How to Monitor Employee Web Browsing and Legally
|
|
- Kerry Richards
- 8 years ago
- Views:
Transcription
1 WHITEPAPER: HOW TO MONITOR EMPLOYEE WEB BROWSING AND LEGALLY How to Monitor Employee Web Browsing and Legally ABSTRACT The Internet and are indispensable resources in today s business world. However, they do carry risks, and many companies now recognise a need to monitor how their staff are using these tools. But what are the laws around this for employers, and how is it to best implement these kinds of practices? This white paper provides an overview of some of the issues around monitoring employee Web browsing and use of . PAGE 1
2 INTRODUCTION The Internet and are indispensable resources in today s business world. However, they do carry risks, and many companies now recognise a need to monitor how their staff are using these tools. But what are the laws around this for employers, and how is it to best implement these kinds of practices? This white paper provides an overview of some of the issues around monitoring employee Web browsing and use of . Please note that this white paper is for indicative purposes only and does not constitute legal advice. You should seek legal advice before acting on any of the information contained in this white paper. MONITORING: WHAT IS IT AND WHY DO IT? With and Web access now crucial for any business, how does an employer ensure that employees use of these resources is in line with the organisation s usage policy? Employers will often want to introduce policies and procedures to monitor employees Internet and use to ensure that these activities comply with its usage policy. For example, policies and monitoring procedures could be implemented to check the amount and quality of work being done by employees. The law does not provide a definition of monitoring. However, the Employment Practices Code provides this definition: activities that set out to collect information about workers by keeping them under some form of observation, normally with a view to checking their performance or conduct. This could be done either directly, indirectly, perhaps by examining their work output, or by electronic means. Therefore, there is an array of activities which would constitute monitoring. Monitoring can be systematic, whereby all employees or a specific group of employees are monitored as a matter of routine. It can also be occasional, where an employer undertakes short term monitoring in response to a particular problem or need. There are a range of activities that could be classed as monitoring, e.g.: examining logs of Websites visited to check that individual workers are not viewing or downloading pornographic or other inappropriate content; randomly opening up individual workers s or listening to their voic s to look for evidence of malpractice; using automated filtering software to collect information about workers, for example to find out whether particular workers are sending or receiving inappropriate s. SO WHY MONITOR? There are many benefits that employers can gain by monitoring employee Internet and use. Monitoring allows employers to ensure that employees are not wasting time at work by surfing Websites unrelated to work, or sending and receiving excessive personal s. Monitoring also provides a means to detect misconduct. An employee may also incur legal liability for the employer where use of the Internet and is inappropriate to the business. This could include viewing discriminatory or inappropriate material, sending harassing s or even misusing confidential information over the Internet or via . PAGE 2
3 An employer will generally be liable for the acts of employees during the course of employment. This is through the concept of vicarious liability, a legal principle that imputes liability on employers for wrongful acts of their employees, if committed in the course of employment or even if sufficiently connected with employment. The scope of vicarious liability has been proven to be very wide, and potentially any act connected to employment will attract liability for the employer. This could include actions on the Internet, sending or receiving s and using any IT infrastructure or services that you allow your employees to use for work purposes, even when employees use them in an unauthorized way. For more information on the legal risks associated with employee Web access and use, visit Monitoring Internet traffic and can also have network management benefits as an organization can plan and manage their network capacity needs. MONITORING AND THE LAW There are four main pieces of legislation that employers need to be aware of and comply with before introducing a monitoring policy. These are: Regulation of Investigatory Powers Act 2000 (RIPA) Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 The Data Protection Act 1998 The Human Rights Act 1998 Regulation of Investigatory Powers Act 2000 (RIPA) The Regulation of Investigatory Powers Act 2000 concerns the interception of communications sent and received on both private and public telecommunications systems. This includes s, telephone calls and Internet use. If a person intercepts a communication being sent or received on a private or public telecommunications system, without the consent of sender and intended recipient, he is likely to be committing a criminal offence. However, an employer can legally intercept communications without the consent of sender and recipient if it is for a purpose set out in the Lawful Business Practice regulation. Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 (LBP regulations) The lawful purposes provided by the regulations allow employers to monitor and record communications as long as they have made all reasonable efforts to inform every person using the telecommunications systems that communications will be monitored and it is for one or more of the specified purposes. Specified purposes are: 1. to establish the existence of facts; 2. to ascertain compliance with applicable regulatory or self-regulatory practices or procedures; 3. to ascertain or demonstrate effective system operation technically and by users; 4. national security/crime prevention or detection; 5. confidential counselling/support services; 6. investigating or detecting unauthorised use of the system; or 7. monitoring communications for the purpose of determining whether they are communications relevant to the business. PAGE 3
