Mydex Two-Way Data Sharing Services

(1)

Mydex – Two-Way Data Sharing

Services

(2)

1. An overview of the G-Cloud Service

Including the consumer in the management, curation and sharing of data is

the answer to many costly and pressing business issues.

A secure and persistent connection between an organisation and an

individual’s Mydex Personal Data Store will enable

two-way data sharing

that has many benefits including:

● Improving data quality and reducing data sparsity;

● Delivering cost effective and secure customer communications;

● Enabling improved data compliance management and

● Allowing customers to express preference and intentions.

How can Two-way data sharing help an organisation

Improve Data quality / reduce sparsity

The provision of multi channel communication and high quality customer service is often challenged by the poor quality of customer data held by the organisation. Often customer records are transcribed across multiple systems and data quality naturally deteriorates over time as changes of circumstances occur. The ‘single view of the customer’ or ‘golden record’ across all product and service lines is a significant objective of most organisations and has always been difficult to achieve.

Requirement: A facility that includes the actual owner of the personal data, i.e. the customer or citizen, in the creation, review, correction and updating of that data.

Deliver cost effective and secure customer communication

Many organisations still rely upon the traditional physical paper based communication to reach their customer. The cost of the production and distribution of physical correspondence exacerbated by inaccuracies in customer contact details is highly significant. The minimum cost of producing a single mail item of 40p when scaled to the bulk level that is used, becomes a major cost line that should be driven down

Requirement: A low cost, effective and secure electronic delivery channel for organisations to persistently connect to and communicate with their customers.

(6)

Enable improved compliance management

A significant area of cost to many organisations is the ability to demonstrate compliance to the Data Protection Act (DPA) and other personal data policy requirements such as Midata.

Requirement: An auditable permission trail and capability to meet subject access requests and demonstrate compliance in this area.

Allow customers to express preference and intention

In order to provide a high level of service, to increase sales and to drive down cost, organisations strive to achieve a greater level of understanding of customer preferences and intentions.

Requirement: A mechanism to increase the trust level between the organisation and the customer and a method by which a customer perceives the value and is encouraged to share accurate data and express preferences. These preferences may be as straightforward as preferred communication channel, but can easily extend to take up new services or buy new products; or indeed an articulation of services they do not want.

The overarching requirement here is to allow the organisation to gather a richer / broader data set about their customers, that their customer chooses to share with them.

The Mydex Service Two-Way Data Sharing

This Mydex service offers a bi-directional letterbox for exchange of data between the Mydex Member and the connecting organisation and can take the following forms:

●

Data synchronisation - Ensuring that shared information is maintained accurately by both parties where each party maintains their static metadata about their relationship, e.g. account number, billing address, contact numbers, personal details, date of birth, NI number, Council Tax Reference, NHS CHI number, etc. to enable, for example, Health & Social Care integration based on the individual;

●

Transaction records - where the organisation delivers transaction records directly to the Mydex Member’s PDS, e.g. bank statements, billing information, call history, purchase history;

● Engagement records - similar to transactions but records of interactions between the connecting organisation and the Mydex member using the secure messaging layer of the platform, e.g. progress of any application or request for service or discussions on a specific issue.

(7)

Why choose Mydex

Mydex is a community interest company (CIC) with the purpose of enabling individuals to safely manage, control and utilise their personal data. The choice of the CIC status was specifically to design trust in from the outset as any CIC is an asset locked enterprise legally chartered to a defined social purpose with an obligation to reinvest 65% of any profits in its social purpose to drive sustainability and growth. The added advantages of this approach are that it removes the company from risk of takeover by commercial entities whose interests may not be wholly aligned to that of the individual and the social purpose defined for the company.

The purpose of the company has been met by providing a secure personal data service (PDS) to individuals. The service consists of an individually and uniquely encrypted personal data store for each individual (many small databases, not a single mega-database with separate accounts). The individual has complete control of their data and no one (including Mydex) can access this data without explicit permission being granted by the individual. The individual can agree to set up a connection to another individual or an organisation using secure web services.

