We understand that for ORCID iDs to be widely adopted and used by the community, our systems and services must be dependable, available, durable, and have integrity. We are addressing these requirements in three ways: facilitating succession if needed, system security, and our international support team.
Of our 10 principles, seven deal directly with openness in at least one of its meanings. In addition to providing free access, no barriers to access for individuals, democratic and transparent governance, and open source software, we also actively seek to work with the community. We know that, for any standard to be implemented, it must work for any individual regardless of discipline or location, and for any organization regardless of whether it is non-profit, governmental, commercial, etc. We live and breathe collaboration; it is our lifeblood.
We take seriously our role in ensuring access to information that you choose to share publicly on the ORCID registry. We make your public data available under a Creative Commons CC0 License through the ORCID website, a public API, and an annual public data file. We have enshrined individual access to the Registry in our bylaws: any change to ORCID’s principle that researchers are able to create an ORCID iD and edit and maintain an ORCID record free of charge must be approved by our Board and our membership.
Similarly, we are committed to open source. We also recognize that trust is the key to adoption and sustainability. If you decide you don’t like what we are doing, you effectively have an insurance policy. Since our software code, technical specifications, and documentation are freely available, our openness means that, if circumstances require, the community could re-create ORCID by collecting and re-assembling our parts. You could use our CC0 public data, our open software source code, our open documentation together with the community we are helping to build, to create a new community-led alternative and ensure the continuation of the ORCID vision.
We provide options for you to secure access to your iD and Record. You may choose to use your ORCID username and password or you can sign-in with your Google, Facebook, or institutional sign-in credentials. Use the option that provides you the most confidence.
ORCID works hard to earn and maintain your trust by handling your data in a respectful, secure, and reliable environment. We follow best practices in information security and protection. We keep your data safe by using enterprise-level data security practices and limiting the information that we collect and hold about our users. We use well-respected cloud service providers including Rackspace and AWS to host our data and servers. These organizations employ industry-leading security techniques, and also certify their systems annually to assure compliance. We perform weekly application-level vulnerability testing, addressing concerns immediately, and we use rigorous deployment testing and code review processes to ensure that our systems are free of errors that would leave your data compromised.
To mitigate the impact of failures we use generally accepted practices for disaster recovery and backups to ensure that nothing is lost if things do not go as planned.
Your feedback is important to us, and helps us ensure we are on-track. Thank you, to all who have shared your ideas. We make our roadmap publicly available, and we invite the community to participate in suggesting and voting on new functionality.
We have regional teams who provide assistance to our users and members around the world in several languages and across all time zones. Key pages on our website have been translated into many languages, with more in progress. In addition, our Member Support Center, at members.orcid.org is designed as a one-stop shop for ORCID implementation. It combines our existing technical documentation with sector-specific workflow guides and planning and communication resources. We also organize regional workshops and webinars throughout the year, to engage directly with the community.