4 These purposes allow most monitoring provided it is business related. Nevertheless, this does not legitimise deliberate interception of personal communications. It does, however, permit the interception of personal communications in the course of establishing whether it is a business-related communication. Consent would be required if personal communications where to be intercepted for any other purpose. Data Protection Act 1998 Information gathered and recorded in the course of monitoring employees is likely to be covered by Data Protection legislation. The Data Protection Act (DPA) applies when it is possible to identify a living person from data, either on its own or in connection with other data. The data protection rules apply to computerised and physical copies of data. Data protection controls how such information can be collected, handled and used. It gives the data subject (the person whose data is collected, handled and used) rights such as access to the information and a right to a remedy should something go wrong. Personal Data must be: 1. processed fairly and lawfully; 2. processed for specified and compatible purposes; 3. adequate, relevant and not excessive; 4. accurate; 5. not kept for longer than necessary; 6. processed in accordance with certain rights; 7. kept secure; and 8. not transferred outside the EEA other than as authorised by the DPA. At the heart of data protection principles is fairness, and this means being open about the nature, extent and reasons for monitoring. Human Rights Act 1998 Employers should be aware of the Human Rights Act, and in particular Article 8 of this act which creates a right to respect of private and family life. However, this right must be balanced with the rights of others and in the interest of public safety and crime prevention. Interference with Article 8 may also be permissible in accordance with the law as found in RIPA and Lawful Business Practices regulations.. Therefore, in the workplace employees may have an expectation that their personal communications will remain private. To overcome this, steps should be taken to inform all employees that communications, both business and personal, will be monitored. PAGE 4
5 MONITORING LEGALLY: THE KEY STEPS The legislation regarding monitoring can be somewhat complicated to understand, and it is often difficult to ensure that monitoring is being done within the limits of the law. The Information Commissioner s Office (ICO) has drafted guidance for employers on complying with the laws and provides statements of good practice for monitoring employees. The code can be found at and it is recommended that its guidance be followed. The code highlights these three key points: 1. Monitoring is usually intrusive. 2. Workers legitimately expect to keep their personal lives private. 3. Workers are entitled to some privacy in the work environment. The rest of this paper is dedicated to outlining the necessary steps that any employer wishing to monitor employees should take. This is intended to be informative; however, employers should always acquaint themselves fully with the relevant legislation and the employment practices code. Further advice may also be sought from professional advisors. Carry out an impact assessment This is the means by which employers can judge whether a monitoring arrangement is a proportionate response to the problem it seeks to address. Any adverse impact of monitoring on individuals must be justified by the benefits to the employer and others. An impact assessment assists employers in identifying and giving appropriate weight to the other factors they should take into account when considering whether and how to monitor. An impact assessment involves: identifying the purpose behind the monitoring; identifying any likely adverse impact and the degree of intrusiveness involved; considering alternatives to monitoring or alternative ways of carrying it out; taking into account the obligations that arise from monitoring; deciding whether monitoring is justified. This need not be a lengthy or burdensome process, and it is acceptable for this to be a mental evaluation. However, in the case of complaints from employees regarding monitoring, written documentation of the impact assessment carried out can be useful. Decide on your approach to monitoring If the outcome of the Impact Assessment shows monitoring is justified, then the next step is to decide how monitoring will take place. It is advised that a minimalist approach is taken; that is, never monitor more than is needed to meet the aims of monitoring. For example consider: Would it be sufficient for the purposes of monitoring to record traffic as opposed to actual content of s? Could the monitoring be automated? Is it sufficient to record time spent online as opposed to content and sites visited? Could preventative monitoring, such as Web content filtering, be used to block access to certain websites? PAGE 5
