist, HNP. This case study is part of a series of case studies undertaken by the World Bank Civil Registration and Vital Statistics (CRVS) program, which is part of the WBG Identification for Development Group (ID4D). A number of Estonian government officials and stakeholders provided valuable insights and information during our field visit to Tallinn in May 2015. Officials in the Police and Border Guard Board (including Mr. Janek Mägi the Head of the Citizenship and Migration Policy Department, and Mr. Helar Laasik, Chief Expert), and the Head of the Population Department and colleagues respon- sible for the Population Register (Mrs. Enel Pungas, Ms. Terje Maurer, and Ms. Mairis Kungla)—both offices being under the Ministry of Interior—are gratefully acknowledged. In addition, officials from the Estonian Information System’s (RIA) described for us the information system and the role of X-Road. We thank especially Ms. Liina Areng and Mr. Andres Kütt for their invaluable help. We appreciate the time and knowledge provided by Mr. Mait Heidelberg at the Ministry of Economic Affairs and Communication, Mrs. Mari Pedak at the eGovernment Academy, and Mr. Tarvi Martens at the Certification Center (SK). The heads of the Medical Birth Registry (Mrs. Kärt Allvee), the Cause of Death Registry (Mr.Gleb Denissov), and the Cancer Registry (Mrs. Margit Mägi) under the National Institute for Health Development (NIHD) clearly explained the integration of the health registries and the Population Register. The head of Health Statistics (Ms. Natalja Eigo) pro- vided inputs and information on the health information system, which was greatly appreciated, and Mrs. Kaja Sõstra and Mrs.Kristi Lehto representatives of Statistics Estonia provided useful information on Estonia’s statistics system. This report also benefited from the time and critical insights of officials from the health sector, in particular, Ms. Triin Habicht of the Ministry of Social Affairs, Mr. Raul Mill and Mrs. Heli Laarmann from the ehealth Foundation, and officials from the Estonian vi Estonia: A Successfully Integrated Population-Registration and Identity Management System Health Insurance Fund (EHIF). Our thanks to Ms. Ploetz, Märt Kivine, and Christophe Kurowski, pro- Kaija Lukka for her support and help. vided insightful information and suggestions, and we Additionally, World Bank Group staff who appreciate the help provided by Victoriano Arias. work on issues relating to Estonia, particularly Marvin ACRONYMS BMR Birth Medical Registry CODR Cost of Death Registry CRVS Civil Registration and Vital Statistics DSA Digital Signature Act EDPI Estonian Data Protection Inspectorate EHIC European Health Insurance Card EHIF Estonian Health Insurance Fund EHR Electronic health record EHSI Estonia Health System Information eIDMS Electronic Identification Management System eID Electronic Identification EMBR Estonian Medical Birth Registry eSignature Digital Signature GOE Government of Estonia ICT Information and Communication Technology ID Identification IDMS Identification Management System MISP Mini-Information System Portal MoI Ministry of Interior MoSA Ministry of Social Affairs NIHD National Institute for Health Development PBGB Police and Border Guard Board PDPA Personal Data Protection Act PIA Public Information Act PIC Personal Identification Code PKI Public Key Infrastructure PPP Public and Private Partnerships PR Population Register viii Estonia: A Successfully Integrated Population-Registration and Identity Management System PRA Population Register Act RIA Estonian Information System Authority RIK Centre of Registers and Information Systems SE Statistics Estonia SK Certification center VSA Vitals Statistic Act WHO World Health Organization INTRODUCTION I ntegrated civil registration and vital statistics (CRVS) and identity management systems (IDMS) provide a critical basis for identity management and the estab- lishment of personal identity. When developed in an integrated matter, these systems can provide major savings in terms of time and costs, in addition to creat- ing efficiencies in the flow of information across relevant institutions. Some coun- tries are leading the development of more integrated approaches, and the lessons learned, if properly documented, may be useful to many low- and middle-income countries. This report describes the particular case of Estonia, and the process through which the country has developed an integrated population registration and iden- tification system aiming at improve public service delivery. The report identifies enabling factors and best practices that may be applicable to other countries. The audience of this report includes both policymakers and stakeholders interested in developing national population-based identification systems in conjunction with improving government services delivery, in particular health care services. Why Estonia? Estonia, one of the three Baltic countries, experienced a political and economic reorganization after regaining its independence from the Soviet Union in 1991. One of the first priorities of the newly established government was to rebuild a national identity system. As a result, during the 1990s, the legal foundations for the new system were laid out, and both a national identification number system and a population register were established. Since then, Estonia has rolled out a compul- sory national identification card program and introduced secure, authenticated dig- ital identities, which are widely used and trusted, for citizens to use when accessing public services. With more than 1.2 million active electronic identification (eID) cards issued to nearly 95 percent of its 1.3 million residents, Estonia has not only successfully developed an effective new system, but has also become an exemplary case for countries designing new population registration systems or reestablishing population registries after l periods of political instability and unrest. x Estonia: A Successfully Integrated Population-Registration and Identity Management System In Estonia, the activities involved in identifi- child and maternal mortality estimates require robust cation, population registration, and vital statistics are and accurate birth and death information, CRVS carried out within two key subsystems. The first is the also plays an essential role in monitoring Millennium population registration system (or CRVS)1, which is Development Goals (MDGs) and Sustainable aimed at recording and certifying births, deaths, and Development Goals (SDGs) in developing countries, other vital events occurring in the population. The sec- especially for the poor. ond is the identification management system (IDMs), Poor women and children represent the group the purpose of which is to provide legal identification with the greatest vulnerabilities associated with not and associated documents to the population. These sub- having registration. For example, poor children are dis- systems complement each other rather than duplicating proportionally more likely to die without having birth their functions. These complementarities provided the registration. In countries with developed ID systems, basis for their integration. The establishment of a legal such as Estonia, identification starts at birth, and is basis for collaboration, information technology solu- linked to a child’s mother. The development of technol- tions to ensure interconnection, and harmonization of ogies has created opportunities for cost-saving solutions guiding principles and goals of participating agencies, such as birth hospital electronic registration. Thus, ensured a successfully integrated identification system. efforts to integrate CRVS and ID systems through the Currently, Estonia is considered a pioneer in use of technology carry the potential for reducing both implementing an innovative and integrated identifica- disparities among individuals and long-term costs for tion system characterized by its interoperability with organizations. other cross-government systems, having developed one Furthermore, by improving the health sector of the most renowned eGovernment2 strategies in the information system, an integrated system produces world. Today, there is an interoperable platform sup- system externalities such as increasing efficiency and porting the eGovernment in Estonia—X-Road—a accuracy. Estonia’s health care system has capital- technical and organizational environment that enables ized on the e-services platform part of the Electronic secure Internet-based data exchange between the state’s Identification Management System (eIDMS). Both information systems. It connects 900 organizations and the electronic health registry that was initiated in 2008 more than 1,000 services, handling more than 300 mil- and the e-prescription system that was implemented in lion requests per year (in 2014). Estonia also serves as a 2010 have increased efficiency by limiting the adminis- good example of the roles that information technology, trative burden on doctors, enabling access to time-crit- public procurement, and public-private sector partner- ical information, and automating data collection. The ships play in consolidating a national identification and Electronic Health Record (EHR) is built around the population-registration system. X-Road system, which allows access to data from other Why focus on the health sector? 1 In this report, the term “population registration” is used in place of “civil registration” to adhere to international termi- A nation’s health sector is both the primary source and nology to designate when a system is based on a population register (PR) rather than a civil registry. One key difference primary user of birth and death registration data. By between these two types of systems is that PR systems are facilitating birth registration, health service providers organized and collect data on the basis of place of residence. play an important role in creating the initial identifi- 2 “eGovernment uses digital tools and systems to provide cation record for a newborn, as well as in recording better public services to citizens and businesses” (European deaths and the causes of death later in life. Because Commission). Introduction xi systems, including the Population Register. Hence, the presents the key elements that are necessary for the suc- lessons that have resulted from Estonia’s health expe- cessful integration of identification and population reg- rience are of importance not only for countries in the istration systems. The third section describes the evolu- early stages of CRVS system development, but also tion of the PR and ID system in Estonia, followed by for middle-income countries looking to improve effi- a description of the population registration system, the ciency by applying innovative solutions and e-health enabling factors, and the benefits. Similarly, the fifth approaches. section analyzes the identification management system and related best practices. The sixth section describes the data exchange platform X-Road. The seventh sec- Organization of the report tion summarizes the key enablers and success factors for integration. Whereas section eight outlines the ben- This report is organized in nine sections. The first sec- efits of system integration in the health sector. Finally, tion provides background information on Estonia. The a conclusion chapter highlighted the lessons learned in second section introduces an analytical framework and the report. 1 BACKGROUND E stonia is situated strategically on the east coast of the Baltic Sea bordered by Finland to the north and the Russian Federation to the east. It is the smallest and most northerly state of the Baltic countries—Estonia, Latvia, and Lithuania (table 1.1). With a current population of 1,313,271 inhabitants, Estonia is the fourth smallest country in the European Union. Its territory, approximately 45,227 km2, is larger than that of Belgium or Switzerland, but at 31 inhabitants per square kilometer, it is one of the least-densely populated coun- tries in Europe. Currently, the country is organized into 15 counties, the first-level administrative subdivision, and further into 213 municipal districts, including 30 towns and 183 parishes. One-third of the population is concentrated in its capital, Tallinn, which is the main destination of internal migration (Statistics Estonia 2013). The development of the current identification and population registration systems in Estonia occurred in tandem with other significant changes in the coun- try’s policy and economic environment, which were initiated after Estonia regained independence from the Soviet Union in 1991. Other factors, such as social and demographic dynamics, and striking technological change, also influence how the country’s unified CRVS/ID system works. Table 1.1   Statistics Population: 1 313 271 (2015) Density 30.3 inhabitants per km2 Share of urban residents 67.9% Area 45 227 km2 GNI per capita 18,530 Life expectancy 76 Unemployment rate 8.8% Birth registration 100% Death registration 90% or more Source: WDI, 2015 and UNSC, 2013 2 Estonia: A Successfully Integrated Population-Registration and Identity Management System Democracy and openness eighth out of 178 countries.5 Estonia is also known for its low flat-rate taxes and in particular its 20 per- Since 1991, Estonia has been governed by a parlia- cent income tax. In order to attract more foreign direct mentary democracy in which the Prime Minister is the investment, all reinvested corporate profits are exempt head of the government and the President is the Head from corporate income tax. The system of value-added of State. Free and fair elections have been held since tax (VAT), set at 20 percent, is in harmony with EU that time with robust levels of turnout and party system requirements. Employers pay a social and health insur- stability (Lewis, 2006). Estonia’s central government is ance tax, which is 33 percent of gross wages. deconcentrated with a single-tier subnational govern- Despite sound economic growth, 18 percent of ment at the county level (OECD, 2011). The govern- the Estonian population lives in relative poverty, and ment is comprised of 11 ministries, each with respec- 8 percent in extreme poverty, based on the national tive subordinate agencies (boards and inspectorates). poverty line (Statistics Estonia, 2015). According to The Ministry of Interior, through the Police and Border Statistics Estonia, the unemployment rate was 6.6 per- Guard Board and the Population Fact department, cent in the first quarter of 2015.6 In 2014, the average coordinates the national identification and the popula- monthly gross wages and salaries were 1,005 euros and tion registration systems. the average hourly gross wages and salaries were 6.14 After regaining independence in 1991, Estonia euros.7 faced the challenge of transitioning from a centrally planned socialist system to a new open-market environ- ment based on democratic institutions. The government Demographic challenges: Aging and needed to establish a new currency, stabilize prices, and population decline reactivate the economy (Boughton 2012). By applying sensible fiscal and macroeconomic policies, promoting The Estonian population can be characterized by two democratic institutions, and integrating rapidly to a major trends. First, the population, similar to other global governance scenario, in less than a decade, the European countries, is aging. Children under 14 years government was able to balance the government bud- old constituted about 18 percent of the population get while restoring growth in real GDP. Between 2000 in 2000 but their share decreased to 15 percent in and 2008, the country experienced rapid economic 2011. Conversely, the share of those over 65 years has growth of about 7 percent per year, which placed increased to 18 percent as compared to 15 percent in Estonia among the top three fastest growing economies 2000. On a positive note, the share of working-age peo- in the EU.3 The economic crisis of 2008 impacted the ple (15–65 years) was about 67 percent in 2000 as well Estonian economy by decreasing GDP growth by 14.7 as in 2011.8 percent, but since 2010, economic growth has turned positive again—in 2014 the Estonian economy grew 2.1 percent compared to 2013.4 3 http://estonia.eu/about-estonia/economy-a-it/a-dynam- The Estonian economy is characterized by flex- ic-economy.html. ibility and openness. Since 1991, all Estonian govern- 4 https://www.eestipank.ee/en/press/eesti-pank-raised-its- forecast-economic-growth-year-and-lowered-its-forecast- ments have valued a balanced state budget, liberal trade next-year-23092014. and investment laws, and low levels of corporate income 5 http://www.heritage.org/index/ranking. tax. Currently, The Wall Street Journal and the Heritage 6 http://www.stat.ee/90621. Foundation’s Index of Economic Freedom 2015 ranks 7 http://www.stat.ee/90547. Estonia as one of the freest economies in the world at 8 http://www.stat.ee/63779. Background 3 In the past 20 years, the population of Estonia has Change in Population Figure 1.1    gradually decreased due to a negative birth rate and net between 2000 and 2014 migration (figure 1.1). Estonia’s population, according (Statistics Estonia, 2015) to the 2011 population census, was 1.29 million, which 20,000 indicates a 5.8 percent decline from its 2000 popula- tion level. As occurs in other East European countries, 10,000 Estonia’s population decline brings about a number of 0 challenges to the government, including an aging work- force leading to possible labor and skill shortages and a –10,000 smaller tax base leading to reduced tax revenue. –20,000 The decline in natural growth is primarily a con- 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 sequence of a prevailing low fertility rate in the coun- Natural increase Net external migration* try. Estonia’s fertility rate has remained at levels below Total population change Births Deaths replacement (2.0) since the 1990s (figure 1.2). Birth rates began falling after the restoration of independence in 1991, and in 1998 declined even further to a level of Total Fertility Rate, Estonia Figure 1.2    1.28 children per woman, the lowest level in 40 years. 