National Entitlement Card Scheme
Information Architecture
Data Flow Diagrams v.1.0 FINAL
October 2016
Dataflow Diagrams Page 2 of 41
Document Control
Document Title Dataflow Diagrams
Issue Status Version 1.0 FINAL Issue Date 15/07/2016
Author David Laughlin Title NEC Information Assurance Officer
Tel: E-Mail [email protected]
Security Classification Public Retention
Period
Per policy
Review Period Annual
Version No Date Summary of changes
0.1 DRAFT 11/11/2014 Initial issue for comments
0.2 DRAFT 16/03/2016 Revised whole document diagrams
0.3 DRAFT 07/07/2016 Revised and expanded diagrams
0.4 DRAFT 18/07/2016 Incorporate internal review after completion of
diagrams
0.5 DRAFT 20/07/2016 Issue as draft to Scottish Government/Improvement Service
0.6 DRAFT 21/09/2016 Incorporate revisions from SG/IS review, remove
national sQuid
1.0 FINAL 18/10/2016 Add missing NEC Number to Hotlist, issue
Review
Name Organisation
Stephen Peacock Scottish Government
Robert Clubb Improvement Service
Brenda Robb NECPO
Elena Brown NECPO
Stuart Law Scottish Government
Authorisation
Document Approvals
Document
Authorisation
Title/Organisation Signature Date
Paul Carroll SIRO, Dundee City Council
Dataflow Diagrams Page 3 of 41
Contents Introduction.............................................................................................................................................. 4
Internal Data Flows ................................................................................................................................. 6
National Entitlement Card Application ................................................................................................. 6
National Paper Application Form ..................................................................................................... 7
Data File Application ........................................................................................................................ 9
Agent Direct Input Application to CMS .......................................................................................... 11
NEC Online Application ................................................................................................................. 13
National Entitlement Card Update ..................................................................................................... 15
NEC Update via Agent ................................................................................................................... 16
NEC Online Update ....................................................................................................................... 18
NEC Online Update Photo ............................................................................................................. 20
NEC Replacement Card via Agent ................................................................................................ 21
NEC Online Replacement Card ..................................................................................................... 22
NEC Hotlist Card ............................................................................................................................ 23
External Data Flows .............................................................................................................................. 24
Regular .............................................................................................................................................. 24
X1 Local Authority Extracts ............................................................................................................ 25
X2a myaccount – Card Create ...................................................................................................... 27
X2b myaccount – Personal Details Change .................................................................................. 28
X2c myaccount – Contact Details Change .................................................................................... 29
X2d myaccount – Hotlist Card ....................................................................................................... 30
X2e myaccount – Sign-in/Register ................................................................................................ 31
X3 Transport Scotland ................................................................................................................... 33
Ad hoc ................................................................................................................................................ 36
X4 Police Enquiries ........................................................................................................................ 36
Appendix A – Proofs ............................................................................................................................. 38
Appendix B – Validation Points ............................................................................................................. 38
Glossary of Terms ................................................................................................................................. 39
Dataflow Diagrams Page 4 of 41
Introduction
This document contains details of the internal data flows associated with the National Entitlement
Card scheme. It is intended to assist the reader with understanding how data is used within the
scheme, and can be read in isolation, or to supplement the National Entitlement Card Scheme
Privacy Impact Assessment document.
The National Entitlement Card is a multi-application smartcard available on request for all Customers
of Scotland over the age of three to allow access to a range of services. The National Entitlement
Card Programme Office (NECPO), based in Dundee City Council, acts on behalf of all Scottish Local
Authorities in the supply and production of the card itself, with the Scottish Local Authorities
authenticating and processing the NEC applications.
The current Terms and Conditions for the National Entitlement Card scheme can be found at
http://www.entitlementcard.org.uk/nec-terms-and-conditions.
Applications can be initiated by contacting a Local Authority or an organisation authorised to act on
their behalf (e.g. SPT). Alternatively the Customer can apply for the NEC using the self-serve NEC
Online process. To access NEC Online the Customer will first register and then login to the Scottish
Government’s myaccount service, which is designed to help public sector organisations deliver
secure online services to the right person. The myaccount service will then allow access to NEC
Online. The interaction between myaccount and NEC Online is described in this document; a
corresponding document exists for the myaccount service itself.
The current Terms and Conditions for myaccount can be found at https://signin.mygovscot.org/home.
The areas where information is processed internal and external to the NEC scheme are listed below
Business Function Potential internal dataflows Potential external dataflows
NEC Application
Paper Application Form Datafile Application Application via Agent NEC Online Application
X1 Local Authority X2a myaccount - Card Create X2e myaccount – Sign-in/Register X3 Transport Scotland
NEC Update
NEC Update via Agent NEC Online Update NEC Update Photo via Agent NEC Online Update Photo NEC Replacement Card via Agent NEC Online Replacement Card NEC Hotlist Card
X1 Local Authority X2a myaccount - Card Create X2b myaccount - Personal Details Change X2c myaccount - Contact Details Change X2e myaccount – Sign-in/Register X3 Transport Scotland
Dataflow Diagrams Page 5 of 41
Police Enquiry X4 Police Enquiries
Data items within each flow are described below each diagram.
Dataflow Diagrams Page 6 of 41
Internal Data Flows
In the following diagrams, descriptions of data flows commencing “X” refer to External Data Flows.
National Entitlement Card Application
Customers can apply for a National Entitlement Card in various ways and the Customer’s data is
transferred to the national Card Management System (CMS) in the following ways:
Paper Application Form: the Customer completes the appropriate national application form
(Elderly, Young Person, Disabled) which is then presented at a Local Authority location, an SPT
office (SPT acting on behalf of the relevant LA), or at a Post Office (in areas where they accept
Elderly forms only on behalf of the LA). At each, personal details are verified, and the validated
application sent securely by Royal Mail to the processing Bureau.