6 Once a decision has been made about what and how to monitor, it should be ensured that RIPA and LBP have been complied with. The code sets out ways that employers can ensure that they are following the law. One of the key requirements of the legislation is notifying users that communications may be intercepted and monitored. Establish a communications policy Simply telling employees that they will be monitored is not usually sufficient, in terms of the requirements of RIPA, LBP and DPA. Therefore, this information should be set out in an electronic communications policy. It should detail when information about employees will be obtained, how the information gathered will be used and by whom. It should also outline the purpose for gathering information i.e. to ensure that employees are not sending or receiving excessive personal s or surfing inappropriate Websites. This policy should be communicated to all employees, and employees should be notified of any updates. It is good practice to educate staff on the risks associated with Internet and , along with periodic updates and reminders about the policy. This allows employees to gain a deeper understanding about why monitoring is important, and also what rights and obligations they have in terms of electronic communications within the workplace. The communication policy should include: That the company s communications systems and facilities are to be used by employees for business purposes; State guidelines on the extent of personal use that employees are permitted to make, and state any conditions on this use (e.g. within employee s breaks only); Highlight the company rules and procedure for using and the Internet particularly regarding activity which is illegal, offensive or in any way brings the company into disrepute, and that breach of these rules is in breach of the communications policy; Make clear that the handling (downloading, uploading, storing or distribution) of offensive, discriminatory, obscene or copyrighted content on the company communication system is in breach of the communications policy; Cross reference with existing company policies such as equal opportunity or anti-discrimination policies and with any existing disciplinary procedure. It is important to set out in the policy what personal usage, if any, employees may make of communications systems. However, employers should probably not expect that employees will never make personal communications within the work place - this is not a practical nor reasonable expectation. It is vital that the usage set out in the policy is adhered to in practice and that there is consistent enforcement of the policy. Employees will tend to ignore a written policy if in practice employers turn a blind eye at any breach of policy. There is an obligation to notify third parties that the organization s communications are monitored. This can be achieved by incorporating a notification into your terms of business, in an disclaimer attached to every outgoing or on your organization s website. PAGE 6
7 Link to disciplinary procedures The electronic communications policy should be linked with disciplinary procedures. This will allow an employer to take disciplinary action against employees flouting the communications policy, thereby making the communications policy much more effective. It is vital that when disciplinary action is taken regarding breaches in the communication policy that employees cannot claim ignorance of what the policy prohibits and what is judged to be acceptable use. This can be due to failure to properly circulate the policy to all employees, and if this is the case an organization may not be able to prove that all employees were aware of their rights and obligations under the policy. It can then be difficult to bring disciplinary action. When promulgating the communications policy consider whether it would be appropriate to require documented acceptance by employees. This could be achieved by requiring employees to sign a copy of the policy. CONCLUSION: KEY POINTS Always be open to employees about monitoring- the why, how and when. Acquaint yourself with RIPA, LBP regulations and the Data Protection Act. Adopt and communicate an electronic communications policy. Apply the policy consistently. ABOUT BLOXX Headquartered in the UK with sales offices in Holland, the USA and Australia, Bloxx provides Web and filtering and security for medium and large organizations in both the business and public sectors. Bloxx has achieved unrivalled sales growth year-on-year to become a leading Web filtering provider with an estimated 5 million+ users worldwide. Leading UK investment groups Archangel Investments Ltd and Braveheart Investment Group Plc have invested in Bloxx. For more information, visit To find out more about the significant benefits Bloxx Content Filtering and security products will provide for you and your organization, contact us on +44 (0) , info@bloxx.com, or visit Copyright 2013 Bloxx Ltd. All rights reserved. No part of this document may be reproduced by any means nor translated to any electronic medium without the written consent of Bloxx. Specifications are subject to change without notice. Information contained in this document is believed to be accurate and reliable; however, Bloxx assumes no responsibility for its use. LU For further information please call Bloxx on +44 (0) visit or info@bloxx.com PAGE 7
UNIVERSITY OF ST ANDREWS. EMAIL POLICY November 2005
UNIVERSITY OF ST ANDREWS EMAIL POLICY November 2005 I Introduction 1. Email is an important method of communication for University business, and carries the same weight as paper-based communications. The
More informationEmployee Monitoring Prepared for SurfControl by Hammonds
The Legal Guide to Employee Monitoring Prepared for SurfControl by Hammonds UK Edition T H E L E G A L G U I D E T O E M P L O Y E E M O N I T O R I N G Prepared for SurfControl by 1 Notice: This document
More informationICT Student Usage Policy
ICT Student Usage Policy Document status Document owner Vice Principal Finance and Resources Document author IT Manager Document type Policy Date of document January 2015 Version number 04 Review requirements
More informationAdvice leaflet Internet and e-mail policies
Advice leaflet Internet and e-mail policies Introduction Electronic communications have revolutionised business communications, although the huge increase in use has taken some organisations by surprise.