1970–2014 However, the fertility rate recovered after that period to an estimated current rate of 1.54 children per woman. 2.5 Children per woman The second major population trend shows a continuing regional concentration. Overall, the num- 2.0 ber of registered inhabitants has increased in two coun- ties Harju and Tartu, in which the two largest cities of 1.5 Total fertility Estonia are found (Tallinn in Harju County and Tartu rate, 1.54 in Tartu County), while the number of people in other 1.0 1976 1979 1985 1991 2006 2009 1970 1973 1982 1988 1994 1997 2000 2003 2012 counties has decreased, and these two counties are the only counties with a positive net inflow of people.9 Wide-spread innovative Information Union average of 78 percent (WDI, 2014). Yet, Internet and Communication Technology (ICT) users in the early 2000s were less than one third of the population. A 2002 study about the digital divide10 As a small country, Estonia, has prioritized investing in characterized Estonia as a country with relatively few innovative and efficient solutions to a shrinking work force. Among them are new information technologies, widespread Internet-based public services, and mobile 9 Data and further information available at: http://www.stat. value-added services (m-services) (Kalvet, 2012). As ee/63779. a technology-oriented economy and society, Estonia 10 “Digital divide: the gap between individuals, households, businesses, and geographic areas at different socioeconomic made technology adoption and development one of its levels with regard both to their opportunities to access infor- more valuable comparative advantages. mation and communication technologies and to their use of According to the World Bank, Estonia’s current the Internet. The digital divide reflects various differences Internet penetration is 84 percent, above the European among and within countries (OECD 2001, 5).” 4 Estonia: A Successfully Integrated Population-Registration and Identity Management System Internet users, limited access to computers, and a grow- ICTs. The project raised the number of public Internet ing but still insufficient number of public Internet access points from 200 in 2001 to about 700 in 2004. access points (Kalvet, 2002). There were, however, two Thus, although the choice to steer the country toward key public-private partnerships projects that started the new technologies was a political one, early on it was widespread use of the Internet. First, in 1997, the Tiger funded by the private sector. Leap program was initiated to modernize the country’s IT-infrastructure11 providing Internet access and com- puter labs to all Estonian schools. Second, the largest 11 Tiger’s Leap was a government project that started in 1997 with the goal to substantially increase investments in the public-private partnership project in Estonia to date— development and expansion of personal computers and net- the Look@World project with nine participating com- work infrastructure in Estonia, with a particular emphasis on panies—was started in 2001. As a result, more than education. The primary outcome of the project was the pro- 100,000 individuals, about 10 percent of the Estonian vision of Internet access and computer labs to all Estonian adult population, were taught to use and understand schools. 2 PRINCIPLES OF INTEGRATION A successfully integrated identification system, such as the one devel- oped in the Estonian case, takes into account the complementarities among different identification systems by laying out the legal basis for collaboration, designing information technology solutions to ensure intercon- nection, and establishing consistent guiding principles and goals for collaborat- ing agencies. Main goal: Providing legal identity The main benefit of having an integrated identification system is providing people with legal identity. Possessing a legal identity allows individuals to have access to public services and to protect their rights. There is also evidence that lacking a legal identity has negative consequences for vulnerable populations in risky situa- tions. In particular, the poor are more vulnerable to becoming legally “invisible.” Having a unified, coordinated identification system creates long-lasting bene- fits for individuals by providing protection for children from birth. When birth registration is not part of a central national system, and there is no connection between birth registration and other public services, there is no way to certify that the person holding a birth certificate is the person for whom it was issued. On the other hand, identification systems focused exclusively on personal identification, which use ID cards, usually target adults rather than children, limiting children’s access to public services. The concept of legal identity is not without challenges, as some people might say that providing legal identity may also create vulnerability and exposure if sensitive information is not protected, or if access is not controlled by data protection and confidentiality regulations. 6 Estonia: A Successfully Integrated Population-Registration and Identity Management System Rationale: Why integration is a good integration—including foundation, development, and practice? implementation—as a tool to understand the process of creating an integrated system. It has been proposed that One of the main problems occurring in identification the integration of identification and population regis- systems today is the issue of fragmentation. This occurs tration systems should follow two key principles: ensur- when separate identification structures and databases ing the confidentiality, privacy, and security of personal are created in order to satisfy sector-specific demands information; and supporting the efficient provision of without establishing standards and systems for their public services (user-centeredness). Protecting personal integration and coordination. For instance, population data is a matter of critical importance to guarantee censuses, social health insurance records, voters’ lists, individual rights and to ensure that the information is and tax identification databases collect the same basic both gathered legally and used for legitimate purposes, information, but there are no standards to adequately whereas user-centeredness refers to the practice of plac- integrate them or to ensure confidentiality and infor- ing individuals or citizens (users) at the center of the mation security. These basic standards of data acquisi- system. The obligation and aim of such a system is to tion are usually difficult to put into practice given the allow individuals to maintain control over their per- number of agencies responsible for these registries and sonal data and its use. the manner in which these databases are developed. Figure 2.1 shows the foundation components Among the issues that an integrated system for successful system integration. The first basic ele- should seek to address are the following: ment is establishing a comprehensive legal framework to guide the process of integration. An integrated iden- Multiple data collection and repeated informa- tification system relies on a clear division of responsibil- tion in databases ities and cooperation among administrative authorities. Inefficiencies in data integration and reporting A unified system also requires enabling provisions that Occurrences of invisible populations or missing establish the way the different agencies interact. Among births or deaths due to inaccurate or missing these key provisions are the issuance of a personal iden- information tification code, the guarantee of personal data protec- Irregularly updated information concerning the tion to ensure transparency in the exchange of public entry and exit of people in registries of govern- information, and the creation and operation of digital ment programs (welfare, education, pensions) solution and technological information platforms. More importantly, an integrative system aims to Building Blocks Figure 2.1    ensure appropriate use of sensitive information, and the protection and security of the data of individuals whose Unified CRVS records are contained in it. and IDM Systems Confidentiality, privacy, security and user centeredness Fundamental building blocks Foundation Development Implementation What are the fundamental building blocks in Estonia Governance and Data integration Improved services institutional that drive the process of integration and make up framework Interoperability provision the infrastructure required to properly enable it? This section presents a framework linking key domains of Source: Authors. Principles of Integration 7 The development of a unified system primarily birth and death registries, as well as individual identifi- involves issues of coordination across agencies and of cation registries, such as lists of taxpayers and election interoperability. One of the key challenges rests with voters, policy records systems, and health insurance how to integrate datasets and registries while at the registries. Integration requires establishing a platform same time ensuring data protection and confidential- that enables different information systems to commu- ity. Data Integration refers to implementing the set of nicate and exchange data with each other. processes required for harmonizing data from separate Finally, any integrated system requires constant sources and for creating ways of monitoring, transform- updating, monitoring, and cleaning of data to provide ing, and delivering this information. In the case of ID information for effective government, but more impor- and CRVS systems, these different sources encompass tantly to provide improved service delivery. 3 OVERVIEW OF PR AND ID SYSTEMS INTEGRATION I n Estonia, identification, population registration, and vital statistics activities are carried out within two key subsystems. The first is the population registration and vital statistics system (CRVS), which is aimed at recording and certifying births, deaths, and other vital events occurring in a population. The second is the identification management system (IDMS), which is focused on providing legal identity and associated documents to the population. These subsystems comple- ment each other rather than duplicating their functions. These complementarities provided the basis for their integration. Evolution of integration The historical evolution of identification and population registration systems in Estonia is crucial to understanding Estonia’s successful integration of these pro- cesses. Three particularly effective practices in this model are: (i) early introduction of a personal identification number (even before the ID card and a population register were established); (ii) cooperation among ministries and scientific institu- tions involved in data collection, analysis, publication, and storage; and (iii) use of a population register to support the national identity program. During the early 1990s, as a result of the dissolution of the former Soviet centralized system, Estonia, like other ex-Soviet republics, faced the challenge of developing new and improved systems of population registration and vital statistics data collection. The previous system suffered from over-centralization, poor quality control, and data comparability issues. In addition, population sta- tistics were not freely distributed, and the use of such information was restricted (Anderson, Katus et al. 1994). As a result, in 1992 the Estonian Government formed a governmental commission to establish a population register that would 10 Estonia: A Successfully Integrated Population-Registration and Identity Management System be at the center of the population registration effort. 2. Design and early implementation The state agencies involved in the process were the then (1992–2000) Passport Bureau, the Residence Address Bureau, and An initial element in the evolution of the system was the Estonian Statistics Bureau, which was in charge the early introduction of a personal identification of data storage (Kulper, 2014). The commission also number. In 1990, the standard of a personal identifi- had the support of scientific institutions involved in cation code (PIC) based on the date of birth, gender, population data collection and analysis. (Anderson, and a number based on daily number of births, was Katus et al. 1994). Their goal was to provide the basic established which provided the crucial platform for structure for establishing the principles and practices the successful launch of the Population Register (PR). for a population register. Since the middle of 1991, personal identification codes were assigned to all Estonian citizens, but particularly important, they were assigned to all children at birth. 