MARSTON S PLC EMPLOYEE POLICIES & PROCEDURES GROUP I.T. TELEPHONE AND SOCIAL MEDIA POLICY
|
|
- Johnathan Gibbs
- 6 years ago
- Views:
Transcription
1 LAST REVISION: November 2016 MARSTON S PLC EMPLOYEE POLICIES & PROCEDURES GROUP I.T. TELEPHONE AND SOCIAL MEDIA POLICY Policy Statement The computer systems, network, internet, intranet, communications software and/or all operating licences (including any updates) and other systems (the System(s) ) owned or operated by Marston s PLC or any group company from time to time (the Company ) are installed and maintained to enable effective and lawful communication within the business. Employees (and other authorised people) are provided access to the Systems to assist them in their jobs and duties. This policy covers all Company employees, officers, consultants, contractors, work experience students, casual or agency workers or anyone who has access to the System ( Users ). This policy outlines the standards Users must observe when using the System, the circumstances in which the Company will monitor your use, and the action the Company will take in respect of breaches of these standards. The Company has a responsibility to ensure all Users are aware of the parameters within which they may use the System, and any hardware provided to them, including (but not limited to) laptops, PC s, mobile phones, 3G cards and other mobile or handheld devices ( Hardware ) and the consequences of misuse. The System and the Hardware are the property of the Company and may only be used for legitimate business purposes authorised by the Company from time to time. Users are only authorised to use the System and have access to information contained on the Systems, which is relevant to their job or appointment and subject to the terms of this policy. All Users have a responsibility to use the Systems in a professional, lawful and ethical manner. Abuse of the System and Hardware or breach of this policy by any User may result in disciplinary action, including possible termination, and civil and/or criminal liability. The use of the Systems and all communications made by Users (whether by , telephone, text message, through social media or otherwise) is monitored by the Company. This monitoring is performed in order to ensure the integrity of the System, compliance with all Company policies and procedures and other legitimate business reasons, as well as compliance with the Company s legal obligations. This document also sets out the Company s policy on employees or workers use of social media where that use may affect the business and reputation of the Company, its officers, employees, pubs/premises, brands, customers or suppliers. In such circumstances, the Company has a legitimate business interest to monitor the use of social media utilising the System and/or may occasionally monitor the use of social media (that is in the public domain) outside work where such use may materially conflict with the Company s policies and procedures (in particular but not limited to the Company s Equal Opportunities Policy, or other similar policies or guidelines relating to antiharassment or bullying from time to time) or may prejudice or negatively affect the Company s reputation or business interests. Page 1 of 10
2 1. STAFF/USERS STARTERS, LEAVERS AND TRANSFERS 1.1. All Hardware for new starters to the Company must be ordered through the IT Department who will purchase and configure the Hardware equipment for the User in accordance with the Company s policies and procedures. Details of the Hardware will be entered onto the Company s asset register and appropriate security privileges will be granted The IT Department must be informed of all User relocations or department moves. The relevant changes will be added to the asset register and changes to the User s security profile will be made. The IT Department will arrange the installation of equipment, Hardware or relevant Systems if required All leavers must return all Hardware to the IT Department on or before their last day with the Company, unless expressly agreed otherwise in writing with the Company. Once in receipt of the Hardware, the IT Department will amend the asset register. In addition the User shall upon the same date disclose to the Company all known computer access codes relating to the Systems or the Company s business (including any part of the Company s group from time to time). 2. IT HARDWARE/EQUIPMENT & SOFTWARE 2.1. All Hardware is loaned to the User, but remains the property of the Company. It is the User s responsibility to take good care of it Users should take great care in handling and storing the Hardware provided to them. Wherever possible, Hardware should not be left unattended (such as inside a vehicle) and at no time whatsoever should Hardware be left on view inside a vehicle Care should always be taken not to drop, or throw Hardware, particularly into cupboards or car boots, when transporting from one location to another. All Hardware is loaned to Users by the Company, solely in order for them to perform their roles satisfactorily Any misuse of any Hardware will be investigated thoroughly and may be subject to the Company s disciplinary procedure Users are given Hardware to assist them in the performance of their duties. Users should have no expectation of privacy in anything they create, store, send or receive using the Company s Hardware or Systems, and the Company will from time to time monitor a User s use of the Hardware to ensure compliance with this policy and the Company s other policies and procedures. Software Installation, including Freeware and Public Domain Software 2.6. All Systems may only be installed by, or under the direction of, the IT Department or its agents. Under no circumstances should a User install anything on to the System without prior express authorisation (including Freeware or Public Domain Software) In particular, Users should not be using external cloud storage like Dropbox unless it is expressly authorised by the IT Department. Software Compliance & Documentation 2.8. The IT Department maintains original and/or electronic copies of licences for all Systems used on Company premises/hardware. These will be referred to for comparison purposes when running audits from time to time. Automated daily audit checks are run on all relevant Hardware to ensure that authorised software is being used. Periodic manual checks and audits may be conducted from time to time, with or without the knowledge of the User. Page 2 of 10
3 Acquisition and Delivery 2.9. All Hardware and related equipment and software must be purchased or obtained through the IT Department. No User may purchase such items for use on Company business or in relation to the System by any other means such as credit cards, expense accounts or petty cash without the IT Department s express permission If the Hardware or software required by the User is not currently available then a new item or licence/copy may be purchased at the IT Department s discretion. The relevant Hardware and/or software and any accompanying licence will be added to the Asset Register against the specific User and/or department. The relevant Hardware will be configured for use on the System and any software will be loaded on both the Users workstation and the Company s audit/tracking system by a member of the IT Department. If necessary, training will be provided for the User All newly purchased Hardware and/or software should be delivered to the IT Department so that licences can be checked and Asset Registers updated. If, by prior arrangement with the IT Department, new Hardware and/or software is delivered to the User/department directly, all licence documentation