Identity Gateway (IDG) Key Policies

Overview

IDG (also referred to as the CRNCC Hub) is the method of access to get to other CRNCC services, specifically CPMS, ODP and NIHR Learn.

Key Policies

Use of IDG is governed by the IDG Terms and Conditions which apply to all people who use it.

From the start of 2019 anyone using CPMS has signed explicit acceptance of these Terms and Conditions.

How an individual's data is used is governed by the IDG Privacy Notice.

From the start of 2019 anyone using IDG has signed explicit acceptance of this data usage.

Data governance

The Data Controller for IDG is Department of Health and Social Care. This system is managed by NIHR CRNCC on behalf of the Data Controller.

The responsible manager within NIHR CRNCC for IDG is the Head of Technology.

Security

CRNCC have a current ISO27001 certification, and provision of IDG falls within the scope of this.

CRNCC review that the above controls are current and effective on at least an annual basis. This includes verification with DHSC as Data Controller.