1. Demand for identification (1991–1992) The PIC was also included in the first round of pass- Notwithstanding this government interest in develop- ports that were issued in 1992. While the contempo- ing a population-based registration and identification rary legal basis for issuing PICs and linking them to the system, the initiative has since its inception responded PR was provided until 2000 by the Population Register to a demand for identification by Estonian citizens Act and the Decree of Creation, Issuing and Delivering who called for a new official document to ascertain of Personal ID Codes, the preparatory work started their regained legal identity. The first urgent need for years earlier (figure 3.1). citizens was to be able to exchange rubles, the Soviet For instance, in 1993 the new act of public currency, into Estonia’s new national currency, the registries was initiated with a strong focus on data kroon.12 For this purpose, family lists were prepared protection (Kulper, 2014). In 1995, the government and recorded, which included the names, sex, date passed the Decree of Administration of the Population of birth, and residence of each member of a fam- ily, including the children.13 Later, these lists would become the first population records of the Republic 12 In the summer of 1992, Estonia was the first Baltic country of Estonia collected since the 1940s.14 A second press- establishing a permanent currency. In order to avoid circula- ing reason people had for an identification document tion of both currencies all rubles were exchanged to kroons was to be able to leave the country. After years of not at the rate of 10:1 between June 20 and 22. Each resident being able to travel abroad, people in Estonia wanted of Estonia, including children, was allowed to change 1500 rubles (Desai, p 2007). to travel, which required them to have a passport. The 13 Personal communication with Mrs. Mari Pedak May 2015. first official passports after Estonia regained indepen- 14 By 1991–1992, when the independence and constitution dence were issued in July 1992, and within a three- referendum took place, there had already been an effort to year period, almost all Estonian citizens had been register all Estonian citizens under the 1938 Citizenship Law. issued a passport. However, people without Estonian However, this registry did not include children, non-citizens, citizenship had to wait four years, until 1996, when or citizens not residing in Estonia. the Estonian Government began to issue identity doc- 15 http://estonia.eu/about-estonia/society/citizenship.html 16 Since 1992, with the re-enactment of the 1938 Citizenship uments to persons who had previously held Soviet Act, which remained in effect until 1995, only pre-1940 cit- passports.15 In the early 1990s, one third of Estonia’s izens and their descendants were entitled to acquire Estonian population held citizenship other than Estonian, most citizenship by declaration. Everyone else needed to follow of whom were Russians who had migrated during the a process of naturalization. http://eudo-citizenship.eu/docs/ Soviet period.16 CountryReports/Estonia.pdf. Overview of PR and ID systems integration 11 Timeline of Key Initiatives of the Integration of CRVS/ID System Figure 3.1    New act of public Personal Emerging Population register The standard registries was initiated data ideas act. Start of the for PIC was with a strong focus on protection about fully-functional established data protection act digital ID population registry 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 Formation of the Decree of Public data Start of digital ID Start of mobile ID commission to administration repositories act dissemination, dissemination, establish the system of the population first digital first digital signatures of population registry registry’s database signatures given given using mobile ID Registry’s Database,17 which regulated basic principles digital ID-card. These studies included an initial study concerning the operation of the population registry. of the ID-card, identifying requirements of all parties Since 1996, the Population Register administration has interested in the ID-card, and research in the follow- been effectively incorporated into the structure of the ing areas: smart card standards, profiles and technol- Ministry of Interior. In 1997, the parliament passed ogies, and international standards on ID-cards. The the Public Data Repositories Act, which designated the initiative was operationalized by organizing a technical official start of the PR to be 01.01.2002.The Decree working group to pilot development of an ID-card in was replaced by the full text of the Population Register a number of public agencies. Representatives from the Act18 in 2000. Citizenship and Migration Board (currently the Police Further legislation was necessary to ensure that and Border Guard Board), banks, and private technical the collection of all personal data was conducted with firms participated in this working group. safeguarding mechanisms in place, and that these mech- anisms were normatively described by law. This process provided input for the Personal Data Protection Act19 3. Roll-out and completion (2000–2005) that was eventually passed in 1996 (Kulper, 2014). This The first round of passports issued in 1992 expired legal document explicitly defines what type of data is after 10 years. When the time came in 2002 for every considered “personal” and enumerates the principles to citizen to renew their passports, the legal foundations which the administration and processing of this type for implementing a national mandatory identification of data must adhere. In 1997, the first concrete ideas began to circulate concerning the development of a digital ID-card. By 1998, a special committee under 17 The full text of the decree is no longer available. Metadata the Ministry of Interior was created for the develop- in Estonian is available at: https://www.riigiteataja.ee/ ment of an identification certificate and its technical akt/925666. 18 Full text available in English: https://www.riigiteataja.ee/en/ specifications. The committee consisted of representa- eli/518062014012/consolide. tives of the public sector and a few private companies.20 19 Full text available in English: https://www.riigiteataja.ee/en/ The idea was introduced to the public the same year, eli/529012015008/consolide. and the Ministry of Interior commissioned several fea- 20 http://www.id.ee/public/The_Estonian_ID_Card_and_ sibility studies on the technical specifications for the Digital_Signature_Concept.pdf. 12 Estonia: A Successfully Integrated Population-Registration and Identity Management System card and the Population Register were already in place. and migration issues, as well as issues concerning An initial database containing previous voting lists, population and vital statistics, which are explicitly passports, and family lists was used as the basis for the regulated by the Identity Documents Act and the Population Register. By 2002, the Population Register Population Register Act. In addition, registrars of civil was effectively established. The government bene- events (death, birth)—local and county governments fited from the unique opportunity of the requirement fall under the authority of the Ministry of Finance,21 for passport renewal to start rolling out the national with the Population department working closely with ID-card, and data were recorded for first time in the them. newly established Population Register. In addition to the Ministry of Interior, the In October 2002, the first digital signatures were Ministry of Communications and Economic Affairs made using the new ID-card. It must be emphasized is responsible for the bulk of developmental activities that the ID-card along with the mobile-ID (referred to and implementation related to Public Key Information in the next paragraph), provide the basic functionality (PKI) infrastructure, as well as the standards and com- of a functional e-government. The growth in the num- munications that make the system interoperable. The ber of users with respect to the ID-card is provided primary legal basis in this area is the Digital Signatures in Figure 5.4 in Section 5. Electronic identification Act, which provides the framework for digital identifi- card. In 2007, the new mobile digital identification cation and signatures. The two key institutions under mode was introduced to the Estonian market. The the Ministry of Communications and Economic Affairs service allows Estonian people to identify themselves that are in part responsible for the digital identity man- using their mobile devices. In essence, the develop- agement are the Department of State Information ment of the mobile-ID is a further extension of the Systems (an agency that is primarily in charge of pol- ID-card and rests on the same normative documents icy-making procedures) and the Estonian Information and principles. System’s Authority (RIA) (which is responsible for the development and maintenance of the state informa- tion systems). A unique exception to this institutional Governance architecture framework is AS Andmevara, a state-owned company that is responsible for the Population Register’s software The population registration and ID systems are sup- development, hardware maintenance, and customer ported by various public agencies (figure 3.2). Among management. them are the Ministry of Interior, the Ministry of Statistics Estonia, under the authority of the Economic Affairs and Communication, the Ministry Ministry of Finance, is guided by the Official Statistics of Justice, and the Ministry of Finance. Although there Act and works in coordination with other public agen- have been changes in the structure of the government cies. Among them is the Health Statistics Department and its responsibilities in the last 25 years, the Ministry in the National Institute for Health Development of Interior today houses both the Population Register (NIHD). (within the Population Facts Department) and the National Identity System through the Police and Border Guard Board (Development Department). This Ministry constitutes the largest public sector 21 Until September 2015, they were under the Ministry of organization in Estonia, and it coordinates citizenship Regional Affairs. Overview of PR and ID systems integration 13 Figure 3.2   Agencies Involved in the Population Registration and ID System Population facts Ministry of department Andmevara-X Interior Chief population authorized register processor processor Police and border guard board Certification Center ID card and ID (SK) registry Ministry of Identification communication and and economic affairs RIA-X-Road population registration systems Vital statistics Ministry of Statistics procedures and finance Estonia statistic officials Birth medical Ministry of Data protection registry and justice inspectorate abortion registry Ministry of E-Health National institute for Cause of death EHIF social affairs foundation heath development medical registry Health statistics 4 POPULATION REGISTRATION AND REGISTER- BASED STATISTICS IN ESTONIA F ollowing the tradition of the Nordic countries, Estonia’s population registra- tion system was established on the basis of a population register (see box 4.1). These systems are known to produce up-to-date quality vital statistics, and to foster interconnection of registries, which permits multi-sectoral collaboration. The Estonian Population Register (PR) was not the exception—it was through the PR and the personal identification code (PIC) that public registries were able to connect through X-Road. Box 4.1:  Population Register “A population register is a ‘mechanism for the continuous recording of selected information pertaining to each member of the resident population of a country or area making it possible to determine up-to-date information about the size and characteristics of the population at selected points in time.’” (UNSD – Population Registers) Registration of vital events in the PR are provided in the Vital Statistics Act and carried out at vital statistics offices. These offices are under the responsibility of the Ministry of Finance, and as provided for in the law, can register births and deaths, certify marriages and divorces, and make name corrections in the PR. Local and central vital statistics offices referred to under the law include the following: Rural municipality and city governments County governments 16 Estonia: A Successfully Integrated Population-Registration and Identity Management System Foreign missions of Estonia Population register: Structure and The Ministry of Interior operation While the Ministry of the Interior (MoI) The Estonian Population Register (PR) is a national supervises compliance with the Vital Statistics Act, register. It the largest data repository containing infor- the Ministry of Regional Affairs has established mation on personal data, population composition, and the specific procedure for making vital statistics family events in Estonia. It is a digital database con- entries. Training of vital statistics officers is orga- taining entries on every Estonian citizen, and on every nized by the MoI and county governments. Birth citizen of the European Union, Member States of the and deaths are usually registered at the county level. European Economic Area, or the Swiss Confederation However, rural municipalities and city governments who has registered his or her residence in Estonia, and register births and deaths when there is no county on foreigners who have been granted residence permits government in their territory, and they are compen- or right of residence in Estonia. All the information sated by the state budget for costs incurred (Vital contained in the PR is created and collected in the rel- Statistics Act (2007, P(3). evant legal registry of vital events (birth/death registra- tion, change in place of residence, and so forth). The data are held permanently in the repository without Guiding principles of the Estonian any clauses for expiration. However, the paper records population registration system are kept for 110 years before being stored permanently at the National archives. The Estonian Population Register (PR) meets the crite- The PR contains the following information: ria for an efficient population register system. According with OSCE/ODIHR, (2009) these criteria include the • Name • Death information (place and following: time of death) and, if available, • Place and date of birth place of burial and cause of • Sex death Registration is mandatory for the entire popula- • Personal Identification Code • Marital status (single, married, tion (citizens and legal residents). (PIC) widow/widower, or divorced) The population register is complete and includes • Citizenship status • Parent’s right of custody and citizens living abroad (excluding visitors and • Place of residence guardianship non-legal aliens). • Residence permit (in the case • Person who has restricted of foreigners living in Estonia) active legal capacity The PR is continuous and permanent. Different from a census, the PR collects personal data reg- • Communication details (postal • Family information for the address, phone number, person’s mother, father, ularly, and is permanent under the law. e-mail) spouse, and children Data protection measures are in place, data • Ethnic nationality, mother tongue, education, and area of processing is legitimate, and data security is activity, if they are submitted guaranteed. voluntarily There is only one record per one person. The individual’s personal data is registered in one The Estonian Population Register (PR) began place and one place only. operating in 2002 in accordance with the Population Multiple uses are made of a single registra- Register Act passed in 2000. As mentioned earlier, the tion. There is a legal provision against multiple initial information in the PR was taken from previous registration. population registration databases and the Estonian Population registration and register-based statistics in Estonia 17 national electoral registers (citizen and aliens). It is earlier, the Population Register Act designates the important to note that all of these databases ceased to Ministry of Interior as the chief processor of the PR. It exist once the PR was established, and related data was also instructs the appointment of an authorized pro- transferred to PR archives. cessor of the PR (which is outsourced to an external The main purpose of the PR is to consolidate firm). The responsibilities of the processor include personal data for the government and local municipali- maintaining the PR, processing data, and ensuring ties in order to allow these institutions to carry out their its confidentiality. These functions are performed by primary objectives. These objectives include the realiza- the state-owned company AS Andmevara.22 About tion of a person’s rights, liberties, and public duties. In 17 people are involved at AS Andmevara