More informationControlling Employee Electronic Communications. slaughter and may. August 2006
Controlling Employee Electronic Communications slaughter and may August 2006 contents 1. Introduction 2. The Regulation of Investigatory Powers Act 2000 1 2.1 What is interception? 2 2.2 What is lawful
More informationInternet Acceptable Use Policy A council-wide information management policy. Version 1.5 June 2014
Internet Acceptable Use Policy A council-wide information management policy Version 1.5 June 2014 Copyright Notification Copyright London Borough of Islington 20134This document is distributed under the
More informationMonitoring Employee Communications: Data Protection and Privacy Issues
Monitoring Employee Communications: Data Protection and Privacy Issues By Anthony Sakrouge, Kate Minett, Daniel Preiskel and Jose Saras Reprinted from Computer and Telecommunications Law Review Issue 8,
More informationINFORMATION SECURITY POLICY. Contents. Introduction 2. Policy Statement 3. Information Security at RCA 5. Annexes
INFORMATION SECURITY POLICY Ratified by RCA Senate, February 2007 Contents Introduction 2 Policy Statement 3 Information Security at RCA 5 Annexes A. Applicable legislation and interpretation 8 B. Most
More informationMonitoring and Logging Policy. Document Status. Security Classification. Level 1 - PUBLIC. Version 1.0. Approval. Review By June 2012
Monitoring and Logging Policy Document Status Security Classification Version 1.0 Level 1 - PUBLIC Status DRAFT Approval Life 3 Years Review By June 2012 Owner Secure Research Database Analyst Change History
More informationWest Lothian College. E-Mail and Computer Network Responsible Use Policy. September 2011
West Lothian College E-Mail and Computer Network Responsible Use Policy September 2011 Author: Steve Williams Date: September 2011 Agreed: Computer Network & Email Policy September 2011 E-Mail and Computer
More informationThe Legal Guide to Employee Monitoring
Written on behalf of SurfControl >Notice This document serves as a guide for general information only; it should not be considered as legal advice. We make no warranty and accept no liability as to the
More informationCOMPUTER USAGE - EMAIL
BASIC BELIEF This policy relates to the use of staff email at Mater Dei and is designed to provide guidelines for individual staff regarding their use. It encourages users to make responsible choices when
More informationInformation Services. Regulations for the Use of Information Technology (IT) Facilities at the University of Kent
Scope Information Services Regulations for the Use of Information Technology (IT) Facilities at the University of Kent 1. These regulations apply to The Law All students registered at the University, all
More informationThe term Broadway Pet Stores refers we to the owner of the website whose registered office is 6-8 Muswell Hill Broadway, London, N10 3RT.
Website - Terms and Conditions Welcome to our website. If you continue to browse and use this website you are agreeing to comply with and be bound by the following terms and conditions of use, which together
More informationSTFC Monitoring and Interception policy for Information & Communications Technology Systems and Services
STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services Issue 1.0 (Effective 27 June 2012) This document contains a copy of the STFC policy statements outlining
More informationHUMAN RESOURCES POLICIES & PROCEDURES
HUMAN RESOURCES POLICIES & PROCEDURES Policy title Application IT systems and social networking policy All employees and students CONTENTS PAGE Introduction and scope 2 General points 2 Authorisation to
More informationInformation Systems Acceptable Use Policy for Learners
Information Systems Acceptable Use Policy for Learners 1. Introduction 1.1. Morley College is committed to providing learners with easy access to computing and photocopying facilities. However it needs
More informationGENERAL REGULATIONS Appendix 10 : Guide to Legislation Relevant to Computer Use. Approval for this regulation given by :
GENERAL REGULATIONS Appendix 10 : Guide to Legislation Relevant to Computer Use Name of regulation : Purpose of regulation : Approval for this regulation given by : Responsibility for its update : Regulation
More informationTerms & Conditions. In this section you can find: - Website usage terms and conditions 1, 2, 3. - Website disclaimer
1 Terms & Conditions In this section you can find: - Website usage terms and conditions 1, 2, 3 - Website disclaimer -Acceptable internet use policy 1,2,3,4 - Acceptable email use policy 1, 2 - Copyright
More informationUsing Public Computer Services in Somerset Libraries
Using Public Computer Services in Somerset Libraries Somerset Library Service will ensure all staff and users are aware of the computer services provided and the terms and conditions of their use to which
More informationInternet Use Policy and Code of Conduct
Internet Use Policy and Code of Conduct UNIQUE REF NUMBER: AC/IG/023/V1.1 DOCUMENT STATUS: Agreed by Audit Committee 18 July 2013 DATE ISSUED: July 2013 DATE TO BE REVIEWED: July 2014 1 P age AMENDMENT
More informationSt. Peter s C.E. Primary School Farnworth Email, Internet Security and Facsimile Policy
Learn, sparkle & shine St. Peter s C.E. Primary School Farnworth Email, Internet Security and Facsimile Policy Adopted from the LA Policy April 2015 CONTENTS Page No 1. Introduction 1 2. Guiding Principles
More informationConditions of Use. Communications and IT Facilities
Conditions of Use of Communications and IT Facilities For the purposes of these conditions of use, the IT Facilities are [any of the University s IT facilities, including email, the internet and other
More informationThe University of Information Technology Management System
IT Monitoring Code of Practice 1.4 University of Ulster Code of Practice Cover Sheet Document Title IT Monitoring Code of Practice 1.4 Custodian Approving Committee Deputy Director of Finance and Information
More informationAssistant Director of Facilities
Policy Title ID Number Scope Status Reviewed By IT Security Policy P04001 All Users Policy Assistant Director of Facilities Reviewed Date January 2011 Last Reviewed Due for Review January 2013 Impact Assessment
More informationInformation Technology and Communications Policy
Information Technology and Communications Policy No: FIN-IT-POL-001 Version: 03 Issue Date: 10.06.13 Review Date: 10.06.16 Author: Robert Cooper Monitor Changes Approved by: Board of Governors Version
