Tenth Judicial Circuit of Florida Information Systems Acceptable Use Guidelines Polk, Hardee and Highlands Counties as of January 2014

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Tenth Judicial Circuit of Florida Information Systems Acceptable Use Guidelines Polk, Hardee and Highlands Counties as of January 2014"

Transcription

1 Tenth Judicial Circuit of Florida Information Systems Acceptable Use s Polk, Hardee and Highlands Counties as of January 2014 The following guidelines define the acceptable use of information technology within the Tenth Judicial Circuit for purposes of securing such technology, resources and electronic information. PHYSICAL SECURITY Users will ensure that all computer assets (computers, monitors, laptop computers, printers, etc.) that are assigned to or regularly used by them are maintained and used in a manner consistent with their job function and such that the possibility of damage and/or loss is minimized. Computer equipment should not be removed from the workplace without proper authorization. Users will not modify the court computer equipment in any manner including, but not limited to, attaching external disk drives, external hard drives, changing the amount of memory in the computer, and attaching/installing any peripheral device or software without authorization. This section shall not apply to Information Resources personnel while performing their assigned duties. A sign out sheet will be available in court administration for equipment that may be checked out for temporary use. Permanently assigned laptop and mobile devices are excluded from sign out and are the sole responsibility of the possessor. Whenever possible all portable computing equipment (laptop computers, tablets, electronic organizers, flash drives etc.) will be maintained under the direct supervision of the user to which they are issued. The equipment should never be left unattended in locations such as airports and hotel lobbies. When the equipment must be left unsupervised, it should be made as inconspicuous as possible (i.e.: do not leave the computer sitting on the seat of an unattended vehicle). Wherever practical, the computer shall be secured with the supplied security device(s). Equipment should be brought in to the Court Technology Office for regular operating system updates and patches, as well as antivirus updates at least once every 3 months. If it is heavily used and exposed to the public Internet, then this may need to be more frequent. Computer and electronic equipment are generally delicate and shall be treated accordingly. Damage to or loss of computer electronic equipment caused by negligence and/or violation of these guidelines may result in the responsible party being charged for the repair or replacement costs.

2 OWNERSHIP OF INFORMATION, DATA, AND SOFTWARE DEFINITIONS: Information: knowledge, in any form, that has value to the court. Data: any computer information, including, but not limited to, information that has been entered into a computer, stored in a computer, or retrieved from a computer. Examples would include spreadsheet and database entries. Software: computer operating systems and programs All information and data generated or gathered by a user, in the course of their employment and/or utilizing court owned assets, shall be the intellectual property of the court. All software purchased by, licensed by, or created by the Tenth Judicial Circuit is the exclusive property of the courts and may not be transferred to, given to, or loaned to any other organization or outside individual without proper authorization. DEFINITIONS INFORMATION SECURITY Sensitive or confidential: any information, in any form, that is a considered and defined by the law as not open to the public. Sensitive information may be public, but release of this information must adhere to appropriate request for information procedures. All public information requests shall go through the Court Administrators Office for review and processing. The reason for this procedure is that all public information requests are reviewed, and exemptions where requested information is excluded/redacted must be explained to the requester. This process must be done by qualified personnel familiar with the law defining those exemptions. Sensitive or confidential information may also be contained within Criminal Justice Information systems accessed by the courts in the course of work duties. Any information that is disseminated to someone outside our organization will be required to be documented in a secondary dissemination log, which is subject to internal and external audit. Secondary

3 dissemination may only be conducted as an authorized part of an employee s work duties. Please contact Court IT to receive a secondary dissemination log. Login credentials to the network and specialized clerk/court applications allow access to critical court information. Therefore login credentials shall be secured and treated as confidential information. Passwords will be a minimum of eight (8) characters and should contain both letters and numbers. Words, names, birth dates, addresses, zip codes, telephone numbers, social security numbers, or any other easily guessed combination should not be used. User IDs and/or passwords should not be written down and kept within the general area of the computer. Users should not utilize internal passwords or substantially similar passwords on external systems (i.e.: websites, web based , etc.). The network will ask user to change their passwords every 90 days, and will not allow the user to reuse the past 10 passwords. Please report to Court Technology if you feel your password(s) has been compromised, and we will assist you in changing it and taking other security measures if necessary. Computers access will be automatically locked at a minimum of 30 of inactivity. The user must then reenter their authentication credentials to unlock the device. This process only locks the screen, and does not take the user out of any active programs. The user may lock their screens at any time by pressing ctrl-alt-delete and selecting lock computer. The loss of any computer equipment or any of the court s information will be immediately reported to the Court Technology Office who will ensure that all possible steps are taken to protect the court from further information loss. Any attempt by another person to obtain a login ID and/or password, or any other suspicious activity, will be immediately reported to Court Administration and/or the Court Technology Office. Unless specifically designated otherwise, all information is considered to be confidential. Information that is sensitive or confidential will never be disseminated, by any means, to persons outside of the court unless all of the following conditions are met: 1) The Chief Judge, Court Administrator, or other authorized Administrator expressly approves the dissemination, in advance. 2) The Sensitive, or Confidential information is: a. Encrypted, hand delivered or personally picked up by the party if a computer file, otherwise b. Sealed in an envelope or other appropriate container 3) The transmittal letter or (this does not include CJI data which must never be sent with court , but a secure CJNet account) text includes a warning to the recipient that the material is Sensitive, or Confidential and is the property of the court.

