GUIDEILINE FOR MONITORING STAFF COMPUTER USE
|
|
- Julius Summers
- 8 years ago
- Views:
Transcription
1 GUIDEILINE FOR MONITORING STAFF COMPUTER USE TRUST REF: B41/2007 APPROVED BY: Policy and Guideline Committee VERSION NUMBER: 1 DATE OF APPROVAL: 12 th November 2007 AUTHOR: DIRECTORATE: REVIEW DATE: Gareth Lawrence Corporate and Legal Affairs 2 years Page 1 of 5
2 Index 1. Introduction Relevant legislation Routine audit reports Requests for information on staff usage Documentation Retention Awareness of this guideline Contact Relevant Information Policies... 5 Version Date Author Change Change Control Page 2 of 5
3 1. Introduction This guideline is intended for use by computer systems managers who have the ability to produce audit trails of staff computer activity. This would normally be carried out as a result of routine audit reports or as a request for information on staff system usage, usually when concerns arise over the appropriateness of employees use of the computer system. The principles which underpin this have already been incorporated into the IM&T Procedure for the Monitoring of Internet Access. However, the Trust has many systems with audit trail capabilities and a number of staff within and outside of IM&T who manage systems. This guideline stating the principles to apply will be applicable to systems managers who may be asked to report on the activity of staff members. This guideline does not cover the situation where patients or staff may wish to identify who has accessed their electronic information. In this situation seek advice from the Information Governance Manager. 2. Relevant legislation There are a number of laws and guidelines which govern how this type of activity is conducted. Regulation of Investigatory Powers Act 2000 (RIPA) Telecommunications (Lawful Business Practice Interception of Communications) Regulations 2000 The Human Rights Act 1988 Employment Practices Data Protection Code Part 3, Monitoring at Work (Information Commissioner) This guideline conforms to the legislation and has been agreed with Staff Side Representatives. In summary, the position is: The Trust can not conduct surveillance of staff unless sanctioned by an external body such as the Counter Fraud Service. This guideline does not consider surveillance; The Trust is entitled to, and does, examine it s records to satisfy itself that Trust policies are being adhered to; Staff should be aware that this is the case. 3. Routine audit reports Page 3 of 5
4 Trust computer systems will typically record activity of staff logging onto the system, creation, update, deletion and viewing of records. Systems managers will define audit reports to monitor system usage as they consider appropriate. This may include excessive and unusual use such as outside of normal hours, repeat enquires on same person and excessive failed login in attempts. If at any point it is considered that disciplinary action may arise, Human Resources should be informed. Systems managers are able to investigate abnormal activity and this may result in temporary suspension of the account until the investigation is complete. A record of any investigatory activity should be kept. Documentation supporting the investigation should be held securely on the system and should be accessible only to staff with Systems Administrator access. 4. Requests for information on staff usage This would occur if a request was received from management to report staff member activity in order to determine if the Trust member was in breach of staff policies. The overriding concern in such requests is that staff members are treated fairly and it is recommended that the best way to ensure that requests are legitimate is to only process requests received through Human Resources who are experienced in dealing with such matters in accordance with Trust Policy. As above, a record of any investigatory activity should be kept. Documentation supporting the investigation should be held securely on the system and should be accessible only to staff with Systems Administrator access. 5. Documentation Retention Documentation should be retained by systems managers for a maximum of 6 months after which it should be securely destroyed. Any documentation which is used in a staff disciplinary will be held a part of the disciplinary process documentation. Audit trail reports produced on a staff members activity would be disclosable to the staff member should the staff member request the information. 6. Awareness of this guideline Users of systems will be authorised by line managers to access systems. The authorisation form should alert the user to the prospect of monitoring. In addition to Insite, this guideline will be issued to managers of key computer systems within the Trust and through Human Resources. Page 4 of 5