In November 2012 Mydex was chosen as 1 of the 8 private sector identity service providers as part of the Cross Government framework for the provision of identity services to citizens in the UK.

As well as offering a safe and secure system, Mydex will offer a simplified registration process, and a service that minimises the number of usernames and passwords a customer will need to remember and reduce the costs incurred across Government for the management of Identity Assurance.

The online Identity Assurance model will be incorporated into Universal Credit as it’s developed and rolled-out. Over time Identity Assurance will become available to all UK citizens who need to access online public services.

(8)

2. Information Assurance

As a provider of a Personal Data Store service in the UK, Mydex holds its approach to information security and assurance to be of paramount importance.

Mydex has both legal and contractual responsibilities to securely manage its own information assets, the information made available to it, the users of the Service, its own employees, contractors, and business partners, and to protect the information from unauthorised disclosure, loss of integrity or availability.

Mydex completed its stage 2 Audit for Certification to the ISO27001 Information Security management standard on the 5th March 2013 and are pleased to confirm that the BSI auditor is recommending full certification to the standard.

In developing and delivering its service Mydex has chosen partners with a level of Information Security maturity which has greatly accelerate achievement of Mydex certification to the ISO27001. The Mydex technology platform is hosted by Eduserv, an organisation that is ISO 27001 certified, certificate no. CI/12868IS, a copy of which is available upon request.

The Mydex service is currently delivered, to achieve a Business Impact level of IL2 with a future migration path to IL3 if required.

As further evidence of the importance of Information security Mydex in the area of identity Mydex became a member of the Open identity exchange in December 2010 and secured approval on 1st November 2012 for its “Mydex Trust Framework” to be listed by the Open Identity Exchange.

The Mydex Trust Framework is a set of legal and technical rules by which members of a network agree to operate in order to achieve trust online. At its core it delivers a trusted digital identity, a hyper secure personal data store and platform from which individuals can connect to each other and organisations for the bi-directional exchange of information in a secure and verified manner.

Finally as an Identity Service Provider Mydex (chosen by DWP for the X-Government Identity Assurance Program Mydex is committed to achieving tScheme profile compliance and has been a tScheme member on 1st July 2012.

(9)

3. Backup/restore and disaster recovery

Backup/Restore

Mydex takes advantage of the ISO27001 certified onsite backup capability that is part of the Cloud Infrastructure offering from Eduserv. Back ups are fully encrypted and stored onsite in eduserv’s dual datacentre environment.

Business Continuity

The Mydex Service is hosted by our partner Eduserv and, for the purposes of ensuring Business Continuity of the Mydex service it is Eduserv’s Business Continuity Plan that applies as follows. It has two key aims:

1 To identify potential risks to its operations and take steps to either mitigate these or reduce their impact.

2 To prepare a set of policies which will act as a blueprint to enable the restoration of services in the event of an emergency

Following an emergency, Eduserv’s initial response will be to immediately form the Emergency Management Team (EMT) to direct all operations. The EMT is made up of the available members of the executive, and other co-opted staff.

Depending on the exact nature of the emergency the EMT will decide on whether relocation to the disaster recovery facility will be necessary, which recovery actions to invoke and in which priority order. Communications with and real-time updates to all Eduserv staff will be via an externally hosted website. Again, depending on the nature of the emergency, the EMT will directly contact the appropriate and available Eduserv experts as part of the recovery activities.

The range of possible scenarios when Eduserv will need to invoke its BCP span from the temporary relocation of parts of the operations due to access or services issues, through to large scale damage to one or more or our premises, with the consequential interruption to services. Accordingly, Eduserv’s recovery actions would range from the temporary running of its helpdesk from laptops, through to relocating the required and available operational staff to a disaster recovery facility where the longer-term recovery actions can be implemented.

Only when the EMT are satisfied that the recovery responses to the emergency have been completed, and that service is restored to an acceptable level, will the EMT disband and pass control back to the regular organisational units.

As part of the 27001 certification process, the Business Continuity Policy and Plan is regularly tested. It was last tested in March 2012.

