The manager who took SUS data to Amazon left management
3 min readFormer Director of Data SUS Informatics Jackson Barros, one of those responsible for cloud adoption Amazon Web Services By the Ministry of Health, he took a position at Amazon less than a month after leaving the government of Jair Bolsonaro (PL).
During his tenure at the head DatasusBarros was responsible for contracting out Amazon services for the department’s data storage structure, which contains health information for all of Brazil’s residents. He remained in his position in the Federal Government from February 2019 to August 2021.
In April 2020, the Department of Health and Embratel announced a partnership to migrate data from the Public Health Network to the Amazon Web Service. On this occasion, while in government, Barros celebrated the partnership: “We are paving the way for the strengthening of Brazil’s digital health strategy.”
“Bolsonaro’s government intervened with Anatel to license Elon Musk in Brazil::
Barros remained in office for more than a year. On August 7, 2021, he was a guest on The official Amazon Web Service podcasts, still director of DataSUS, where he explained the agency’s role and the importance of cloud services in public health. Four days later, on August 12, he was relieved of his post.
In September, less than a month after leaving the Department of Health, he took the position of Director of Strategic Business Development at Amazon Web Services. Before the end of the year, he was already participating in public events representing the company. Barros completed seven months in office in March of this year.
a Brazil de facto I contacted the Ministry of Health to check if the case had been analyzed by the Ethics Committee or another internal oversight body. The file acknowledged receipt and said it would send a response by Tuesday (22), but did not honor the agreement.
I read here: Brazilian public data may end up in private hands
The report also sought the press office of Amazon and Jackson Barros and asked for the position of each concerned. So far, there has been no going back. The space is still open for demonstrations.
Lawyer Martim Arantes, who has experience in the relationship between government and civil society, said Brazil de facto That the case is analyzed by the competent authorities.
“The important point is that even if there is no express illegality, a civil servant holding a position in the company related to the ministry in which he worked, immediately after leaving the government, can violate the principles of public administration. And issues such as must be analyzed by the relevant authorities.”
The government ignored the public IT structure
In August 2020, . was released Brazil de facto It showed that the bidding process for contracting public data storage services in the cloud, in the amount of R$ 245 million, was considered by technology professionals as a risk to Brazilian sovereignty.
Jair Bolsonaro’s government has defended hiring a private service, stating that it caters to 140 agencies and entities, with cloud usage representing maintenance savings.
However, general tech insiders claim that the experience of the Federal Data Processing Service (Serpro) and Social Security Technology and Information Corporation (Dataprev) was not taken into account.
erase data
In December 2021, a cyber attack brought down the Ministry of Health website and the ConectSUS app, which provides the national Covid-19 vaccination certificate. In addition to vaccination data, the invasion affected the Covid-19 status notification system and e-SUS Notifica.
Read more: Bolsonaro’s government leaves the country without information on COVID-19
The attack on health data occurred specifically in the private cloud infrastructure that was contracted to Primesys, an Embratel subsidiary, in 2018, by the Ministry of Planning (today merged into the Ministry of Economy).
According to company information, the agreement with the Brazilian government did not include security services, only hosting.
The Presidency’s Office of Corporate Security (GSI) stated that the problems were caused by “legitimate administrator profiles,” indicating that the attackers obtained the login and password information from public officials. The attack is still under investigation.
Editing: Rebecca Cavalcanti
“Entrepreneur. Music enthusiast. Lifelong communicator. General coffee aficionado. Internet scholar.”