5 7. Contact Should you require any further details regarding interpretation of this guideline please contact your Human Resources advisor or the Information Governance Manager on x Relevant Information Policies and internet access and monitoring policy Information Security Policy How we monitor UHL Internet Access Page 5 of 5
Information Security Policy. Information Security Policy. Working Together. May 2012. Borders College 19/10/12. Uncontrolled Copy
Working Together Information Security Policy Information Security Policy May 2012 Borders College 19/10/12 1 Working Together Information Security Policy 1. Introduction Borders College recognises that
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Approval date: June 2014 Approved by: Board Responsible Manager: Executive Director of Resources Next Review June 2016 Data Protection Policy 1. Introduction Data Protection Policy
More informationPS 172 Protective Monitoring Policy
PS 172 Protective Monitoring Policy January 2014 Version 2.0 Statement of legislative compliance This document has been drafted to comply with the general and specific duties in the Equality Act 2010;
More informationUlster University Standard Cover Sheet
Ulster University Standard Cover Sheet Document Title IT Monitoring Policy 1.5 Custodian Approving Committee Deputy Director of Finance and Information Services (Information Services) Information Services
More informationHow to Monitor Employee Web Browsing and Email Legally
WHITEPAPER: HOW TO MONITOR EMPLOYEE WEB BROWSING AND EMAIL LEGALLY How to Monitor Employee Web Browsing and Email Legally ABSTRACT The Internet and email are indispensable resources in today s business
More informationNHS Business Services Authority Information Security Policy
NHS Business Services Authority Information Security Policy NHS Business Services Authority Corporate Secretariat NHSBSAIS001 Issue Sheet Document reference NHSBSARM001 Document location F:\CEO\IGM\IS\BSA
More informationCaedmon College Whitby
Caedmon College Whitby Data Protection and Information Security Policy College Governance Status This policy was re-issued in June 2014 and was adopted by the Governing Body on 26 June 2014. It will be
More informationThe University of Information Technology Management System
IT Monitoring Code of Practice 1.4 University of Ulster Code of Practice Cover Sheet Document Title IT Monitoring Code of Practice 1.4 Custodian Approving Committee Deputy Director of Finance and Information
More informationUniversity of York Policy on the Management of Debit/ Credit Card Data
University of York Policy on the Management of Debit/ Credit Card Data Version 1.0 25th February 2015 Index 1 Introduction and Policy Statement 1.1 The Payment Card Industry Data Security Standard (PCI
More informationElectronic Messaging Policy. 1. Document Status. Security Classification. Level 4 - PUBLIC. Version 1.0. Approval. Review By June 2012
Electronic Messaging Policy 1. Document Status Security Classification Level 4 - PUBLIC Version 1.0 Status DRAFT Approval Life 3 Years Review By June 2012 Owner Secure Research Database Analyst Retention
More informationWest Lothian College. E-Mail and Computer Network Responsible Use Policy. September 2011
West Lothian College E-Mail and Computer Network Responsible Use Policy September 2011 Author: Steve Williams Date: September 2011 Agreed: Computer Network & Email Policy September 2011 E-Mail and Computer
More informationOFFICIAL. NCC Records Management and Disposal Policy
NCC Records Management and Disposal Policy Issue No: V1.0 Reference: NCC/IG4 Date of Origin: 12/11/2013 Date of this Issue: 14/01/2014 1 P a g e DOCUMENT TITLE NCC Records Management and Disposal Policy
More informationCaldwell Community College and Technical Institute
Caldwell Community College and Technical Institute Student Computer Usage Policies and Procedures I. Campus Computer Usage Overview: The purpose of this document is to define the policies and procedures
More informationInformation Governance Policy
Information Governance Policy UNIQUE REF NUMBER: AC/IG/013/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY
More informationInformation Governance Framework. June 2015