(10)

Disaster Recovery

To ensure the Mydex operation can withstand and recover from ‘disaster’ the platform is hosted by Eduserv.

Scenarios in which Eduserv would implement Disaster Recovery are incidents which affect the availability of the primary data centre as a whole. Examples might include an extended power outage, network outage or a natural disaster.

The likelihood of such outages occurring is minimised as much as possible through resiliency features including Uninterruptible Power Supplies (UPS), on-site generators and multiple independent network providers. DR provision is distinct from the high availability features included in the platform and isn’t intended to provide “hot failover” between data centres. It forms part of the business continuity plan and ensures continued service delivery in the event of a significant business-impacting incident. Disaster Recovery is provided at the CCI Secondary Datacentre. An Organisation Virtual Data Centre (OvDC) is created at both Production and DR sites allowing access to both environments. The supported method for DR is Application level replication of data between Production and DR Cloud environments.

In the event of a DR scenario IP load balancing at the upstream ISP allows the service to be failed over to the DR site automatically.

(11)

4. On-boarding and Off-boarding processes/scope etc.

On-boarding

The summary implementation road map for onboarding two-way data sharing services is shown below. In

most cases the timescales for implementations can be as little as a few days or weeks elapsed time. The precise effort needed will depend on the scope of intent and range of services being connected.

Mydex onboarding for two-way data sharing

Establishing two-way data sharing is straightforward and builds on top of the Identity Services work outlined in another Mydex G Cloud 3 Service. Once identity services have been established these can be used as the basis of connecting applications and services to the Mydex API for the purposes of sending and receiving data and transactions between the organisation’s systems and the user’s personal data store. The API is fully documented and available online with clear examples of how information is requested and sent.

Key Steps Typical activities

Identify which services (applications) you wish to establish two-way data sharing with

Agree criteria for prioritisation based on business objectives, technical ability to integrate external services and return-on-investment from adoption.

Set up a connection to Mydex Sandbox and begin

experimentation with API

Initially this can be simply making use of the sample code sets and API calls provided to become familiar with the API syntax and range of options available.

Identify any additional datasets or attributes required within Mydex Master Schema

The Mydex platform has an extensive schema of datasets and attributes supported within our members’ personal data store. However if a specific service or application requires

additional datasets or attributes Mydex will extend the schema to cover these new

attributes. We publish a road map of schema extensions which is publicly available.

(12)

Define on-boarding process Where existing services and applications are to be securely connected to the Mydex platform for the purposes of two-way data sharing,

consideration needs to be given to how the user will demonstrate their right to connect their personal data store to the specific service, e.g. account number, other reference material or some form of one-time key or out-of-band (e.g. via mobile, phone, email or letter) approval process.

Typically organisations will use pre-existing processes for such trust transfers to occur. They only need to happen once and should be implementable by the user with no

organisational intervention

Communication planning to users and wider stakeholders

Typically this is carried out in advance of full launch. The key focus of the communications plan is to demonstrate the simplicity and ease of use alongside wider benefits of establishing new ways of engaging with the organisation and the benefits of two-way data sharing. Mydex can provide reference material and templates of communications pieces that will set out the advantages of MydexID and a personal data store and its associated features.

Business planning Depending on the scope of changes being planned most organisations will map out any changes to existing processes and guidance material in advance and complete an

implementation plan that runs alongside the technical implementation work.

(13)

Confirmation of launch date and switch over

This is a key milestone as this will define the roll-out plan which includes connection of the application to the live Mydex platform and API.

Connection live and

communication plan activated

The connection is live and users can set up their connection for two-way data sharing at their own discretion. The organisation will begin its communication programme promoting a new channel of interaction.

Off-boarding

You can close your Mydex Account with us at any time through your online Account interface. Once you close your Account, the agreement between us for the provision of our Services to that Account, and use of our Services, will end.

We will archive your Data after your Account is closed, and you will not be able to access your Data. You will be able to retrieve your Data for up to six months if you decide to reactivate your Account. We may charge a fee for this service. If you do not reactivate your Account within this period, we will delete your Data and it will not be recoverable. We will not be responsible to you for any Data that you are subsequently unable to access or retrieve when your Account closes. It should be remembered that the Data referred to in this section refers to your organisations data as it relates to your API connection. The personal data stored within a Mydex Member’s PDS remains their data.