4 4) The transmittal letter or text contains a specific statement of why the recipient is receiving it, what they may do with the information, and who, if any one, they may disclose it to Sensitive/confidential information placed on flash drives or other portable devices must at a minimum be password protected and encrypted, and such device shall be work issued. No personal portable storage shall be used for this type of information. Non sensitive data may be placed on non-secured media, such as PowerPoint presentations or general non-secure information. All users should ensure that their computer files are properly backed up. A user share will be established on the court s network file server for storage of files to be automatically backed up daily. In the event the user needs to regularly back up data at the local pc, the Court Technology Office will install an appropriate backup solution, and it will be the responsibility of the user to back up the local files and the restoration thereof. All users will ensure that any material to be discarded that contains Sensitive, or Confidential information, in whole or part, will be properly and immediately destroyed. Printed material should be shredded before discarded. Computer equipment that is to be disposed of will be properly wiped of its data contents or physically destroyed by the Court Technology Office. All computers will have antivirus software installed. This software is to remain activated at all times. The Court Technology Office will ensure that the software is updated on a regular basis consistent with best business practices. The computers should be left on as virus software is updated every evening on each PC on the court s network. Any machines not left on will not receive the updates and will be at risk. The Court Technology Office will ensure that all security updates for operating systems, web browsers, server applications, and clients are installed as soon as resources allow. PERSONALLY OWNED DEVICES Access to the Court s network by personally owned devices is limited based on employee role. Most personally owned devices may be configured to receive work . Please see section on containing Criminal Justice Information (CJI). According to the new FBI standards, any portable electronic device contaminated with CJI data must be physically destroyed when the employment is terminated or the device is replaced. This includes personally owned devices by employees. Please make sure that no CJI data is flowing through to avoid risking the loss of a personally owned device once employment is terminated. This is a Federal Security Standard that does not allow exceptions. Employees can be held responsible for the leaking of any confidential CJI data on their personally owned devices. Please use a secure CJNet assigned encrypted account if job duties require transmission of CJI data. Do not copy CJI data onto personally owned devices.

5 INSTALLATION AND USE OF SOFTWARE DEFINITIONS: Software Piracy: Software piracy is utilizing software in violation of its licensing agreement. Without the prior approval of the Court Technology Office, users should not: 1) install any software on court owned computer equipment. 2) install court owned software on any non-court owned computer equipment. 3) provide copies of court owned or licensed software to unauthorized personnel. Users should not engage in any acts of software piracy The Court Technology Office shall ensure that all software installed or utilized on court equipment is properly licensed. Unlicensed software may be subject to removal, especially if it creates as security risk or interferes with business related functions on the computer. PERSONAL USE OF COMPUTER HARDWARE AND SOFTWARE DEFINITIONS: Incidental Use: Incidental use means occasional personal use that does not interfere with the court s needs or operation. Court owned computer hardware and software should be utilized for business purposes. Personal use of company assets should be limited; this includes the court's system and Internet access. Personal use should not subject the courts to civil liability, should never interfere with the court s needs, cause the courts public embarrassment, and must comply with all laws and regulations.

6 ELECTRONIC MAIL DEFINITIONS System: all means of sending and receiving electronic mail ( ), including internal and Internet (web) INCIDENTAL USE: occasional personal use that does not interfere with the court s needs or operation. GUDELINE This guideline shall apply to anyone having access to the Tenth Judicial Circuit s systems. The Tenth Judicial Circuit s system is intended for business use for the courts operations; incidental personal use of the system is permissible, but should not interfere with the operations of the court or cause undue strain upon the technology resource. The court will disclose to any party that it may be required to by law or regulation. This may include law enforcement search warrants and discovery requests in civil litigation. While a user may delete an message, copies of the may still remain on servers and backup tapes. Only court authorized encryption may be utilized. All passwords/encryption keys must be on file with the Court Technology Office prior to their utilization. Due to the potential for security breaches, users will exercise extreme caution in downloading and executing any files attached to . If the attachment is not clearly business related and/or expected from a known source, it should never be opened or executed. Such s and attachments may contain viruses. The Court Technology Office shall maintain antivirus software on the server to minimize damage from viruses and attachments. Users should not globally distribute any non-work related such as chain letters or nonwork related advertisements. The system should not be used for any purpose in violation of law or regulation. Users should not reveal their passwords to anyone. Excluding members of the Court Technology Office, users will not utilize or access accounts belonging to any other user unless they are authorized to do so by the user or other proper authority. Upon request and appropriate authorization, the Court Technology Office can allow access to accounts to more than one user. attachments will be limited to 10mb for incoming and outgoing mail. will be rejected or not send if the attachment exceeds this limit. This limit may be changed on individual accounts. Any requests for changes to the attachment limit should be sent to the Court Administrators Office.

7 Containing Criminal Justice Information User may not use any webmail or our internal mail to distribute any Criminal Justice Information (CJI). CJI data may only be transmitted using a secure encrypted assigned by the Criminal Justice Network (CJNet). Transmitting CJI data by any other means is a violation of state and federal security guidelines and may result in the removal of access to criminal justice information sources. If your job requires you to transmit CJI data, please contact Court Technology to have a CJNet setup for this purpose. DEFINITIONS INTERNET USAGE INCIDENTAL USE: occasional personal use that does not interfere with the court s needs or operations. This guideline shall apply to anyone utilizing Tenth Judicial Circuit s Internet access systems. The Florida Court s Internet access is intended to assist with the business of the courts; incidental personal use of the Internet access is permissible. Due to the drain on resources, users should minimize the use of any services that "broadcast" material via the Internet. Due to the potential for security breaches, users should not download software from the Internet unless prior approval has been obtained. Users should be mindful that Internet sites they visit collect information about visitors. This information will link the user to Tenth Judicial Circuit. Users should not visit any site that might in any way cause damage to Florida Court s image or reputation. Users should be aware that much of the material available on the Internet is copyrighted or trademarked. Other than viewing publicly available material, users will not use any material found on the Internet in any manner without first establishing that such use would not be in violation of a copyright or trademark. Internet radio and video should not be accessed unless they are for business purposes. Audio and video over the Internet uses a tremendous amount of bandwidth resources and negatively impacts the performance of the Internet for all users. FTP (File Transfer Protocol) shall only be used by the Court Technology Office or by authorized users. Internet bandwidth on the court s network is a secure connection, and therefore more restrictive than public Internet. This is required in order for our agency to access Criminal Justice Information Systems at the State, National, and International levels. We are audited annually on

