Identity Management

In many cases it may be possible, for an institution, to provide online services without the release of information that identifies a particular person, and in this case, no data protection issues arise.  However, in other circumstances, identity will be necessary to the provision of access or personalisation.  The processing of personal information will only be legal if done in compliance with the principles laid down by the Data Protection Act 1998.  The first, core principle requires processing (including transfer) to be fair and lawful.  In order to meet this requirement, one of the "Schedule 2" conditions for processing must be met.  The most commonly relied on condition is "consent", in other words, that the data subject has agreed to the processing after having reasonable notice of what processing is proposed.

Resources
  • Jisc Legal Overviews
  • Guidance
  • FAQs
  • Law Watch
  • Links
  • How To
Identity Management Newslinks

Scottish Information Commissioner Develops Self-Assessment Toolkit

This is a new resource to help authorities to review and improve their FOI performance.

Hotel Booking Firm Fined Over Data Breach

Worldview Limited recently fined £7,500 by ICO for failing to appropriately secure personal data.  

ICO Warns Employees Stealing Personal Information is a Crime

The ICO recently warned employees that the removal of personal information of their employer when they change employment constitutes a criminal offence.

FOI Guidance on Charging Fees

ICO publishes guidance on the fees that may be charged when the cost of complying with an FOI request exceeds the appropriate limit.

View all Identity Management news

Recent JISC Legal Events

No events listed.

Social Media

Twitter youtube Vimeo View JISCLegal's profile on slideshare Subscribe to our RSS feed