Person Centred Services for Citizens in Europe

The Person-centred Ecosystem

A wide range of personal/customer/citizen services require the input of data from multiple providers. The way customer/personal data is currently organised and managed – by separate organisations each in its own silo – works against providing truly ‘joined up’ services. It is often difficult, expensive and time consuming to combine multiple sets of information to provide services in this ‘joined-up’, unified way.

This problem can be solved via a citizen/person-centric approach, working with organisations. Each individual holds their own data in a personal data store where they can provide organisations with permissioned access to this data as and when it is needed.

But a personal data store in isolation is not enough. To work effectively it needs a surrounding personal data ecosystem which enables the data to be managed and shared by the individual.

This includes three interoperable layers contributing different functions:

▪ an independent identity layer where individuals can access services online using an

identity credential that can be supplied with the required amount of information (from

the data management layer below) to qualify the individual to access that service

▪ an independent communications layer enabling secure transmission of data – an open

internet with the addition of secure encryption that’s not reliant on proprietary


▪ a data management layer that enables individuals to collect and curate their own data and to share this data under their own control. This includes a consent management layer giving individuals simple, easy, ‘one-stop-shop’ tools to manage all their consents in one place (and not one by one for each different organisation or transaction). This data sharing and consent management layer is what is needed to interact with the different models for data storage, access and the underlying public sector and commercial models that go with them.

There are many challenges in developing a workable personal data ecosystem, many of them arising from the diversity of different types of data that can be created, collected and shared. But the potential benefits of a thriving, functioning personal data ecosystem are too great to ignore.

These include significant reductions in cost (through the elimination of duplication, human error and the need for evidence provided via physical channels), improvements in data quality and security leading to better quality services and reduced risk, along with much higher levels of trust.

The personal data ecosystem is effectively a platform for innovation, enabling the creation of many new services adding value for both individuals and organisations and driving economic growth.

Data Delivery and Collection / Data Sharing - Person centred services and trusted, person centred data attribute exchange as opposed to offering individuals portals or data sharing solutions controlled by the organisations. In most cases client organisations would seek to
connect systems to our platform for the delivery and collection of
data. We provide individuals with a Personal Data Store which is totally
under their control. This also comes with the ability for individuals to
make connections to organisations using our API services layer to collect,
deliver verified and unverified data across any aspect of their life with
organisations who are verified themselves and connected to the Mydex Trust
Framework and Platform.

Why the contribution is important

Architecture of collaboration – person centred services

  • Organisations e.g. Local Authorities / National Health Services / Central Government / Business / Charities and Third Sector provide the front end user experience
  • Mydex is a set of back end components for identity services, data and consent.  We deliver everything through API’s, and call them application components as a service ( ACaaS ).  For us it is about independent layers and interoperability.
  • Mydex is a platform for attribute exchange and data sharing. Individuals can collect, receive and store data about any aspect of their life and share with anyone they wish. Individuals can feed in, store and curate well being data in their personal data store, or local authorities and third sector organisations can send and access permissioned data in a personal data store (PDS) which XX /  Client as a front end can access and use in the citizen journeys it manages.

Technical / Functional

  • How does the Mydex Platform work - open standards, open API's, interoperable, wrapped up in a trust framework to ensure clear terms and conditions for participants
  • What features do Mydex offer 3 Services - Identity, Data and Consent services to underpin your services.     Individuals get a personal data store, a portable privacy friendly MydexID that supports multiple identity protocols, a set of tools and utilities to help manage their life


  • What is the range of scope of data that can be held in a personal data store - Extensive, please see our Schema information
  • How does consent management work to access and use data - API driven using data sharing agreements. See an example in our simulations and video it is based on informed consent and privacy by design
  • How is data delivered - via connection API's using open standards
  • How is data verified - using cryptographic means that ensures authenticity in transit and storage
  • Can data held in personal data stores feed into big data - Yes, with explicit consent of the individual
  • How can PDS-held data underpin Apps you want to develop so we take the processing to the data not the other way around -  using the APIs we offer, your apps just need to focus on the value add they want to offer, we do the identity, data and consent layers for you fully certified


  • What does Zero knowledge platform mean - Mydex CIC has no access to or rights to any of the personal data individuals collect, or share. It is end to end encryption, neutral layer.
  • How secure is it - please see our security model
  • What external certifications do you have - ISO27001 certified, GDPR compliant, Fair Data, tScheme and a long list of associations and memberships, we are contributor to many communities
  • Where is the data stored - In the UK, in Data Centre, each personal data store (PDS) is individual and uniquely encrypted using a Private Encryption Key only the individual knows
  • How can you reduce the risk of cyber threats to our online systems and increase protection of customer data - by allowing you to protect your systems and not expose them to the internet, you distribute and collect all personal data from the personal data store over encrypted channels and your portals and apps run directly against the customer's personal data store, no exposure of large customer systems to the outside world

Customer Journeys and use cases

Set up and activation


What is PDS video -


Application Components as a Service for Identity, Personal Data (collection, storage, and
distribution) and consent management. These are part of what is being called
the Personal Data Ecosystem, or Personal Information Economy in the private
sector. Mydex is constituted as a community interest company, asset locked
and committed to ensuring individuals are able to be active participants in
managing their own lives and the data that underpins it and how that data
is being used.

Example - In the context of Health and Social Care we enable local clusters of
organisations serving the same cohort of individuals to streamline their
customer journeys and experiences and address the challenges of secure data
sharing between organisations using a person centred approach.

ICT data Citizens EU health GDPR Business identity consent personal data stores person centred services local authority charity


Profile picture for user pedroobando
Изпратено от Pedro Obando на Пон., 08/05/2017 - 18:43

Thanks for your input. As you say, setting up personal data ecosystem is challenging endeavor, but its worthy pushing for an ecosystem that is friendly yet secure and protects privacy.
Electronic identification (eID) and electronic Trust Services (eTS), both are a good starting point. They allow secure cross-border electronic transactions and are central building blocks of the Digital Single Market.
Creating a person-centred ecosystem also depends on how customers interact with companies and how all accommodate to the new technological reality. For instance, whether potential customers trust or not services or providers, people engage with companies they trust.

happy to continue the conversation.

In reply to by Pedro Obando

Profile picture for user nomadsquire
Изпратено от Sandy Gilchrist на Вт., 17/10/2017 - 12:18

Alex - hi. I would like to understand the recognition that this approach has please.  Is it sanctioned, for example, as the recommended official EU approach, say, for GDPR data portability.  Sandy