who work addition, and according to the Population Register Act, exclusively with the PR.23 The functional areas cov- the purpose of the PR is to keep track of the population ered by the personnel of AS Andmevara are software accounts in the country. Among other applications, the development (requiring programmers, developers, data stored in the PR is used for organizing elections, and testers), hardware maintenance (system opera- payment of taxes, and other public duties if their per- tors), and customer management (client relationship formance is related to residency. managers). The technical software is tailor-made for There are three key features of the PR legal the PR. The platform on which the software is devel- framework that are worthy of mention: oped is the Progress Open Edge Relational Database Management System. This is a well-known platform 1. Data must be recorded and stored in the same for relational database management systems capable of place where it is collected, that is, at the desk of handling large data storage and high-traffic loads, and the responsible vital statistics officer. This implies is easily scalable.24 that there is no lag between the time of recording The processing software is used on a daily basis a vital event and storing it in the PR. Officially, by over 500 officials in local and county governments the vital event is recorded when it is entered elec- and embassies. The main application of the software tronically into the PR and is digitally signed by is creating birth, death, marriage, divorce, change of the register officer. name, place of residence registration documents. This 2. Personal data contained in the PR should be used division of functions aims at improving efficiency and by every other public registry. Access to the pri- task specialization. mary data collection of personal data collected The PR adheres to the key principles of guaran- in the PR is forbidden to other agencies. This is teeing personal safety and personal data protection. For a critical aspect of avoiding duplication of infor- that purpose, the Data Protection Inspectorate, jointly mation and maintaining consistency. with the Ministry of Interior, supervises any violation 3. The administrative supervision of the PR is exer- cised by a representative of the following bodies: Data Protection Inspectorate, the Ministry of 22 AS Andmevara is a state authorized company in charge of Economic Affairs and Communications, and the the hosting and technical development of the Population Chief processor (Ministry of Interior). Register (www.andmevara.ee). In addtion to supplying PR back-office services, AS Andmevara provides several IT-realted services for the governmental sector. Physically, the administration of the PR is 23 Personal comunication with the head of the Population located in the Ministry of Interior. The functions of Register. development, maintenance, and customer relations 24 For more information refer to: https://www.progress.com/ are outsourced to AS Andmevara. As mentioned openedge/components/rdbms. 18 Estonia: A Successfully Integrated Population-Registration and Identity Management System to the requirements of processing data in the PR data the form of a birth card, and this is the basis for the protection. The Data Protection Act provides sanctions Estonian Medical Birth Registry (EMBR) (see box 4.2). for any violation by the authorized processor, or by any The birth card is completed for every child (live or still- other person or agency. birth) born in Estonia. These cards are sent monthly in Annual operational costs of the Population sealed envelopes to the registry. Information is gathered Register are approximately 1 million euros (includ- from all health institutions providing obstetric services ing VAT 20 percent), which includes administrative in the country. expenses, software maintenance, data extraction, and A key component of the birth card is the hosting costs. The costs have remained about the same Personal Identification Code (PIC) that it is granted to for the last five years. This represents less than $1 per each newborn at the time of birth. The PIC is assigned person per year. Development costs are not fixed and to each baby based on its sex, date of birth, and a three- are highly dependent on specific needs and changes digit code indicating the order of the birth in the total in the environment. For example, availability of funds number of daily deliveries. These codes change every from European structural funding, and changes in leg- day and are distributed to hospitals in lists. If the baby islation, are the two most relevant sources from which was not delivered at a hospital (this occurs in only changes in the PR’s development costs could emerge. a very few cases in Estonia), the parents need to ask In 2015, the estimated cost for development is approx- a health provider to complete the birth card, or the imately 100,000 euros, but unlike the annual opera- vital statistics officer grants a PIC at the time of birth tional costs, it is not constant over time. registration. Funding for the Population Register is almost Figure 4.1 describes the birth registration path. exclusively provided by the government’s budget. A To register a birth, parents need to submit an appli- small amount of funding is provided through European cation to a Vital Statistics office. The officer has the structural funding and data sales. An example of a recent obligation to register the birth within seven working project paid by EU funds was the digitalization of old days after the receipt of an application, but it is usually registries to complete family information. Another done the same day. Birth registration and creation of a source of income for the PR is conducting surveys, such birth certificate is free, but the cost for a duplicate cer- as socio-economic surveys that require reliable popu- tificate is €4. It is not required that the application be lation data for constructing representative population submitted in person. The application is submitted elec- samples for survey design. Similar applications generate tronically and digitally signed, but should contain the a small, but steady income for the PR. following information requested for birth registration: Name Birth registration Sex Date of birth Birth registration in Estonia is mandatory, but it is Personal identification code also free. Parents are required to register births in the Place of birth and citizenship of the child Population Register at their registration office within Personal identification code of the mother one month of the baby’s date of birth.25 However, the Personal identification code of the father first incidence of registration (the medical birth cer- Right of custody tificate) is typically carried out by health providers, either at the hospital at the time of delivery, or during 25 The law provides for a possible extension to up to two a post-partum check–up. This first baby record takes months. (Vital Statistic Act §3). Population registration and register-based statistics in Estonia 19 Figure 4.1   Path of Official Registration of Births Hospital/ Parents maternity ward Submit birth card within 1 month Submit an application Local vital electronically within 1 month statistics offices 7 days to register in PR Population Medical birth Data coding, inputting, checking register database registry with PR, and analyze Access through X-Road Statistics Birth, stillbirths, and perinatal Estonia mortality statistics The register officer tries to avoid duplicate input using the baby’s PIC. In those instances, in which each of data into the Population Register. By 2015, all hos- parent is already included in the PR, and their marriage pitals have already implemented an electronic birth has also been recorded, the birth registration can be done record, which allows intercommunication with the PR electronically and certified by the PR. However, one of Box 4.2:  The Estonian Medical Birth Registry (EMBR) “The Estonian Medical Birth Registry is a database belonging into the state information system. which maintains information on live and stillbirths, epidemiological research on perinatal illness and mortality, organization of pregnancy and post-delivery health services, and birth statistics”—Public Health Act. The birth medical register (EMBR) was introduced very early, after the middle of 1991, and includes data collected since 1992. Since the commencement of its operations, the information on each birth card received by the birth registry has been entered into a computer, creating a continuous database for health statistics (Anderson, 1994). The EMBR plays a significant role as a complement to the population registration data. “The data to be collected make it possible to measure fertility in Estonia. The gathered data are also used in epidemiologic scientific research, and for organizing of post-delivery health services and birth statistics” NIHD, 2014. Since they were introduced, birth cards have included each infant’s assigned Personal Identification Code (PIC). The use of the PIC both in birth and death registration has made it possible to link birth and death records, a feature that has been used regularly as a check between medical registries and the Population Register (PR). This connection also allows errors to be assessed and the completeness of legal records to be determined. Because the EMBR includes births from non-citizens and non-legal residents as well, it has a larger scope than the PR. A second reason the EBMR has provided additional value is the additional level of information collected in the registry. Unlike the PR, the EMBR includes background information about the mother and father, including: nationality; education; occupation; number of previous pregnancies, miscarriages, and induced abortions; and other characteristics. This information of the mother at the time of birth can help shed light on the factors affecting delivery and perinatal mortality. At the EMBR, the following functions are performed (NIHD, 2014): data coding; Input of data; control and correction of data (in cooperation with health institutions and the PR); standards data processing and data processing to requests; saving data and storing filled forms in archives. 20 Estonia: A Successfully Integrated Population-Registration and Identity Management System the areas Estonia is still working on is the development responsible for registering deaths (similar to registering of a national electronic birth registration. In particular, births) are the county government, local government or it is desirable that such a system be able to transfer elec- city government, and in Tallinn by the Harju County tronically the medical birth records to the EMBR. government or the Tallinn Vital Statistics Office. A key feature of the Estonian population-based In order to register a death, the following infor- registration system is compliance with registration. mation must be submitted: Almost all births are registered within the first month of life. This is due partially to a series of incentives in place Medical death certificate or court decision estab- to generate demand, but also because it is in the interest lishing the fact of death or containing a declara- of parents to have the birth registered. In Estonia, once tion of death a birth has been registered in the PR, a paper birth cer- Identity document of the deceased tificate is not required for any state or local government Petitioner’s passport or ID card offices. This is because all public databases are intercon- nected, and they use the data already contained in the A death registration is prepared and the death PR. A birth certificate might be needed in the case of an certificate is issued by request. Registration of a death institution that does not have an access to the PR, but and the issue of a death certificate are free of charge. The in general, all services for the baby starting with health burial of the deceased cannot commence prior to reg- insurance and childbirth subsidies are linked to the istration of a death at a Vital Statistics Office. As hap- birth’s registration in the PR. Thus, registering a baby pens in the case of birth registration, the register offi- as soon as possible saves time and money. cer updates the population register dataset with this information. A diagram explaining death registration is Death and cause of registration process depicted in Figure 4.2. Death registration is mandatory for every person who has died in the territory, as well as for Estonian citizens Establishing and ascertaining Cause of who have died abroad, and for persons whose latest Death residence was in Estonia. A death registration, certifi- The responsibility for ascertaining the cause of death cate, and the determination of cause of death are pro- (COD) rests with the medical practitioners who pre- vided for and regulated by two laws, the Vital Statistics pare the medical birth certificate. In cases where the Act passed in 2009 and the Establishment of Cause of cause of death is uncertain, or in cases of violent, sus- Death Act, passed in 2005. picious, or sudden death, the law provides for the pos- A death can be registered by any of the follow- sibility of either a pathological or a forensic autopsy.26 ing members of the family at relevant institutions: The cost of the pathological autopsy is financed by the spouse, relative, relative by marriage, person who was Estonian Health insurance fund when the deceased living with the deceased, head of an agency that pro- vided health care service, police official, and other per- 26 When identification is not possible, police can use finger- sons, who have information about the death. To reg- prints for identification. In the 1990s there were about 200 ister a death, an application should be filed with the cases of unidentified bodies; currently there are not more Vital Statistics Office within seven days of the date than 10 in a year, and a special person is in charge of look- of the death or the date on which the deceased per- ing after those cases. Personal communication with Mr. Gleb son was found. Vital Statistics Office branches that are Denissov the head of cause of death registry. Population registration and register-based statistics in Estonia 21 Figure 4.2   Path of Official Death Registration Spouse, relative, person who was living with the decreased, head of an agency that provided heath care service, police official Vital statistic office Vital statistic office Application to vital Physical death Death Entry to PR Funeral statistic office certificate (optional) Information supplied: Time and place of death medical death certificate or court decision; identity document of the decreased; petitioner’s passport or ID card person was a beneficiary, while the forensic autopsy is medical death certificate arrives by mail, the registry financed by the Ministry of Justice. Once the initial codes the COD using the sample of deaths registered cause of death is established, the death certificate can in the PR. The data that need to be inputted are the be provided to the family. Doctors and health institu- cause of death, the WHO ICD-10 classification cod- tions are also obliged to send the medical death certifi- ing, and medical information included in the medical cate to the Cause of Death Registry (CODR) (See box death certificate. This process saves time and the cost 4.3). This registry is part of the National Institute for of digitalizing, which had required an extra person to Health Development, and it is under the governance do it. Currently, the registry has a budget of €50,000 of the Ministry of Social Affairs (MoSA). Based on the that covers salaries for three positions, which include COD Act, the Ministry is the chief data processor for two medical coders, and the head of the registry, but it the COD registry concerning the causes of death. does not cover programming, which is the most costly activity. The underlying cause of death is coded and Death and Cause of Death Registry processed in accordance with WHO standards using The COD registry has the goal of collecting and pro- ICD-10, and a software program called IRIS is used for cessing data to develop national social policy, to eval- selection of underlying cause of death in the European uate the population’s structure and state of health, as Union. The registry conforms to the quality assurance well as to plan preventive actions in the social and pub- criteria of the EU statistical body—EUROSTAT. The lic health area. It has been in operation since January processing time is still slow, requiring about three 2008. Before 2008, the data on cause of death was months because the registry needs to wait for the med- collected by Statistics Estonia. The registry uses both ical death certificates to be sent. Once, the informa- information from the medical death certificate and tion is in the register, the process is very quick. Similar information on the Population Register (PR)27. Every to the birth registry, the process could be much faster week, data concerning recent deaths is downloaded if an electronic death certificate system was in place. by the CODR through X-road and encrypted. The information collected includes personal data names, personal ID numbers (sex and date of birth), date of 27 http://www.tai.ee/en/r-and-d/registers/estonian-causes- death, and place of registration. In this way, once the of-death-registry. 