Data File Application: the Customer’s verified personal details are extracted along with other
details from an existing local authority system; with the consent of the Customer they are added
to a file with a prescribed format for secure transmission to the Card Management System.
Agent Direct Input Application to CMS: the Customer attends a Local Authority location or SPT
office for personal detail verification, their details are manually entered into the Card Management
System by the Local Authority Agent. Local Authorities may use local paper application forms as
part of the data collection process.
NEC Online Application: the Customer is directed through the myaccount service to the NEC
online portal where name, address and photograph details are supplied. The Customer may then
be required to attend a Validation Point and provide personal verification to the Local Authority
Agent who then completes the application and requests the card.
Dataflow Diagrams Page 7 of 41
National Paper Application Form
National Paper Application Form Explanatory Notes
1. The Customer requests and receives an appropriate national paper form for a National
Entitlement Card. These vary depending on the services the Customer is entitled to. There are
three main forms: one for the 60+ age group, one for the 11-25 age group, and one for Disabled
Persons aged 5+.
2. The Customer completes the application form by providing their details.
Form Data:
Title (optional)
Gender
First Name
Middle Initials/Middle Name (optional)
Surname
Date of Birth
Address
Phone number (optional)
Mobile number (optional)
Email address (optional)
Current school/college/university (if relevant)
Consent to data share
Young Scot (if relevant)
Volunteer (if relevant)
Photograph
Photo referee contact details (only if no photographic proof)
3. The Customer presents the completed paper application form and any required proofs of person,
residence, photograph and entitlement to a Validation Point. This could be a Local Authority
location, an SPT office, or a Post Office, depending on the type of application. See Appendix A –
Proofs; Appendix B – Validation Points.
4. The Local Authority Agent verifies the form content and checks the proofs shown to authenticate
the applicant’s details and will only approve the application if satisfied with these.
Proof Data:
Dataflow Diagrams Page 8 of 41
Proof of person
Proof of residency
Proof of photo
Proof of entitlement
Validation stamp
5. The completed and verified forms are then batched together by the Validation Point and sent to
the Card Bureau via Royal Mail using an official pre-addressed, pre-paid envelope.
6. Forms received by the Bureau are scanned and transcribed electronically into the Card
Management System with date and time recorded to enable the monitoring of the application
through the process.
7. The personalised National Entitlement Card is produced and sent to the Customer; this also
results in external dataflows:
X1 – Local Authority
X2a – myaccount – Create Card
X3 – Transport Scotland.
Dataflow Diagrams Page 9 of 41
Data File Application
Data File Application Explanatory Notes
1. In certain cases, the Customer’s Local Authority already manages a system which contains
information that has already been verified regarding the Customer.
2. The Local Authority asks the Customer to agree to the Terms and Conditions of the NEC. The
Terms and Conditions include permission to share data with the Local Authority in whose area the
Customer resides or is in school, and any Service Provider with whom the Customer elects to
transact. In addition, the Customer may choose to share data with other public sector
organisations.
3. Card application data is extracted from the local database in a prescribed format. A photograph is
not required for the Junior NEC, known as KIDZ card, which some Local Authorities offer to
children below secondary school age. The facility for certain Local Authorities to have barcode
and Library/Leisure system identifiers as part of the card that is produced means that these fields
can be populated, although this is restricted to a limited number of Local Authorities and is being
phased out.
Extract Data:
Title
Gender
First Name
Middle Initials/Middle Name
Surname
Date of Birth
Address
Phone number
Mobile number
Current school/college/university
Consent to data share
Young Scot
Volunteer
Photo
Photo referee contact details
Proof of person
Proof of residency
Dataflow Diagrams Page 10 of 41
Proof of photo
Proof of entitlement
Pupil ID (if supplied by LA, used to allow schools to associate NEC holders with education-based systems,
not visible within CMS but returned to Local Authority in dataflow)
Leisure ID (if supplied by LA, used to produce card and subsequent replacements, not visible within CMS)
Library ID (if supplied by LA, used to produce card and subsequent replacements, not visible within CMS)
Barcode ID (if supplied by LA, used to produce card and subsequent replacements, not visible within CMS
but returned to Local Authority in dataflow)
Legacy Reference Number (if supplied by LA, used to allow LAs to associate NEC holders with existing LA
systems, not visible within CMS but returned to Local Authority in dataflow)
4. This data extract is passed through format validation software locally that does not alter any of the
initial data. A secure file is generated.
5. The secure file is transferred to the Card Bureau via secure file transfer protocol where the data is
further validated; any errors result in the file being rejected, and the Local Authority is required to
correct it. Files passing validation are loaded into the Card Management System.
6. The National Entitlement Card is produced from the data held and sent to the Customer; this also
results in external dataflows:
X1 – Local Authority
X2a – myaccount – Create Card
X3 – Transport Scotland.
Dataflow Diagrams Page 11 of 41
Agent Direct Input Application to CMS
Agent Direct Input Application to CMS Explanatory Notes
1. The Customer visits a Validation Point (this could be a Local Authority location or an SPT office
but NOT a Post Office as they have no access to CMS) to present proofs of person, residence,
photograph and entitlement. See Appendix A – Proofs; Appendix B – Validation Points. Some
Local Authorities will also provide a form to collect details in advance.
2. The Local Authority Agent at the Validation Point enters the Customer’s personal and other
details as presented directly into the Card Management System. A photograph is not required for
the Junior NEC, known as KIDZ card, which some Local Authorities offer to children below
secondary school age.
Screen Data:
Title
Gender
First Name
Middle Name
Surname
Date of Birth
Address
Phone number
Mobile number
Email address
Photograph
Current school/college/university
Young Scot
Volunteer
3. The Card Management System will prompt the Local Authority Agent to ask the Customer to
agree to the Terms and Conditions. Terms and Conditions include permission to share data with
the Local Authority in whose area the Customer resides or is in school and with any Service
Provider with whom the Customer elects to transact using the card.