Information Governance Framework June 2015 Information Security Framework Janice McNay June 2015 1 Company Thirteen Group Lead Manager Janice McNay Date of Final Draft and Version Number June 2015 Review
More informationCaldwell Community College and Technical Institute
Caldwell Community College and Technical Institute Employee Computer Usage Policies and Procedures I. PURPOSE: The purpose of this section is to define the policies and procedures for using the administrative
More informationInformation security policy
Information security policy Issue sheet Document reference Document location Title Author Issued to Reason issued NHSBSARM001 S:\BSA\IGM\Mng IG\Developing Policy and Strategy\Develop or Review of IS Policy\Current
More informationLEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction
LEEDS BECKETT UNIVERSITY Information Security Policy 1.0 Introduction 1.1 Information in all of its forms is crucial to the effective functioning and good governance of our University. We are committed
More informationMonitoring and Logging Policy. Document Status. Security Classification. Level 1 - PUBLIC. Version 1.0. Approval. Review By June 2012
Monitoring and Logging Policy Document Status Security Classification Version 1.0 Level 1 - PUBLIC Status DRAFT Approval Life 3 Years Review By June 2012 Owner Secure Research Database Analyst Change History
More informationOnline Research and Investigation
Online Research and Investigation This document is intended to provide guidance to police officers or staff engaged in research and investigation across the internet. This guidance is not a source of law
More informationRecords Authority. Australian Security Intelligence Organisation
Records Authority Australian Security Intelligence Organisation This is an accurate reproduction of the authorised records authority content, created for accessibility purposes CONTENTS INTRODUCTION 3
More informationSTFC Monitoring and Interception policy for Information & Communications Technology Systems and Services
STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services Issue 1.0 (Effective 27 June 2012) This document contains a copy of the STFC policy statements outlining
More informationINFORMATION SECURITY POLICY. Contents. Introduction 2. Policy Statement 3. Information Security at RCA 5. Annexes
INFORMATION SECURITY POLICY Ratified by RCA Senate, February 2007 Contents Introduction 2 Policy Statement 3 Information Security at RCA 5 Annexes A. Applicable legislation and interpretation 8 B. Most
More informationPolicy on Public and School Bus Closed Circuit Television Systems (CCTV)
DEPARTMENT OF TRANSPORT Policy on Public and School Bus Closed Circuit Television Systems (CCTV) Responsibility of: Public Transport Division TRIM File: DDPI2010/3680 Effective Date: July 2010 Version
More informationInformation Security Policy September 2009 Newman University IT Services. Information Security Policy
Contents 1. Statement 1.1 Introduction 1.2 Objectives 1.3 Scope and Policy Structure 1.4 Risk Assessment and Management 1.5 Responsibilities for Information Security 2. Compliance 3. HR Security 3.1 Terms
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_WB_L_1
Protection of Personal Data RPC001147_EN_WB_L_1 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Responsibility of Employees
More informationNetwork Service, Systems and Data Communications Monitoring Policy
Network Service, Systems and Data Communications Monitoring Policy Purpose This Policy defines the environment and circumstances under which Network Service, Systems and Data Communications Monitoring
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY DATA PROTECTION POLICY Document Control Information Title Data Protection Policy Version V1.0 Author Diana Watt Date Approved 21 February 2013 Review Date Annually, on the anniversary
More informationSaint Martin s Catholic Academy
Saint Martin s Catholic Academy E-Safety Policy - Acceptable Use - Students January 2015 Why have an Acceptable Use Policy? An Acceptable Use Policy is about ensuring that you, as a student at Saint Martin
More informationAccess Control Policy
Version 3.0 This policy maybe updated at anytime (without notice) to ensure changes to the HSE s organisation structure and/or business practices are properly reflected in the policy. Please ensure you
More informationHighland Council Information Security Policy
Highland Council Information Security Policy Document Owner: Vicki Nairn, Head of Digital Transformation Page 1 of 16 Contents 1. Document Control... 4 Version History... 4 Document Authors... 4 Distribution...