22 Estonia: A Successfully Integrated Population-Registration and Identity Management System Development of this type of system was in the planning Best practices: Population-based phase with the MoSA, but it has been postponed. registration system The interconnection between the PR and the CODR has allowed the identification of errors and At the base of some of these best practices are several chal- ensured better data completeness. The information lenges that Estonia faced and still needs to overcome. The collected is published on the CODR website, but is first was only having a small public administration appa- also sent to Statistics Estonia, which reports mor- ratus available to perform population registration func- tality statistics as well. Other users who have been tions. As a result, the government of Estonia designed granted permission to use COD data are the Genetic a system that efficiently relies on electronic databases, Bank at the University of Tartu; the Research inter-connection, and cooperation. The second challenge Institute of Epidemiology and Biostatistics; and was to move from a citizen-only registration system to The Institute for Population Studies at Tallinn one covering the whole population. Achieving this aim University. Permission to use this data is obtained required time and the establishment of a legal basis for its from the Ministry of Social Affairs in accordance implementation, but more importantly, it also involved a with the Data Protection Act. change in the vision of the country. Best practices Description Electronic and Central Population Register Separating supervision and regulatory functions from operation and maintenance in the Population supported by both a chief and authorized Register (PR) provides transparency, efficiency, and task specialization. By allowing outsourcing of ID processor. card printing and chips, the small team in the MoI can focus on designing, developing, and ensuring data quality. Registration of children at birth, and Population registration in Estonia is designed to follow individuals throughout the life cycle. In contrast ensuring linkage of this data with maternal to a system solely dedicated to identification management, the PR plays a critical role in giving legal information. identities to children starting from birth. The use of the personal identification The Population Register (PR) is used as the backbone of the linkages with other person-related data code for registry interconnection, reducing sources. The latter encompass the different health and disease registries, including the medical birth duplication and allowing data quality checks. registry, the cause of death registry, the cancer registry, and so forth. This also involves interconnection with the health insurance database, and the population census. Cooperation among agencies and clear The population registration system involves at least four ministries and a variety of different agencies, definition of responsibilities and inter-agency but with a sound legal framework, the allocation of responsibilities and collaboration related to all collaboration. agencies involved works effectively. Having a medical birth registry and a This separation allows the PR to limit the collection of personal data, without foregoing the richness cause of death registry separate from the of personal data for specific population, epidemiological, and medical studies. Under clear privacy administrative population registry. protection laws, PR data are often used by myriad of private companies for better rendering their services to end-users. For example, polling companies use PR data to construct valid representative samples, marketing companies for direct mailings, insurance companies to update their databases, etc. 5 ESTONIA IDENTIFICATION MANAGEMENT SYSTEM The structure and operation Estonia has made significant progress in implementing an innovative and inte- grated identification system characterized by its interoperability to other cross-gov- ernment systems. The national Electronic Identification Management System (eIDMS) is governed by the Identity Documents Act put into effect in January 2000. In accordance with the law, it is mandatory for all Estonian residents over 15 years of age to possess an ID card. Possession of an ID card is also mandatory for all aliens who reside permanently in Estonia (Identity Documents Act). This feature distinguishes the Estonian eIDMS from those of other countries, such as Finland, where the ID card is not compulsory. There are no sanctions for not having a card, but as expected, when the first Estonian passports issued in 1992 expired, most people applied for either the ID card only, or the ID card together with an Estonian passport, when renewing their documents in the period from 2002–2006. By the end of 2006, one million cards were issued.28 Currently, the rollout of the ID card is complete and more than 1.25 million ID cards have been issued. A number of studies have suggested that some of the key contributing factors of the success of the Estonia ID system are innovative public procurement, public sector competen- cies and leadership, adequate funding and legislation support, and the development of information technology infrastructure. 28 The Estonian ID card and digital signature concept. http://www.id.ee/public/The_Estonian_ ID_Card_and_Digital_Signature_Concept.pdf. 24 Estonia: A Successfully Integrated Population-Registration and Identity Management System The primary element in the system is the Personal However, a distinct characteristic of the EDPI is Identification Code (PIC). This unique identifier has its independence. The data inspectorate is founded on been the core element of the national identity system a commissioner model in which, despite being under since 1992, following Estonia’s full independence from the governance of the Ministry of Justice, the head of the Soviet Union, when it was issued for people seeking the inspectorate is independent. Therefore, the direc- to enter the system for first time (for example newborns tor has the authority to recruit all staff, and to deter- and new residents). In 2002, the PIC had already been mine priorities and work plans. Moreover, the director included on the country’s ID cards and was recorded reports directly to a parliamentary committee and the when the ID cards were issued and the data were col- Chancellor of Justice (EDPI, 2013). lected in the identity documents database. This registry The EDPI protects the fundamental principles is checked for conformity with the Population Register for personal data protection that were granted by the (PR) and the information between both registries is Constitution in 1992. These rights are as follows: shared. Hence, the PR contains information on iden- tity documents as well. The right to obtain information about the activ- Identification management is under the respon- ities of public authorities sibility of the Police and Border Guard Board (PBGB) The right to inviolability of private and family in the Ministry of Interior. The Board is responsible life in the use of personal data for running the day-to-day activities of identity man- The right to access data gathered with regard to agement, including data management, issuance of oneself documents, communication and demand generation activities, and the maintenance of supporting infra- Similarly, the Public Information Act allows structure. Like the PR, the eIDMS outsources ID card people to see who has access their information. preparation and printing and uses a partner firm called Authorized users need to register and mark every infor- Gemalto for these functions. mation request. The Data Protection Act is in confor- mity with the Council of Europe Convention 108 for the Protection of Individuals with regard to Automatic A constitutional right: Personal data Processing of Personal Data and its Additional Protocol, protection and the Directive 95/46/EC of the European Parliament and of the Council (EDPI, 2013). A critical legal figure in the Estonian identification The EDPI has 18 employees, all of whom are and population-registration system is the Estonian civil servants. Its budget in 2012 was about €630 Data Protection Inspectorate (EDPI). This legal body, mil. This budget does not include IT development established in 1999, is governed by the Data Protection or management, which are covered by the Centre of Act (2006) and is the supervising agency of the Public Registers and Information Systems that also manages Information Act as well. The primary goal is protect- the Inspectorate IT component (EPDI, 2013). ing individuals’ constitutional rights to privacy, and ensuring the transparency of the activities of the State. The agency is under the governance of the Ministry of Personal ID code (PIC) Justice. The director is appointed by the government after a competitive selection, as is the case for other The personal ID code (PIC), which is issued by senior civil servants. The nomination is made in con- the state through the Ministry of Interior, uniquely sultation with the Parliament. identifies people with permanent residence status Estonia Identification Management System 25 in Estonia. It is the only unique identifier used in Personal Identification Code Figure 5.1    Estonia; no other competing or alternative identifiers Structure are available. The standard for the PIC was developed as early Personal ID number as 1990 and has provided a crucial foundation for 47804250315 the successful launch and functioning of the Public Sex Control number Register (PR). Personal identification codes are formed 1 1800–1899 man Calculated for newborn children. foundlings, applicants for resi- 2 1800–1899 woman 3 1900–1999 man dence permits and right of residence, and citizens of Serial number 4 1900–1999 woman Time of birth Born in same day the European Union, Member States of the European 5 2000–2099 man yy.mm.dd Economic Area and the Swiss Confederation upon first 6 2000–2099 woman (25. April 1978) registration of their residence in Estonia. The PICS are Source: Estonian Ministry of Interior. formed as well for Estonian citizens with no personal identification code, and persons concerning whom a vital statistics entry is prepared. Electronic Identification card (eID) For those born in Estonia, the personal ID code is assigned automatically at birth by the institution The Electronic Identification Card (eID) is not only responsible for collecting and providing vital statis- a physical identification document, but also has elec- tics (that is, the maternity hospital or the institution tronic functions that facilitate secure authentication in charge of registering family events such as births, and legally binding digital signatures. Issued since deaths, marriages, divorces, changes in postal address, 2002, about 1.25 million of these credit-card-sized and so forth). The communication between the autho- personal identification documents are valid, allowing rized institution and the PR formerly was conducted citizens to digitally identify themselves and sign doc- off-line by conventional non-electronic means, such uments or take actions. ID cards are compulsory for as using physical signatures and relevant forms. Since all citizens and they are equally valid for both digital January 1, 2007, all PICs have been issued digitally and physical identification. Due to their convenient using a special information system directly linked to size –ID1 (they fit better than a passport into a regular the PR. The legal basis for issuing PICs and their link- wallet), they are more often than not the only identi- ages to the PR are regulated by the Population Register fication document that people regularly carry around. Act and the Decree of Creation, Issuing and Delivering Physically, they are valid for identification in Estonia, of Personal ID Codes. but more importantly, they are also valid for travel A PIC consists of 11 numbers as follows: the first in most European Union, European Economic Area number defines the person’s gender and the century the countries and Swiss Confederation. Thus, in addition person was born in; the second and third numbers are to their primary functionality—digital identifica- the year of birth; the fourth and fifth numbers are the tion—these ID cards are effectively used as replace- two-digit month of birth; the sixth and seventh num- ments for traditional identification documents (see bers are the day of birth; the eighth, ninth and tenth Figure 5.2). numbers represent the order number for those born Digital identity requires adequate certification on the same day; and the eleventh number is a control and time-stamping services by a trusted authority. The number calculated according to a specified standard eID card uses a double certificate standard (the authen- (refer to figure 5.1 for a graphical overview of the com- tication and digital signature certificates accessible via position of PIC). PINs). Authentication certificate is used when the ID 26 Estonia: A Successfully Integrated Population-Registration and Identity Management System Figure 5.2    Estonian Electronic ID-card available publicly as certificates are considered a public benefit.29 The application of the ID-card is initiated either in Service Offices of the Police and Boarder Guard Board (for domestic application) or in foreign repre- sentations of the Republic of Estonia by post or by email. Documents required for application include an application form that can be filled out either on paper or digitally, an existing identity document, a color photo and a document certifying the payment of state fee (about €25 depending on the age and status of the applicant). Source: Estonian Ministry of Interior. The steps involved in issuing an ID card are (Figure 5.3)30: holder wants to inform a service provider about his/ her identity. By law a token plus knowledge (PIN1) is 1. ID-card application in person, mail or by email needed to authenticate a person. In this way a service when signed digitally provider will be able to decide whether such a person 2. Eligibility check (data and documentation will be eligible to access the service or not. In case when check). If ineligible the ID card is refused a holder wants to express his/her will—authorize a 3. Application information check and print order bank transfer, sign an agreement or some other docu- send over a dedicated data-exchange service. ment but also any information in file format—a digital All steps along information on the civil servant