Identity Management

In many cases it may be possible, for an institution, to provide online services without the release of information that identifies a particular person, and in this case, no data protection issues arise.  However, in other circumstances, identity will be necessary to the provision of access or personalisation.  The processing of personal information will only be legal if done in compliance with the principles laid down by the Data Protection Act 1998.  The first, core principle requires processing (including transfer) to be fair and lawful.  In order to meet this requirement, one of the "Schedule 2" conditions for processing must be met.  The most commonly relied on condition is "consent", in other words, that the data subject has agreed to the processing after having reasonable notice of what processing is proposed.

  • Jisc Legal Overviews
  • Guidance
  • FAQs
  • Law Watch
  • Links
  • How To
Identity Management Newslinks

Keeping Young Learners Safe in Education - Guidance

All school and college staff have a responsibility to provide a safe environment in which people can learn.

New Bodies Subject to FOISA

As of today more bodies in Scotland will be subject to the Freedom of Information (Scotland) Act 2002.

Updated Privacy Impact Assessments Code of Practice

This code of practice will help institutions to comply with their data protection obligations and meet individuals’ expectations of privacy.

Court of Appeal Rules on Meaning of Personal Data

The Court of Appeal held that a name is personal data unless it is so common that without further information, such as use in a work context, a person would remain unidentifiable despite its disclosure. 

View all Identity Management news

Recent JISC Legal Events

No events listed.

Social Media

Twitter youtube Vimeo View JISCLegal's profile on slideshare Subscribe to our RSS feed