(14)

5. Pricing

Connection fees payable to initiate services

For organisations connecting to the platform to make use of one or more of the services provided Mydex charge as follows:

● A one-time connection fee of £10,000 per system (application or service) connected to the platform;

● A one-time connection fee per individual of £0.15 that they connect to across the platform. This connection fee is payable only once per individual regardless of the number of systems they may use or connect to within the organisation;

These individual connection fees are purchased in minimum blocks of 2,000 individuals (£300).

The connection fee covers first year support services to the organisation. All connection fees are invoiced in advance and subject to payment before live service can commence.

Annual support fees to ensure sustainability

From the anniversary of the first year Mydex charge an annual support fee of 25% of the aggregate of all connection fees paid across systems and individuals. This is designed to ensure sustainability of service and provide for support to organisations. Support fees are invoiced annually in advance at the start of the support period.

Volume discounts are available for multiple system connections and very high volumes of users.

(15)

6. Service management details

Technical Boundaries

The Mydex service, comprising all data stored and the service itself, is entirely hosted in a remote data centre (Eduserv) and delivered via a secure internet session to end users internet browsers.

The technical boundary of the service includes all aspects of it that are running on the remote data centre, the DR data centre, which contains a full copy of the environment and the secure copying procedure between the two data centres. It does not include the delivery of the service via the internet or its delivery via the customers corporate network to end users PCs.

Data location

The physical location of the data will be in UK based data centres. Mydex uses the data centres available from Eduserv which are comprised of a main and DR site.

Safe Harbour

All data will be held in compliance with EU Safe Harbour Legislation.

Data centre tier

All Eduserv data centres are designed and operate to tier 3

Backup and Disaster Recovery

See previous section on Disaster recovery

Monitoring

The performance, availability, resilience and security of the Mydex service is monitored in real time using a number of industry standard tools including but not limited to: Nagios and Munin

Support Boundary

While Mydex will endeavour to assist customers with issues resulting from access to the Mydex service. Limitations of this support may arise as a result of security controls on corporate firewalls, we cannot guarantee that we will be able to solve these issues if they result from configuration issues with the firewalls themselves.

(16)

Infrastructure

Mydex ensures all communications going to and coming from its servers are secure.

7. Service constraints

The Mydex API will remain backward compatible but is continually being extended with richer datasets which are released to all connections via public documentation and sandbox prior to production release

In general, Mydex is happy to consider extension to the PDS data schema in accordance with customer requirements, This is generally included within the API connection charge.

8. Service Levels

Mydex offers a standard, cost effective package of solution support to its customers as described below.

Support Service Details

API connection support is included in the price of the service. We do not perform 1st line support to end-users of the system regarding system use, but do provide extensive help and support documentation both in service and on our website.

The Mydex Support Service is accessed via our developer website and responses are email based.

For organisations/developers requiring a bespoke support offering please contact Mydex.

Support Procedures

To log a call with our support team simply use the feedback/issue mechanism in our developer web site. https://dev.mydex.org/contact/feedback Issues reported through this

mechanism will be logged within our develpment and support tracking system and responded to according to severity and priority

Pricing

Support services described here are included within the maintenance price of our API service

(17)

Service Levels

Eduserv’ inherent multi-datacentre, fault tolerant cloud based infrastructure result in near 100% operational up-time.

9. Financial recompense model for not meeting service levels

It is always the aim of Mydex and our technology partners to do everything possible to minimise client disruption. Mydex liabilities and associated financial recompense are defined within the Mydex Connection agreement.

10. Training

In all client engagements Mydex places a high value on enabling effective knowledge transfer between ourselves and our clients. To this end extensive developer support documentation is made available through our developer portal: https://dev.mydex.org/

11. Ordering and invoicing process

The Mydex online ‘Connection Manager’ will provide the mechanism whereby organisations can order a connection and set up payment mechanisms.

