Skip to content

Codes of Practice/ Guidelines

Code of Practice on the Identity Card Number and other Personal Identifiers

3.12 Without prejudice to the generality of paragraph 3.11, a data user should not transmit a copy or image of an identity card, nor invite the transmission to itself of such copy or image, unless it has taken all reasonably practicable steps to ensure that no individual will have access to the image or copy so transmitted except the intended individual recipient or someone acting on the instructions of such intended recipient. Such steps should include:
   
  3.12.1 in the case of fax or Internet transmission through a public network:
     
    3.12.1.1 wherever practicable, the employment of technological safeguards to ensure secure transmission of the data and to prevent unauthorized access to the data transmitted;
     
    Note: Some examples of such technological safeguards currently available include encryption, fax "padlocks", "confidential mail boxes", "automatic routing to a dedicated computer directory", passwords for access, etc.
     
      and
     
    3.12.1.2 the employment of other safeguard of a non-technological nature, such as the using of a dedicated fax machine for such transmission and advance notification of an incoming fax; or
     
3.12.2 in the case of sending a copy of an identity card by mail, making sure that the copy is contained in a sealed envelope and the image of the identity card is not visible from the outside.

Previous Page | Next Page