More informationINFORMATION SECURITY POLICY
Information Security Policy INFORMATION SECURITY POLICY Introduction Norwood UK recognises that information and information systems are valuable assets which play a major role in supporting the companies
More informationITU-10002 Computer Network, Internet Access & Email policy ( Network Access Policy )
ITU-10002 Computer Network, Internet Access & Email policy South Norfolk Council IT Unit Documentation www.south-norfolk.gov.uk Page : 2 of 8 Summary This policy informs all users about acceptable use
More informationAcceptable Use of Information Technology Policy
Acceptable Use of Information Technology Policy Date created: January 2006 Updated Review date: April June 2008 Review date: Oct Dec 2009 Introduction VAW provides IT facilities for promoting its charitable
More informationEmail Usage Policy Document Profile Box
Document Profile Box Document Category / Ref QSSD 660 Version: 0004 Ratified by: Governance and Risk Committee Date ratified: 12 th January 2012 Name of originator / author: Name of responsible committee
More informationBroadband Acceptable Use Policy
Broadband Acceptable Use Policy Contents General... 3 Your Responsibilities... 3 Use of Email with particular regards to SPAM... 4 Bulk Email... 5 Denial of Service... 5 Administration of Policy... 6 2
More informationINTERNET ACCEPTABLE USE POLICY
INTERNET ACCEPTABLE USE POLICY 1 Introduction..3 Background..3 Objectives of this Policy...3 Application of this Policy..4 References and Related Legislation and Regulations..4 Policy Statement.4 Methods
More informationInternet Acceptable Use Policy
1. Overview Quincy College provides Internet access to students, faculty, staff, and administration as part of its educational mission. When the Internet is used appropriately, it can provide a wealth
More informationElectronic Communications Guidance for School Staff 2013/2014
Our Lady of Lourdes and St Patrick s Catholic Primary Schools Huddersfield Electronic Communications Guidance for School Staff 2013/2014 Updated September 2013 Contents 1. Introduction 2. Safe and responsible
More informationOnline Research and Investigation
Online Research and Investigation This document is intended to provide guidance to police officers or staff engaged in research and investigation across the internet. This guidance is not a source of law
More informationElectronic Communications and. Guidance note and template policy
Electronic Communications and Internet policy Guidance note and template policy When employing staff it is useful to create a policy which sets out your standards and requirements of your staff when they
More informationInformation Security Policy. Information Security Policy. Working Together. May 2012. Borders College 19/10/12. Uncontrolled Copy
Working Together Information Security Policy Information Security Policy May 2012 Borders College 19/10/12 1 Working Together Information Security Policy 1. Introduction Borders College recognises that
More informationAGENDA ITEM NO 14 RECOMMENDATION FROM STANDARDS COMMITTEE MEETING OF 12 MAY 2009 - "EMAIL POLICY" Executive Director (AK) [J50]
AGENDA ITEM NO 14 RECOMMENDATION FROM STANDARDS COMMITTEE MEETING OF 12 MAY 2009 - "EMAIL POLICY" Committee: Policy and Resources Date: 23 rd June 2009 Author: Executive Director (AK) [J50] 1.0 ISSUE 1.1
More informationSOUTHERN SLOPES COUNTY COUNCIL COMPUTER & INFORMATION TECHNOLOGY USE POLICY
SOUTHERN SLOPES COUNTY COUNCIL COMPUTER & INFORMATION TECHNOLOGY USE POLICY OBJECTIVE To provide users with guidelines for the use of information technology resources provided by Council. SCOPE This policy
More informationAcceptable Use of Information. and Communication Systems Policy
Use of Information Purpose of this document This document describes what is acceptable and what is unacceptable use of the company s systems. It has been prepared to help Intu Properties plc employees,
More informationQuick guide to the employment practices code
Data protection Quick guide to the employment practices code Ideal for the small business Contents 3 Contents Section 1 About this guidance 4 Section 2 What is the Data Protection Act? 5 Section 3 Recruitment
More informationINTERNET, E-MAIL USE AND
INTERNET, E-MAIL AND TELEPHONE USE AND MONITORING POLICY Originated by: Customer Services LJCC: 10 th April 2008 Full Council: June 2008 Implemented: June 2008 1.0 Introduction and Aim 1.1 The aim of this
More informationSURVEILLANCE AND PRIVACY
info sheet 03.12 SURVEILLANCE AND PRIVACY Info Sheet 03.12 March 2012 This Information Sheet applies to Victorian state and local government organisations that are bound by the Information Privacy Act
More informationInformation Governance Framework. June 2015
Information Governance Framework June 2015 Information Security Framework Janice McNay June 2015 1 Company Thirteen Group Lead Manager Janice McNay Date of Final Draft and Version Number June 2015 Review
More information2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy
Version History Author Approved Committee Version Status date Eddie Jefferson 09/15/2009 Full Governing 1.0 Final Version Body Eddie Jefferson 18/08/2012 Full Governing Body 2.0 Emended due to the change
More informationTONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & EMAIL POLICY AND CODE
GENERAL STATEMENT TONBRIDGE & MALLING BOROUGH COUNCIL INTERNET & EMAIL POLICY AND CODE 1.1 The Council recognises the increasing importance of the Internet and email, offering opportunities for improving
More informationAcceptable Use of ICT Policy For Staff
Policy Document Acceptable Use of ICT Policy For Staff Acceptable Use of ICT Policy For Staff Policy Implementation Date Review Date and Frequency January 2012 Every two Years Rev 1: 26 January 2014 Policy
More informationAn overview of UK data protection law
An overview of UK data protection law Our team Vinod Bange Partner +44 (0)20 7300 4600 v.bange@taylorwessing.com Graham Hann Partner +44 (0)20 7300 4839 g.hann@taylorwessing.com Chris Jeffery Partner +44
More informationCaedmon College Whitby
Caedmon College Whitby Data Protection and Information Security Policy College Governance Status This policy was re-issued in June 2014 and was adopted by the Governing Body on 26 June 2014. It will be
More informationINTERNET, EMAIL AND COMPUTER USE POLICY.