8 the security of this resource. This may mean that some Internet resources may not be accessible or allowed. These guidelines are in accordance with the Federal Information Processing Standards (FIPS) 71A-1 Subsections , and the U.S. Department of Justice, Federal Bureau of Investigation, Criminal Justice Information Services Security Policy Sections 4.3, Personally Identifiable Information, and Section 5 regarding securing technology that accesses, stores, transmits, and logs Criminal Justice Information governed by this referenced policy.

9 Tenth Judicial Circuit of Florida USER ACKNOWLEDGMENT I have read the technology guidelines, and agree to abide by them. I further understand that these guidelines apply to me regardless of my work location and even though the computer equipment I use for work purposes may not belong to my employer (contracted/leased). Signature Printed Name Title Date **These guidelines are intended to assist the courts and court staff with outlining responsible technology.

Information Security Policy

Information Security Policy Information Security Policy Touro College/University ( Touro ) is committed to information security. Information security is defined as protection of data, applications, networks, and computer systems

More information

Information Technology Security Policies

Information Technology Security Policies Information Technology Security Policies Randolph College 2500 Rivermont Ave. Lynchburg, VA 24503 434-947- 8700 Revised 01/10 Page 1 Introduction Computer information systems and networks are an integral

More information

TIME SYSTEM SECURITY AWARENESS HANDOUT

TIME SYSTEM SECURITY AWARENESS HANDOUT WISCONSIN TIME SYSTEM Training Materials TIME SYSTEM SECURITY AWARENESS HANDOUT Revised 11/21/13 2014 Security Awareness Handout All System Security The TIME/NCIC Systems are criminal justice computer

More information

Responsible Access and Use of Information Technology Resources and Services Policy

Responsible Access and Use of Information Technology Resources and Services Policy Responsible Access and Use of Information Technology Resources and Services Policy Functional Area: Information Technology Services (IT Services) Applies To: All users and service providers of Armstrong

More information

Approved By: Agency Name Management

Approved By: Agency Name Management Policy Title: Effective Date: Revision Date: Approval(s): LASO: CSO: Agency Head: Media Protection Policy Every 2 years or as needed Purpose: The intent of the Media Protection Policy is to ensure the

More information

HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005

HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005 INTRODUCTION HIPAA Security Rule Safeguards Recommended Standards Developed by: USF HIPAA Security Team May 12, 2005 The Health Insurance Portability and Accountability Act (HIPAA) Security Rule, as a

More information

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This

More information

HIPAA Security Alert

HIPAA Security Alert Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information

More information

U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course

U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course Rules of Behavior Before you print your certificate of completion, please read the following Rules of Behavior

More information

Network and Workstation Acceptable Use Policy

Network and Workstation Acceptable Use Policy CONTENT: Introduction Purpose Policy / Procedure References INTRODUCTION Information Technology services including, staff, workstations, peripherals and network infrastructures are an integral part of

More information

2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy

2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy Version History Author Approved Committee Version Status date Eddie Jefferson 09/15/2009 Full Governing 1.0 Final Version Body Eddie Jefferson 18/08/2012 Full Governing Body 2.0 Emended due to the change

More information

Rules of the Road for Users of Smithsonian Computers and Networks

Rules of the Road for Users of Smithsonian Computers and Networks Rules of the Road for Users of Smithsonian Computers and Networks Introduction Smithsonian systems, networks and other computer resources are shared among Smithsonian employees, interns, visiting scholars,

More information

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

Information Security Policy September 2009 Newman University IT Services. Information Security Policy Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms

More information

INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL

INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL 1 INTRODUCTION The County of Imperial Information & Technical Services (ITS) Security Policy is the foundation of the County's electronic information

More information

Information Security Code of Conduct

Information Security Code of Conduct Information Security Code of Conduct IT s up to us >Passwords > Anti-Virus > Security Locks >Email & Internet >Software >Aon Information >Data Protection >ID Badges > Contents Aon Information Security

More information

13 th Circuit Court 86 th District Court Grand Traverse County Probate Court

13 th Circuit Court 86 th District Court Grand Traverse County Probate Court 13 th Circuit Court 86 th District Court Grand Traverse County Probate Court Policy for the Operation of Computer Network, Internet Access, E-Mail, Phone Service, and Other Communication Equipment and

More information

Tameside Metropolitan Borough Council ICT Security Policy for Schools. Adopted by:

Tameside Metropolitan Borough Council ICT Security Policy for Schools. Adopted by: Tameside Metropolitan Borough Council ICT Security Policy for Schools Adopted by: 1. Introduction 1.1. The purpose of the Policy is to protect the institution s information assets from all threats, whether

More information

University of Northern Colorado. Data Security Policy for Research Projects

University of Northern Colorado. Data Security Policy for Research Projects University of Northern Colorado Data Security Policy for Research Projects Contents 1.0 Overview... 1 2.0 Purpose... 1 3.0 Scope... 1 4.0 Definitions, Roles, and Requirements... 1 5.0 Sources of Data...