4. The Customer is asked to confirm that they agree to the Terms and Conditions, and whether or
not they consent to share data with the wider Scottish public sector.
Dataflow Diagrams Page 12 of 41
5. If the Customer agrees to the Terms and Conditions, the Local Authority Agent checks all details
are correct and verifies and completes the application with a request for a card to be produced,
otherwise the entry is cancelled deleting all Customer information gathered. Data is entered into
the system reflecting the proofs seen.
Proof Data:
Photo referee contact details
Proof of person
Proof of residency
Proof of photo
Proof of entitlement
6. The personalised National Entitlement Card is produced and sent to the Customer; this also
results in external dataflows:
X1 – Local Authority
X2a – myaccount – Create Card
X3 – Transport Scotland.
Dataflow Diagrams Page 13 of 41
NEC Online Application
NEC Online Application Explanatory Notes
1. The Customer goes to the ‘National Entitlement Card’ online web page.
2. The service requires the Customer to register or sign-in using the myaccount service, which
includes external dataflow:
X2e – myaccount Sign-in/Register.
3. The Customer will be directed back to the NEC online portal with the sharing of core details to
populate certain elements of the online application form and to allow partially completed
applications in NEC Online to be linked with the user that is signed in to myaccount.
myaccount Data
Username
Gender
First Name
Middle Name
Surname
Name
Date of Birth
Address
Email address
NEC Number(s)
SLoA
UCRN
Secure Visitor Token
4. The Customer is then required to complete other parts of the application providing additional
details and a photograph.
Form Data
Title
Preferred Name
Phone number
Mobile number
Dataflow Diagrams Page 14 of 41
Photo
Consent to data share
Agreement to Terms and Conditions (NEC)
5. The Customer confirms the details recorded by NEC Online are correct and are ready to be
transferred to the Card Management System.
6. The online application details are transferred to the Card Management System to await
verification of proofs and validation of the application by an LA Agent at a Validation Point.
7. The portal reference number for the application is shared with the Customer.
8. The Customer is advised to take required proofs to the Validation Point for their Local Authority
area. These are all listed on http://www.entitlementcard.org.uk/validation-points and may be a
Local Authority location or an SPT office.
9. The Customer brings the portal reference number and any required proofs of person, residence,
photograph and entitlement to the Validation Point for their local authority area for verification of
proofs and validation of the application.
10. The Local Authority Agent at the Validation Point completes validation of proofs, and then submits
the request for the card to be produced.
Proofs Data:
Photo referee contact details
Proof of person
Proof of residency
Proof of photo
Proof of entitlement
11. The personalised National Entitlement Card is produced and sent to the Customer; this also
results in external dataflows:
X1 – Local Authority
X2a – myaccount – Create Card
X3 – Transport Scotland.
12. The online application data is deleted from the NEC Online portal after 30 days or once the
application has been validated if that is sooner.
Dataflow Diagrams Page 15 of 41
National Entitlement Card Update
Customers are able to request updates to their details held on the national Card Management System
(CMS), some of which may result in the hotlisting of their existing card and the option to have a
replacement card to reflect these updates in some instances.
In addition, if it is suspected that a card has been misused or its holder is otherwise no longer entitled
to one or all of the services it gives them access to (e.g. if they have moved away), it may be
hotlisted.
NEC Update functions are:
NEC Update via Agent: the Customer contacts their Local Authority or SPT office to make
amendments to personal details, contact details or photograph. This may or may not result in the
issue of a replacement card and the hotlisting of the old card.
NEC Online Update: the Customer is directed through myaccount service to the NEC online
portal where they can choose to update personal or contact details. For certain changes, the
Customer may need to present additional proofs to the Local Authority Agent at a Validation Point
who can then complete the update. This may or may not result in the issue of a replacement card
and the hotlisting of the old card.
NEC Online Update Photo: the Customer is directed through myaccount service to the NEC
online portal where they can choose to provide a new photograph; this is verified by the Local
Authority Agent and this may result in the production of a replacement card, and the hotlisting of
the old card.
NEC Replacement Card via Agent: the Customer contacts a Local Authority Agent to report
their card as lost, not received, stolen or damaged; this allows a new card to be produced and
dispatched, and the old card to be hotlisted. There may also be a need for Local Authority Agents
to follow this process if the card is issued with errors on, or there is a scheme change that will
render the current card unusable.
NEC Online Replacement Card: the Customer is directed through myaccount service to the
NEC online portal where they can report their card as lost, stolen or damaged; this allows a new
card to be produced and dispatched, and the old card to be hotlisted.
NEC Hotlist Card: the Customer’s card may need to be withdrawn without being replaced if, for
example, a Local Authority is notified that the Customer is deceased, or has moved away.
Alternatively, the card may have been reported as being used fraudulently by a Service Provider
(e.g. Transport Scotland). In each case, a Local Authority Agent may hotlist the card without
issuing a replacement.
Dataflow Diagrams Page 16 of 41
NEC Update via Agent
NEC Update via Agent Explanatory Notes
1. The Customer makes contact with a Local Authority Agent to request changes to their personal
details, contact details or photograph in CMS.
2. The Agent will establish whether the changes require the Customer to attend in person to present
proofs relating to change of person or address or entitlement before processing the relevant data.
Change Data:
Title
Name
Date of Birth
Gender
Address
Phone number
Mobile number
Email address
Photograph
Current school/college/university
Young Scot
Volunteer
Consent to data share
Verify proofs
Photo referee contact details
Proof of residency
Proof of photo
Proof of entitlement
3. The Local Authority Agent makes the changes requested, with external dataflows as appropriate:
X1 – Local Authority
X2b – myaccount – Personal Details Change
and/or X2c – myaccount – Contact Details Change.
Dataflow Diagrams Page 17 of 41
4. If appropriate, the Local Authority Agent then requests a replacement card to be produced. This
will also result in hotlisting of the previous card and additional dataflow:
NEC Hotlist Card.