More informationDene Community School of Technology Staff Acceptable Use Policy
Policy Overview Dene Community School of Technology The school provides computers for use by staff as an important tool for teaching, learning, and administration of the school. Use of school computers,
More informationSelf assessment tool. Using this tool
Self assessment tool How well does your organisation comply with the 12 guiding principles of the surveillance camera code of practice? Complete this easy to use self assessment tool to find out if you
More informationData Protection Policy
Data Protection Policy CONTENTS Introduction...2 1. Statement of Intent...2 2. Fair Processing or Privacy Statement...3 3. Data Uses and Processes...4 4. Data Quality and Integrity...4 5. Technical and
More informationStaffordshire County Council. Records Retention and Disposal Policy
Staffordshire County Council Records Retention and Disposal Policy Version Author Approved By Date Published Review V. 1.1 Information Governance Unit Philip Jones, Head of Information Governance 2/11/2012
More informationOIPC Guidelines for Video Surveillance by Public Bodies in Newfoundland and Labrador, June 2015 ATIPPA, 2015 Criminal Code of Canada
PURPOSE: To enhance protection for employees and visitors, strengthen security of infrastructure/town facilities and assist law enforcement agencies with investigations. AUTHORITY: OIPC Guidelines for
More informationSt. Peter s C.E. Primary School Farnworth Email, Internet Security and Facsimile Policy
Learn, sparkle & shine St. Peter s C.E. Primary School Farnworth Email, Internet Security and Facsimile Policy Adopted from the LA Policy April 2015 CONTENTS Page No 1. Introduction 1 2. Guiding Principles
More informationData Security and Extranet
Data Security and Extranet Derek Crabtree Schools ICT Support Manager derek.crabtree@merton.gov.uk Target Operating Model 2011 Merton Audit Organisation name: London Borough of Merton Periodic plan date:
More informationUniversity of Liverpool
University of Liverpool Information Security Policy Reference Number Title CSD-003 Information Security Policy Version Number 3.0 Document Status Document Classification Active Open Effective Date 01 October
More informationData Protection Act 1998 The Data Protection Policy for the Borough Council of King's Lynn & West Norfolk
Data Protection Act 1998 The for the Borough Council of King's Lynn & West Norfolk 1 Contents Introduction 3 1. Statement of Intent 4 2. Fair Obtaining I Processing 5 3. Data Uses and Processes 6 4. Data
More informationData Retention and Investigatory Powers Bill
Data Retention and Investigatory Powers Bill CONTENTS Retention of relevant communications data 1 Powers for retention of relevant communications data subject to safeguards 2 Section 1: supplementary Investigatory
More informationInformation Security Policies. Version 6.1
Information Security Policies Version 6.1 Information Security Policies Contents: 1. Information Security page 3 2. Business Continuity page 5 3. Compliance page 6 4. Outsourcing and Third Party Access
More informationStandard Operating Procedure. Authority to access and monitor University IT Account holder communications and data
Standard Operating Procedure Title: Authority to access and monitor University IT Account holder communications and data Version: 2.0 Effective Date March 2016 Summary Describes the approval process and
More informationHalton Borough Council. Privacy Notice
Halton Borough Council Privacy Notice Halton Borough Council is registered as a data controller under the Data Protection Act as we collect and process personal information about you. The information we
More informationINTERNET, E-MAIL USE AND
INTERNET, E-MAIL AND TELEPHONE USE AND MONITORING POLICY Originated by: Customer Services LJCC: 10 th April 2008 Full Council: June 2008 Implemented: June 2008 1.0 Introduction and Aim 1.1 The aim of this
More informationInformation Security Policy
Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Alan Lawrie ehealth Strategy Group Implementation Date: September
More informationInformation Governance Policy
Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact
More informationAccessing Personal Information on Patients and Staff:
Accessing Personal Information on Patients and Staff: A Framework for NHSScotland Purpose: Enabling access to personal and business information is a key part of the NHSScotland Information Assurance Strategy
More informationPolicy for Management of CCTV on Waste Operation Vehicles
Policy for Management of CCTV on Waste Operation Vehicles 1.0 POLICY 1.1 CCTV cameras are fitted to refuse vehicles for the purposes of Health and Safety of employees and members of the public, and for
More informationDate of review: January 2016 Policy Category: Corporate Sponsor (Director): Chief Executive CONTENT SECTION DESCRIPTION PAGE.