and media must be forwarded on to the IT department after installation. Disposal The disposal of all Hardware must only be carried out by, or under the direction of, the IT Department or its agents Once Hardware is deemed ready for disposal by the IT Department, (subject to the necessary licence conditions) all software will be removed by the IT Department and may be stored for re-use All data will be permanently and securely removed from the Hardware and the asset register will be updated. No user has any right to any data or software stored on any Hardware or contained within the Company s Systems. Any personal data will be dealt with in accordance with the Data Protection Policy. If appropriate, the certificate of disposal/destruction will be held on file. Lost or Stolen Hardware/Equipment Should any Hardware or other Company property in your possession be lost or stolen, Users must inform the IT department immediately. If the Hardware lost or stolen contains any personal data (see below) you should also refer to the Company s Incident Response Plan. If you are unsure where to find this, contact the IT Service Desk for help. Domain names Any domain names required for Company business must be purchased by, or obtained through, the IT Department. No User may purchase any domain names for use by the Company by any other means such as credit cards, expense accounts or petty cash without the IT Department s express permission All such domain names must be purchased and registered in the Company s name, not in the personal name of the User. Any domain names incorrectly registered in a User s name shall be held on trust for the Company and you agree at any time to enter into any documentation reasonably required by the Company to re-register the domain name in the name of the Company. Page 3 of 10
4 3. FAIR USE RULES - IMPORTANT 3.1. This section applies to all forms of electronic communications, including but not limited to , instant messages, texts and posts on messages boards or social media, internet use and use of company-provided telephone or mobile phones. Users should read this in conjunction with the rules on personal use of , mobile phones, the Internet and Social Media (below) You must not send s or post messages or other content which could be considered abusive, obscene, discriminatory, racist, harassing, derogatory, defamatory, or otherwise inappropriate, or disparaging about, or harmful to, the Company s brands, officers, employees, pubs/premises, brands, customers, suppliers or other assets and/or other electronic messages may be disclosed in legal proceedings. All such messages are potentially retrievable (whether deleted or not) either from the main server or using specialist software Examples of inappropriate use of the Hardware or the System include (but are not limited to): a) Sending or forwarding private s, texts, messages or posts at work which you would not want a third party to read; b) Creating or forwarding chain mail, junk mail, cartoons, jokes or gossip; c) Harassment or nuisance, whether through language, frequency or size of messages or posts; d) Downloading files or software without ensuring protection against viruses; e) Downloading, transmitting or distributing copyright information without the authority of the copyright owner; f) Entering into contractual commitments or making representations by /phone unless appropriate authority has been obtained. A name typed at the end of an is a signature in the same way as a name written at the end of a letter; g) Sending messages from another person's address or mobile phone (unless authorised); h) Making any false and/or defamatory statement about any person or organisation; or i) Making any comments likely to damage or prejudice (in the reasonable opinion of the Company) the reputation of the Company or any of its officers, employees, pubs/premises, brands, customers or suppliers Anyone who feels that they have been harassed or bullied, or are offended by material received from a colleague via or posted on social media should inform their line manager or the Human Resources Department You should take care with the content of messages, or other forms of electronic communication, as incorrect or improper statements could give rise to claims against you or the Company Remember that you have no control over where your or other content may be forwarded by the recipient. Avoid saying anything which would cause offence or embarrassment if it was forwarded to colleagues or third parties, or found its way into the public domain If you receive an in error you should inform the sender and not act on any content which is not meant for you Any serious breach of the Fair Use Rules may be considered to amount to gross misconduct, which may lead to dismissal in accordance with the Company s Disciplinary Procedure. Page 4 of 10
5 Monitoring The Company reserves the right to monitor, retrieve, read and disclose the contents of all electronic messages (including but not limited to , text messages, telephone communications or other electronic content posted by Users using the Company s Systems) for the purpose of audit and investigating compliance with this and other Company polices, other legitimate business purposes of the Company and to comply with any legal obligations If you receive an or other form of electronic communication that looks suspicious, you should report it to the IT Department and then on their instruction (subject to their need to investigate) delete it immediately without opening it. If you have opened it and there is a link, do not click on this in any circumstances. If it is legitimate, the sender will contact you again by another means. If you have clicked on the link or opened an attachment that appears suspicious, please report this to the IT Service Desk All use should comply with the Fair Use Rules Although is a vital business tool, you should always consider if it is the appropriate method for a particular communication. Correspondence with third parties by should be written as professionally as a letter You must only use your Company address to conduct business on the Company s behalf. In particular you must NOT send personal data or commercially sensitive data by to your personal address (or to any other address without it being encrypted). Please see the Data Protection Policy for further information. 5. INTERNET 5.1. All use of the Internet on the System should comply with the Fair Use Rules Our Systems permit access to the internet. The Company determines which individuals can access the internet based on the overriding principle that such access is intended to enhance the effectiveness of the Company on matters relating to the Company s business. Internet access should therefore be used for that purpose Users should be aware that when the Internet is used, footprints are left enabling the Company to trace pages that have been accessed. Routine checks and monitoring of Internet use are carried out to ensure that Internet access is not misused If the System will not permit access to a website to which you are trying to navigate, there is usually a good reason this. You should not try to bypass the controls, but instead speak to the IT Department. Personal use of Internet 5.5. If you have access to the Company s internet you may occasionally use the internet for personal use provided that it does not interfere with the performance of your duties and provided that such use complies with this policy at all times. Personal use should be kept to a minimum and where possible, such use should be limited to your lunch break or outside normal working hours. Excessive personal use may, depending on the circumstances, constitute misconduct, which may be subject to disciplinary action Access, viewing, downloading and re-distribution of inappropriate, and/or offensive and/or illegal and/or pornographic material is strictly forbidden. As a general rule, if any person (whether intended to view the page or not) might be offended by the contents of a webpage, or if it might be a source of embarrassment if made public, then viewing it will be a breach of this policy. The following list, which is not intended to be exhaustive, may be considered to be gross misconduct and may lead to your summary dismissal: Page 5 of 10