More information

APPROPRIATE USE OF INFORMATION TECHNOLOGY SYSTEMS INFRASTRUCTURE RESOURCES

APPROPRIATE USE OF INFORMATION TECHNOLOGY SYSTEMS INFRASTRUCTURE RESOURCES APPROPRIATE USE OF INFORMATION TECHNOLOGY SYSTEMS (INCLUDING INTERNET & E-MAIL) EMC CORPORATE POLICY COPYRIGHT 2007 EMC CORPORATION. ALL RIGHTS RESERVED. NO PORTION OF THIS MATERIAL MAY BE REPRODUCED,

More information

General Rules of Behavior for Users of DHS Systems and IT Resources that Access, Store, Receive, or Transmit Sensitive Information

General Rules of Behavior for Users of DHS Systems and IT Resources that Access, Store, Receive, or Transmit Sensitive Information General Rules of Behavior for Users of DHS Systems and IT Resources that Access, Store, Receive, or Transmit Sensitive Information The following rules of behavior apply to all Department of Homeland Security

More information

Section 5 Identify Theft Red Flags and Address Discrepancy Procedures Index

Section 5 Identify Theft Red Flags and Address Discrepancy Procedures Index Index Section 5.1 Purpose.... 2 Section 5.2 Definitions........2 Section 5.3 Validation Information.....2 Section 5.4 Procedures for Opening New Accounts....3 Section 5.5 Procedures for Existing Accounts...

More information

ICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation

ICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation ICT SECURITY POLICY Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation Responsibility Assistant Principal, Learner Services Jannette

More information

EMMANUEL CE VA MIDDLE SCHOOL. IT Security Standards

EMMANUEL CE VA MIDDLE SCHOOL. IT Security Standards EMMANUEL CE VA MIDDLE SCHOOL IT Security Standards 1. Policy Statement The work of Schools and the County Council is increasingly reliant upon Information & Communication Technology (ICT) and the data

More information

13. Acceptable Use Policy

13. Acceptable Use Policy To view the complete Information and Security Policies and Procedures, log into the Intranet through the IRSC.edu website. Click on the Institutional Technology (IT) Department link, then the Information

More information

Document Type Doc ID Status Version Page/Pages. Policy LDMS_001_00161706 Effective 2.0 1 of 7 Title: Corporate Information Technology Usage Policy

Document Type Doc ID Status Version Page/Pages. Policy LDMS_001_00161706 Effective 2.0 1 of 7 Title: Corporate Information Technology Usage Policy Policy LDMS_001_00161706 Effective 2.0 1 of 7 AstraZeneca Owner Smoley, David Authors Buckwalter, Peter (MedImmune) Approvals Approval Reason Approver Date Reviewer Approval Buckwalter, Peter (MedImmune)

More information

MISSISSIPPI DEPARTMENT OF HEALTH COMPUTER NETWORK AND INTERNET ACCESS POLICY

MISSISSIPPI DEPARTMENT OF HEALTH COMPUTER NETWORK AND INTERNET ACCESS POLICY MEMORANDUM TO: FROM: RE: Employee Human Resources MISSISSIPPI DEPARTMENT OF HEALTH COMPUTER NETWORK AND INTERNET ACCESS POLICY Please find attached the above referenced policy that is being issued to each

More information

Acceptable Use of ICT Policy For Staff

Acceptable Use of ICT Policy For Staff Policy Document Acceptable Use of ICT Policy For Staff Acceptable Use of ICT Policy For Staff Policy Implementation Date Review Date and Frequency January 2012 Every two Years Rev 1: 26 January 2014 Policy

More information

PHI- Protected Health Information

PHI- Protected Health Information HIPAA Policy 2014 The Health Insurance Portability and Accountability Act is a federal law that protects the privacy and security of patients health information and grants certain rights to patients. Clarkson

More information

PRAIRIE SPIRIT SCHOOL DIVISION NO. 206, BOX 809, 121 KLASSEN STREET EAST, WARMAN, SK S0K 4S0 -- PHONE: (306) 683-2800

PRAIRIE SPIRIT SCHOOL DIVISION NO. 206, BOX 809, 121 KLASSEN STREET EAST, WARMAN, SK S0K 4S0 -- PHONE: (306) 683-2800 PRAIRIE SPIRIT SCHOOL DIVISION NO. 206, BOX 809, 121 KLASSEN STREET EAST, WARMAN, SK S0K 4S0 -- PHONE: (306) 683-2800 ADMINISTRATIVE POLICY NO. 511 IMPLEMENTATION JANUARY 2014 EMPLOYEE ACCEPTABLE USE POLICY

More information

Information Security

Information Security Information Security A staff guide to the University's Information Systems Security Policy Issued by the IT Security Group on behalf of the University. Information Systems Security Guidelines for Staff

More information

8.03 Health Insurance Portability and Accountability Act (HIPAA)

8.03 Health Insurance Portability and Accountability Act (HIPAA) Human Resource/Miscellaneous Page 1 of 5 8.03 Health Insurance Portability and Accountability Act (HIPAA) Policy: It is the policy of Licking/Knox Goodwill Industries, Inc., to maintain the privacy of

More information

The Springfield Office of Housing has designated an HMIS Security Officer whose duties include:

