Any Onboarding Toolset must tightly control what information can be accessed by any given user to ensure that confidential information is not shared with unauthorised parties. Both functional and non-functional requirements relating to Users are captured in the Proof of Capability Requirements.

User Types

Two types of user have been identified:

1. Supplier Users, who represent Supplier organisations and provide information about their Supplier’s Solutions.

2. NHS Users, who represent the NHS and review information submitted about Solutions.

Roles and permissions may evolve to create sub-types of these, but the primary user types should be fixed.

Open

Supplier Users

Supplier User MUST ONLY be able to see information that relates to their Supplier and its Solutions. Under no circumstances must a Supplier User be granted access to another Supplier’s onboarding information.

NHS Users

NHS Users may need to interact with multiple Suppliers and their Solutions. Therefore there should be no restriction on the Solutions that an NHS User can access.