6 a) Serious failure to comply with the Fair Use Rules; b) Viewing, downloading or circulation of inappropriate, offensive, pornographic or illegal material, or other content deemed unacceptable by the Company (you should be aware that if the material involves child pornography you not only commit gross misconduct but also a criminal offence and the Company will report the matter to the police); c) Engaging in online gambling; d) Downloading, transmitting or distributing information in breach of copyright; and e) Downloading, transmitting or distributing confidential information about the Company or any of the Company s Directors, employees, clients, or suppliers. Social media 5.7. The Company recognises that many Users participate in social networking on websites such as Facebook or Twitter, or message boards and chat rooms and any other social media platforms. Social media has a place in a social business like Marston s and occasional personal use of social media on the Company s Systems is therefore permitted, but Users must comply with the Fair Use Rules outlined above Additionally, Users must not disclose Company secrets, breach copyright, or disclose personal data or information about any individual that could breach the Data Protection Act 1998 ( DPA ). Please refer to the Company s Data Protection Policy and the below section on Data Protection. Users should not engage in any inappropriate communications with others via social networking sites or message boards (even outside working hours), which could amount to discrimination under the Company's Equal Opportunities Policy or which could amount to any other form of bullying or harassment or which may be harmful to the Company, its brands, employees or other assets. The Fair Use Rules also apply to private use of social media outside of work in certain circumstances if such use is contrary to the Company s policies and procedures, or if it amounts to discrimination, harassment, breach of Company confidence or likely to damage or otherwise negatively affect the reputation of the Company or its business, employees, officers, pubs/premises, brands, customers or suppliers If Users choose to write about their work even without identifying the precise Company it may still be possible for people to work out the employer's identity. Users should therefore be conscious of their duty to act in good faith and in the best interests of their employer under English law The use of social media by employees and workers (both in work time and, if necessary outside work time) may be monitored by the Company from time to time to ensure compliance with this policy and the Fair Use Rules, as well as ensuring that behaviours do not conflict with the Equal Opportunities Policies and/or to ensure that the reputation of the Company and its business is not prejudiced or potentially brought into disrepute. 6. SECURITY AND INTEGRITY OF COMPANY SYSTEMS 6.1. Files or attachments obtained from sources outside the Company, including data brought from home, files downloaded from the Internet, files attached to and files provided by customers may contain dangerous computer viruses that can be extremely destructive to the Company s Systems If you suspect that a virus has been introduced into the Company s Systems, notify a member of the IT Department immediately Unauthorised access, or hacking, is an offence under the Computer Misuse Act If any User believes they have access to unauthorised systems, software or data this should be reported to the IT Department immediately. Under no circumstances should any User attempt to gain unauthorised access to systems, software or data owned or operated by another organisation using equipment, systems or software provided by the Company. Page 6 of 10
7 7. PASSWORD POLICY 7.1. All Users given access to the Systems are responsible for data security and must behave in a responsible manner that does not allow access by an unauthorised person. The following should be adhered to: 7.2. The Company password policy stipulates that a User s domain password should consist of a minimum 8 characters and include at least 2 of the following character sets: (1) Upper case characters, (2) Numeric values; (3) Special characters The System will not allow a User to change their domain password unless it complies with the Marston s password policy All standard User domain passwords will expire every 30 days and must be changed prior to this by the user to avoid access issues. Users should also be aware that if a password reset is attempted using a password that has already been used within a 24 month period, the password will be declined by the domain server If a User requires a password reset, they should contact the IT Service Desk. The User may be required to answer some security questions for user verification purposes Users should keep passwords confidential at all times and not write them down or allow anyone else to use them If you move away from your monitor for any length of time, you should ensure that you lock your device. All devices should always have the auto-lock activated after a maximum of 5 minutes inactivity The Company reserves the right to change its password policy at any time. 8. DATA PROTECTION 8.1. When Users use the System or Hardware for processing (meaning any action including but not limited to accessing, viewing, disclosing, deleting, inputting, printing or blocking) personal data (including employee and customer data), the User must adhere to the Company s Data Protection Policy Users are not allowed to load or store any personal data or confidential data onto any portable or removable devices, memory sticks or similar, other than as may be expressly approved by the IT Department Any personal data or confidential data (see below) transmitted by , must be encrypted. If you are unsure how to do this, please contact the IT Department There are strict company guidelines when it comes to sharing any personal data with third parties. Please refer to the Data Protection Policy If you need any advice or assistance, or are unsure of your responsibilities, regarding personal data, please refer to the Company s Data Protection Policy or contact the IT Department. 9. CONFIDENTIAL DATA 9.1. Confidential company data must always be stored on a Company network drive protected with appropriate security privileges. It must never be stored on a local computer drive (e.g. My Documents), portable drive, memory stick or copied to CD/DVD Confidential company data must never be shared with an external organisation without the prior approval of a relevant Divisional Director. The IT department must be informed and the most appropriate method of transmission will be identified Confidential company data means information of a confidential nature belonging to the Company or any employee, officer, customer or supplier obtained by the User and includes, without limitation: data, documents, letters, s, reports, drawings, photographs, specifications, software, programs, and any other material bearing or incorporating any information and/or the Company s know-how, business affairs, strategies, processes, recipes, customer lists or data, pricing, sales and marketing plans, account details and any other financial information disclosed; in every case Page 7 of 10
