Data Sharing and Services Agreements

They are really quite special and enable innovative person centred services. Data Sharing and Services Agreements in summary are:

A legal contract between a Member of and a Subscriber to the Mydex Safe Secure Cloud

• A legal contract under English Law between a citizen who is a Member of the Safe Secure Cloud and organisations who are Subscribers to the Safe Secure Cloud
• The contract is presented as a Data Sharing and Services Agreement to a Member online by the Mydex Safe Secure Cloud on behalf of the Subscriber
• A Member approves the Data Sharing and Services Agreement online by the Member using their own digital signature which is a Private Key that only they know.
• The approval of the Data Sharing and Services Agreement is automatically logged and recorded in the Members independent Cloud-based Personal Data Store in immutable form.
• We refer to Data Sharing and Services Agreements as DSSAs.
• The DSSA enshrines the Member’s GDPR rights of data portability, informed consent, transparency and data minimisation and includes the Subscriber’s confirmation of those rights in a GDPR Declaration.
• The DSSA contains the Subscriber’s defined use cases and a specification of the personal data and services they wish to use across the Safe Secure Cloud.
• A Member may revoke their consent for a DSSA at any time through the use of their Private Key. This invokes their GDPR right to be forgotten.
• A Subscriber may seek changes to the DSSA to reflect changes in their use cases and services provided to the Member using the Safe Secure Cloud. Any such requests for change require the Member to give consent using their Private Key.

An approved DSSA is a machine readable set of rules enforced through the Safe Secure Cloud Personal Data eXchange

The machine readable rules of an approved DSSA are a detailed specification of the scope of the legal contract deployed into the Safe Secure Cloud Personal Data Exchange for enforcement on behalf of the Mydex Member. Mydex cannot modify those rules, only enforce them.

• Any requests to the Personal Data eXchange either to access data held in the Member’s cloud based independent Personal Data Store, hosted in the Mydex Safe Secure Cloud, or delivery of data and events to the Personal Data Store, are always validated against the DSSA
• Any invalid requests made to the Personal Data eXchange are rejected automatically.
• All requests must be made by a valid subscriber who is correctly authenticated to use the Personal Data eXchange.
• Authentication involves multiple levels of security that are unique to the connection between a subscriber and Member. These include correctly scoped ClientIDs, specific secrets unique to the connection between the Member and subscriber.
• All transactions between the Subscriber and the Personal Data eXchange are uniquely encrypted for each connection between a Member and a Subscriber.
• Without the relevant authentication and encryption the Personal Data eXchange cannot access the Member’s approved DSSA to validate the rules. This means it will also not be able to access the encrypted cloud based independent Personal Data Store to deliver or retrieve data or perform the required processing of a request payload delivery or response.
• If a Member revokes the DSSA it is automatically applied and no interactions are possible with the Subscriber.
• If a Subscriber seeks modification of the DSSA the Personal Data eXchange will present the request to a Member for review and modification where optional choices are presented. The Member will either approve or reject the request. This existing DSSA will remain in force until such time as the Member approves a new DSSA or revokes the existing one.
• Mydex has no means of modifying, revoking or approving a DSSA; only the Member can do so.

Yes subscribers can work collaboratively, they can form what we call a Cluster. This could be a cluster supporting:

• A specific integrated service operating across a multi-disciplinary team spread across multiple parts of an organisation or discrete organisations from across the public, third and private sector.
• A local, regional or national cluster delivering a catalogue of services to the local, regional or national populations, for example across health and social care.

Each organisation is a subscriber in their own right with one or more connections to the Safe Secure Cloud and their own DSSAs. No cross organisation Information Sharing agreements are required. This reduces the time and complexity of such agreements being reached. This enables Subscribers and Clusters to adapt to changing requirements and demands more easily.

Here is an example of a cluster supporting health and social care and delivering on the Person Centred Services.

Members who are invited to join the Cluster can approve each DSSA individually or review them all in a single step we call a multi-party connection and DSSA approval step. They can review each DSSA individually, modify it where there are optional elements and approve them by using their Private Key just once. The Personal Data eXchange triggers notifications to each Subscriber and the Cluster is activated.

• Additional Subscribers can join the Cluster at anytime as they get connected and a DSSA will be presented to the Member for Approval
• New Members joining a Cluster will always be presented with all Subscribers
• Existing Members who have joined the Cluster will be presented with updates to any DSSAs and any new Subscribers joining the Cluster as per normal and review and approve in the normal way using their Private Key

Clusters can support incremental roll out and adoption as Subscribers connect to the Safe Secure Cloud or new Services are added to the Cluster Catalogue of Services.

• Subscribers can leave a Cluster at anytime
• Subscribers can update their DSSA at any time and seek approval for the new DSSA automatically in the normal manner
• Subscribers can belong to multiple Clusters concurrently which is valuable for National or Regional Service Providers
• Members can leave any Cluster or Subscriber at any time by revoking their DSSAs, using their Member Account Administration Services Connections Dashboard

Subscribers can request set-up of a Cluster directly with Mydex CIC by providing the list of subscribers and their connections and DSSAs

Setting up a connection and a DSSA is straightforward and undertaken online via the Mydex Subscriber Connection Manager web application. Preparation is required to define the services and solution the Safe Secure Cloud is to be used for by the Subscriber and their interaction with the Member who could be a citizen service user, employee, volunteer, contractor or student of the Subscriber organisation.

