Identity Management

In many cases it may be possible, for an institution, to provide online services without the release of information that identifies a particular person, and in this case, no data protection issues arise.  However, in other circumstances, identity will be necessary to the provision of access or personalisation.  The processing of personal information will only be legal if done in compliance with the principles laid down by the Data Protection Act 1998.  The first, core principle requires processing (including transfer) to be fair and lawful.  In order to meet this requirement, one of the "Schedule 2" conditions for processing must be met.  The most commonly relied on condition is "consent", in other words, that the data subject has agreed to the processing after having reasonable notice of what processing is proposed.

Jisc Legal has now closed, and this website is now archived.

Technology and the law support is now provided by Jisc.  Contact, or call 0203 006 6077.

  • Jisc Legal Overviews
  • Guidance
  • FAQs
  • Law Watch
  • Links
  • How To
Identity Management Newslinks

Data Protection Training for University Staff

Jisc Legal has produced an online training course for university staff in the essentials of data protection law.

Social Media Prosecution Guidelines Set Out
Prosecutors in Scotland have set out new guidelines as to whether messages posted on social media should be treated as a crime. 

New RIPA Codes of Practice to Come into Force

Revised versions of Regulation of Investigatory Powers Act 2000 (RIPA) codes of practice to come into force on 10 December 2014.

Scottish Information Commissioner Develops Self-Assessment Toolkit

This is a new resource to help authorities to review and improve their FOI performance.

View all Identity Management news

Recent JISC Legal Events

No events listed.

Social Media

Twitter youtube Vimeo View JISCLegal's profile on slideshare Subscribe to our RSS feed