8 whether in writing, electronically, orally or by any other means, and whether stated to be confidential or not. 10. BACK UP & MAINTENANCE All centrally stored Company data is backed up every 24 hours. Any data stored on the local drives of desktop or laptop computers is backed up automatically onto a secure network area whenever the machine is on the Company network. Users are allocated space on central servers for the storage of data and must use this facility to ensure that their data is secure. 11. DISASTER RECOVERY The IT Department is responsible for regularly reviewing their ability to recover or re-supply the Company, within the timeframe required, with the Company Systems (or relevant part thereof) that will be needed to effect recovery of the business in the event of a major disaster. 12. MOBILE PHONE SERVICES The following should, if adhered to, provide Users and the company with sensible, effective and protected mobile phone services Use of Company-provided mobile phones must adhere to the Fair Use Rules (above) The Company will provide eligible Users with a mobile phone and if necessary, hands free car kit of a type suited to the requirements of the individual role from a range of handsets available at the time (subject to availability, technical requirements and limitations of the network) To control costs, mobile and data ( s) roaming outside the UK is disabled. If an employee needs to use a Company-provided phone while abroad under any circumstances then they should first obtain permission from their line manager and then provide the IT Department with at least one weeks notice to obtain the roaming service before it is required The Company reviews call and text charges on a monthly basis. In the event that the Company-provided mobile phone has been used inappropriately, the User may without prejudice to any other potential disciplinary action that might be taken, be asked to refund the charges through the expenses system or whatever other mechanism is appropriate at the time If you are unable to use your mobile to make a call, please contact the IT Department Because of cost and potential conflict with existing applications (Apps) we do not allow a User to download, update or store any applications on the mobile without the agreement of both their line manager and the IT Department All mobile phones provided by the Company must be protected by locking them with a personal pin number as soon as the phone is issued. New generation mobile phones provide access to as a standard feature and store data from and attachments on the phone. The phone therefore contains usernames and passwords which give access to our head office network and there are additional liabilities under the DPA that Users must be mindful of (please refer to the Data Protection Policy for further information) If your Company-provided phone is lost or stolen out of office hours, please call EE on from any landline and ask for an immediate and full bar For security reasons, we reserve the right to remove all company data from the Company-provided mobile phone and any attached peripherals, terminate the number, and cease any and/or additional services and impose bars and restrictions as required The User should not back up personal data such as personal photographs, music, Podcasts and video from their phone to the System. The IT Department will need to delete and remove any such files from the network and the Company will not be liable for any loss, re-instatement or otherwise. Page 8 of 10
9 Company phones should be properly looked after as outlined above. The cost of a replacement phone will be allocated to your department. If the phone is lost or damaged due to negligence, the employee may be asked to cover the cost of replacement. If the employee leaves the business, the phone, its charger and all other associated accessories must be returned. Failure to do so may incur an appropriate replacement charge If you leave the Country on Company business and you wish to set up International Roaming on your mobile, please obtain your line manager s approval for this facility in the form of an to the IT Department who will then activate this for the time you are out of the Country. Please note that this is not a facility that can be used for personal Holidays Upgrades will be automatically deployed as and when necessary and you will be contacted should this need arise Never use your Company-provided mobile phone whilst driving a vehicle unless using hands-free kit and in accordance with the Driver Safety booklet (copies available from the Corporate Risk Department). Even in these circumstances, use of mobile phones whilst driving should be limited and must be used only when it is safe to do so Free, dedicated technical assistance is available 24/7 from EE and if you do experience any difficulties using your Company-provided mobile, they should be contacted via your mobile on CONSEQUENCES OF BREACHES OF THIS POLICY Misuse or excessive personal use of our Systems or Hardware, telephone or system or inappropriate internet use or social media postings that do not comply with this policy will be dealt with under the Company s disciplinary procedure. Misuse of the internet or inappropriate comments on social media can in some circumstances be a criminal offence. Serious breaches of this policy shall may result in summary dismissal for gross misconduct Where evidence of misuse is found the Company may undertake a more detailed investigation, involving the examination and disclosure of monitoring records to those nominated to undertake the investigation. In addition, further monitoring of a User s use of the System or Hardware may be undertaken as part of such investigation. If necessary such information may be handed to the police in connection with a criminal investigation. 14. GETTING HELP The IT helpdesk is available 24/7 and the telephone number is x1500 0r or any other telephone number provided to you by the business from time to time Normal working hours are 08:00 17:00. During this time it is available by our internal IT Department. Between 17:00 08:00, the service is transferred to our out of hour s service which is an external resource. This is a limited service, but internal IT staff are on call for emergencies If you are having problems with any Hardware, please ensure you call the IT Helpdesk to arrange a mutually convenient date and time for help. 15. EMPLOYEE ASSISTANCE PROGRAMME (EAP) OPTUM is an employee assistance programme available to all employees. It is a free confidential service where you can seek expert advice and guidance, invaluable information, specialist counselling and support. This is available 24 hours a day, 7 days a week, online or on the phone all completely confidentially. Page 9 of 10
10 The contact details for the EAP are as follows: User name Marstons Password Brewery Telephone number OTHER POLICIES PLEASE KEEP THIS POLICY FOR YOUR RECORDS. This Policy should also be read in conjunction with the following other Company policies:- 17. FUTURE AMENDMENTS Equal Opportunities Data Protection Disciplinary Procedure Grievance Procedure Company Car & Car Allowance Whistleblowing The Company reserves the right to amend this policy when the needs of the business or statutory requirements necessitate such action. Where collective bargaining arrangements exist the Company will consult the elected Employee Representatives prior to implementing such changes. Page 10 of 10
This Policy applies to all staff and other authorised users in St Therese School.