The Springfield Office of Housing has designated an HMIS Security Officer whose duties include: Hampden County HMIS Springfield Office of Housing SECURITY PLAN Security Officers The Springfield Office of Housing has designated an HMIS Security Officer whose duties include: Review of the Security

More information

Acceptable Use Policy

Acceptable Use Policy Acceptable Use Policy I. Introduction Each employee, student or non-student user of Greenville County Schools (GCS) information system is expected to be familiar with and follow the expectations and requirements

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

POLICY NO. 3.14 September 8, 2015 TITLE: INTERNET AND EMAIL USE POLICY

POLICY NO. 3.14 September 8, 2015 TITLE: INTERNET AND EMAIL USE POLICY POLICY NO. 3.14 September 8, 2015 TITLE: INTERNET AND EMAIL USE POLICY POLICY STATEMENT: Many of our employees have access to the internet as well as email capabilities. The County recognizes that these

More information

Identity Theft Prevention Program Compliance Model

Identity Theft Prevention Program Compliance Model September 29, 2008 State Rural Water Association Identity Theft Prevention Program Compliance Model Contact your State Rural Water Association www.nrwa.org Ed Thomas, Senior Environmental Engineer All

More information

Delaware State University Policy

Delaware State University Policy Delaware State University Policy Title: Delaware State University Acceptable Use Policy Board approval date: TBD Related Policies and Procedures: Delaware State University Acceptable Use Policy A Message

More information

Appendix H: End User Rules of Behavior

Appendix H: End User Rules of Behavior Appendix H: End User Rules of Behavior 1. Introduction The Office of Management and Budget (OMB) has established the requirement for formally documented Rules of Behavior as set forth in OMB Circular A-130.

More information

Franciscan University of Steubenville Information Security Policy

Franciscan University of Steubenville Information Security Policy Franciscan University of Steubenville Information Security Policy Scope This policy is intended for use by all personnel, contractors, and third parties assisting in the direct implementation, support,

More information

Town of Essex Comprehensive Public Records and Technology Policy

Town of Essex Comprehensive Public Records and Technology Policy Town of Essex Comprehensive Public Records and Technology Policy Introduction: Public records and the use of technology are inextricably linked in our modern age. As such, this policy covers both topics,

More information

Policy # Related Policies: Computer, Electronic Communications, and Internet Usage Policy

Policy # Related Policies: Computer, Electronic Communications, and Internet Usage Policy Policy # Related Policies: Computer, Electronic Communications, and Internet Usage Policy This policy is for internal use only and does not enlarge an employee s civil liability in any way. The policy

More information

TONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & EMAIL POLICY AND CODE

TONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & EMAIL POLICY AND CODE GENERAL STATEMENT TONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & EMAIL POLICY AND CODE 1.1 The Council recognises the increasing importance of the Internet and email, offering opportunities for improving

More information

Medford Public Schools Medford, Massachusetts. Software Policy Approved by School Committee

Medford Public Schools Medford, Massachusetts. Software Policy Approved by School Committee Software Policy Approved by School Committee General Statement of Policy The Medford Public Schools licenses the use of computer software from a variety of third parties. Such software is normally copyrighted

More information

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING

COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING INFORMATION TECHNOLOGY STANDARD Name Of Standard: Mobile Device Standard Domain: Security Date Issued: 09/07/2012 Date Revised:

More information

COMPUTER USE POLICY. 1.0 Purpose and Summary

COMPUTER USE POLICY. 1.0 Purpose and Summary COMPUTER USE POLICY 1.0 Purpose and Summary 1. This document provides guidelines for appropriate use of the wide variety of computing and network resources at Methodist University. It is not an all-inclusive

More information

Information Technology Acceptable Use Policies and Procedures

Information Technology Acceptable Use Policies and Procedures Information Technology Acceptable Use Policies and Procedures The following Information Technology Acceptable Use Policies and Procedures are to be followed by ALL employees, contractors, vendors, and

More information

NETWORK AND INTERNET SECURITY POLICY STATEMENT

NETWORK AND INTERNET SECURITY POLICY STATEMENT TADCASTER GRAMMAR SCHOOL Toulston, Tadcaster, North Yorkshire. LS24 9NB NETWORK AND INTERNET SECURITY POLICY STATEMENT Written by Steve South November 2003 Discussed with ICT Strategy Group January 2004

More information

The Internet and e-mail 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3

The Internet and e-mail 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3 Table of Contents 1 Acceptable use 1 Violations 1 Administration 1 Director and Supervisor Responsibilities 1 MIS Director Responsibilities 1 The Internet and e-mail 2 Acceptable use 2 Unacceptable use

More information

BERKELEY COLLEGE DATA SECURITY POLICY

BERKELEY COLLEGE DATA SECURITY POLICY BERKELEY COLLEGE DATA SECURITY POLICY BERKELEY COLLEGE DATA SECURITY POLICY TABLE OF CONTENTS Chapter Title Page 1 Introduction 1 2 Definitions 2 3 General Roles and Responsibilities 4 4 Sensitive Data

More information

Chicago State University Computer Usage Policy

Chicago State University Computer Usage Policy Chicago State University Computer Usage Policy Introduction This document provides guidelines for appropriate use by students, faculty and staff of computers, and other technological facilities and services

More information

Please note this policy is mandatory and staff are required to adhere to the content

Please note this policy is mandatory and staff are required to adhere to the content Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the

