UCA Management Policy and Guidelines

Transcription

1 UCA Management Policy and Guidelines Policy This policy applies to use of any system installed on a University computer. The policy applies primarily to the use of the University s ucreative domain, but covers the use of other tools that may be accessed using University computers. 1. Ucreative 1.1 The ucreative domain is the only domain that will be used for formal communications; the University does not allow the use of alternative addresses for the purpose of official business. 2. Acceptable use and management of 2.1 Electronic mail ( ) is an integral part of the University's internal and external communication strategy and all staff have a responsibility to conform to its acceptable use. Staff also have a responsibility to be aware of the requirements of the Data Protection Act (DPA) and the Freedom of Information Act (FoIA) in relation to the use of ; guidance is also available in the University s Information Security Policy and Information Handling Policy. Adherence to these policies and guidelines will ensure both effective communication and legal compliance. 2.2 All staff should manage electronic messages effectively to expedite business communications, reduce paperwork and automate routine office tasks. It is the responsibility of staff to manage the creation, retention, and disposition of sent and received s properly, including: Passing on messages for action and information to other staff as appropriate Acting on as appropriate Deleting and attachments as soon as they are no longer needed for reference in the system 2.3 The system should not be used for record keeping. All extant s are discoverable under FoI. For long term accessibility, s and their attachments should be stored on an appropriate network drive or other more lasting medium. 2.4 Sensitive personal data must not be communicated by unless express permission of the subject has been obtained or adequate encryption facilities are employed. The inclusion of personal data (including name and contact details) in an is deemed to be processing personal data within the terms of the DPA and the provisions of the Act apply. It is the responsibility of staff to ensure that they are familiar with the University's Data Protection Policy which can be found on the staff portal document store in the Data Protection folder. 2.5 PCs must not be left in an insecure state that would allow a third party to inspect or data and gain access to personal information. 2.6 Personal comments about identifiable people should not be made in s. The laws applying to defamation apply to s, which are considered a form of publication. It is the effect of the communication rather than the intention of the sender that applies in cases of harassment. Title: UCA Policy Page 1 of 6

2 2.7 The University system must not be used to create or distribute unsolicited, offensive or unwanted s, including disseminating chain letters messages that reflect badly on the University or could expose it to legal liability must not be sent. s sent by a member of staff are equivalent to sending a letter on University headed notepaper and an equivalent level of care should be exercised. 2.9 Extreme care should be taken when downloading material from the internet or opening external s if there is any suspicion that it might include a virus. If there is any doubt, the attachment should not be opened and the IT Helpdesk should be contacted immediately Personal should be kept to a minimum and not stored in the folders. The University computers must not be used for storing large personal media files. 3. Monitoring of 3.1 Monitoring of staff would constitute invasion of privacy unless it can be justified within a defined legitimate business purpose. The IT Services Department keeps records to monitor traffic flow and system usage but does not inspect the individual user data or content of e- mails unless the conditions of the Regulation of Investigatory Powers Act 2000 are met. Examples of when s could be inspected include: 4. Sanctions To ensure the system s security and effective operation: eg a virus or large scale blanket threatens the functioning of the entire system or is likely to delete or corrupt user data To establish the existence of facts relevant to the University: eg where there is a prima facie suspicion that the University s telecommunications facilities have been misused or that the regulations governing the use of have been contravened. To prevent or detect crime, including fraud or the infringement of IT related legislation such as the Computer Misuse Act 1990 By using the University s IT facilities, staff accept the University regulations and policies pertaining to their use. The University has a legal responsibility to ensure that its employees act within the law by enforcing these regulations. Breach of the regulations constitutes a serious disciplinary offence. Title: UCA Policy Page 2 of 6