St. Therese School Computer and Internet Policy STAFF Policy Statement All staff and other authorised users of St Therese information and communications technology are to use the technology only in a way
More informationCommunication and Usage of Internet and Policy
Communication and Usage of Internet and Email Policy Policy Category Administration Policy Code ADM HE 27 Policy owner Chief Executive Officer Responsible Officer Chief Executive Officer Approving authority
More informationSTUDENT ACCEPTABLE USE OF IT SYSTEMS POLICY
STUDENT ACCEPTABLE USE OF IT SYSTEMS POLICY Introduction The college offer an extensive range of IT systems across campuses and online for course related activities and drop-in purposes. This policy applies
More informationTELEPHONE AND MOBILE USE POLICY
TELEPHONE AND MOBILE USE POLICY Date first approved: 9 December 2016 Date of effect: 9 December Date last amended: (refer Version Control Table) Date of Next Review: December 2021 First Approved by: University
More informationThe John Fisher School ICT Policy
The John Fisher School ICT Policy Responsible: Governors Resources Committee Review Date: May 2018 The need for a policy All The John Fisher School s information communication technology (ICT) facilities
More informationACCEPTABLE USE ISO INFORMATION SECURITY POLICY. Author: Owner: Organisation: Document No: Version No: 1.0 Date: 10 th January 2010
INFORMATION SECURITY POLICY EMAIL ACCEPTABLE USE ISO 27002 7.1.3 Author: Owner: Organisation: Document No: Chris Stone Ruskwig TruePersona Ltd SP-7.1.3 No: 1.0 Date: 10 th January 2010 Copyright Ruskwig
More informationSubject: Kier Group plc Data Protection Policy
Kier Group plc Data Protection Policy Subject: Kier Group plc Data Protection Policy Author: Compliance Document type: Policy Authorised by: Kier General Counsel & Company Secretary Version 3 Effective
More informationPUPIL ICT ACCEPTABLE USE POLICY
PUPIL ICT ACCEPTABLE USE POLICY Document control This document has been approved for operation within: All Trust Schools Date of last review August 2018 Date of next review August 2020 Review period Status
More informationUWTSD Group Data Protection Policy
UWTSD Group Data Protection Policy Contents Clause Page 1. Policy statement... 1 2. About this policy... 1 3. Definition of data protection terms... 1 4. Data protection principles..3 5. Fair and lawful
More informationE RADAR. All Rights Reserved. Acceptable Use Policy
Email Acceptable Use Policy For further help, please contact support@eradar.eu Item Number LD 0002 Author E RADAR LIMITED Disclaimer This template is provided with the understanding that the publisher
More informationPCA Staff guide: Information Security Code of Practice (ISCoP)
PCA Staff guide: Information Security Code of Practice (ISCoP) PCA Information Risk and Privacy Version 2015.1.0 December 2014 PCA Information Risk and Privacy Page 1 Introduction Prudential Corporation
More informationUCL Policy on Electronic Mail ( )
LONDON S GLOBAL UNIVERSITY UCL Policy on Electronic Mail (EMAIL) Information Security Policy University College London Document Summary Document ID Status Information Classification Document Version TBD
More informationData Protection Policy
Data Protection Policy Data Protection Policy Version 3.00 May 2018 For more information, please contact: Technical Team T: 01903 228100 / 01903 550242 E: info@24x.com Page 1 The Data Protection Law...
More informationICT User Policy. for use in Essa Academy Essa Primary Academy Essa Nursery and Support Services
ICT User Policy for use in Essa Academy Essa Primary Academy Essa Nursery and Support Services For approval and adoption by the Board of Directors- 7 July 2017 For adoption by Essa Academy LGB- 19 September
More informationPolicy Use of Information and Communications Technology (ICT) Resources
Policy Use of Information and Communications Technology (ICT) Resources Background This policy is necessary in order to: Provide all Hereworth members (Board, staff, boys and volunteers) with clear parameters
More informationDate Approved: Board of Directors on 7 July 2016
Policy: Bring Your Own Device Person(s) responsible for updating the policy: Chief Executive Officer Date Approved: Board of Directors on 7 July 2016 Date of Review: Status: Every 3 years Non statutory
More informationGrand Avenue Primary and Nursery School ICT Data management. Contents
Grand Avenue Primary and Nursery School ICT Data management Contents 1. Acceptable Use Statement 2. Transfer and Offsite Use of Sensitive Data 3. E-safety 4. Declaration Introduction These three policy
More informationData Protection Policy
Page 1 of 6 General Statement The Local Governing Bodies of the academies have overall responsibility for ensuring that records are maintained, including security and access arrangements, in accordance
More informationTERMS & CONDITIONS PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY BEFORE USING THE SITE
TERMS & CONDITIONS PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY BEFORE USING THE SITE 1. General The term PPS refers to: Professional Provident Society Holdings Trust, (The Holding Trust); Professional
More informationLEGAL ASPECTS OF SOCIAL MEDIA
LEGAL ASPECTS OF SOCIAL MEDIA Notes prepared for a talk to the Internet Specialist Group and the Law Specialist Group of the BCS on Monday 15 December 2014 by Jeremy Holt of Clark Holt, Commercial Solicitors
More informationEffective security is a team effort involving the participation and support of everyone who handles Company information and information systems.
BACKED BY REFERENCE GUIDE Acceptable Use Policy GENERAL GUIDANCE NOTE: This sample policy is not legal advice or a substitute for consultation with qualified legal counsel. Laws vary from country to country.
More informationINFORMATION ASSET MANAGEMENT POLICY
INFORMATION ASSET MANAGEMENT POLICY Approved by Board of Directors Date: To be reviewed by Board of Directors March 2021 CONTENT PAGE 1. Introduction 3 2. Policy Statement 3 3. Purpose 4 4. Scope 4 5 Objectives
More informationPS 176 Removable Media Policy
PS 176 Removable Media Policy December 2013 Version 2.0 Statement of legislative compliance This document has been drafted to comply with the general and specific duties in the Equality Act 2010; Data
More informationSt Bernard s Primary School Data Protection Policy
St Bernard s Primary School Data Protection Policy St Bernard s RC Primary School, A Voluntary Academy Approved by Governors: 11.11.2015 Review date: Autumn 2016 St Bernard s Data Protection Policy General
More informationAcceptable Usage Policy (Student)
Acceptable Usage Policy (Student) Author Arthur Bogacki Date 18/10/2017 Version 1.1 (content sourced and consolidated from existing Email and Electronic Communication, and User Code of Practice policies.)
More informationAcceptable Use Policy
Acceptable Use Policy POLICY 07.01.01 Effective Date: 01/01/2015 The following are responsible for the accuracy of the information contained in this document Responsible Policy Administrator Information
More informationThe Data Protection Act 1998 Clare Hall Data Protection Policy
The Data Protection Act 1998 Clare Hall Data Protection Policy Introduction This document is a guide to the main requirements of the new Data Protection Act (DPA) that came into force on 24th October 2001.