More information

CHAPTER OSCEOLA COUNTY IDENTITY THEFT PREVENTION PROGRAM

CHAPTER OSCEOLA COUNTY IDENTITY THEFT PREVENTION PROGRAM INTRODUCTION CHAPTER OSCEOLA COUNTY IDENTITY THEFT PREVENTION PROGRAM The Osceola County Board of County Commissioners is committed to protecting consumers who do business with Osceola County, and as such

More information

Responsible Use of Technology and Information Resources

Responsible Use of Technology and Information Resources Responsible Use of Technology and Information Resources Introduction: The policies and guidelines outlined in this document apply to the entire Wagner College community: students, faculty, staff, alumni

More information

CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy

CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy CREATIVE SOLUTIONS IN HEALTHCARE, INC. Privacy Policy Amended as of February 12, 2010 on the authority of the HIPAA Privacy Officer for Creative Solutions in Healthcare, Inc. TABLE OF CONTENTS ARTICLE

More information

Caldwell Community College and Technical Institute

Caldwell Community College and Technical Institute Caldwell Community College and Technical Institute Employee Computer Usage Policies and Procedures I. PURPOSE: The purpose of this section is to define the policies and procedures for using the administrative

More information

HIPAA Security COMPLIANCE Checklist For Employers

HIPAA Security COMPLIANCE Checklist For Employers Compliance HIPAA Security COMPLIANCE Checklist For Employers All of the following steps must be completed by April 20, 2006 (April 14, 2005 for Large Health Plans) Broadly speaking, there are three major

More information

Acceptable Use Policy

Acceptable Use Policy Sell your Products Online and Web by Numbers are brands of Web by Numbers Ltd (hereinafter referred to as Web by Numbers ) Acceptable Use Policy Web by Numbers has created this Acceptable Use Policy (AUP)

More information

Hamilton College Administrative Information Systems Security Policy and Procedures. Approved by the IT Committee (December 2004)

Hamilton College Administrative Information Systems Security Policy and Procedures. Approved by the IT Committee (December 2004) Hamilton College Administrative Information Systems Security Policy and Procedures Approved by the IT Committee (December 2004) Table of Contents Summary... 3 Overview... 4 Definition of Administrative

More information

LSE PCI-DSS Cardholder Data Environments Information Security Policy

LSE PCI-DSS Cardholder Data Environments Information Security Policy LSE PCI-DSS Cardholder Data Environments Information Security Policy Written By: Jethro Perkins, Information Security Manager Reviewed By: Ali Lindsley, PCI-DSS Project Manager Endorsed By: PCI DSS project

More information

Newcastle University Information Security Procedures Version 3

Newcastle University Information Security Procedures Version 3 Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations

More information

ORANGE REGIONAL MEDICAL CENTER Hospital Wide Policy/Procedure

ORANGE REGIONAL MEDICAL CENTER Hospital Wide Policy/Procedure ORANGE REGIONAL MEDICAL CENTER Hospital Wide Policy/Procedure MANUAL: Hospital Wide SECTION: Information Technology SUBJECT: Acceptable Use of Information Systems Policy IMPLEMENTATION: 01/2011 CONCURRENCE:

More information

Statement of Policy. Reason for Policy

Statement of Policy. Reason for Policy Table of Contents Statement of Policy 2 Reason for Policy 2 HIPAA Liaison 2 Individuals and Entities Affected by Policy 2 Who Should Know Policy 3 Exclusions 3 Website Address for Policy 3 Definitions

More information

Subject: Computers & Electronic Records. Responsible Party: Part C Coordinator

Subject: Computers & Electronic Records. Responsible Party: Part C Coordinator POLICIES AND PROCEDURES NEW JERSEY EARLY INTERVENTION SYSTEM No: NJEIS-17 Subject: Computers & Electronic Records Effective Date: May 1, 2011 Responsible Party: Part C Coordinator I. Purpose To protect

More information

a) Access any information composed, created, received, downloaded, retrieved, stored, or sent using department computers.

a) Access any information composed, created, received, downloaded, retrieved, stored, or sent using department computers. CAYUGA COUNTY POLICY MANUAL Section 11 Subject: Electronic messaging and internet 1 Effective Date: 5/25/10; Res. 255-10 Supersedes Policy of: November 28, 2000 Name of Policy: County Computer Hardware-Software

More information

Administrators Guide Multi User Systems. Calendar Year

Administrators Guide Multi User Systems. Calendar Year Calendar Year 2012 Enter Facility Name Here HIPAA Security Compliance Workbook For Core Measure 15 of Meaningful Use Requirements Annual Risk Analysis Administrators Guide Multi User Systems 1 HIPPA Compliance

More information

Data Security John Hopkins Core Operations Manager Melanie Williams, Ph.D. Branch Manager Texas Cancer Registry April 17, 2009

Data Security John Hopkins Core Operations Manager Melanie Williams, Ph.D. Branch Manager Texas Cancer Registry April 17, 2009 Data Security John Hopkins Core Operations Manager. Melanie Williams, Ph.D. Branch Manager Texas Cancer Registry April 17, 2009 Background TCR receives approximately 200,000 reports from over 500 reporters

More information

HIPAA Security Training Manual

HIPAA Security Training Manual HIPAA Security Training Manual The final HIPAA Security Rule for Montrose Memorial Hospital went into effect in February 2005. The Security Rule includes 3 categories of compliance; Administrative Safeguards,

More information

HIPAA Information Security Overview

HIPAA Information Security Overview HIPAA Information Security Overview Security Overview HIPAA Security Regulations establish safeguards for protected health information (PHI) in electronic format. The security rules apply to PHI that is