After an order has been confirmed through the Mydex Connection Manager and a Mydex API connection has been tested and certified into Mydex Sandbox system https://sbx.mydex.org , Mydex will be provision a full production API connection from 5 working days.

Ceasing the accounts is done via the same route of using the Mydex Connection Manager.

Mydex expects payment 30 days from Invoice. Invoicing will be in advance for initial connection charges and for annual maintenance (from the beginning of year 2 of connection)

(18)

12. Termination terms

Mydex Services are subject to simple and unambiguous termination terms which are defined in our connection agreement

By consumers (i.e. consumption)

Mydex services are procured on a recurring annual basis. You can close your Account with us at any time through your online Account interface. Once you close your Account, the agreement between us for the provision of our Services to that Account, and use of our Services, will end.

By the Supplier (removal of the G-Cloud Service)

The G-Cloud termination terms are agreed within the framework agreement. In general, all services purchased under this framework can continue to be supplied to consumers should the framework be withdrawn by the Supplier.

13. Data restoration / service migration

Inbound data loading can be performed by using the API based tools. Details of which are available upon request.

For service migration upon termination a flat file extract of Customer Data can be provided. It should be borne in mind that all Member Data stored in their PDS is owned by the Member and may only be transferred to the Customer with Member permission.

14. Consumer responsibilities

In general, Mydex assumes the following to be responsibilities of the customer:

● Ensuring adequate network connectivity and bandwidth for the API connection service used

● Taking necessary steps as instructed to ensure that firewalls and other internal ICT equipment is configured in accordance with the API connection requirements

(19)

15. Technical requirements

The software is accessed through a web browser so there are few technical requirements and indeed Mydex has implemented it service to be largely browser agnostic.

Supported browsers include but are not limited to:

● Internet Explorer - 9 ● Chrome - V24

● Firefox - V18

The software does not place high demands on bandwidth but adequate connectivity to access the software is required.

16. Open standards

Mydex is committed to the open standards and by way of example make use of: ● RESTFul API

● HTTPS - secure communication protocol http://en.wikipedia.org/wiki/HTTP_Secure

● Mozilla Persona - http://www.mozilla.org/en-US/persona/

● OpenID - http://openid.net/

● SAML - UK Cross Government Identity Assurance Standards

● HTML - web page markup language

17. Open Source Software

In building and delivering the Mydex service we make use of the following components of Open Surce Software: ● Linux ● Drupal ● Nagios ● Munin ● Puppet ● Jenkins ● Varnish ● Nginx

(20)

18. Details of any trial service available

A trial connection to the Mydex service may be put in place by taking advantage of the Mydex sandbox environment.

In addition the Mydex Developer website sets out the simple and easy means for organisations and application developers to connect with their current customers, members, citizens and future such individuals so that they can engage with them in a new way which delivers fast efficient and highly secure means of sharing information back and forth.

We have provided detailed documentation, working examples of our platform and its API and how it works. We also provide you with access to a sandbox so you can experiment with your ideas and test connections and applications at no charge.

You'll find the developer community and documentation here:

https://dev.mydex.org

and the sandbox (which mirrors the production platform) here:

https://sbx.mydex.org

19. Additional features

The Mydex Personal data service enables solutions to many identity and personal data related challenges that organizations face.

By enabling the individual to manage their own data, become an active participant in the management of their relationships with each other and organisations and take control over their lives, Mydex contributes significantly to the establishment of evidence-based trust and reputation networks. The Mydex service offerings may be split into 4 groups as shown in the diagram below.

(21)

The decision as to which Mydex service to take advantage of first depends very much upon your organisation(s) business, strategy, issues and objectives. Some organisations follow a standard route; of starting with Identity Services for registration, move on to Two-Way Data Sharing and digital letterbox and then finally move onto Verification Services by providing attributes and proofs of claim, although some early use cases for Mydex involve organisations going straight to an application implementation to aid a streamlined customer journey across multiple organisations and systems. This of course can depend upon elements of service from all the other three service lines.

Mydex Two-Way Data Sharing Services