signature will be used. Access to digital signing process involved in the process are captured in the infor- is available via using PIN2. mation system The certificates on the ID are the key features of 4. Card personalization when personal data is the eIDMs and where the public-private partnerships engraved in the card body and PKI key pair have been so effective. In Estonia, ID cards are manu- of authentication and digital signature are cre- factured by Trüb and the software has been procured by ated and certification requests are sent to the Ministry of Economic Affairs and Communications. Certification Service Provider (SK). Certification is outsourced to the private company AS 5. Certification Service Provider will create authen- Sertifitseerimiskeskus (SK) established in 2001 by the tication and digital signature certificates and will two largest commercial banks (Swedbank and SEB send them back to the personalization where the Bank) and Estonian Telecom. SK is a key partner to certificates and personal data file will be stored Estonian state in issuing certificates to digital iden- in the chip of the card. tity documents (ID-card, residence permit, digi-ID 6. Personalized ID-cards are sent by PBGB courier and mobile-ID) along with relevant timestamping to the service offices. services. It has developed a baseline software called DigiDoc which enables the usage of digital signatures, checking the validity of digital signatures, encryption 29 ID software can be downloaded here https://installer. of documents and data using personal digital ID. id.ee/?lang=eng. The authenticity of the certificates can be checked in 30 Figure and information provided by Mr. Helar Laasik – real time as the public key of the Estonia eID PKI is Chief expert. Police and Border Guard Board. Estonia Identification Management System 27 Figure 5.3   Process of Issuing an ID Card Growth of Digital Figure 5.4    Authentications and Application for Signatures over Time an ID-card 8,000,000 Refusal Status check 5,000,000 4,000,000 Data Error correction, Correctness handling of 2,000,000 check deficiencies 0 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 Print file No. of authentications No.of digital signatures Keypairs generation and certificate requests preparation The average annual growth rate over 14 years (from Visual Certificates personalisation creation 2002 to 2015) has been approximately 6.4 million Chip personalisation authentications per year and approximately 3 million signatures per year. In other words, the growth rate for digital identification is about two times that of digital Logistics signatures between August 2012 and March 2015. (see figure 5.4). Issue e-Residency The ID-card is issued within 30 days in person Since May 2015 Estonia initiated a completely new in the Service Office or foreign representation office. form of digital identification—the e-Residency. The The ID-card can also be applied to in expedited order idea behind e-residency is to offer people from all within 5 working days. over the world a means for digital identification and The first ID-cards were issued in January 2002. thereby grant secure access to leading digital services By June 2015, digital ID-cards had been used approx- developed in Estonia, including the opportunity to imately 353 million times for personal identification give digital signatures in an electronic environment. and 222 million times for digital signatures.31 The The latter is legally compliant with the face-to-face Digital Signature Act was passed on March 8, 2000, and it entered into force on December 15, 2000. The law regulates issues that are essential for implementing a nationwide Public Key Infrastructure (PKI) and digi- 31 Digital signatures are regulated by the Digital Signatures Act. tal signature infrastructure. A digital signature by law is This act is available at the following online address: https://www. the equivalent to a handwritten signature for any pub- riigiteataja.ee/en/eli/508072014007/consolide. Also refer lic or private document, and public agencies are now to the Identity documents Act: https://www.riigiteataja.ee/ required to accept electronically signed documents. en/eli/504112013003/consolide. 28 Estonia: A Successfully Integrated Population-Registration and Identity Management System identification and handwritten signatures in the Best practices: eIDM system European Union. Best practices Description An e-resident is a physical person of any citi- zenship in the world who has received the e-residents Mandatory Compulsory identification in Estonia created the platform for universal identification. This digital identity. Digital identity is provided with the purpose of identification was not population help of a smart ID-card that has no photo, but comes control, but to create a system in which the with the microchip with security certificates managed ID card was a key component for accessing public services. This would not be the centrally by SK. The two factor identification, sim- case if not having an ID was seen to be ilar to the Estonian native ID-card, in combination discriminatory under the law. of smart card reader and the small computer program Data Protection Data protection is a system guiding principle achieved through the enactment allow the access to digital identification services. The of the Data Protection Act, and the latter comprise of digital signatures, launching and establishment of a Data Protection Inspectorate dedicated to defend citizens’ managing companies, do the online banking, encrypt constitutional rights to privacy and access files, etc.32 to public information, and to foster trust The costs associated with issuing individual ID and transparency. The independence of the Inspectorate has been key for its supervisor cards are as follows: role. Security – double The eID card uses a double certificate PBGB service certificate standard (the authentication and digital offices in In foreign signature certificates accessible via PINs). Estonia representation The certificates on the ID are the key features of the eIDMs and is an area in Persons under 15 years of age; 7€ 10 € which public-private partnerships have been extremely effective. Persons with moderate, severe or The Public Information A key feature of the system has been profound disability; Act allows people empowering citizens with the potential to A person who has attained to see who has manage and control their own personal Estonian general pensionable age requested access to information, but it has also enabled them their information. All to obtain public information. Hence, the Starting from age of 15 25 € 50 € authorized users need to ability to track who has accessed their register and mark every information, and acted upon it. ID-card in expedited order 45 € Cannot be applied information request. The ID card has a dual This double function has led the ID card to purpose, providing be widely used by the population facilitating both legal identity the ID card take-up and generating and Identification for demand at the same time. accessing services and supporting digital signatures Training and demand Estonia carried out several activities to generation inform and assist the population in using the ID card and the internet. Some of these 32 More information on e-residency is available at: www.e-esto- are focused on specific population such as nia.com/e-residents. the senior citizens. 6 X-ROAD: THE BRIDGE BETWEEN PR, ID CARD AND SERVICE DELIVERY I n addition to the legal framework, and the introduction of a personal identifica- tion code (PIC), the interconnection between the Population Register (PR) and identification management systems (IDMS) was operationalized by X-Road—an innovative data exchange platform behind eGovernment. X-Road was introduced in 200133 and was originally designed to standardize the usage of public databases through a standardized interface over the Internet for informa- tion queries. Estonia had started developing public sector databases in the early 1990s, and the connection with other databases prompted individual ministries to develop their own interfaces. With X-Road, only one single solution was neces- sary to provide interconnection among governmental agencies. The development of this platform showed the advantageous role of public-private partnerships in Estonia. At least eight private companies, IT firms, and commercial Banks par- ticipated in the project.34 Between 2001–2003 development cost was approxi- mately $2 million (Kalha, A, 2003). Over time, X-Road became an adaptable scaled-up tool that allows users to transmit large datasets, perform searches across several databases, and interconnect registries. In 2013, more than 2,000 services 33 “X-Road is a technical and organizational environment, which enables secure Internet-based data exchange between the state’s information systems. Pursuant to the Public Information Act, the exchange of data with the databases belonging to the state information system and between the databases belonging to the state information system shall be carried out through the data exchange layer of the state information system. The X-Road platform allows insti- tutions/individuals to securely exchange data as well as to ensure people’s access to the data maintained and processed in state databases.” https://www.ria.ee/x-road/. 34 Softshark Ltd. Cybernetica Ltd.,IT Meedia Ltd., Cell Network Ltd. Andmevara Ltd. Reaalsüsteemid Ltd AA Arendus Ltd. And commercial banks. 30 Estonia: A Successfully Integrated Population-Registration and Identity Management System Population Register (along with many other Registries) Supplies Vital Figure 6.1    Information to All Public E-services via X-Road were provided using X-Road, more than 900 organiza- One of the central benefits of X-Road is that it tions used the platform daily, and over 170 databases, dramatically minimizes the necessity for repetitive data including both public and private, were used to pro- entry from the client side and enhances the reuse of data vide services through it.35 collected during previous interactions between the state X-Road serves as a platform for application and the citizen. In fact, Estonia’s Public Information development by which any state institution can rela- Act36 prohibits the establishment of separate databases tively easily extend their physical services into an elec- for the collection of the same data. Both implicitly and tronic environment. For example, if an institution, or in practice, this results in state institutions not being a private company for that matter, wishes to develop able to repetitively ask for the same personal informa- an online application, it can apply to join the X-Road tion if it is already stored in any of the data repositories platform and thereby automatically obtain access to connected to the X-Road. any of the X-Road services. X-Road offers a seamless point of interaction between those extending their ser- vices online and a variety of state-managed datasets and services. The conceptual logic of the X-Road is depicted 35 https://e-estonia.com/component/x-road/. in figure 6.1. 36 https://www.riigiteataja.ee/en/eli/522122014002/consolide. X-Road: The bridge between PR, ID card and service delivery 31 Figure 6.2   Information Sources into Population Register Population registrer information sources Local Governments Citizens Clerics Foreign birth, death, address statistical data marriage Hospitals Ministry statistical data, ID code, EU foreign documents diplomat citizens residence permit medical birth passports certificate Notaries Representations marriage, divorce, Population Register foreign documents address, statistical data, foreign documents Courts County Governments judgements birth, death, marriage, Estonian divorce, new given name, Police and Border Guard Board Government data from archive, statistical Internal citizenship data, ID code ID document residence permit citizenship Ministry new given name Road Administration driving license Source: Population Register internal proceedings. In addition to citizen-state interaction, X-Road provides a standardized connection protocol of differ- is particularly suitable for queries involving multiple ent data repositories from public as well as private sec- agencies and information sources. For example, check- tor to institutions that are interested in rendering their ing vehicle registration data requires data retrieval from services online. Other vital components to Estonian the Population Registry and a vehicle registry—the e-services ecosystem, like public official portal (MISP), two unconnected data repositories. According to the citizen front-end (ww.eesti.ee) as well as digital ID ser- State Information System’s Authority, the conventional vices are all linked into one seamless workflow through offline approach would require three police officers the X-Road data exchange protocol. working on the request for about 20 minutes. With the X-road platform, the entire information retrieval is conducted by one police office within seconds. At the Population register and e-government same time, citizens are not even required to carry their services driving license or car registry documents with them because the information system that the police uses dis- The role of the Population Register (PR) in supplying plays the status of these documents in real time. public e-services to Estonian citizens is central. Prior to Naturally, this open design is accompanied by rendering almost any service over the Internet, almost rigid security measures—authentication, multilevel all services require information stored in the PR. For authorization, high-level log processing and monitor- example, by voting online, the voter’s list (those eligible ing, encrypted and time stamped data traffic—the basic to vote) is verified upon the data request to the PR. functionalities that are covered within the very struc- Similarly, checking a driver’s license by a police officer ture of X-Road. In Figure 6.1 we depict the architecture requires an information system to make a request to of the X-Road system, where this data exchange layer the PR in order to verify the resident status of a given 32 Estonia: A Successfully Integrated Population-Registration and Identity Management System Parental Benefit Application Figure 6.3    The Share of Platforms Figure 6.5    System Making Queries to the Population Register 100% 90% 19% 21% 25% 26% 23% 29% 80% 70% 60% 50% 40% 70% 68% 77% 72% 75% 64% 30% 20% 10% 0% 5% 6% 6% 4% 4% 4% 2013 q4 2014 q1 2014 q2 2014 q3 2014 q4 2015 q1 Population registry web X-road Family register person. As the role of the PR is so influential in supply- ing public e-services, we illustrate its position within the entire ecosystem of Estonian e-services with three an option to apply for a parental benefit.37 As one can diagrams. First we look at agencies supplying infor- see, the citizen interacts with the government through mation to the PR (figure 6.2); second we depict its the Citizens’ Portal (which is the access point to most position within the structure of X-Road that enables of the governmental e-services); the civil servant (if at dynamic supply and development of e-services (figure all) works through the mini-information system por- 6.3); and finally we look at the specific example of pro- tal (MISP), and the X-Road provides the access to all cessing parental benefit applications online (figure 6.4). relevant data repositories that are needed to accom- Figure 6.3 shows how many interfaces and plish the goal—in this case process the parental benefit datasets are jointly working to provide parents with application. Figure 6.4 indicates the importance of the Population Register in e-governance, and shows the Growth of Queries Made Figure 6.4    nominal growth of queries made over time to it. As to Population Register over one can see, the amount of requests is quite modest in Time the first three to four year after which the amount of 80,000,000 data supplied by PR exponentially increases reaching 75,627,240 70,000,000 its peak value in 2014. Thus, the PR is not only a pop- 60,000,000 ulation repository, but it plays an important role in the 55,882,746 50,000,000 delivery of e-services in Estonia. It is indeed at the core 40,000,000 42,380,420 of the system e-services. 