4. Ecosystem: data providers responsibilities

Pension providers will have legal requirements in respect of connecting to the dashboards ecosystem and providing pensions information via dashboards, to be set out in regulations and rules.

We have outlined what data providers ie pension providers, schemes, trusts and administration software providers, will need to do in the table below.

RequirementActionsFurther info
connect to the ecosystemregister interfaces (find and view) with the governance register

register software with the consent and authorisation service

comply with PDP service standards, specifications and technical requirements (including security and safety technology, notification and reporting requirements)
detail on the requirements for dashboard provider interfaces is available within the Architecture brief for suppliers. Further detail on the scope of the code of connection and draft technical standards is available on the PDP website standards page. We expect these standards to iterate to include learnings from our initial (alpha) test phase
comply with the find and view interface standardsensure find interface and view interface comply with the PDP standardsdetail on the requirements for dashboard provider interfaces is available within the Architecture brief for suppliers. View further detail on the draft technical standards. We expect these standards to iterate to include learnings from our initial (alpha) test phase
implement the UMA profileimplement the user managed access (UMA) specification, related to the role of data providers  view further detail on the draft technical standards. We expect these standards to iterate to include learnings from our initial (alpha) test phase
receive and respond to find requestsreceive find data from the pension finder service

register automatic receipt (within a set time limit)

run internal search

any data received as part of the find request should be deleted once a match has been either made or not found

if positive match, register PeI token and store view data for subsequent access by user at dashboard (within set time limit)

if partial matches, register PeI token inviting the user to contact the provider directly via email / phone / webform etc  
Data standards introduction  

Data standards guide  

receive and respond to view requests   provide view data so that it can be returned to dashboards  

if the view data doesn’t already exist, generate this data, including any calculations  

check view requests permissions against the consent and authorisation service  

if authorised, retrieve view data from internal systems and transmit to dashboard    
Data standards introduction  

Data standards guide  

governancedata erasure – delete users’ data related to the ecosystem on request or after a significant period of non-use  

meet regulatory and monitoring requirements
view further detail on the scope of the code of connection and draft technical standards. We expect these standards to iterate to include learnings from our initial (alpha) test phase

Pension schemes and providers may delegate their find and view functions to a third party administrator or software provider.

As we understand pension schemes and providers will be acting under a legal obligation they will not have to:

  • verify the identity of dashboards users (or their authorised delegates) requesting their pensions information, as the central digital architecture’s identity service will ensure that only individuals whose identity has been proven will be able to use the ecosystem
  • provide user interfaces
  • obtain user consents for processing identity data to search internal records or to return pensions information to dashboards

Further Information

Ecosystem overview

Read more

1. Ecosystem components

Read more

2. Process flows

Read more

3. Data providers IT infrastructure

Read more

5. Ecosystem: dashboard providers’ IT infrastructure

Read more

6. Ecosystem: dashboard providers’ responsibilities

Read more