5. The personalised National Entitlement Card is produced and sent to the Customer; this also
results in external dataflows:
X1 – Local Authority
X2a – myaccount – Create Card
X3 – Transport Scotland.
Dataflow Diagrams Page 18 of 41
NEC Online Update
NEC Online Update Explanatory Notes
1. The Customer signs in or registers with the myaccount service, which includes external dataflow:
X2e – myaccount Sign-in/Register.
2. The Customer will be directed to the NEC online portal with the sharing of core details to establish
a link to the correct account.
myaccount Data:
Username
Gender
Name
Date of Birth
Address
Email address
NEC Number(s)
SLoA
UCRN
Secure Visitor Token
3. If the Customer updates their contact details, these changes are made immediately; this also
results in external dataflows as appropriate:
X1 – Local Authority
X2c – myaccount – Contact Details Change.
Contact Data:
Phone number
Mobile number
Email address
4. The Customer may choose to update their preferred name and/or address; these are the only
personal details other than a photograph that can be updated using NEC Online.
5. If so, they will be informed that a Local Authority Agent will check name and address changes;
address and some name changes may require proofs to be presented.
6. When notified, the Local Authority Agent checks the name changes and address changes, and
contacts the Customer requiring proof if necessary.
Dataflow Diagrams Page 19 of 41
7. If the name and/or address change is acceptable, the Local Authority Agent approves the request
and the Customer’s record on the Card Management System is updated to reflect this, with
external dataflows as appropriate:
X1 – Local Authority
X2b – myaccount – Personal Details Change.
Personal Data:
Preferred Name
Address
8. If appropriate, the Local Authority Agent then requests a replacement card to be produced. This
will also result in hotlisting of the previous card and the appropriate dataflow:
NEC – Hotlist Card.
9. The personalised National Entitlement Card is produced and sent to the Customer; this also
results in external dataflows:
X1 – Local Authority
X2a – myaccount – Create Card
X3 – Transport Scotland.
Dataflow Diagrams Page 20 of 41
NEC Online Update Photo
NEC Online Update Photo Explanatory Notes
1. The Customer signs in to or registers with myaccount service, which includes external dataflow:
X2e – myaccount Sign-in/Register.
2. The Customer will be directed to the NEC online portal with the sharing of core details to establish
a link to the correct account.
myaccount Data:
Username
Gender
Name
Date of Birth
Address
Email address
NEC Number(s)
SLoA
UCRN
Secure Visitor Token
3. The Customer uploads a photograph and will be informed that a Local Authority Agent will need to
check the photograph.
4. The Local Authority Agent compares the new photograph against the original photograph to
ensure this is the same person and that the new photograph is suitable.
5. If the photo is acceptable, the Local Authority Agent approves the request and the Customer’s
record on the Card Management System is updated to reflect this; if the photograph is not
acceptable, the Local Authority Agent will contact the Customer to inform them so that any issue
can be resolved.
6. If appropriate, the Local Authority Agent then requests a replacement card to be produced which
will have the new photo on it.
7. The personalised National Entitlement Card is produced and sent to the Customer; this also
results in external dataflows:
X1 – Local Authority
X2a – myaccount – Create Card
X3 – Transport Scotland.
Dataflow Diagrams Page 21 of 41
NEC Replacement Card via Agent
NEC Replacement Card via Agent Explanatory Notes
1. The Customer makes contact with a Local Authority Agent to report that their card has been lost
or not received, stolen or damaged; there may also be a need to replace a card if it is issued with
errors or there is a scheme change that will render the current card unusable
2. The Local Authority Agent records the reason for a replacement card being requested, and
processes the request.
3. The old card is automatically hotlisted, as per dataflow:
NEC Hotlist Card.
4. The personalised National Entitlement Card is produced and sent to the Customer; this also
results in dataflows over external dataflows:
X1 – Local Authority
X2a – myaccount – Create Card
X3 – Transport Scotland.
Dataflow Diagrams Page 22 of 41
NEC Online Replacement Card
NEC Online Replacement Card Explanatory Notes
1. The Customer signs in to or registers with the myaccount service, which includes external
dataflow:
X2e – myaccount Sign-in/Register.
2. The Customer will be directed to the NEC online portal with the sharing of core details to establish
a link to the correct account.
myaccount Data
Username
Gender
Name
Date of Birth
Address
Email address
NEC Number(s)
SLoA
UCRN
Secure Visitor Token
3. The Customer reports that their National Entitlement Card has been lost, stolen or damaged and
this will create a replacement card action within the Card Management System. The type of card
issued cannot be changed online.
4. The old card is automatically hotlisted as per NEC Hotlist Card dataflow.
8. The personalised National Entitlement Card is produced and sent to the Customer; this also
results in external dataflows:
X1 – Local Authority
X2a – myaccount – Create Card
X3 – Transport Scotland.
Dataflow Diagrams Page 23 of 41
NEC Hotlist Card
NEC Hotlist Card Explanatory Notes
1. EITHER: National Entitlement Cards can be hotlisted manually if the Customer has moved away,
is deceased or there is a suspicion of misuse of the card.
2. OR: The majority of National Entitlement Cards that are hotlisted will be placed on the hotlist as a
result of a card replacement being issued, for whatever reason.
3. The Card Management System is updated with the fact that the card has been hotlisted, together
with the reason.
Hotlist Data
NEC Number
Hotlist date
Hotlist reason
This also results in the external dataflows:
X1 – Local Authority
X2d – myaccount – Hotlist Card
X3 – Transport Scotland.
Dataflow Diagrams Page 24 of 41
External Data Flows
External data flows fall into two broad categories – Regular and Ad Hoc.
Regular
As part of the day-to-day operation of the NEC Scheme, a number of different data flows to systems
outside of the CMS exist to ensure that data is correctly maintained in all systems underpinning the
Scheme:
X1 Local Authority Extracts: the data controller for the NEC Scheme is the Customer’s Local
Authority, and, to assist them in their obligations with regard to the scheme and data protection,
Customer data is shared with the Local Authority concerned.