More informationName of Policy: Computer Use Policy
Page: Page 1 of 5 Director Approved By: Approval Date: Reason(s) for Change Responsible: Corporate Services Leadership April 22, Reflect current technology and practice Corporate Services Leadership Leadership
More informationElectronic Communications and. Guidance note and template policy
Electronic Communications and Internet policy Guidance note and template policy When employing staff it is useful to create a policy which sets out your standards and requirements of your staff when they
More informationNHS Ayrshire & Arran Organisation & Human Resource Development Policy. Appropriate Use of IT Facilities Policy
NHS Ayrshire & Arran Organisation & Human Resource Development Policy Appropriate Use of IT Facilities Policy Version: 1.5 Date Approved: 2016-01-25 Author: Dept O&HRD, IT Security & Review date: 2018-01-25
More informationUWC International Data Protection Policy
UWC International Data Protection Policy 1. Introduction This policy sets out UWC International s organisational approach to data protection. UWC International is committed to protecting the privacy of
More informationSMS SERVICE PROVISION
SMS SERVICE PROVISION Terms and Conditions and Privacy Policy Version 2.05 Jan 2017 Page 1 Contents TERMS & CONDITIONS... 3 Registration... 3 Your Personal Information... 3 Our Obligations to SMS Service
More informationSTUDENT ICT ACCEPTABLE USE POLICY
The Olive School, Blackburn This policy is in line with the Mission Statement of the School To promote a culture of educational excellence, from within a caring and secure Islamic environment enriched
More informationTARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS
Target2-Securities Project Team TARGET2-SECURITIES INFORMATION SECURITY REQUIREMENTS Reference: T2S-07-0270 Date: 09 October 2007 Version: 0.1 Status: Draft Target2-Securities - User s TABLE OF CONTENTS
More informationTerms and Conditions 01 January 2016
Terms and Conditions 01 January 2016 thehealthsource: Terms and Conditions Page 1 of 7 This Agreement (the Agreement ) is entered into by and between thehealthsource (Pty) Ltd and the entity agreeing to
More informationFERPA & Student Data Communication Systems
FERPA & Student Data Ellevation is subject to the Family Educational Rights and Privacy Act (FERPA) as operating under the "school official" exception, wherein student directory and PII (Personal Identifying
More informationAcceptable Use Policy
Acceptable Use Policy 1. Overview ONS IT s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to ONS established culture of openness, trust and integrity.
More informationControls Electronic messaging Information involved in electronic messaging shall be appropriately protected.
I Use of computers This document is part of the UCISA Information Security Toolkit providing guidance on the policies and processes needed to implement an organisational information security policy. To
More informationPS Mailing Services Ltd Data Protection Policy May 2018
PS Mailing Services Ltd Data Protection Policy May 2018 PS Mailing Services Limited is a registered data controller: ICO registration no. Z9106387 (www.ico.org.uk 1. Introduction 1.1. Background We collect
More informationMobile / Smart Phone Policy
Mobile / Smart Phone Policy Policy reviewed by: Philippa Mills Review date: September 2017 Next review date: September 2018 School refers to Cambridge International School; parents refers to parents, guardians
More informationViolations of any portion of this policy may be subject to disciplinary action up to and including termination of employment.
Page 1 of 6 Policy: All computer resources are the property of Lee County and are intended to be used for approved County business purposes. Users are permitted access to the computer system to assist
More informationDONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY
DONE FOR YOU SAMPLE INTERNET ACCEPTABLE USE POLICY Published By: Fusion Factor Corporation 2647 Gateway Road Ste 105-303 Carlsbad, CA 92009 USA 1.0 Overview Fusion Factor s intentions for publishing an
More informationComputer and Internet Use Policy
Computer and Internet Use Policy Author Simon Allan Date Written Autumn 2015 Review Date Autumn 2018 Date Ratified by the Governing Body Autumn 2015 Computer and Internet Use Policy Outline/Overview This
More informationMailbox Rental Terms and Conditions
Mailbox Rental Terms and Conditions (valid from 26th September 2018) Subject to the customer ("the Customer") observing the Terms and Conditions set out below, Mail Boxes Etc. ("the Company") agrees to
More informationAcorn Trust Mobile Phone Policy
Acorn Trust Mobile Phone Policy Written by: J Buckley, Trust Business Manager Date agreed: 17 th May 2016 Date reviewed: Next Review Date: Summer 2018 Chairs Signature Mission Statement The Acorn Trust
More informationInternet, , and Computer Usage Policy
Important disclaimer: The policy available on this page is only an example and is furnished merely as an illustration of its category. It is not meant to be taken and used without consultation with a licensed
More informationAcceptable Use Policy
Acceptable Use Policy 1. Overview The Information Technology (IT) department s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to Quincy College s established
More informationPrivacy Policy. Information about us. What personal data do we collect and how do we use it?
This privacy policy sets out the way in which your personal data is handled by Leeds Bradford Airport Limited (referred to as "we", "us" and "our") whether collected through one of the websites we operate,
More informationThe Lee Wiggins Childcare Centre E-SAFETY, PHOTOGRAPHY and VIDEO POLICY
Policy for the acceptable use of mobile phones and cameras by the staff of the Lee Wiggins Childcare Centre (LWCC) Mobile Phones In order to provide a safe environment for children, parents and staff we
More informationData Handling Security Policy
Data Handling Security Policy May 2018 Newark Orchard School Data Handling Security Policy May 2018 Page 1 Responsibilities for managing IT equipment, removable storage devices and papers, in the office,
More informationACCEPTABLE USE POLICY
Great Lakes Energy Connections, Inc. Truestream ACCEPTABLE USE POLICY Contents OVERVIEW... 2 INTRODUCTION... 2 VIOLATION OF THIS ACCEPTABLE USE POLICY... 2 PROHIBITED USES AND ACTIVITIES... 2 CUSTOMER
More informationData protection policy
Data protection policy Context and overview Introduction The ASHA Centre needs to gather and use certain information about individuals. These can include customers, suppliers, business contacts, employees
More informationDigital Safety and Digital Citizenship
Digital Safety and Digital Citizenship A Guide for Students The laptop has been given to you as a tool for learning. Use it for that. While doing so, here are some important rules for keeping yourself
More information"PPS" is Private Practice Software as developed and produced by Rushcliff Ltd.