INTERNET, EMAIL AND COMPUTER USE POLICY. CONSIDERATIONS Code of Conduct Discipline and termination policy Privacy Policy Sexual Harassment policy Workplace Health & Safety Policy LEGISLATION Copyright
More informationInternet, Social Media and Email Policy
West Lothian Council Internet, Social Media and Email Policy Approved : Council Executive 25 June 2012 INTERNET, SOCIAL MEDIA AND E-MAIL POLICY (Covering all Employees) CONTENTS 1. POLICY STATEMENT...
More informationAcceptable Use Policy
Acceptable Use Policy 1. General Interoute reserves the right to modify the Acceptable Use Policy ( AUP ) from time to time. Changes to this Acceptable Use Policy will be notified to Customer in accordance
More informationHarper Adams University College. Information Security Policy
Harper Adams University College Information Security Policy Introduction The University College recognises that information and information systems are valuable assets which play a major role in supporting
More informationInternet, Social Networking and Telephone Policy
Internet, Social Networking and Telephone Policy Contents 1. Policy Statement... 1 2. Scope... 2 3. Internet / email... 2 4. Social Media / Social Networking... 4 5. Accessing the internet, email or social
More informationComputer Network & Internet Acceptable Usage Policy. Version 2.0
Computer Network & Internet Acceptable Usage Policy Version 2.0 April 2009 Document Version Control Version Date Description 1.0 Sept 2003 Original Version (adopted prior to establishment of BoM) 2.0 March
More informationPS 172 Protective Monitoring Policy
PS 172 Protective Monitoring Policy January 2014 Version 2.0 Statement of legislative compliance This document has been drafted to comply with the general and specific duties in the Equality Act 2010;
More informationtechnical factsheet 176
technical factsheet 176 Data Protection CONTENTS 1. Introduction 1 2. Register with the Information Commissioner s Office 1 3. Period protection rights and duties remain effective 2 4. The data protection
More informationGUIDEILINE FOR MONITORING STAFF COMPUTER USE
GUIDEILINE FOR MONITORING STAFF COMPUTER USE TRUST REF: B41/2007 APPROVED BY: Policy and Guideline Committee VERSION NUMBER: 1 DATE OF APPROVAL: 12 th November 2007 AUTHOR: DIRECTORATE: REVIEW DATE: Gareth
More informationCity of Venice Information Technology Usage Policy
City of Venice Information Technology Usage Policy The City of Venice considers information technology (IT) resources to be city resources. It shall be the policy of the city to maintain these resources
More informationMedina County Policy Manual
Medina County Policy Manual Policy: Computer & Network Usage Section: Work Rules Number: 7.015 Issued: 09/17/07 Reviewed/Revised: Page #: 1 of 5 A. It is the intent of Medina County to provide local, network,
More informationData Protection Policy
Data Protection Policy CONTENTS Introduction...2 1. Statement of Intent...2 2. Fair Processing or Privacy Statement...3 3. Data Uses and Processes...4 4. Data Quality and Integrity...4 5. Technical and
More informationEMPLOYEE COMPUTER USE POLICY
EMPLOYEE COMPUTER USE POLICY SECTION ONE PURPOSE A. To better serve our students and provide our teachers and other employees with the best tools to do their jobs, Navigator Pointe Academy makes available
More informationPolicy No: 2-B8. Originally Released: 2001. Date for Review: 2016
Topic: Information and Communication Technology use by Students Policy No: 2-B8 Policy Area: Standing Committee: Education Religious Education and Curriculum Committee Originally Released: 2001 Date for
More information3. Electronic Mail (E-mail)
- Title of Agency - Internet Acceptable Use Policy The Following Internet Acceptable Use Policy Applies to the (AGENCY NAME) Staff 1. Introduction The (AGENCY NAME) provides its staff and (other entity(s)
More informationInformation Security and Electronic Communications Acceptable Use Policy (AUP)
Policy No.: AUP v2.0 Effective Date: August 16, 2004 Revision Date: January 17, 2013 Revision No.: 1 Approval jwv / mkb Information Security and Electronic Communications (AUP) 1. INTRODUCTION Southwestern
More informationDATA AND PAYMENT SECURITY PART 1
STAR has teamed up with Prevention of Fraud in Travel (PROFiT) and the Fraud Intelligence Network (FIN) to offer our members the best advice about fraud prevention. We recognise the increasing threat of