Title: Information Governance Policy Date Approved: Approved by: Date of review: Policy Ref: Issue: January 2015 Information Governance Group Division/Department: January 2016 Policy Category: ISP-04 5
More informationTemplate for Automatic Number Plate Recognition (ANPR) Infrastructure Development Privacy Impact Assessment
Template for Automatic Number Plate Recognition (ANPR) Infrastructure Development Privacy Impact Assessment This template is provided to support the police service and other law enforcement agencies (LEA)
More informationInformation & ICT Security Policy Framework
Information & ICT Security Framework Version: 1.1 Date: September 2012 Unclassified Version Control Date Version Comments November 2011 1.0 First draft for comments to IT & Regulation Group and IMG January
More informationDATA PROTECTION AUDIT GUIDANCE
DATA PROTECTION AUDIT GUIDANCE CONTENTS Section I: Section II: Audit of Processing of Personal Data Audit Procedure Appendices: A B C D E Audit Form List of Purposes List of data subjects List of data
More informationABERYSTWYTH UNIVERSITY POLICY
ABERYSTWYTH UNIVERSITY POLICY Policy on Mobile phones issued by Information Services Approving Body: University Executive Group, Information Services Senior Management Group Responsibilities: Director
More informationmyki Privacy Policy Collection of personal information Data quality Privacy issues and myki Collection of health information
myki Privacy Policy This privacy policy relates specifically to the myki ticketing system. In addition, PTV has a general privacy policy (which covers handing of personal information in contexts other
More informationUNIVERSITY OF SOUTHAMPTON DATA PROTECTION POLICY
UNIVERSITY OF SOUTHAMPTON DATA PROTECTION POLICY 1. Purpose 1.1 The Data Protection Act 1998 ( the Act ) has two principal purposes: i) to regulate the use by those (known as data controllers) who obtain,
More informationMONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY
MONMOUTHSHIRE COUNTY COUNCIL DATA PROTECTION POLICY Page 1 of 16 Contents Policy Information 3 Introduction 4 Responsibilities 7 Confidentiality 9 Data recording and storage 11 Subject Access 12 Transparency
More informationVEHICLE LOCATION SYSTEM POLICY. Version 0.2. Paul Robinson, Strategic Director, Richard Kniveton, Fleet and Depot Manager
VEHICLE LOCATION SYSTEM POLICY Version 0.2 Document owner Paul Robinson, Strategic Director, Neighbourhoods Document author Richard Kniveton, Fleet and Depot Manager Document manager Richard Kniveton,
More informationUniversity of Birmingham. Closed Circuit Television (CCTV) Code of Practice
University of Birmingham Closed Circuit Television (CCTV) Code of Practice University of Birmingham uses closed circuit television (CCTV) images to provide a safe and secure environment for students, staff
More informationSURVEILLANCE AND PRIVACY
info sheet 03.12 SURVEILLANCE AND PRIVACY Info Sheet 03.12 March 2012 This Information Sheet applies to Victorian state and local government organisations that are bound by the Information Privacy Act
More informationData Protection Breach Management Policy
Data Protection Breach Management Policy Please check the HSE intranet for the most up to date version of this policy http://hsenet.hse.ie/hse_central/commercial_and_support_services/ict/policies_and_procedures/policies/
More informationData Protection Policy
Issue Date: June 2014 Document Number: POL_1006 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading length; please depending delete other on line length;
More informationCorporate Policy and Procedure
Page Page 1 of 9 TAB: SECTION: SUBJECT: ROADS AND TRAFFIC TRAFFIC OPERATIONS CLOSED CIRCUIT TELEVISION (CCTV) TRAFFIC MONITORING SYSTEMS POLICY STATEMENT POLICY PURPOSE The City of Mississauga may install
More informationRIPA (Regulations and Investigatory Powers Act)
Dartmoor National Park Authority INTERNET MONITORING POLICY & INVESTIGATION PROTOCOL Approved: February 2010 Review Date: September 2010 1. Introduction Private use of the computer facilities is covered