3 Guidelines 5. Confidentiality, Data Protection Act (DPA) and Freedom of Information Act (FoIA) 5.1 is not a confidential medium and messages can be easily read by those for whom they were not intended. They can be intercepted, legally or otherwise; wrongly addressed; forwarded accidentally or to third parties without your knowledge; viewed accidentally on the recipient s screen. Think carefully what you write and whether is an appropriate medium for your message. 5.2 All UCA staff should be aware of the requirements of the Data Protection Act. The UCA Policy and Guidance can be found in the Data Protection folder of the document store on the staff portal. The DPA applies to and it is an area where special care should be exercised because allows communication with large numbers of people almost instantaneously. However, it is not necessarily a temporary media and can be traced if UCA is legally required to do so. Therefore be aware that when contains personal data, as a general rule you should not store it or forward it without the data subject s knowledge and consent. Use student identifier numbers rather than names whenever possible. 5.3 Items within the deleted items box would have to be surrendered in a data access request. Empty the deleted items box regularly (In Outlook, this can be set up so that it empties each time you close down go to Tools, Options, Others, General and tick the relevant box) 5.4 The University s DPA registration recognises and permits the core business uses of data staff administration, marketing, public relations, advertising. Further information on allowable data processing within UCA can be found in the DPA registration section of the Information Commissioner s website ( quoting the UCA reference number Z This gives the details of the University s DPA notification. If you are intending to include data within an for any other purpose, you must first consult the University s Data Protection Officer (Marion Wilks, University Secretary). 5.5 Guidelines on the University s Freedom of Information Policy can be found in the FoI section of the document store on the staff portal. s can be required in response to an FOI request. Title: UCA Policy Page 3 of 6

4 6. Managing 6.1 Familiarise yourself with the options available under tools to help you manage and organise your use of . This is where you can switch message alerts on or off, set the spell check, set up automatic archiving, and set whether or not you want replies to include the incoming message. Decide whether you want to keep open at all times or whether to check it regularly you do not have to go along with the assumption that you are constantly on line and will respond instantly. should be seen as transient and not the only means of communications can a situation be dealt with via a simple telephone call? 6.2 Mailbox Size Restrictions It is not good practice to keep a large number of s in your Mailbox folders. Move or delete s from the inbox as soon as they have been actioned. Remember that s in your inbox and folders can be subject to disclosure under Freedom of Information. Sort e- mail by date, sender or subject depending on your business need folders s which need to be kept for longer after they have been actioned, while they are active and still likely to be needed regularly when you use , may be transferred to folders set up to reflect activities or projects according to your business needs. Remember whilst e- mails remain in the system, which is password protected, they cannot be accessed by anyone else and cannot be part of the official records of the University BUT are still discoverable under Freedom of Information and Data Protection activities. 6.3 Personal folders (pst extension) Personal folders are stored on the computer where they were created and so are not accessible remotely but can each accommodate up to 2GB. Good practice is to set one up each year. To set one up, go to My Computer and double click onto the C drive. Then go to File, New, Folder. Name the new folder personal folders. Then from Outlook, go to File, New, Outlook Data File. In the resulting window, select Outlook Personal Folders File (pst) and click OK. Browse to the folder you created on the C drive and change the file name to your user name and the academic or calendar year, whichever suits your needs. (eg fbloggs0607 or fbloggs2006). Click OK and customise the.pst file as you wish it to appear in your folder list (eg 0607 or ). 6.4 Archiving Archiving can automate the transfer of messages to personal folders, removing them from your inbox storage limit. Archive folders mirror the structure of the inbox and transfers from individual folders or the whole mailbox can be manual or set up to occur automatically at a chosen frequency. 6.5 Use the Outlook on-line helpsheets: two useful links are Origin=RC and RC These can also be accessed directly from the staff portal document store/learning and development folder/it training notes/ user guides 7.0 Out of Office Title: UCA Policy Page 4 of 6

