Data and official statistics

Data ethics statement

Purpose

Data is at the heart of what we do. It has a key role in enabling us to pursue our purpose of improving lives through the digital transformation of education and research.

Our access to data from across the higher education sector gives us a unique insight into the communities we serve, including in respect of students and staff. We seek to leverage this data in a positive way to offer services that help provide sector leadership and enable digital transformation.

The purpose of this statement is to:

  1. Demonstrate that we recognise the value of our data and understand that we have a responsibility to use this data in an ethical manner;
  2. Provide guidance to Jisc and its staff when tackling ethical issues relating to the use of data and when implementing new technologies;
  3. Evidence our commitment to processing and using data in an ethical manner.

Scope

We require our staff to understand and take responsibility for complying with this statement in their roles.

Any new product, capability or service will be developed in compliance with this statement and project teams will be required to evidence their commitment to the principles below.

Our engineers, architects and developers will consider these principles in conjunction with other Jisc internal policies on data and AI. For example, by ensuring privacy by default and design when implementing algorithms or AI.

While this statement is relevant to data privacy, it is separate to any privacy notices that we may issue. Read our external privacy notice.

We also maintain internal information security and policies that include use of AI which supplement this statement and explain how data must be protected in practice.

1. Respect

We value the trust placed in us by those in the communities we serve. We understand that they will have expectations about how we will use data relating to them (be that personal data or confidential information) in the same way that we would expect our data to be protected by others.

We will:

  • Abide by applicable data protection legislation, regulations and codes of practice
  • Maintain appropriate technical and organisational safeguards to protect the confidentiality, integrity and security of data
  • Employ security and privacy focused design processes when developing and improving our products and services
  • Work with our suppliers, partners and members to understand and guide how they manage and use data responsibly
  • Respect individual wishes and commitments made when collecting data and uphold individual privacy rights

2. Transparency

We seek to be open and honest about how and why we use data. We encourage transparency about our data methods, quality and practice with our communities where possible.

We will:

  • Provide clear and inclusive privacy information to individuals whose data we hold
  • Help our communities to understand how we use data and the value it can deliver
  • Avoid using jargon and technical terms where this is unnecessary
  • Publish relevant data policies and procedures
  • Ensure that our processes are open to effective scrutiny (for example, by being observable, reproducible and auditable) so that we can confirm these principles and our internal policies are being followed

3. Fairness

We are committed to using data in a way that avoids detrimental and discriminatory effects for our stakeholders, members, staff and the wider community. This applies to all stages of the data lifecycle as it relates to how we acquire, store, use, share or delete data.

We will:

  • Only use personal data in ways that are within the reasonable expectations of individuals
  • Keep data collection to the minimum amount necessary to meet our requirements and take steps to avoid “scope creep” once that data is collected
  • Plan ahead to avoid unintended discriminatory effects of data processing. For example, when implementing algorithms and AI or when processing the data of those with protected characteristics or from different social and demographic backgrounds
  • Engage with subject matter experts when implementing new technology to ensure we understand and can mitigate the potential risks of new technology or processing

4. Accountability

We implement effective data governance practices to enable us to unlock the positive value in the data we hold and minimise the negative impact that this data could cause.

We will:

  • Foster a culture and approach to data governance as a force for good
  • Establish a data stewardship scheme to keep data fit-for-purpose and to maintain its value for Jisc and its community of stakeholders
  • Take steps to reduce our data carbon footprint where possible
  • Hold ourselves open to internal and external scrutiny
  • Strive for continual improvement of our ethical data practice

Official statistics

Jisc is designated as a producer of official statistics within The Official Statistics Order 2023 in accordance with the Statistics and Registration Service Act 2007.

Official statistics about about students, graduates, staff, finance, knowledge exchange and estates in the higher education sector are published under our HESA brand on the HESA website.

Our compliance statement can also be found on the official statistics pages of the HESA website. This includes information about the official statistics we produce, who can access statistics before their publication, and our policies on confidentiality, revisions, and user engagement.

Other Jisc statistical products are currently under review to ensure that they meet the requirements of the Code of Practice for Statistics.