37,254,879 30,000,000 The dominance of X-Road in supplying relevant 20,000,000 20,218,901 information to interested parties online is depicted in 10,000,000 4,339,165 13,070,813 figure 6.5. It shows the share of queries that are made 8,593,885 0 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 37 Retrieved from: https://www.ria.ee/public/x_tee/Xroad- technical-factsheet-2014.pdf. X-Road: The bridge between PR, ID card and service delivery 33 to the PR by different sources indicating the dominance changing place of residence—are all the kind of request of X-Road. However, Family Register still generates siz- that are handled through the Family Register. The lowest able amount of traffic in its own right showing that data share of traffic comes directly through PR, which is still requests to accommodate personal information inquires non-negligible. The information requested from the PR has to be provided, too. For example, marriage, change of directly is related to other services, such as health insur- name, change of custody, registering a birth or a death, or ance, kindergarten enrollment, or social benefits. 7 KEY ENABLERS AND CRITICAL SUCCESS FACTORS FOR INTEGRATION I n understanding the Estonian success with system integration, it is important to note that neither the identification nor the population registration systems were conceived in isolation of each other. This is important because the holistic view that the government utilized in developing all these necessary components had the ultimate goal of improving public services delivery and ensuring public adminis- tration efficiency. Thus, the integration process followed a systemic view where all pieces had a function, and they operated in unison rather in isolation. In addition to the good practices already mentioned, there were three main enabling factors that paved the path for system integration: sound and comprehen- sive governance and legal frameworks; the Public Key Infrastructure (PKI); and Public-Private Partnerships (PPP). Governance and legal framework Estonia‘s Identification Management System (IDMS) and Population Register (PR) are governed by sound legal frameworks. Good governance and stability have allowed Estonia to solidify the development of the IDMS and eGovernment with appropri- ate legislation. Therefore, while the fundamental principles of data protection, pri- vacy, and mandatory ID cards did not change, the legal basis for them has evolved in parallel with the new digital solutions. Because Estonia was a pioneer in develop- ing technological solutions, it was also a forerunner in establishing legal provisions required to back them up. Thus, the legal basis was designed to work seamlessly with technological solutions in Estonia. For example, when a new public e-service is developed and made accessible via the X-Road, one of the central benefits is that it 36 Estonia: A Successfully Integrated Population-Registration and Identity Management System dramatically minimizes the necessity for repetitive data raised the number of public Internet access points from entry from the client-side, and enhances the reuse of 200 in 2001 to about 700 in 2004. Through the years, data collected during previous interactions between the the consortium worked hand-in-hand with the public state and the citizen. For example, if a citizen’s age is sector, and in 2001, Look@World consortium members stored in the PR, her eligibility for voting, or driving, agreed to facilitate the widespread use of ID-cards. Later, and so forth will be checked automatically. Clearly, while in 2002, private banks were given the right to deliver a simplified example, it shows how information stored digital ID-cards in their offices. Effectively, the choice in one repository can be reused by another. Moreover, to steer the country toward the new technologies was a Estonia’s Public Information Act38 prohibits the estab- political one, but it was also supported and funded by lishment of separate databases for the collection of the the private sector in the early days. same data. Both implicitly and in practice it means Since technology is the primary enabler of e-gov- that state institutions cannot repetitively ask for the ernance, the critical question is how to ensure secure same personal information if it is already stored in any communication between scattered government data- of the data repositories connected to the X-Road. This bases and institutions that use different procedures and is an example of interconnectedness between enabling technologies to deliver their services. Estonia’s solution technologies and regulatory acts designed to work for a to this problem was to develop the X-Road, a secure common goal—better citizen-state interaction. Internet-based data exchange layer that enables a state’s Table 7.1 lists the norms most relevant with different information systems to communicate and regard to the Estonian IDMS and jointly provide the exchange data with each other. Estonia has also become foundation for digital identification and authentication. well known for both fostering a strong digital economy, while at the same time providing robust protections for citizen rights. E-government services have made Estonia Information technology and Public Key one of the world’s most attractive environments for Infrastructure (PKI) tech firms, start-ups, incubating online powerhouses, and others. Furthermore, Estonia’s success has made it The Government of Estonia played a critical role in a strong example of the importance of establishing the facilitating the use of the Internet and information and strong political will and leadership necessary for pursu- communication technology (ICT), which enable the ing these type of reforms. Among the associated bene- development of digital solutions, the use of an elec- fits of technology that Estonia showed are: tronic card, and the application of X-Road. The Public Key Infrastructure (PKI) penetration in Estonia is over Adoption of rigid security measures for techno- 80 percent as follows: logical applications—authentication, multilevel authorization, high-level log processing and Internet banking: 99 percent monitoring, encrypted and time stamped data Mobile penetration: >100 percent traffic 1000+ free Internet access points Linkage of PIC and PR as foundational systems, via the ‘X-Road’-type of middleware, to a vari- The largest public-private partnership project in ety of public applications to allow institutions to Estonia to this day is the Look@World project started in develop their own services independently with- 2001. As an outcome, more than 100,000 individuals, out repetitive data collection that is, about 10 percent of the Estonian adult popula- tion, were taught to use and understand ICTs. The project 38 https://www.riigiteataja.ee/en/eli/522122014002/consolide. Key enablers and critical success factors for integration 37 Table 7.1  Category Description Legal document Information /data The legal framework stipulates who is responsible and who can Public Information Act (2000) access the data. Data Protection Act (2006) In addition to technology and architecture, Estonian IDMS is strongly regulated by legal instruments that provide framework for security and protection of personal data. Moreover, these norms regulate the process by which institutions, individuals, and companies can request and receive access to information stored in government databases. Data protection The aim of this Act is to protect the fundamental rights and freedoms Personal Data Protection Act (1996) of natural persons upon processing of personal data, above all the right to inviolability of private life. This Act provides for: 1) the conditions and procedure for processing of personal data; 2) the procedure for the exercise of state supervision upon processing of personal data; and 3) liability for the violation of the requirements for processing of personal data.1 Mandatory identification This Act establishes an identity document requirement and regulates Identity Documents Act (1999) the issue of identity documents to Estonian citizens and aliens by the Republic of Estonia. An identity document) is a document issued by a state authority (Ministry of Foreign Affairs (Diplomatic Passport), Police and Border Guard Board (all other identity documents)) in which the name, date of birth, personal identification code, a photograph and the signature or image of signature of the holder are entered. Access to public information The purpose of this Act is to ensure that the public and every person Public Information Act (2000) has the opportunity to access information intended for public use, based on the principles of a democratic and social rule of law and an open society, and to create opportunities for the public to monitor the performance of public duties.2 Population registration This Act provides for the composition of data in the Population Population Register Act (2000) Register and the procedure for the introduction and maintenance of the Population Register, processing of data and access to data in the Population Register, entry of data on residence in the Population Register and exercise of supervision over the maintenance of the Population Register.3 Digital signature This Act provides the conditions necessary for using digital signatures Digital Signatures Act (2000) and digital seals, and the procedure for exercising supervision over the provision of certification services and time-stamping services.4 1 https://www.riigiteataja.ee/en/eli/512112013011/consolide. 2 https://www.riigiteataja.ee/en/eli/514112013001/consolide. 3 https://www.riigiteataja.ee/en/eli/516012014003/consolide. 4 https://www.riigiteataja.ee/en/eli/530102013080/consolide. Development of means for digital identifica- The role of Public-Private Partnerships tion of citizens, including compulsory digital (PPPs) identification Introduction of digital ID followed by active, Public-private partnerships (PPPs) have played an not passive, efforts to provide services to boost essential role in innovation and technology devel- the usage and benefits of digital-ID. opment in Estonia. These partnerships have allowed 38 Estonia: A Successfully Integrated Population-Registration and Identity Management System growth in areas where large investments are required, firms in supporting a data exchange layer platform, but where public resources are scarce. For example, the eGovernment would not be possible. In addition to government achieved universal connectivity through initial technological developments, private compa- a concession agreement with the Estonian Telephone nies have continued to support the development of Company that focused on rural areas (Figueres-Olsen, modules for X-Road for public agencies. The trans- José María, and Fiona Paua 2003). In the area of ID fer of technology has been also possible due to these and eGovernment, there have been key partnerships PPPs. In terms of implementation, the printing and with the private sector to develop digital solutions for the chip for the ID card are outsourced to a private the eID certification chip, the management of digital company. Estonia does not have specific rules to reg- signatures, and more importantly, the development of ulate PPPs, but all are managed through the Public X-Road. Without the participation of ICT and iTech Procurement Act. 8 APPLIED CASE: IMPROVING HEALTH CARE DELIVERY THROUGH AN INTEGRATED IDENTIFICATION SYSTEM Overview of the Estonian health system Estonia’s health care system is composed of the Ministry of Social Affairs and its agencies, the Estonian Health Insurance Fund (EHIF), the Health Board, and the National Institute for Health Development (NIHD). The Ministry of Social Affairs plays a central role in developing national health plans, overseeing the adoption of national legislation, establishing regulations, and ensuring quality assurance con- trols for the whole sector. In conjunction with the Ministry, the EHIF, as the major purchaser of services in the country, plays a significant role in controlling health care costs, and ensuring adequate access and quality assurance across contracted providers. Estonia’s health care is based on a compulsory social health insurance scheme, built on the principle of social solidarity. As a result, health care is provided irre- spective of a person’s capacity to pay, social contributions, or status. The scheme finances an established publicly funded package of services through social contribu- tions in the form of payroll taxes (about 13 percent). Uninsured individuals without 40 Estonia: A Successfully Integrated Population-Registration and Identity Management System a labor income or social contribution have access to the EHIF and five health-related registries (birth, COD, health services supported by an additional state con- Abortion, Cancer, Tuberculosis and Drug treatment)40. tribution. The EHIF operates the national compulsory The EHIS collects information from patients and health insurance scheme since 2002 covering 95 per- providers (public and private) through various channels. cent of the population.39 Both public and private health At aggregated level41 it receives information from regis- care providers are contracted by the EHIF. tries and health care providers which are obliged to file Health service delivery in Estonia is organized quarter and annual reports on services provided as well around primary health care—a primary doctor that as health inputs. On the other hand, the system com- serves as gatekeeper for secondary and tertiary levels piles information at patient level, through the ehealth of care. In general, a primary health doctor can have solutions (e.g. electronic medical records). The health between 1500 and 2000 patients in their area. Secondary information system is overall a central repository con- and tertiary care are provided in private clinics, poly- taining patients’ and providers’ health data, and as such clinics, and hospitals. All hospitals in Estonia are estab- personal data privacy and security are critical42. Here, lished as limited liability companies, mostly owned by the integration of eIDMS and PR have demonstrated municipalities or the State. Today, Estonia’s health care being central. For instance, X-Road is used to exchange system comprises about 74 hospitals, and a ratio of 78.6 information in the system with external parties and primary health doctors per 100,000 habitants. accessing the data portal requires the two-factor authen- The financial crises in 2008 prompted a series tication method (ID-card and PIN). Furthermore, all of structural and organizational reforms, including inquiries in the system are recorded based on personal making primary health care the center of service deliv- ID and logs are recorded for all activities, and digital ery, and reorganizing the hospital network. The hospi- signature or digital stamp is necessary for all medical tal reform aimed at reducing the number of hospitals documents preventing changes or modifications. inherited from the Soviet period, increasing bed occu- The interface of IDMs and the population pancy levels, and reforming other type of hospital ser- register is also playing a significant role in integrat- vices, such as long-term care. Today, Estonia has reached ing the country’s health information system. Having European levels in inpatient indicators, but the focus is still on improving the use of the current infrastructure, improving patient pathways and quality of care. 39 All Estonia citizens and legal residents are eligible for health insurance. 