More information

Hardware and Software

Hardware and Software Hardware and Software Purpose Bellevue School District (BSD) provides and requires faculty, staff and students to use data processing equipment and peripherals. BSD maintains multiple computer systems

More information

HIPAA Security. assistance with implementation of the. security standards. This series aims to

HIPAA Security. assistance with implementation of the. security standards. This series aims to HIPAA Security SERIES Security Topics 1. Security 101 for Covered Entities 2. Security Standards - Administrative Safeguards 3. Security Standards - Physical Safeguards 4. Security Standards - Technical

More information

MEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT

MEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT MEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT TO: John Phillips, City Manager Number: 04-020 SUBJECT: Computer Network, Internet and E-Mail Access Policy Date: 9/903 Attached is copy of the Information

More information

FDOH Information and Privacy Awareness Training Learner Course Guide

FDOH Information and Privacy Awareness Training Learner Course Guide Florida Department of Health FDOH Information and Privacy Awareness Training Learner Course Guide To protect, promote & improve the health of all people in Florida through integrated state, county, & community

More information

Peace Corps Office of the OCIO Information and Information Technology Governance and Compliance Rules of Behavior for General Users

Peace Corps Office of the OCIO Information and Information Technology Governance and Compliance Rules of Behavior for General Users Table of Contents... 1 A. Accountability... 1 B. System Use Notification (Login Banner)... 1 C. Non-... 1 D. System Access... 2 E. User IDs... 2 F. Passwords... 2 G. Electronic Information... 3 H. Agency

More information

(g) Non-secure Website Areas means all areas of the ArteeGroup Websites other than the Secure Website Areas;

(g) Non-secure Website Areas means all areas of the ArteeGroup Websites other than the Secure Website Areas; 1. General Welcome to the Arteegroup.com website (ArteeGroup) operated by Artee Industries Limited (carrying on business under the name and style of SPAR/PARK N SHOP and the Notice on this Website sets

More information

VICTOR VALLEY COMMUNITY COLLEGE DISTRICT ADMINISTRATIVE PROCEDURE. Computer Use - Computer and Electronic Communication Systems.

VICTOR VALLEY COMMUNITY COLLEGE DISTRICT ADMINISTRATIVE PROCEDURE. Computer Use - Computer and Electronic Communication Systems. VICTOR VALLEY COMMUNITY COLLEGE DISTRICT ADMINISTRATIVE PROCEDURE GENERAL INSTITUTION Chapter 3 Computer Use - Computer and Electronic Communication Systems AP 3720(a) Contents 1.0 Introduction...1 2.0

More information

Web Hosting from. The WATER Foundation 9121 County Road 23 Brainerd, MN 56401 Toll Free: 800-944-3764 (p) 218.764.2321 (f) 218.764.

Web Hosting from. The WATER Foundation 9121 County Road 23 Brainerd, MN 56401 Toll Free: 800-944-3764 (p) 218.764.2321 (f) 218.764. Web Hosting from The WATER Foundation 9121 County Road 23 Brainerd, MN 56401 Toll Free: 800-944-3764 (p) 218.764.2321 (f) 218.764.3582 Does your message need to be heard? Need a web site? Let The WATER

More information

Virginia Commonwealth University School of Medicine Information Security Standard

Virginia Commonwealth University School of Medicine Information Security Standard Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Data Handling and Storage Standard This standard is applicable to all VCU School of Medicine personnel. Approval

More information

APPROVED BY: Signatures on File Chief Information Officer APPROVED BY: Chief Financial Officer PURPOSE

APPROVED BY: Signatures on File Chief Information Officer APPROVED BY: Chief Financial Officer PURPOSE TITLE: COMPUTER USE POLICY PAGE 1 OF 5 EFFECTIVE DATE: 07/2001 REVIEW DATES: 02/2003, 09/2006 REVISION DATES: 03/2005, 03/2008 DISTRIBUTION: All Departments PURPOSE APPROVED BY: Signatures on File Chief

More information

Appropriate Use of Campus Computing and Network Resources

Appropriate Use of Campus Computing and Network Resources The Claremont Colleges Policy Regarding Appropriate Use of Campus Computing and Network Resources Approved by the Council of The Claremont Colleges on 08/20/04 An overall guiding mission of The Claremont

More information

SUPREME COURT OF COLORADO OFFICE OF THE CHIEF JUSTICE

SUPREME COURT OF COLORADO OFFICE OF THE CHIEF JUSTICE SUPREME COURT OF COLORADO OFFICE OF THE CHIEF JUSTICE Directive Concerning the Colorado Judicial Department Electronic Communications Usage Policy: Technical, Security, And System Management Concerns This

More information

BRIGHAM AND WOMEN S HOSPITAL

BRIGHAM AND WOMEN S HOSPITAL BRIGHAM AND WOMEN S HOSPITAL HUMAN RESOURCES POLICIES AND PROCEDURES SUBJECT: SOCIAL MEDIA, ELECTRONIC COMMUNICATION and ACCEPTABLE USE POLICY #: HR-503 EFFECTIVE DATE: January 1, 2008 POLICY This policy

More information

EMPLOYEE COMPUTER NETWORK AND INTERNET ACCEPTABLE USAGE POLICY

EMPLOYEE COMPUTER NETWORK AND INTERNET ACCEPTABLE USAGE POLICY EMPLOYEE COMPUTER NETWORK AND INTERNET ACCEPTABLE USAGE POLICY This is a statement of The New York Institute for Special Education s (NYISE s) policy related to employees Computer Network and Internet

More information

INTERNET AND COMPUTER ACCEPTABLE USE POLICY (AUP)