It involves the following steps:

Add Subscriber organisation details

• Registration for a MydexID for an Organisation Administrator
• Registration of the Organisation itself as Subscriber to the Mydex Safe Secure Cloud. This includes:
• Organisation legal name
• Contact Details of named contacts including email address, and telephone number covering Technical Contacts, Organisation Administrators

Add connection details

• Connection Specification This is presented online during the DSSA approval process
• Connection Name
• Short Description of purpose of the connection
• Callback URL to enable the Personal Data eXchange to send
• Confirmation of approval of the DSSA
• Delivery of unique connection secrets.
• Operational Personal Data eXchange notifications to the Subscriber triggered by changes in the Members PDS that fall within the scope of the Member approved DSSA
• The logo or icon to be displayed when the DSSA is presented for approval or update. These can be PNG, JPEG or SVG file formats

Define Data Sharing and Services Agreement specification

• Use Case categories - The specific use cases can be selected by the Subscriber and can be expressed as mandatory or optional. The Member can either choose if they wish to approve the optional use cases or leave them disabled
• Core function
• Contracted service
• Delivery
• Contact requested
• Personalised experience
• Marketing
• Marketing third parties
• Use delivery
• Marketing disclosure
• Disclosure third party
• Legal data retention
• Law enforcement
• Protecting your health
• Protecting interests
• Improve performance
• Declaration of mandatory GDPR obligation compliance - this also confirms that the Subscriber and the connection is operating under the Mydex Trust Framework and the terms of subscribers and the DSSA. The declaration covers the following confirmations
• Data minimisation
• Informed consent
• Transparency
• Single use - no secondary use is permitted
• Data portability using the Personal Data eXchange
• Required Data and Services to be covered by the DSSA and connection
• Specific PDS datasets principally for bulk data delivery or collection using batch services e.g. energy consumption, IOT sensor data, bank or credit card transactions, call history, browsing history or personal measurements
• For each dataset each Field can be configured and whether the field is mandatory. All fields are optional by default. We support the following Methods
• Read (GET PDX API request)
• Update (PUT PDX API request)
• Create (POST PDX API request)
• Delete (DELETE PDX API request) - Rarely used. We provide options to soft delete which will filter out specific records in a dataset
• Feature Blocks are services that provide a combination of personal and event data and services such as Modular About Me, Calendar, Secure Messaging, Referrals, Measurements. These manage a combination of datasets together. Each Feature Block has a configuration matrix of the required Datasets that underpin it. Feature Blocks manage the context, filing and linking of records across the different datasets within the PDS so they work as a collection. All Feature Blocks used Dedicated Routes. Covering the following methods
• GET PDX API request (Read)
• PUT PDX API request (Update)
• POST PDX API request (Create)
• DELETE PDX API request (Delete) - Rarely used. We provide options to soft delete which will filter out specific records in a dataset
• Subscribers can configure PDX Notifications for Feature Blocks and Datasets where they want to be notified of new records and changes to records within the PDS.

Deployment options

• Deployment option - This can be for the
• The Sandbox Safe Secure Cloud used during integration and testing or sandbox pilots. Sandbox cannot hold real personal data about real people.
• The Live Safe Secure Cloud for live pilots and operational roll out.
• All Connections and DSSA remain in draft mode until they are submitted to Mydex CIC for review prior to their deployment.

Subscribers agree to Mydex Trust Framework Terms and Conditions for Subscribers

• Confirmation of Terms for Subscribers under the Mydex Trust Framework and the legal contract that the DSSA represents between them and the Member.

Activation and ongoing management

• A connection will not be activated without Subscription having been purchased.
• Activating connection and DSSA - Mydex CIC will issue, via a secure encrypted out of band channel, the version number of the connection, its ClientID and the specific secrets for the Subscribers connection. As soon as the Subscriber applies these ClientIDs and Secrets to their environment and sets their version number.
• Updating a connection and DSSA can be achieved by cloning the connection to create a new version and update it accordingly and submit the new version to Mydex CIC for review. Once approved a new version number, connection and DSSA will be activated.
• Updated connection and DSSA approval - As soon as an updated connection and DSSA is activated any Members already connected will be presented with the updated connection and DSSA to review, modify and either approve using their Private Key or reject it. If the DSSA is rejected the existing connection version number of the Connection and DSSA will remain active unless a Member chooses to revoke it.
• Approval by a Member is notified by the registered Callback URL to the Subscriber API.

Adding additional Connections and DSSAs

• Sandbox Connections and DSSAs can be promoted to the Live Safe Secure Cloud once testing has been successfully completed.
• Connections and DSSAs can be cloned if new connections and DSSAs for other applications are required as adoption of the Safe Secure Cloud spreads within the Subscriber organisation.

Citizens and Members are presented with a consistent experience with clear branding via a secure web page covering registration, authentication and DSSA approval.

• Subscribers can advertise the connection on their own websites which can trigger either a registration to create a MydexID and Password and create their Private Key and provision their Personal Data Store. This will then be followed by the presentation of DSSA for review and approval if a citizen is not yet a Member. If the citizen is already a Mydex Member they simply have to authenticate using their MydexID and Password and they will be presented with the DSSA review and approval page. Entering their Private Key will approve the DSSA and connection.
• Subscribers can send invites directly to their existing service users via established communication channels such as email or mobile number. The invite will contain a unique link generated by the Subscriber that enables the Subscriber to match the citizen to their existing account with the Subscriber. The citizen service user can either Register to become a Mydex Member and create their MydexID and password, create their Private Key and have a PDS provisioned automatically. This is followed by the presentation of the DSSA review and approval page.

• Members login to the Member Account Administration which, in addition to authentication with their MydexID and Password, also requires entry of the Private Key
• This enables Members to review all of their connections and DSSAs and modify or revoke them from a common consistent dashboard all in one place.