X2a myaccount – Create Card: a new or replacement card issue results in data being used to
notify myaccount of the details.
X2b myaccount – Personal Details Change: an update to the Customer’s personal details on
CMS results in data being used to notify myaccount of the details; similarly, personal details
updated on myaccount, including notifications of death, are passed to CMS.
X2c myaccount – Contact Details Change: an update to the Customer’s contact details on
CMS results in data being used to notify myaccount of the correct details; similarly, contact details
updated on myaccount are passed to CMS.
X2d myaccount – Hotlist: hotlisting the Customer’s card on CMS results in data being passed to
myaccount with the details.
X2e myaccount – Sign-in/Register: the Customer who wishes to make use of NEC Online is
required to make use of myaccount. The myaccount service shares certain data with NEC Online
as part of the process of signing in the Customer.
X3 Transport Scotland: as all National Entitlement Cards have the potential to carry travel
concessions or tickets on behalf of Transport Scotland, some data has to be provided to
Transport Scotland systems.
Dataflow Diagrams Page 25 of 41
X1 Local Authority Extracts
X1 Local Authority Extracts Explanatory Notes
1. On a daily basis, every new application, replacement card request or change of circumstance
recorded within CMS are included in a file that is provided to the Local Authority responsible for
the Customer concerned, which allows Local Authority services for these cards to be activated,
hotlisted, or updated as required. The Daily File extract contains data for that Local Authority only.
LA Data
Applicant ID
Application ID
Application Status
Created By
NEC Number
Photo ID
Gender
Title
Name
Date of Birth
UCRN
Deceased indicator
Deceased date
Address
Postcode
UPRN
Local Authority
Telephone
Mobile
Data Sharing indicator
Terms & Conditions indicator
Card Type
Proof of Identity
Proof of Residency
Disability/Disabilities type
Card Expiry Date
Card Type (Kidz/Not Kidz)
Mifare Number
ISRN Number
Encoded On Date
Dataflow Diagrams Page 26 of 41
Printed On Date
Despatched On Date
Expired On Date
YP Bus indicator
YP Rail indicator
Ferry indicator
TS Ferry Voucher Number
Card Status
Barcode
Establishment Code
Replacement Date
Replacement Reason
Hot List Date
Hot List Reason
Legacy No.
Pupil ID
HE/FE indicator
YP/YS indicator
2. A Local Authority may request a file containing an extract of the records for all Customers that
they are responsible for. This request must be placed via NECPO. The Full File extract contains
data for that Local Authority only; data provided is as described in 1.
3. The Daily File is created overnight and is placed on a secure transfer (sftp) server to be collected
by an authorised Local Authority Agent (access rights are controlled dependent on operational
need).
4. If possible, the Full File is created close to the time requested by the Local Authority, and is
placed on a secure transfer (sftp) server to be collected by an authorised Local Authority Agent
(access rights are controlled dependent on operational need).
Dataflow Diagrams Page 27 of 41
X2a myaccount – Card Create
X2a myaccount – Card Create Explanatory Notes
1. A Create Card (CC) record relating to every card created on CMS that day is added to a file to be
sent on a daily basis to myaccount to allow Customer and address information to be verified and
maintained within what is initially a dormant, ‘card only’ myaccount record which can
subsequently be activated by the Customer for use online. Note that the card may either be new,
or be a replacement.
CC Data
Applicant ID
NEC Number
Gender
Name
Date of Birth
UCRN
Address
Postcode
UPRN
Local Authority
Proof of Identity
Proof of Residency
Transaction Code
Preferred Name
Provenance (CMS)
Date of Event
2. A Data Integration Confirmation (DIC) record for every Create Card record successfully received
from CMS is added by myaccount to a file that is sent on a daily basis to CMS.
DIC Data
Applicant ID
UCRN
Postcode
UPRN
Transaction Code (ignored by CMS)
Preferred Name
Provenance (myaccount)
Date of Event
Dataflow Diagrams Page 28 of 41
X2b myaccount – Personal Details Change
X2b myaccount – Personal Details Change Explanatory Notes
1. A Personal Details Change (PDC) record for each Customer record that has had changes to
relevant Personal Details on CMS that day is added to a file to be sent on a daily basis to
myaccount to allow these details to be verified and maintained within what is initially a dormant,
‘card only’ myaccount record which can subsequently be activated by the Customer for use
online.
PDC CMS Data
Applicant ID
NEC Number
Gender
Name
Date of Birth
UCRN
Proof of Person
Transaction Code
Preferred Name
Provenance (CMS)
Date of Event
2. Similarly, a Personal Details Change (PDC) record relating to each record in myaccount that has
had changes made to relevant Personal Details that day is added to a file to be sent on a daily
basis to CMS to allow these details to be verified and maintained within CMS. This data may
include notification that the Customer is now deceased.
PDC myaccount Data
Applicant ID
Gender
Name
Date of Birth
UCRN
Deceased indicator
Deceased date
Transaction Code (ignored by CMS)
Preferred Name
Provenance (myaccount)
Date of Event
Dataflow Diagrams Page 29 of 41
X2c myaccount – Contact Details Change
X2c myaccount – Contact Details Change Explanatory Notes
1. A Contact Details Change (CDC) record for each Customer record that has had changes to
relevant Contact Details on CMS that day is added to a file to be sent on a daily basis to
myaccount to allow these details to be verified and maintained within what is initially a dormant,
‘card only’ myaccount record which can subsequently be activated by the Customer for use
online.
CDC CMS Data
Applicant ID
NEC Number
UCRN
Address
Postcode
UPRN
Local Authority
Proof of Residency
Transaction Code
Provenance (CMS)
Date of Event
2. Similarly, a Contact Details Change (CDC) record relating to each record in myaccount that has
had changes made to relevant Contact Details that day is added to a file to be sent on a daily
basis to CMS to allow these details to be verified and maintained within CMS.
