Criterion's Nick Green asking the important questions in PASA's Dashboard Working Group's article for PensionsAge.
The Pensions Dashboards Programme promises a new era of understanding for members about their overall pension benefits, and of engagement with schemes as members look to turn information into action. But it also introduces a data dilemma for trustees and the administrators they instruct. They will need to reconcile the contrasting demands of two different pieces of legislation: the Pension Schemes Bill currently going through parliament, and the General Data Protection Regulation (GDPR).
The first of these will create an obligation on schemes to share member data with third-party dashboards being used by their members. The scope of the data is still being tested by the Pensions Dashboards Programme; but it is clear any data shared with the dashboard – even if it is just an indication the member has benefits with the scheme – will count as personal data.
But… the second of these laws – the GDPR – creates an obligation to safeguard personal data, and not to reveal it to third parties that have no right to it. The obligation won’t go away at the end of 2020 when the Brexit transition period expires, because the GDPR will be transposed into UK law at that time. So, administrators and trustees will have to walk a very fine line to ensure they meet their new legal obligations to disclose, whilst also meeting their existing obligations not to.
At the heart of this tension will be the algorithms that match data about the dashboard user against member data held by schemes. If a match is found, the scheme will return a link to where the dashboard can retrieve information about the member’s benefits. If there is no match, then a ‘not found’ message is returned.
That algorithmic matching is both critical and hard to achieve. Matching rules must be defined upfront, with little scope for judgement in their application on a case-by-case basis. Can an algorithm be sure whether the dashboard user ‘Beyoncé Giselle Knowles-Carter’ is the same person as deferred member ‘Beyoncé Knowles,’ even if they share a date of birth? Err on the side of a match, and personal data is potentially disclosed to someone other than its subject. But err on the side of no match and, at best, an opportunity is lost to connect a member with accrued benefits; at worst, repeated errors may attract the interest of The Pensions Regulator (TPR).
What can be done to improve the chances of not erring on either side? As ever, good quality data will be a prime resource. Dashboard users will have to complete a robust identity verification exercise with their dashboard of choice before submitting a request to find benefits; so schemes can have confidence the matching data they receive does indeed relate to the user in question. And accurate records will give schemes the best chance of accurately matching the request against member data.
Indeed, work to improve accuracy needn’t wait. Although the Pensions Dashboards Programme has yet to publish its response to industry consultation on data which might be used in matching, most of the elements under consideration – including family name, given name or initials, date of birth, National Insurance number, current address with postcode – are already on TPR’s list of common data schemes should record. So, improving the coverage and accuracy of these will yield benefits beyond eventual compliance with dashboard requirements.
The Pensions Dashboards Programme and PASA are working with data experts from the industry’s leading software providers to establish how request data can best be combined to find as many true matches as possible whilst minimising the risk of finding false ones. But when schemes come to implement matching processes, trustees and administrators will have to work together to find a balance that satisfies both TPR and the Information Commissioner.
