Personal Data Store Overview

The Personal Data Store (PDS) is designed to store a Member's personal data independently of existing data controllers for their whole life, across any aspect of their life. This is data about them, about their activities, their relationships and interactions with the world around them.

The contents of a Member's Personal Data Store belongs to them. Members can use it for any purpose they choose. Members can control how, when and where it is used by others who connect to them via the Personal Data eXchange. There are an almost endless range of use cases and purposes that deliver significant benefits to Members and Subscribers.

Each Member's Personal Data Store is independently hosted in the Mydex Safe Secure Cloud and available 365 days a year and 24 hours a day. Personal Data Stores are hosted in the United Kingdom within the Mydex Safe Secure Cloud infrastructure and operated under an independently certified ISO27001:2022 Information Security Management System. Members' Personal Data Stores are designed to be resilient, highly available, scalable, and performant. Members' PDSs are backed up and protected continuously as part of their Membership of the Mydex Safe Secure Cloud.

Members can access their Personal Data Store directly at any time using a Mydex provided People App so they can populate it, view it, update it. They can add connections to their Personal Data Store from Subscribers using the Personal Data eXchange. Members can share aspects of their Personal Data Store and delegate access to view, use and act on their behalf to other Members who they add to their circles. Each Circle can have specific access and delegated rights.

Members may choose to use third party applications and services in their daily life that can be connected to their PDS via the Personal Data eXchange to deliver seamless access to the information needed by an application and enable the Member to use, add and update their PDS directly from these applications. All interactions are undertaken under a GDPR compliant Data Sharing and Services Agreement approved by the Member and enforced automatically by the Personal Data eXchange.

All additions and updates with a Member's Personal Data Store via the Personal Data eXchange are automatically logged within the Member's Activity Log which is an immutable record (unable to be changed) and provides an audit trail of when and who added or updated records and records the before and after record for updates made.

All access to and use of a Member's PDS is via the world wide web over secure two way APIs we call the Personal Data eXchange. All connections to a Personal Data Store are undertaken via a GDPR Compliant Data Sharing and Services Agreement (DSSA). Subscribers define these DSSAs setting out their use cases, the data and services required and include a specific GDPR declaration of compliance. The Member is presented with these DSSAs for their review,and modification where options are available and approve them using their Private Key that only they know. Approval by the Member using their Private Key encrypts and encodes the DSSA as a set of rules the Personal Data eXchange enforces seamlessly executing the Member's wishes.

Members can choose not to approve a DSSA and can revoke the DSSA at any time. DSSAs may be updated and changed over time to reflect the changing nature of a relationship with a Subscriber. Any DSSA changes and updates require the Member's Approval using their Private Key.

The PDS is stored in the cloud for availability, efficiency and scalable and resilience. It needs to be accessible at any time by Members and Subscribers via the Personal Data eXchange 365 days a year and 24 hours a day. It needs to be protected and backed up continuously. All activity is by two way APIs that need to be continually available.

Device based storage is high risk and cannot possibly hold the totality of a Member's personal data about their life. Mobile and Personal devices get lost, stolen and broken and may not be switched on. The PDS is part of a personal data ecosystem that operates all the time. PDS data can be synchronised with device based applications. Edge computing is valuable for processing and experience layers but it is not suitable as part of a mission critical national infrastructure that has to be permanently available.

A Personal Data Store is independent cloud storage that can store structured data across any aspect of a Member's life over their whole lifetime.

It can support different types of data such as data about the individual, activity data over time, transaction and event records.

Examples could be time series energy consumption data delivered to their PDS via the Personal Data exchange continually throughout the year, records of financial transactions, interactions with health and care services, such as the key 700 data points seen as most common in the delivery of health and care services to an individual. It could be the details of their bank accounts, credit cards, information about their home and relationships with different organisations and their interactions with them.

PDS Master Data Schema

The Structure of the Personal Data Store data schema is managed by a PDS Master Data Schema which is stored in its own Database within the Safe Secure Cloud and managed by Mydex CIC. This holds the meta data about the structure of a Personal Data Store, its datasets, their fields and data types, validations as well as the machine names and Labels of each field and dataset.

The PDS Master Data Schema is used to extend and update the range and scope of data that can be stored and organised within the PDS for long term storage and multiple use cases.

The Personal Data eXchange is responsible for filing and integrity of data stored in the PDS. As the PDS Data Schema is extended and updated, the Personal Data eXchange manages updates to the Member's PDS to make new Datasets, fields and validations available for use via the Personal Data eXchange.

What is the PDS built from?

The PDS is built from open source components including a fully ACID-compliant database engine that ensures data integrity even in case of crashes.

Each PDS is entirely self-contained and encrypted at rest. All interactions with the PDS are via the Personal Data eXchange which manages any risks of contention. We use certain database engine features to drive indexing and performance and bulk updates.