More informationINFORMATION SECURITY POLICY
INFORMATION SECURITY POLICY Policy approved by: Audit and Governance Committee Date: 4 th December 2014 Next Review Date: December 2016 Version: 1 Information Security Policy Page 1 of 17 Review and Amendment
More informationUniversity of Liverpool
University of Liverpool Card Payment Policy Reference Number Title Version Number 1.0 Document Status Document Classification FIN-001 Card Payment Policy Active Public Effective Date 03 June 2014 Review
More informationPersonally Controlled Electronic Health Record System: Legislation Issues Paper
Personally Controlled Electronic Health Record System: Legislation Issues Paper Introduction The AMA has reviewed the Personally Controlled Electronic Health Record System: Legislation Issues Paper. The
More informationData Governance Policy. Staff Only Students Only Staff and Students. Vice-Chancellor
Name of Policy Description of Policy Policy applies to Data Governance Policy To establish proper standards to assure the quality and integrity of University data. This policy also defines the roles and
More informationRotherham CCG Network Security Policy V2.0
Title: Rotherham CCG Network Security Policy V2.0 Reference No: Owner: Author: Andrew Clayton - Head of IT Robin Carlisle Deputy - Chief Officer D Stowe ICT Security Manager First Issued On: 17 th October
More informationEmail Policy and Code of Conduct
Email Policy and Code of Conduct UNIQUE REF NUMBER: CCG/IG/011/V1.2 DOCUMENT STATUS: Approved by Audit Committee 19 June 2013 DATE ISSUED: June 2013 DATE TO BE REVIEWED: June 2014 1 P age AMENDMENT HISTORY
More informationHUMAN RESOURCES POLICIES & PROCEDURES
HUMAN RESOURCES POLICIES & PROCEDURES Policy title Application IT systems and social networking policy All employees and students CONTENTS PAGE Introduction and scope 2 General points 2 Authorisation to
More informationProtection. Code of Practice. of Personal Data RPC001147_EN_D_19
Protection of Personal Data RPC001147_EN_D_19 Table of Contents Data Protection Rules Foreword From the Data Protection Commissioner Introduction From the Chairman Data Protection Rules Responsibility
More informationINFORMATION SECURITY POLICY
Information Security Policy INFORMATION SECURITY POLICY Introduction Norwood UK recognises that information and information systems are valuable assets which play a major role in supporting the companies
More informationUNIVERSITY OF ST ANDREWS. EMAIL POLICY November 2005
UNIVERSITY OF ST ANDREWS EMAIL POLICY November 2005 I Introduction 1. Email is an important method of communication for University business, and carries the same weight as paper-based communications. The
More informationData Protection Policy
Data Protection Policy Owner : Head of Information Management Document ID : ICT-PL-0099 Version : 2.0 Date : May 2015 We will on request produce this Policy, or particular parts of it, in other languages
More informationWalton Centre. Document History Date Version Author Changes 01/10/2004 1.0 A Cobain L Wyatt. Monitoring & Audit
Page 1 Walton Centre Monitoring & Audit Document History Date Version Author Changes 01/10/2004 1.0 A Cobain L Wyatt Page 2 Table of Contents Section Contents 1 Introduction 2 Responsibilities Within This
More informationData Protection Policy June 2014
Data Protection Policy June 2014 Approving authority: Consultation via: Court Audit and Risk Committee, University Executive, Secretary's Board, Information Governance and Security Group Approval date:
More informationArticle 29 Working Party Issues Opinion on Cloud Computing
Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,
More informationBest practice guidance for information security within Choose and Book May 2009
Best practice guidance for information security within Choose and Book May 2009 Best practice guidance for information security within Choose and Book This guidance has been prepared to help organisations
More information2. Scope 2.1 This policy covers all the activities and processes of the University that uses personal information in whatever format.