5 All staff must set an Out of Office message that gives alternative contact details. This is important under Freedom of Information so that any requests for information will be responded to within the 20 working day time limitations of the Act. If you are going to be out of contact for more than three weeks, if possible set delegate Read rights for a colleague to check your as well. Be aware that the Out of Office message is not sent to external mailboxes as this could pose a threat to individual security by communicating when individuals are on leave (and likely to be away from their home also). 8. Sending 8.1 Think before using whether a phone call, calendar software or face-to-face meeting might be more appropriate and efficient. 8.2 Also s should be sent in plain text format *not* html format. 8.3 Use Linotype Univers 330 Light 12 fonts in black for text and font size 11 in black for signatures or Ariel 10 in black. Don t use CAPITALS which have the same effect as shouting. Do not use stationery backgrounds on s. 8.4 Generally speaking internal should be short messages requesting action or comment, or passing on information via shortcuts; attachments; or links to websites or to the document store on the staff portal. Significant documents such as policies, procedures, minutes etc should be Word documents. This type of record will be saved in the appropriate shared drive while in draft by the person responsible for drafting or be in the document store. 8.5 There is a 10Megabyte limit on the size of attachments that can be sent attachments are a corporate resource and as such should not be stored in individuals where they are inaccessible, take up extra space and raise the possibility of different drafts being used rather than the latest draft. Send a link to the current document in the document store, where appropriate, rather than sending the document as an attachment, (see digital records management guidance in the DPA section of the document store on the staff portal regarding retaining copies of documents that are in the document store). 8.7 To ensure your is dealt with appropriately, promptly and effectively by recipients: Make sure the title tells the recipient about the subject of the and try not to have more than one topic in an Use markers and other tools to show the importance of the (high, normal, low priority) Use indicators and dates maybe in the subject line or at the beginning of the to show whether the is for information or action by a specific date Make clear whether action is expected by recipients and CC recipients. Where there are several addressees, make certain it is clear who is required to do what. Never send an e- mail that requires one action to be taken to a group of people without explaining who you expect to act on it Keep attachments to a minimum, especially when sending to a group of people use links wherever possible If you send an attachment, indicate to the recipient whether you will be keeping the attachment as the master record Limit recipients to those who need to know use reply to sender rather than the reply all function unless absolutely necessary 8.8 Long cc lists can unwittingly transfer personal data under the terms of the DPA so should be avoided whenever possible, especially on external s. Use the bcc function instead: you cannot assume that all your copyists want to share their addresses. Title: UCA Policy Page 5 of 6

6 8.9 Thank you s fill your sent items box and the recipient s in-box so should not be sent routinely. You can set up a message delivery acknowledgement if you need to know the message has been received or read Do not use the all staff function without prior approval from your Head of Department or College. There are smaller, more focused, distribution lists in the global address book. Users should build their own distribution lists in outlook or compatible application Add the standard signature and disclaimer to all outgoing s as below 9. Receiving Your name Your job title University for the Creative Arts Your campus address Tel: +44(0) your switchboard s number Direct: +44(0)your number yourusername@ucreative.ac.uk Web: One of Europe s leading arts and design institutions, the University for the Creative Arts builds on a proud tradition of creative arts education spanning 150 years. Our campuses at Canterbury, Epsom, Farnham, Maidstone and Rochester are home to more than 6,000 students from 76 countries studying on courses in fashion, graphics, design, media, fine art and architecture. Help save paper - do you need to print this ? The views expressed in this are those of the author and not necessarily those of the University. This message may contain confidential information and will be protected by copyright. If you receive it in error please notify us, delete it and do not make use of it, or copy it. Any reply may be read by the recipient to whom you send it and others within the University. Although we aim to use efficient virus checking procedures, the University accepts no liability for viruses and recipients should use their own virus checking procedures. 9.1 If you find yourself on an circulation list that is not useful for you, politely request to be removed 9.2 Do not keep listserve messages: all listserves maintain an archive which you can consult if necessary. 9.3 If you receive jokes, chain s, or other circulars by , delete them and do not forward them either internally or externally. 9.4 Do not open any attachments unless you are sure of its content 10. Accessing remotely 10.1 The easiest way to access your from any computer is via the ucreative website ( and follow the links to the staff or student portal. This will give you the web-based version of Outlook which has most, but not all, of the functionality of the networked version. Title: UCA Policy Page 6 of 6