CDC myaccount Data
Applicant ID
Address (ignored by CMS)
Postcode (ignored by CMS)
UPRN (ignored by CMS)
Local Authority (ignored by CMS)
Telephone
Mobile
Transaction Code (ignored by CMS)
Provenance (myaccount)
Date of Event
Dataflow Diagrams Page 30 of 41
X2d myaccount – Hotlist Card
X2d myaccount – Hotlist Card
1. A Hotlist Card (HC) message recording details of each card hotlisted on CMS that day is added to
a file to be sent on a daily basis to myaccount to allow these details to be verified and maintained
within what is initially a dormant, ‘card only’ myaccount record which can subsequently be
activated by the Customer for use online.
HC CMS Data
Applicant ID
NEC Number
Hot List Date
Transaction Code
Provenance (CMS)
Date of Event
Applicant ID
Dataflow Diagrams Page 31 of 41
X2e myaccount – Sign-in/Register
X2e myaccount Sign-in/Register Explanatory Notes
1. When the Customer wishes to use NEC Online to see or modify their card details held in CMS, or
to make an application for an NEC, they must use the Scottish Government’s myaccount service
for secure access.
2. NEC Online redirects visitors wanting to use the myaccount service to the site automatically.
3. The myaccount service will ask the Customer to either sign-in if they have used the myaccount
service before, or to register.
4. The data entered by the Customer will vary depending on whether they need to register, or are
signing-in having registered with the myaccount service on another occasion. A Customer may
choose to register with their National Entitlement Card if they already have one which will reduce
the amount of detail required to be entered.
Sign-in Data
Username
Password
Register Data (without National Entitlement Card)
Title
Name
Date of Birth
Gender
Address
Preferred Name
Telephone Number
Mother’s maiden name (if required)
Town of birth (if required)
Terms and Conditions agreement (myaccount)
Data share consent (NEC)
Dataflow Diagrams Page 32 of 41
Register Data (with National Entitlement Card)
Date of Birth
Postcode
Telephone Number
Terms and Conditions agreement (myaccount)
NEC Number
5. Once the Customer has successfully signed in or registered, the Customer data relating to the
Customer from myaccount is passed securely to NEC Online, along with a Secure Visitor Token
(SVT) which is a unique opaque identifier shared only between myaccount and the NEC Online
system to allow the Customer to have seamless access to their NEC details without these
needing to be shared with myaccount.
myaccount Data
Username
Gender
Name
Date of Birth
Address
Email address
NEC Number(s)
SLoA
UCRN
Secure Visitor Token
6. If the Customer is already identified by myaccount as holding an NEC and having a record on
CMS, using the information received from myaccount, NEC Online requests access to the card
details held on the Customer Management System for the Customer.
Request Data
NEC Number
Secure Visitor Token
7. The Card Management System returns details relating to the Customer’s NEC to NEC Online.
Card Data
Applicant ID
NEC Number
Name
Card Issue Date
Card Expiry Date
Card Status
Secure Visitor Token
8. Using the data supplied from CMS, NEC Online then proceeds to allow the Customer access to
their data.
Dataflow Diagrams Page 33 of 41
X3 Transport Scotland
X3 Transport Scotland Explanatory Notes
1. The CMS sends data to specialist secure printers that produce each National Entitlement Card.
Each card produced is encoded to ITSO standards (see below) to allow it to be used for transport
purposes.
2. To ensure that the ITSO encoding on the card is correctly recorded on Transport Scotland’s back
office HOPS system, devices associated with the printers themselves securely transfer a record
of the cards produced to Transport Scotland’s ITSO HOPS daily.
Print Data
NEC Number
ISRN
Expiry Date
Title
Name
Address
Postcode
Phone
Mobile
Date of Birth
Concession type
3. The CMS also records basic demographic information relating to each card produced and
securely transfers a file on a daily basis to Transport Scotland.
Demographic Data
NEC Number
Date of Birth
Gender
Postcode
Dataflow Diagrams Page 34 of 41
Local Authority
Applicant Form ID
Applicant ID
Test Card indicator
Effective Start Date/Time
Effective End Date/Time
Card Status
Card Concession Type
Transport Scotland Concession Scheme
4. Daily, a file containing data relating to each card hotlisted within CMS is securely transferred to
Transport Scotland’s HOPS.
Hotlist Data
NEC Number
Date Effective From
Reason
ITSO Explanatory Notes
ITSO is the national Specification, or Standard, for smart ticketing. The copyright for this is owned by The Crown in Great Britain.
The Specification was developed with the aim of ensuring that public transport operators throughout Great Britain can develop compatible smart ticketing systems.
That means that, where necessary or desirable, different operators’ smart ticketing systems can ‘talk’ to each other so that a passenger can use just one smartcard no matter which operator is providing a service or what mode of transport they are using, rather than having to buy lots of different tickets or carry separate smartcards.
THIS section explains how an ITSO smart ticketing system currently works. However technology continues to evolve and this will change and adapt in future.
All ITSO-compliant systems rely on ISAMs (ITSO Secure Application Modules) which are secure electronic data processing modules, the size of a mobile phone SIM card. These check the card
Dataflow Diagrams Page 35 of 41
holders’ permissions, authenticate and validate their electronic tickets, and store journey data for further processing.
The ISAM communicates with the back office system (HOPS or Host Operator or Processing System) through another security device called an HSAM (HOPS Secure Application Module).
The overarching security application module in a system is known as the Primary HSAM or PHSAM.
ISAMs are inserted into railway ticketing gates and machines, or on bus, tram or ferry ticketing machines. They can also reside within handheld ticketing machines used by bus or train ticket inspectors, or be used in toll systems such as on bridges or in transport tunnels.
When an operator sets up an ITSO system, the ISAMs are profiled using the ITSO Security Management System (ISMS) which is run by ITSO Limited. This is the central part of the ITSO Security Sub System which acts as the ‘keeper of the keys’, managing the provision of data access keys to the secure devices (ISAMs) in ticketing machines and barriers.