More informationVirginia Commonwealth University Police Department
Virginia Commonwealth University Police Department NUMBER SECTION CHIEF OF POLICE EFFECTIVE REVIEW DATE 2 9 1/2013 2/2013 SUBJECT SOCIAL MEDIA GENERAL The department endorses the secure use of social media
More informationData Protection Policy
Data Protection Policy Version: 1.0 Date: October 2013 Table of Contents 1 Introduction The need for a Data Protection Policy... 3 2 Scope... 3 3 Principles... 3 4 Staff Roles & Responsibilities... 4 5
More informationOFFICE OF THE POLICE & CRIME COMMISSIONER IT, Communications, Internet and Social Media Policy
SECTION OFFICE OF THE POLICE & CRIME COMMISSIONER IT, Communications, Internet and Social Media Policy 1 Purpose 1 2 Principles 1 3 Telephone Use 2 4 Postal Mail 2 5 Email Use 3 6 Internet Use 3 7 Social
More informationLegal Risks Associated With Email and Internet Use and Abuse by Employees
February 2004 Legal Risks Associated With Email and Internet Use and Abuse by Employees The potential for abuse of email and Internet facilities provided at the workplace is virtually limitless and could
More informationDundalk Institute of Technology. Acceptable Usage Policy. Version 1.0.1
Dundalk Institute of Technology Acceptable Usage Policy Version 1.0.1 1 Document Location..\DkIT_Policy_Documents\Policies Revision History Date of this revision: Date of next review: Version Revision
More informationE-Gap Terms and Conditions of Use
E-Gap Terms and Conditions of Use User Terms and Conditions The following paragraphs specify the basis on which you may use the e-gap System and provides information on how we will handle your data. This
More informationABERYSTWYTH UNIVERSITY POLICY
ABERYSTWYTH UNIVERSITY POLICY Policy on Mobile phones issued by Information Services Approving Body: University Executive Group, Information Services Senior Management Group Responsibilities: Director
More informationMerthyr Tydfil County Borough Council. Data Protection Policy
Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the
More informationAcceptable Use of Information and Communication Systems Policy
Use of Information and Communication Systems Policy Purpose of this document This document describes what is acceptable and what is unacceptable use of the company s systems. It has been prepared to help
More informationTHE PERSONAL USE OF INTERNET, E-MAIL AND TELEPHONES
THE PERSONAL USE OF INTERNET, E-MAIL AND TELEPHONES In summary the telephone, fax, E-mail and Internet should NOT be used: For personal gain or profit. To represent yourself as someone else. To send, post,
More informationMEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT
MEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT TO: John Phillips, City Manager Number: 04-020 SUBJECT: Computer Network, Internet and E-Mail Access Policy Date: 9/903 Attached is copy of the Information
More informationMedford Public Schools Medford, Massachusetts. Software Policy Approved by School Committee
Software Policy Approved by School Committee General Statement of Policy The Medford Public Schools licenses the use of computer software from a variety of third parties. Such software is normally copyrighted
More informationICT POLICY AND PROCEDURE
ICT POLICY AND PROCEDURE POLICY STATEMENT St Michael s College regards the integrity of its computer resources, including hardware, databases and software, as central to the needs and success of our day-to-day
More informationDene Community School of Technology Staff Acceptable Use Policy
Policy Overview Dene Community School of Technology The school provides computers for use by staff as an important tool for teaching, learning, and administration of the school. Use of school computers,
More informationElectronic Messaging Policy. 1. Document Status. Security Classification. Level 4 - PUBLIC. Version 1.0. Approval. Review By June 2012
Electronic Messaging Policy 1. Document Status Security Classification Level 4 - PUBLIC Version 1.0 Status DRAFT Approval Life 3 Years Review By June 2012 Owner Secure Research Database Analyst Retention
More information[Example] Social Media Acceptable Use Policy
[Example] Social Media Acceptable Use Policy Overview The [agency] recognises that there are legitimate business and personal reasons for using social media at work or using corporate computing resources.