Rushcliff Ltd Data Processing Agreement This Data Processing Agreement ( DPA ) forms part of the main terms of use of PPS, PPS Express, PPS Online booking, any other Rushcliff products or services and
More informationGDPR Processor Security Controls. GDPR Toolkit Version 1 Datagator Ltd
GDPR Processor Security Controls GDPR Toolkit Version 1 Datagator Ltd Implementation Guidance (The header page and this section must be removed from final version of the document) Purpose of this document
More informationHSBC Expat Mobile Banking
HSBC Expat Mobile Banking Summary, App Licence Terms and Conditions and Important Information Effective from 13 June 2016 Summary of the Terms and Conditions This Summary sets out key details about the
More informationInstitute of Technology, Sligo. Information Security Policy. Version 0.2
Institute of Technology, Sligo Information Security Policy Version 0.2 1 Document Location The document is held on the Institute s Staff Portal here. Revision History Date of this revision: 28.03.16 Date
More informationThe Apple Store, Coombe Lodge, Blagdon BS40 7RG,
1 The General Data Protection Regulation ( GDPR ) is the new legal framework that will come into effect on the 25th of May 2018 in the European Union ( EU ) and will be directly applicable in all EU Member
More informationEnviro Technology Services Ltd Data Protection Policy
Enviro Technology Services Ltd Data Protection Policy 1. CONTEXT AND OVERVIEW 1.1 Key details Rev 1.0 Policy prepared by: Duncan Mounsor. Approved by board on: 23/03/2016 Policy became operational on:
More informationICT Acceptable Use Policy for Students
ICT Acceptable Use Policy for Students a 52 Eurobin Avenue, Manly NSW 2095 t +61 2 9977 5144 f +61 2 9976 2753 cricos 03290E e administration@stellamaris.nsw.edu.au w www.stellamaris.nsw.edu.au abn 88
More informationThe purpose of this guidance is: To provide a comprehensive understanding to complying with the universities Acceptable Use Policy.
Policy Acceptable Use Guidance 1 Introduction This guidance compliments the University of East London s Acceptable Use Policy. It puts into perspective specific situations that will help you provide a
More informationEmployee Security Awareness Training Program
Employee Security Awareness Training Program Date: September 15, 2015 Version: 2015 1. Scope This Employee Security Awareness Training Program is designed to educate any InComm employee, independent contractor,
More informationData protection. 3 April 2018
Data protection 3 April 2018 Policy prepared by: Ltd Approved by the Directors on: 3rd April 2018 Next review date: 31st March 2019 Data Protection Registration Number (ico.): Z2184271 Introduction Ltd
More informationStudent Network, Computing & Software Usage Regulations Version th July 2006
Student Network, Computing & Software Usage Regulations Version 1.0 6 th July 2006 Copyright 2006 Institute of Technology, Sligo, Ireland. 1 1.1 General Computing Facilities Computing facilities provided
More informationII.C.4. Policy: Southeastern Technical College Computer Use
II.C.4. Policy: Southeastern Technical College Computer Use 1.0 Overview Due to the technological revolution in the workplace, businesses such as Southeastern Technical College (STC) have turned to computer
More informationCardiff University Security & Portering Services (SECTY) CCTV Code of Practice
Cardiff University Security & Portering Services (SECTY) CCTV Code of Practice Document history Author(s) Date S Gamlin 23/05/2018 Revision / Number Date Amendment Name Approved by BI annual revision Date
More informationREPORTING INFORMATION SECURITY INCIDENTS
INFORMATION SECURITY POLICY REPORTING INFORMATION SECURITY INCIDENTS ISO 27002 13.1.1 Author: Owner: Organisation: Document No: Chris Stone Ruskwig TruePersona Ltd SP-13.1.1 Version No: 1.0 Date: 1 st
More informationIn the event of delayed payment, The Service Provider reserves the right to bar the Customer's access to the SMS Responder Service.
lterms and Conditions for the SMS Responder Service RESPONDER TECHNOLOGY LIMITED ( The Service Provider ) RESERVES THE RIGHT, AT ANY TIME, TO MODIFY THESE TERMS AND CONDITIONS BY POSTING REVISED TERMS
More informationAcquisition & Use of University Supplied Mobile Devices Policy
Acquisition & Use of University Supplied Mobile Devices Policy 1. Introduction 2. Device Definitions 3. Principles of the Policy 4. Eligibility 5. Tariffs & Hardware 6. Administration of Mobile Contracts
More informationAcceptable Use Policy
1 INTRODUCTION and its subsidiaries ( us, we or our ) have produced this acceptable use policy in order to: Give you a better understanding of what is and is not acceptable when using the internet Encourage
More informationInformation Handling and Classification Table
Information Handling and Classification Table Title: Information Classification and Handling Table Reference: IS-07a Status: Approved Version: 1.2 Date: March 2018 Classification: Non-Sensitive/Open Author(s)
More informationSAFE USE OF MOBILE PHONES AT WORK POLICY
SAFE USE OF MOBILE PHONES AT WORK POLICY Links to Lone Working Policy, Personal Safety Guidance, Lone Working Guidance, Information Governance Policy Document Type General Policy Unique Identifier GP31
More informationElectronic Network Acceptable Use Policy
Electronic Network Acceptable Use Policy 2016-2017 www.timothychristian.com ELECTRONIC NETWORK ACCEPTABLE USE POLICY Electronic Network This Policy is intended to serve as a guide to the scope of TCS s
More informationInformation Security BYOD Procedure
Information Security BYOD Procedure A. Procedure 1. Audience 1.1 This document sets out the terms of use for BYOD within the University of Newcastle. The procedure applies to all employees of the University,
More informationData Protection Policy
Data Protection Policy Addressing the General Data Protection Regulation (GDPR) 2018 [EU] and the Data Protection Act (DPA) 2018 [UK] For information on this Policy or to request Subject Access please
More informationCorporate Policy. Revision Change Date Originator Description Rev Erick Edstrom Initial
Corporate Policy Information Systems Acceptable Use Document No: ISY-090-10 Effective Date: 2014-06-10 Page 1 of 5 Rev. No: 0 Issuing Policy: Information Systems Department Policy Originator: Erick Edstrom
More informationAcceptable Use Policy (AUP)
Acceptable Use Policy (AUP) Questions regarding this policy and complaints of violations of this policy by PLAINS INTERNET users can be directed to support@plainsinternet.com. Introduction Plains Internet
More informationCleveland State University General Policy for University Information and Technology Resources
Cleveland State University General Policy for University Information and Technology Resources 08/13/2007 1 Introduction As an institution of higher learning, Cleveland State University both uses information
More informationCastle View Primary School Data Protection Policy
Castle View Primary School Data Protection Policy Aims The Headteacher and Governors of the school intend to comply fully with the requirements and principles of the Data Protection Act 1998. All staff
More informationAcceptable Use Policy
Acceptable Use Policy This Acceptable Use Policy is in addition to South Central Communication s Terms of Service and together the documents constitute the Agreement between South Central Communications
More informationData Protection Policy
Data Protection Policy Status: Released Page 2 of 7 Introduction Our Data Protection policy indicates that we are dedicated to and responsible of processing the information of our employees, customers,
More informationPrivacy Statement. Your privacy and trust are important to us and this Privacy Statement ( Statement ) provides important information
Privacy Statement Introduction Your privacy and trust are important to us and this Privacy Statement ( Statement ) provides important information about how IT Support (UK) Ltd handle personal information.