The electronic wallet within a smartcard that contains electronic tickets for ITSO-compliant schemes, similar to an ‘app’ on a smartphone, is known as a shell. The shell can be programmed to be read by machines to say ‘yes this person has enough money on the card to pay for this ticket’, or ‘yes this person is a railway season ticket holder for this route’. This is programmed by individual transport operators to reflect their individual tickets and prices.
ITSO Limited only provides the services of the ISMS. It does not offer smartcards, ticketing machines or HOPS services. These are provided by suppliers whose equipment is tested and certified by ITSO to ensure it can run ITSO-compliant schemes.
https://www.itso.org.uk/itso-explained/
Dataflow Diagrams Page 36 of 41
Ad hoc
Access to NEC scheme data is tightly controlled, and is normally only available to the Local Authority
associated with the Customer and organisations acting on the Local Authority’s behalf in
administering the NEC scheme or services associated with it. There is only one formalised data flow
which has been agreed as an exception to this:
X4 Police Enquiries: in exceptional and tightly controlled circumstances, data may be shared
with the Police Service of Scotland (Police Scotland) or the British Transport Police on request.
This process is managed by Transport Scotland, and is documented in a Memorandum of
Understanding designed to ensure that data is only shared when necessary, and is limited to
those directly implicated in the request.
X4 Police Enquiries
X4 Police Enquiries Explanatory Notes
1. Police officers determine that data relating to the NEC may be of help in relation to cases relating
to a serious crime, or preventing harm to life. The data requested is documented as precisely as
possible (e.g. dates and times required), and is authorised by a senior officer. The form
requesting information is submitted to Transport Scotland via secure e-mail.
2. In line with their Data Protection Act responsibilities, Transport Scotland will assess whether the
data requested can be disclosed without a warrant being requested. Depending on the request,
they may be able to retrieve information such as journeys from HOPS at this stage.
3. Assuming that the request is judged to be reasonable and also requires information from CMS,
Transport Scotland will pass the query to NECPO by secure e-mail.
Dataflow Diagrams Page 37 of 41
4. Again, in line with their Data Protection Act responsibilities, NECPO will need to be satisfied that
the data requested can be disclosed without a warrant being requested. If so, requested data is
retrieved from CMS.
Card Data
Name
Address
Date of Birth
NEC Number
Photograph (if required)
Date of card replacement
Reason for card replacement
Card expiry date
Card type
5. Data from CMS, or indeed a refusal, is returned via secure e-mail to Transport Scotland by
NECPO.
6. Responses from Transport Scotland, which may comprise data from either or both HOPS and
CMS as well as full or partial refusals, are returned to the relevant Police Service (Police Scotland
or British Transport Police) via secure e-mail.
Dataflow Diagrams Page 38 of 41
Appendix A – Proofs
As the National Entitlement Card can be used to give access to a number of different services and as
proof of age, etc., it is only issued when a person, their address, photograph and entitlement has
been verified by checking certain documentary or other evidence or proofs.
The up-to-date list of acceptable proofs of person, address and photograph can be found at
http://www.entitlementcard.org.uk/proofs.
The up-to-date list of acceptable proofs of entitlement for the Transport Scotland Concessionary
Travel Scheme for the disabled can be found at
http://www.transport.gov.scot/public-transport/concessionary-travel-people-aged-60-or-disability.
Appendix B – Validation Points
Across Scotland there are a number of locations Customers may visit to have their proofs verified and
their NEC application validated. These are operated by or on behalf of the Customer’s Local
Authority. Different Local Authorities may use Customer Service locations, Libraries, SPT offices, Post
Offices, etc. Locations vary by Local Authority and over time. Some locations may only accept certain
types of application as e.g. Elderly and Young People’s applications may be handled separately. A list
of Validation Points for each Local Authority can be found at
http://www.entitlementcard.org.uk/validation-points.
Dataflow Diagrams Page 39 of 41
Glossary of Terms
Term Meaning
Agent (Local Authority Agent) An official acting on behalf of a Local Authority who assists in managing National Entitlement Cards for their area. They are an employee either of the Local Authority or of an organisation acting on behalf of the Local Authority such as SPT, and will usually have access to the NEC CMS as their role requires. However, not all LA Agents will have access to CMS.
Applicant ID The Applicant ID is generated by the CMS as a unique system identifier for the record corresponding to an individual applying for an NEC. For a large number of Customers, there will be a single Applicant ID; however, individuals may have multiple Applicant IDs if separate applications have been made by the Customer over time. Only in very few cases are multiple Applicant IDs active at any given time for a single Customer and these are linked Applicant IDs; these are linked within the system to allow the Customer’s records to be managed effectively.
Application ID A unique Application ID is assigned by CMS to each application received. Paper forms have this identifier pre-printed on them, applications received directly into the system, or electronically either by datafile or via NEC Online are assigned an Application ID as the CMS record is created. The Application ID is shared with the Customer’s Local Authority and serves as an audit cross-reference to forms submitted.
Authentication The process of determining whether someone is who he or she is declared to be. This is usually carried out by presenting credentials e.g. supplying a username and password to a computer system. Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual.
Back-office Refers to processes which are not normally visible to be public, e.g. the re-ordering of stock for a shop.
Card Bureau A service provided under contract to NECPO that provides a facility to produce and dispatch cards.
CMS National Entitlement Card Management System which holds Customer data relevant for the production of the National Entitlement Card.
Credential Something that is verified when presented as part of an authentication transaction. For the myaccount service this will normally be a username and password combination although other information may be asked for where additional security measures are required
Customer A member of the public who is, intends to be, or has been an NEC holder. Hotlist A list of card numbers representing cards that are no longer valid for use
either due to being replaced through normal processes, or being reported as lost, stolen or used fraudulently.
HOPS Host Operator or Processing System, the system used for managing transport operator use of ITSO smart ticketing.