More informationAPPROVED BY: DATE: NUMBER: PAGE: 1 of 9
1 of 9 PURPOSE: To define standards for appropriate and secure use of MCG Health electronic systems, specifically e-mail systems, Internet access, phones (static or mobile; including voice mail) wireless
More informationChicago State University Computer Usage Policy
Chicago State University Computer Usage Policy Introduction This document provides guidelines for appropriate use by students, faculty and staff of computers, and other technological facilities and services
More informationSTRATEGIC POLICY REQUIRED HARDWARE, SOFTWARE AND CONFIGURATION STANDARDS
Policy: Title: Status: ISP-S9 Use of Computers Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1. Introduction 1.1. This information security policy document contains high-level
More informationINFORMATION SECURITY MANAGEMENT POLICY
INFORMATION SECURITY MANAGEMENT POLICY Security Classification Level 4 - PUBLIC Version 1.3 Status APPROVED Approval SMT: 27 th April 2010 ISC: 28 th April 2010 Senate: 9 th June 2010 Council: 23 rd June
More informationRegulation of Investigatory Powers Act 2000
Regulation of Investigatory Powers Act 2000 Consultation: Equipment Interference and Interception of Communications Codes of Practice 6 February 2015 Ministerial Foreword The abilities to read or listen
More informationData Protection Division Guidance Note Number 10/08
Gibraltar Regulatory Authority Data Protection Division Data Protection Division Data Protection Division Guidance Note Number 10/08 Monitoring of Staff Guidance Note Number 10/08 Issue Date: 06/11/2008
More informationAcceptable Usage Policy
Version 2.1 20141230 Acceptable Usage Policy Acceptable Usage Policy Contents 1. PURPOSE OF THIS POLICY... 2 2. GENERAL... 2 3. APPLICATION... 2 4. UNREASONABLE USE... 2 5. UNACCEPTABLE USE... 3 6. SPAM...
More informationUse of Social Networking Websites Policy. Joint Management Trade Union Committee. ENDORSED BY: Consultative Committee DATE: 14 February 2013
Use of Social Networking Websites Policy START DATE: March, 2013 NEXT REVIEW: March 2015 COMMITTEE APPROVAL: Joint Management Trade Union Committee CHAIR S SIGNATURE: STAFF SIDE CHAIR S SIGNATURE: DATE:
More informationSocial Networking Protocol for Schools Managed Staff
Social Networking Protocol for Schools Managed Staff Created by HR Consultancy June 2010 1 Social Networking Protocol 2010 Contents 1. Purpose 2. Scope 3. School s Expectations 4. Safeguarding 5. Monitoring
More informationPersonal use of computers
Personal use of computers Personal Use In addition to the internal mail system, ICO staff have direct access to the Internet and external email from their IT equipment. This statement of the Commissioner
More informationPolicy and Procedure for Internet Use Summer Youth Program Johnson County Community College
Policy and Procedure for Internet Use Summer Youth Program Johnson County Community College This Policy and Procedures for Internet Use booklet has been prepared for Summer Program students with access
More informationAcceptable Use of ICT Policy. Staff Policy
Acceptable Use of ICT Policy Staff Policy Contents INTRODUCTION 3 1. ACCESS 3 2. E-SAFETY 4 3. COMPUTER SECURITY 4 4. INAPPROPRIATE BEHAVIOUR 5 5. MONITORING 6 6. BEST PRACTICE 6 7. DATA PROTECTION 7 8.
More informationEMPLOYEE COMPUTER NETWORK AND INTERNET ACCEPTABLE USAGE POLICY
EMPLOYEE COMPUTER NETWORK AND INTERNET ACCEPTABLE USAGE POLICY This is a statement of The New York Institute for Special Education s (NYISE s) policy related to employees Computer Network and Internet
More informationEmail Policy and Code of Conduct
Email Policy and Code of Conduct UNIQUE REF NUMBER: CCG/IG/011/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY
More informationSocial Network Protocol & Policy
Social Network Protocol & Policy Prepared by: Stoke HR Implementation Date: July 2015 Review date: July 2016 RAISING ASPIRATIONS. TRANSFORMING LIVES. Social Networking Protocol for Schools & Academies
More information1. Computer and Technology Use, Cell Phones. 1.1. Information Technology Policy
1. Computer and Technology Use, Cell Phones 1.1. Information Technology Policy Employees are provided with Internet access and electronic communications services (which may include, but are not limited
More informationThe Legal Risks of Web and Email ABSTRACT
The Legal Risks of Web and Email ABSTRACT Access to Web and email are essential for any business to be successful. However, there are a large number of potential legal risks that organizations need to
More informationBUCKEYE EXPRESS HIGH SPEED INTERNET SERVICE ACCEPTABLE USE POLICY
BUCKEYE EXPRESS HIGH SPEED INTERNET SERVICE ACCEPTABLE USE POLICY The Acceptable Use Policy ("the Policy") governs use of the Buckeye Express High Speed Internet Service ("the Service"). All subscribers
More information