More informationUKIP needs to gather and use certain information about individuals.
UKIP Data Protection Policy Context and overview Key details Policy Update Prepared by: D. Dennemarck / S. Turner Update approved by Management on: November 6, 2015 Policy update became operational on:
More informationMotorola Mobility Binding Corporate Rules (BCRs)
Motorola Mobility Binding Corporate Rules (BCRs) Introduction These Binding Privacy Rules ( Rules ) explain how the Motorola Mobility group ( Motorola Mobility ) respects the privacy rights of its customers,
More informationBERKELEY COLLEGE Social Media Policy
BERKELEY COLLEGE Social Media Policy Scope This policy applies to all use of social media by Berkeley College students, faculty and staff to represent or discuss matters concerning the College and/or members
More informationSchedule Identity Services
This document (this Schedule") is the Schedule for Services related to the identity management ( Identity Services ) made pursuant to the ehealth Ontario Services Agreement (the Agreement ) between ehealth
More informationIT Appropriate Use - Best Practice for Guidelines. Section 1 - Purpose / Objectives. Section 2 - Scope / Application. Section 3 - Definitions
IT Appropriate Use - Best Practice for Email Guidelines Section 1 - Purpose / Objectives (1) Email is used at Victoria University as a business communication tool and users are obliged to use this tool
More informationJoseph Swan Academy ICT, Internet and Acceptable Use Policy (Incorporating electronic and online safety and mobile device use)
Joseph Swan Academy ICT, Internet and Acceptable Use Policy (Incorporating electronic and online safety and mobile device use) 2017 2018 To be reviewed September 2018 1 Contents Page Introduction 3 ICT
More informationDATA PROTECTION POLICY THE HOLST GROUP
DATA PROTECTION POLICY THE HOLST GROUP INTRODUCTION The purpose of this document is to provide a concise policy regarding the data protection obligations of The Holst Group. The Holst Group is a data controller
More informationCODE OF CONDUCT FOR INFORMATION TECHNOLOGY, COMPUTER, TELEPHONE AND EQUIPMENT USE
CODE OF CONDUCT FOR INFORMATION TECHNOLOGY, COMPUTER, TELEPHONE AND EQUIPMENT USE INTENDED USE This Code is intended for the school s staff to provide directions in their work as to the standards for use
More informationInformation Security Policy for Associates and Contractors
Information Security Policy for Associates and Contractors Version: 1.13 Date: 11 October 2016 Reference: 67972761 Location: Livelink Contents Introduction... 3 Purpose... 3 Scope... 3 Responsibilities...
More informationAcceptable Use Policy
Acceptable Use Policy 1. Purpose The purpose of this policy is to outline the acceptable use of computer equipment at Robotech CAD Solutions. These rules are in place to protect the employee and Robotech
More informationCognizant Careers Portal Terms of Use and Privacy Policy ( Policy )
Cognizant Careers Portal Terms of Use and Privacy Policy ( Policy ) Introduction This Policy applies to the Careers portal on the Cognizant website accessed via www.cognizant.com/careers ("Site"), which
More informationRemote Working & Mobile Devices Security Standard
TRUST-WIDE NON-CLINICAL DOCUMENT Remote Working & Mobile Devices Security Standard Standard Number: Scope of this Document: Recommending Committee: Approving Committee: SS02 All Staff Joint Information
More informationBusiness Lite powered by Microsoft Office 365
Business Email Lite powered by Microsoft Office 365 Schedule to the General Terms Contents A note on you... 2 1. Service Summary... 2 2. Standard Service Components... 2 3. Service Management Boundary...
More informationIt s still very important that you take some steps to help keep up security when you re online:
PRIVACY & SECURITY The protection and privacy of your personal information is a priority to us. Privacy & Security The protection and privacy of your personal information is a priority to us. This means
More informationUse of Personal Mobile Phone Whilst on Duty
Use of Personal Mobile Phone Whilst on Duty (Incorporating Smartphones and Hand Held Devices) Standard Operating Procedure Notice: This document has been made available through the Police Service of Scotland
More informationAcceptable Use Policy
IT and Operations Section 100 Policy # Organizational Functional Area: Policy For: Date Originated: Date Revised: Date Board Approved: Department/Individual Responsible for Maintaining Policy: IT and Operations
More informationBT Compute Protect Schedule to the General Terms
BT Compute Protect Schedule to the General Terms Contents A note on you... 2 Words defined in the General Terms... 2 Part A The BT Compute Protect Service... 2 1 Service Summary... 2 2 Standard Service
More informationGLOBAL PAYMENTS AND CASH MANAGEMENT. Security
GLOBAL PAYMENTS AND CASH MANAGEMENT Security The Bank aims to provide you with a robust, reliable and secure online environment in which to do business. We seek to achieve this through the adoption of
More information