Identifier Something that names or identifies a piece of data. Improvement Service The Improvement Service works with Local Authorities and their partners
to help improve the efficiency, quality and accountability of local public services in Scotland by providing advice, consultancy and support. Amongst other roles, they are responsible for the management and development of the myaccount system and the extended use of the One Scotland Gazetteer and National Entitlement Card scheme.
ITSO ITSO Ltd is a Government-backed, non-profit distributing organisation which aims to make travelling on public transport throughout the UK seamless and easier by using smart ticketing technology. The company is the guardian of the ITSO Specification – a Crown Copyright open national standard for smart ticketing.
KIDZ card An NEC scheme card issued by some Local Authorities to children younger than twelve years of age to demonstrate entitlement to e.g. Library membership, discounted leisure facilities. The card differs from other NEC scheme issues as they do not carry photographs.
Level of Assurance, Scottish Level of Assurance, SLoA
A value that reflects how much trust can be placed in a declaration of the Customer who claims to be a particular individual. The value is derived from checking both the validity of any proof presented and verification that it is controlled by or applies to the Customer. Scottish Level of Assurance refers to the specific standards that have been agreed for use within the myaccount service in the Scottish public sector
Dataflow Diagrams Page 40 of 41
Local Authority, LA One of the 32 Scottish councils. myaccount A system developed and operated by the Improvement Service on behalf
of the Scottish Government and Local Authorities that allows the creation and maintenance of a secure account for accessing online public services in Scotland. The system also offers data management tools and processes to assist public services in offering secure access.
NEC National Entitlement Card. The National Entitlement Card scheme is a partnership between the Scottish Government, Scotland’s Local Authorities and others providing a multi-application smartcard scheme to make it quicker and easier to access services (such as transport, cashless catering, library/leisure membership, payments, concessions, proof of age) using one card.
NEC number A unique number used to identify a specific National Entitlement Card NEC Online A web-based system that gives the Customer secure access to a limited
subset of CMS data relating to their card or card application. NEC Online portal Specifically the web pages comprising the Customer access point to NEC
Online. NECPO NEC Programme Office. The NECPO is a service provided by Dundee City
Council on behalf of the Improvement Service and Local Authorities that administers the NEC scheme, managing the systems and suppliers involved and undertaking the development and expansion of the scheme. The NECPO is managed by a Board representing Transport Scotland, the Scottish Government, the Improvement Service and Scottish Local Authorities.
National Health Service Central Register, NHSCR
The NHSCR contains basic demographic details of everyone who was born, or has died, in Scotland plus anyone else who is (or has been) on the list of a general medical practitioner in Scotland. The Register exists mainly to allow the smooth transfer of patients who move between Health Board areas. Under the provisions of Section 57 of the Local Electoral Administration and Registration Services (Scotland) Act 2006 (also known as the LEARS Act), the Registrar General is given powers to share some data with Local Authorities, including the UCRN. http://www.nrscotland.gov.uk/statistics-and-data/nhs-central-register
National Records of Scotland, NRS A non-ministerial department of the Scottish Government. It is responsible for civil registration, the census in Scotland, demography and statistics as well as national archives and historical records.
One Scotland Gazetteer An address database made up of all 32 individual Local Authority gazetteers. All addresses are created in accordance with the national standard for addressing, BS7666:2006 and the Scottish Gazetteer Conventions.
Photo ID A reference that links to the electronic file containing the photograph of the Customer.
Proofs (of person, residence, photograph, service entitlement)
A document or some other evidence of a person, address or entitlement. See Appendix A.
Secure Visitor Token When the Customer uses myaccount to add access another online system (e.g. NEC Online) a Secure Visitor Token specific to that Customer and the system accessed is generated. This is an opaque identifier that can be shared between the myaccount system and NEC Online with no dependency on any other personal details or identifiers.
Service Provider An organisation that offers services to Customers. sftp Secure File Transfer Protocol/SS File Transfer Protocol, a means of securely
transferring data using authenticated, encrypted connections. SLoA Scottish Level of Assurance, see “Level of Assurance”. SPT Strathclyde Partnership for Transport is a public body which is responsible
for planning and coordinating regional transport in the Strathclyde area of western Scotland. On behalf of Local Authorities in their area they administer NECs issued to the elderly and the disabled.
Token, secure token A secure standards-based mechanism for sharing authentication details across different domains.
Transport Scotland, TS Transport Scotland is an Executive Agency of the Scottish Government responsible for all transport related issues across Scotland.
UCRN The UCRN is an opaque identifier (i.e. it has no semantic value of itself, containing no personal information) that is held in both myaccount and the CMS system for the purpose of data integrity. It is not held on the card. The UCRN is allocated by National Records of Scotland (NRS) as it forms part of the National Health Service Central Register (NHSCR). There are clear rules associated with the UCRN and how it can be used. These rules are covered
Dataflow Diagrams Page 41 of 41
in agreements between National Records of Scotland (NRS), the Improvement Service and Service Providers. The rules are designed to ensure that the UCRN is used in a controlled way in line with the Scottish Government’s Privacy Principles http://www.gov.scot/PrivacyPrinciples.
UPRN Unique Property Reference Number, an identifier in wide use in the public and private sectors as a way of identifying specific land and property units (addresses) as held in the One Scotland Gazetteer. The NEC scheme uses the UPRN to identify the correct address for Customers.
Validation Confirmation that the Customer’s application for or changes to an NEC are valid.
Validation Point A place Customers visit to have their proofs verified and their NEC application validated. See Appendix B.
Verification Checks carried out to ensure that the person, address, photograph and service entitlement claimed are supported by the proofs presented.
Young Person, YP A reference to the Concessionary Travel Scheme for Young People administered by Transport Scotland.
Young Scot, YS National youth information and citizenship charity providing young people, aged 11-26, with a mixture of information, ideas and incentives to help them become confident, informed and active citizens.