Over the last six months, the main focus of this workstream has been consumer protection. The programme aims to ensure data protection by design, building in best practice to the ecosystem, to ensure the safety of any data transferred within it. We also want to ensure consumers understand the information they receive via dashboards, which is why we’re carrying out extensive user testing, which will feed into design standards.
We have detailed our work relating to consumer protection in a September publication, which covers activity across the programme.
Over the last six months, we have worked with our delivery partners and the pensions industry to refine our analysis of potential consumer harms and how to mitigate them within the dashboards ecosystem and beyond.
We have completed our work on the liability model for the digital architecture, which addresses gaps not already filled by existing routes to redress (against dashboard providers and pension providers) and includes a requirement of our supplier to develop a complaints handling procedure, as well as to accept users’ complaints of inadequate service against the digital architecture.
We have also started work on the data protection impact assessment (DPIA), initially focusing on the processing of data within the digital architecture. This work has fed into the requirements for the central digital architecture.
We will continue to work with the Department for Work and Pensions, HM Treasury, the Financial Conduct Authority, The Pensions Regulator and with industry and others, to ensure the correct protections for consumers are in place in relation to pensions dashboards.
We will expand the DPIA to cover the whole of the pensions dashboards ecosystem.
As the programme moves into its next phase, with the onboarding of the supplier for the central digital architecture and testing of the ecosystem, the consumer workstream will also work on a strategy for recruiting consumers to take part in this process.