40 The Health Protection Inspectorate, Social Insurance Board, State Agency of Medicines and Statistics Estonia are likewise ehealth: an integrated health providers and users of the information system. information system 41 Since 2008, health service providers are obliged to provide information on services provided and inputs. The Health Estonian health system information system (EHIS) Statistics Department compiles, processes and analyses is governed by the Health Services Organization Act aggregated information in regular basis of 1,400 health care and it is under the authority of the Ministry of Social facilities which provide quarter and annual reports to HSD Affairs. Several institutions are involved in its opera- via an internet-based data compiling system. This allows for aggregated data statistics on morbidity, service delivery, tion including: the Ministry of Social Affairs, Estonian and inputs of the system. Yearbook of the Estonian eHealth eHealth Foundation—developer and administrator of Foundation , 2014, http://www.e-tervis.ee/images/stories/ the National Health Information Exchange (HIE) plat- eng/yearbook/2014/Yearbook2014.pdf form; the Health Statistics Department (HSD) at the 42 For a complete review of ehealth services please see the year- NIHD in charge of health statistics in Estonia, as well as book of Estonian e health Foundation, 2014. Applied case: Improving health care delivery through an integrated identification system 41 e-Prescription in Estonia Electronic Prescription (e-Prescription) was launched in 2010 with the objective of making digital prescriptions possible for every doctor, and ensuring every pharmacy in the country could process electronic prescriptions. The project was developed by EHIF took five years and involved several stakeholders (hospital managers, GPs, private sector, pharmacy software companies). Currently 99% of all prescriptions in Estonia are electronic, and it is considered the most popular eService in the country. Issuing medical prescriptions have benefited patients, providers and pharmacies. Before the system was implemented, patients were required to pick up refill prescriptions or those prescribed by telephone at doctor’s office. Using standard electronic data exchange environment have allowed medical practitioners to submit the prescription to a central prescription center. The e-prescription is then immediately accessible in every pharmacy on a patient’s request. Patients can then pick up their prescriptions directly in the pharmacy using the ID-card reducing the opportunity cost of traveling to the doctor office, but also have contributed to a more transparent prescription process. Patient can actually see the log-file for every prescription, and electronic information promotes monitoring and better prescription habits. Doctors, on the other hand, have the possibility of checking patient’s medications history (for all providers) and have access to the automatic calculation of the correct rate of reimbursement on medications compensated by the Health Insurance Fund. The family doctor can also automatically check the health insurance status of the patient by making a relevant query to the Population Registry. This query at the same time retrieves relevant personal information for the PR and automatically fills in the required fields in the e-prescription formula without the need to complete additional documents or submit again any of the information already stored in the PR. The pharmacy simply retrieves the prescription from the e-health system and reports back to the system that the medication was delivered to the patient. Because part of the form has been already filled by the doctor, the prescription is almost ready for e-invoicing by the EHIF. The entire process is conducted online using the digital ID card without any need for using paper-based documents a unique ID serving as well as unique patient ID eHealth Foundation—a separate agency responsible for permits following patients through their clinical developing ehealth services and for managing the EHIS pathways allowing timely exchange of vital informa- and its associated database and data exchange system. tion across different providers and avoiding dupli- Currently, 98 percent of the population have documents cation of tests. This interface has been extremely in the electronic central system, whereas 750,000 people’s useful in the eHealth environment. The nation-wide information have used by medical personnel. The number health information exchange platform was initiated of providers feeding information has been increasing—in in Estonia in 2005 after the Ministry of Economic 2014 an estimated 86 percent of doctors forwarded infor- Affairs allocated structural funds to develop four mation to EHR. However, the system is still working in ehealth projects: improving patients’ usage, quality of data provided by gen- eral practitioners, and data retrieval and view. Electronic Health Record (EHR) (1.6 mill €) Estonia’s health care system has capitalized on the Digital Images(0.2 mill €) eservices platform part of the eGovernment43. The elec- Digital prescriptions(0.2 mill €) tronic health record that was initiated in 2008, along Digital registration(0.24 mill €) with other e services such as digital image of clinical tests, The development of these eSolutions was gradual (2005–2008) and was accompanied by the creation of the 43 https://www.haigekassa.ee/en/digital-prescription. 42 Estonia: A Successfully Integrated Population-Registration and Identity Management System e Consult , the possibility to have a health certificate protection of children from birth. Since the PR connects deliver to the patient and the recipient institution, and with the EHIF dataset to communicate new births and e-prescription44, have increased efficiency by limiting deaths, all new births recorded in it are automatically the administrative load of doctors, accessing time-criti- included in the list of EHIF beneficiaries. This allows cal information, and automating data collection. uninterrupted and regular access to health services. It also provides an incentive for parents to register their children since this facilitates obtaining pediatric care. Interconnection of the health insurance This is only possible because the EHIF is autho- registry and the population register rized to have access to the PR though X-Road. Patients’ personal information, such as age, gender, address, and The EHIF participates in the eGovernment platform by parents’ information for children, are obtained from providing eservices. It also collects patient information this source, thus avoiding duplication of information in in a specific registry—the Health Insurance Registry. the registry. The PR, however, is not allowed to obtain This dataset is accessed via X-road. Patients are allowed information from the EHIF registry. to check their information in the registry using their Some additional benefits of the integration are Electronic Identification Card (eID) and authentica- as follows: tion. They can review their past doctor visits and current prescriptions, control which doctors have access to their files, and receive answers to general health requests. They • Cost-savings have resulted from having complete registries, also can determine who has access to their health record avoiding duplication of information, and facilitating the identification information, and review their health insurance status. of families for health insurance. Each person with health insurance coverage is included • The EHIF registry also plays a role with other social benefits, such as unemployment benefits and sick leave. In these two cases, in the registry. The database is updated every night with having the EHIF connected with other databases has allowed double Population Register (PR) information. This means that proof. Most importantly, it has resulted in a less time-consuming process for individuals and organizations. Paperless administration births, deaths, and new enrollments are captured by the has allowed a more efficient use of resources and time. system on a daily basis. This has resulted in many bene- • Use of EHIF and X-road have also allowed for a better flow of the fits and improved efficiency. For example, as opposed to information on the health system, and they have been integrated other systems, the EHIF based its budget on coverage into the operation and administration of the agency. For example, doctor salaries and hospital reimbursements or claims are and number of beneficiaries. Through this project, they managed through the system. have the possibility to have accurate and current esti- • The ID is not just a tool or instrument for patients, but it also serves mates of population, size, needs, and demand of services. as an ID for providers (public and private). • Having a unique ID enables medical services to track patients across the clinical pathway, and to identify factors affecting quality of care and health outcomes. In countries without a system of Health insurance since birth unique identifiers, patients receiving care from different providers and organizations are not accurately identified. This practice leads to inefficiencies along the continuum of care, including fragmented More importantly, this connection with the Population health records, disrupted disease control, and limited health Register (PR) through X-Road has enabled the social planning. 9 LESSONS LEARNED The first lesson we can learn from Estonia’s experience is that the integration of systems is not an automatic or immediate process. On the contrary, it took the country about 15 years to develop such a successful unified system. At the time of regaining its independence, Estonia faced many similar chal- lenges as did other former-USSR countries. Among them were the need to provide a new national identity document, to develop the national ID and population registries, to improve public administration and its information system, and to make public service delivery more efficient. The Government of Estonia, still, realized very early on that innovation and reliance on appro- priate legislation were important to give Estonia a good start. Thus, invest- ing time in laying out a legal basis for the initiative, carrying out consulta- tions and establishing guiding principles and goals became the system most important strength. Among this guiding principles, Estonia bestowed special importance to the protection of the fundamental rights and freedoms of persons upon pro- cessing of their personal data. Thus, the government worked on ensuring that the public and every person has the opportunity to access information intended for public use, based on the principles of a democratic and social rule of law and an open society. It also ensured that each individual has control on their own personal information and ensure a clear and legitimate purpose for sharing information. This feature not only empowers the citizen but also generates a sense of accountability and trust in the system. Estonia’s case shows the numerous benefits that a unique ID can have by guaranteeing data protection and safety. A very important aspect of the Estonian ID system development to consider was the gradual chronological order in which the different components were created. For instance, the initial introduction of the unique ID number facil- itated the establishment of the Population Register. By entering this valu- able information on each person in only one record, introducing ID cards was relatively straightforward, as well as the ID-mobile and e-residency. The 44 Estonia: A Successfully Integrated Population-Registration and Identity Management System PR, unique ID and the ID card permitted the explicit process by which institutions, individ- development of a data exchange platforms such uals, and companies can request and receive as X-Road. access to information stored in government databases. Also, learnt to be adaptable and make Estonia’s experience demonstrates not only the necessary adjustments to legislation and infra- importance of having a unique ID for integra- structure, and to implement policies to ensure tion, but also ensuring interoperability across alignment with both the new technologies and public databases. The principle of storing data with their related risks (for instance, cybersecu- where is collected, rather than attempting to rity attacks). gather all information in one place creates the possibility of systems’ integration when resources Finally, public information infrastructure in are limited. Estonia exemplifies the possibility Estonia is primarily service oriented and this and benefits of establishing a secure, efficient, feature created an environment where innova- and integrated system without the need for a tion and IDMS worked at unison. Overall, the master database or data warehouse or just one value of innovation and technology in the ID single responsible and supervising agency, and system arises from the development of networks without the need for expensive technology. and the expansion of services to give access to the entire population. Consequently, the possi- Another lesson extracted from Estonia’s expe- bility of the system to connect the citizen with rience is given proper attention to processes the government, and to put the user at the center rather than focusing exclusively on outcomes. of the system through technological innovation For example, Estonia worked in providing an resulted in a remarkable unique system. REFERENCES Anderson, B. A., K. Katus, et al. (1994). “Developments and prospects for popula- tion statistics in countries of the former Soviet Union.” Population index: 4–20. Boughton, J. M. (2012). AfterThe Fall: Building Nations Out Of The Soviet Union. Tearing Down Walls: The International Monetary Fund, 1990–1999, International Monetary Fund. De Bruin, A., J. Kardaun, et al. (2004). “Record linkage of hospital discharge reg- ister with population register: experiences at Statistics Netherlands.” Stat J UN Econ Comm Eur 21: 23–32. Desai, P. (1997). Going global: transition from plan to market in the world economy, MIT press. Figueres-Olsen, José María, and Fiona Paua. “Crafting the Environment for Networked Readiness.” Global Information Technology Report 2003 (2002). Kalvet, T., Kalvet, T., Pihl, T., & Tiits, M. (2002). Analysis of the Estonian ICT Sector Innovation System. Institute of Baltic Studies. Kalvet, T. (2012). “Innovation: a factor explaining e-government success in Estonia.” Electronic Government, An International Journal 9(2): 142–157. Katus, K., A. Puur, et al. (1997). Comparability of population data in previous USSR: case of Estonia. Tallin, Estonia R.U, EKDK Kerem, K. (2003). Internet banking in Estonia, PRAXIS. Kulper, K. (2014). Rahvastikuregistri kujunemine, andmed ja dokumendid. Master thesis, University of Tallinn, Institute of Information Studies. Lewis P (2006) Party systems in post-communist Central Europe: Patterns of sta- bility and consolidation. Democratization 13(4): 562–583. Martens, T. (2010). “Electronic identity management in Estonia between market and state governance.” Identity in the Information Society 3(1): 213–233. OECD (2011), Estonia: Towards a Single Government Approach, OECD Public Governance Reviews, OECD Publishing. http://dx.doi.org/10.1787/ 9789264104860-en. 46 Estonia: A Successfully Integrated Population-Registration and Identity Management System OSCE/ODIHR. “Guidelines on population registra- Statistics Estonia (2013). Population and housing cen- tion”. OSCE’s Office for Democratic Institutions sus 2011, Tallin, Statistikaamet (http://www. stat. and Human Rights (ODIHR), 2009 ee/phc2011, accessed 29 October 2014). Robert SchwareArsala Deane, (2003),”Deploying Statistics Estonia. (2015). Every fifth person in Estonia e-government programs: the strategic importance lives in relative poverty [Press release]. No. 13, of “I” before “E””, info, Vol. 5 Iss 4 pp. 10–19 29.01.2015. Retrieved from (http://www.stat. http://dx.doi.org/10.1108/14636690310495193 ee/72511). 1818 H Street, NW Washington, DC 20433