The PDS can store any data type including NULL, INTEGER, REAL (for floating point numbers), TEXT, BLOB Useful for storing files or non-text data (images, compressed data, etc.), Date and Time is stored as Unix timestamp (the number of seconds since January 1, 1970)

A single database can grow to 140 terabytes in size. We can have multiple databases within a PDS collection optimised for different types of data.

There are many more read requests to the PDS from the Personal Data eXchange than writes given the many uses by many subscribers.

Technically the PDS has only one user, the Personal Data eXchange which manages all inbound requests. The Personal Data eXchange prepares all responses to requests and orchestrates the data with different combinations of data stored in the PDS.

New records and updates are managed efficiently using a combination of the Personal Data eXchange and native Database capabilities. This approach enables horizontal scalability as well as enabling incremental back ups, whole snapshots. It is optimised to run across three availability zones within the United Kingdom with additional processing and storage capacity on demand managed by the Mydex Safe Secure Cloud infrastructure.

The PDS is monitored continually by the Safe Secure Cloud including response times, growth rates and back up cycles.

Does the PDS support RDF linked Data natively?

Not natively for very good technical and performance reasons. The larger they get, their performance degrades. A PDS is part of a dynamic operational Safe Secure Cloud where performant two way data exchange needs to occur to support events and delivery of services as well as high volume integrated data exchange requests. However, for the long-term storage of personal and transactional data, particularly over a lifetime, RDF presents challenges in terms of storage efficiency, performance, and data management.

RDF Archival Issues: RDF is designed for dynamic data sets where data evolves over time, and relationships change. However, for a lifetime of personal data, which includes both historical and transactional data, it is crucial to have reliable long-term storage solutions. Traditional databases can be optimised for archival, with built-in mechanisms for data retention, backups, and gradual data migration strategies, which RDF-based systems may lack or require complex custom implementations.

RDF and Data Evolution: Over a lifetime, data models evolve, and the formats in which data is stored may change. While RDF is flexible, converting large amounts of legacy data into RDF and maintaining data over long periods, especially with changing technologies, can be more challenging compared to more stable, well-supported models like relational databases.

However we can support Graph and RDF via the Personal Data eXchange which can deliver rich combinations of data needed for presentation and navigation and analysis. We use the Mydex Template System and Feature Blocks to support this approach. Our own Web Applications provided to our Members and subscribers use this approach to create rich experiences and seamless integration. Subscribers who undertake Research and seek to provide visualisation and graphs of a person’s life can use this approach.

Can data be delivered in Bulk to a PDS?

Yes we support bulk data delivery in batch mode to reduce the volume of transactions. An example is time series energy consumption data drawn from a Smart Meter which delivers in 10 second time slice records of energy consumption, in batch mode, on a defined time period e.g. every minute or 10 minutes. Over a year this can represent 1.5 billion rows of data delivered and stored in the Personal Data Store.

What Data Standards does the Personal Data Store Support?

The PDS and its Master Data Schema is focused on efficient storage and maximum reuse of the data stored within a Member's PDS. That is its core purpose: efficiency in storage and access.

The Personal Data eXchange supports a wide range of Data Standards to support interoperability with what today is a seemingly endless array of often overlapping Data Standards and API exchange standards. The principle format of exchange is based on structured JSON payloads and can be configured to support others such as XML.

The Personal Data eXchange provides a default set of dedicated API endpoints for managing collections of Personal Data exchanges in a wide range of formats. We call these Feature Blocks.

These payloads can be configured using the Mydex Template System to meet desired payload structures as well as including essential meta data such as validation and presentation requirements.

An example of a template and Feature Block is Modular About Me which offers six modules with fifty eight subjections that provides over 700 specific data points and collections of personal data used extensively in Health and Social Care.

Another Feature Block focuses on the exchange and access to Measurements Data over some 29 different forms of personal measurements individuals can collect using their Mobile Devices and the Applications that run it. Examples include step count, blood pressure, heart rate, weight, blood oxygen levels etc. Utility Feature Blocks covering Calendar, Secure Messaging, Referrals and Timelines for a range of events across a person's life as well as notifications and alerts.

The Personal Data eXchange is designed to be an interoperability engine that reduces the complexity of third party application integration. All templates generated are available to all subscribers as part of our public benefit mission and support of our Members. New Feature Blocks and templates are being added based on a prioritised Safe Secure Cloud Roadmap and specific configuration request to support third party integrations and use cases.

These are literally endless. We did extensive research and modelling of thousands of use cases across all sectors and services and contexts. We reduced these down to two top level diagrams which have driven our work and evolution of the Safe Secure Cloud. We present these from two perspectives for ease, which are displayed below. They are looked at from two perspectives: those of Data Controllers and Relying Parties who need access to personal data as part of delivery of services or their own purposes. In reality, many of these organisations are both.