INTERNET AND COMPUTER ACCEPTABLE USE POLICY (AUP) 4510.2 INTERNET AND COMPUTER ACCEPTABLE USE POLICY (AUP) The Board of Education is committed to the optimization of student learning and teaching. The Board considers computers to be a valuable tool for

More information

Pierce County Policy on Computer Use and Information Systems

Pierce County Policy on Computer Use and Information Systems Pierce County Policy on Computer Use and Information Systems Pierce County provides a variety of information technology resources such as computers, software, printers, scanners, copiers, electronic mail

More information

Wellesley College Written Information Security Program

Wellesley College Written Information Security Program Wellesley College Written Information Security Program Introduction and Purpose Wellesley College developed this Written Information Security Program (the Program ) to protect Personal Information, as

More information

Internet usage Policy

Internet usage Policy Internet usage Policy Free Use Disclaimer: This policy was created by or for the SANS Institute for the Internet community. All or parts of this policy can be freely used for your organization. There is

More information

All Users of DCRI Computing Equipment and Network Resources

All Users of DCRI Computing Equipment and Network Resources July 21, 2015 MEMORANDUM To: From Subject: All Users of DCRI Computing Equipment and Network Resources Eric Peterson, MD, MPH, Director, DCRI Secure System Usage The purpose of this memorandum is to inform

More information

Please read these Terms and Conditions of Use carefully. They govern the provision and use of the MyPAYE Online Payroll service and website.

Please read these Terms and Conditions of Use carefully. They govern the provision and use of the MyPAYE Online Payroll service and website. Terms and Conditions of Use Your online payroll is run via for MyPAYE Online Payroll Service Please read these Terms and Conditions of Use carefully. They govern the provision and use of the MyPAYE Online

More information

PINAL COUNTY POLICY AND PROCEDURE 2.50 ELECTRONIC MAIL AND SCHEDULING SYSTEM

PINAL COUNTY POLICY AND PROCEDURE 2.50 ELECTRONIC MAIL AND SCHEDULING SYSTEM PINAL COUNTY POLICY AND PROCEDURE 2.50 Subject: ELECTRONIC MAIL AND SCHEDULING SYSTEM Date: November 18, 2009 Pages: 1 of 5 Replaces Policy Dated: April 10, 2007 PURPOSE: The purpose of this policy is

More information

E-mail Usage Policy of GCRI

E-mail Usage Policy of GCRI E-mail Usage Policy of GCRI AIM : Email Account Management and Best Practices for Effective E-mail Usage and to promote awareness of the benefits of a paperless communication system VER : Version 1.0 Date

More information

Office of the President University Policy

Office of the President University Policy Office of the President University Policy SUBJECT: IDENTITY THEFT PREVENTION PROGRAM Effective Date: 6-17-09 Policy Number: 5.6 Supersedes: Page Of New 1 7 Responsible Authority: Senior Vice President,

More information

Valdosta State University. Information Resources Acceptable Use Policy

Valdosta State University. Information Resources Acceptable Use Policy Valdosta State University Information Resources Acceptable Use Policy Date: December 10, 2010 1. OVERVIEW... 3 2. SCOPE... 3 3. DESIGNATION OF REPRESENTATIVES... 3 3.1 UNIVERSITY PRESIDENT... 3 3.2 VICE

More information

ALTA OFFICE SECURITY AND PRIVACY GUIDELINES ALTA

ALTA OFFICE SECURITY AND PRIVACY GUIDELINES ALTA ALTA OFFICE SECURITY AND PRIVACY GUIDELINES ALTA PURPOSE PURPOSE This document provides guidance to offices about protecting sensitive customer and company information. The protection of Non-public Personal

More information

SOUTHERN SLOPES COUNTY COUNCIL COMPUTER & INFORMATION TECHNOLOGY USE POLICY

SOUTHERN SLOPES COUNTY COUNCIL COMPUTER & INFORMATION TECHNOLOGY USE POLICY SOUTHERN SLOPES COUNTY COUNCIL COMPUTER & INFORMATION TECHNOLOGY USE POLICY OBJECTIVE To provide users with guidelines for the use of information technology resources provided by Council. SCOPE This policy

More information

UNIVERSITY OF ROCHESTER INFORMATION TECHNOLOGY POLICY

UNIVERSITY OF ROCHESTER INFORMATION TECHNOLOGY POLICY PURPOSE The University of Rochester recognizes the vital role information technology plays in the University s missions and related administrative activities as well as the importance in an academic environment

More information

Acceptable Use of Information Technology

Acceptable Use of Information Technology Acceptable Use of Information Technology No.: 3501 Category: Information Technology Services Approving Body: Leadership Team Executive Division: Learning and Technology Services Department Responsible:

More information

Boston Public Schools. Guidelines for Implementation of Acceptable Use Policy for Digital Information, Communication, and. Technology Resources

Boston Public Schools. Guidelines for Implementation of Acceptable Use Policy for Digital Information, Communication, and. Technology Resources Boston Public Schools Guidelines for Implementation of Acceptable Use Policy for Digital Information, Communication, and Scope of Policy Technology Resources ACCEPTABLE USE POLICY AND GUIDELINES Boston

More information

Client Advisory October 2009. Data Security Law MGL Chapter 93H and 201 CMR 17.00

Client Advisory October 2009. Data Security Law MGL Chapter 93H and 201 CMR 17.00 Client Advisory October 2009 Data Security Law MGL Chapter 93H and 201 CMR 17.00 For a discussion of these and other issues, please visit the update on our website at /law. To receive mailings via email,

More information