University of Westminster Personal Data Protection Policy For Compliance with the Data Protection Act 1998 1. Background 1.1 The Data Protection Act 1998 (DPA) defines personal data as data and information
More informationData protection. The employment practices code
Data protection The employment practices code Contents 3 Contents About the code 4 Managing data protection 11 Good practice recommendations 11 Part 1: Recruitment and selection 14 About Part 1 of the
More informationInternet Use Policy and Code of Conduct
Internet Use Policy and Code of Conduct UNIQUE REF NUMBER: AC/IG/023/V1.1 DOCUMENT STATUS: Agreed by Audit Committee 18 July 2013 DATE ISSUED: July 2013 DATE TO BE REVIEWED: July 2014 1 P age AMENDMENT
More informationMerthyr Tydfil County Borough Council. Data Protection Policy
Merthyr Tydfil County Borough Council Data Protection Policy 2014 Cyfarthfa High School is a Rights Respecting School, we recognise the importance of ensuring that the United Nations Convention of the
More informationHow To Use A Corporate Credit Card
Corporate Credit Card Policy June 2012 1. PURPOSE The purpose of this policy is to provide authority for the use of corporate credit cards. 2. SCOPE This Policy applies to all Council Officials as defined
More informationINFORMATION TECHNOLOGY SECURITY STANDARDS
INFORMATION TECHNOLOGY SECURITY STANDARDS Version 2.0 December 2013 Table of Contents 1 OVERVIEW 3 2 SCOPE 4 3 STRUCTURE 5 4 ASSET MANAGEMENT 6 5 HUMAN RESOURCES SECURITY 7 6 PHYSICAL AND ENVIRONMENTAL
More informationHow To Monitor A Municipality
UMHLABUYALINGANA MUNICIPALITY ACTIVITY MONITORING POLICY AND PROCEDURE Activity Monitoring Policy and Procedure Approval and Version Control Approval Process: Position or Meeting Number: Date: Originator
More informationMonitoring Employee Communications: Data Protection and Privacy Issues
Monitoring Employee Communications: Data Protection and Privacy Issues By Anthony Sakrouge, Kate Minett, Daniel Preiskel and Jose Saras Reprinted from Computer and Telecommunications Law Review Issue 8,
More informationRecords Retention and Disposal Schedule. Information Management
Records Retention and Disposal Schedule Information Management Version control Version Author Policy Approved By Approval Date Publication Date Review Due V 1.0 Information Governance Unit Philip Jones,
More informationScotland s Commissioner for Children and Young People Records Management Policy
Scotland s Commissioner for Children and Young People Records Management Policy 1 RECORDS MANAGEMENT POLICY OVERVIEW 2 Policy Statement 2 Scope 2 Relevant Legislation and Regulations 2 Policy Objectives
More informationHow IT Can Aid Sarbanes Oxley Compliance
ZOHO Corp. How IT Can Aid Sarbanes Oxley Compliance Whitepaper Notice: This document represents the current view of ZOHO Corp. and makes no representations or warranties with respect to the contents as
More informationAuthorised Acceptable Use Policy 2015-2016. Groby Community College Achieving Excellence Together
Groby Community College Achieving Excellence Together Authorised Acceptable Use Policy 2015-2016 Reviewed: Lee Shellard, ICT Manager: May 2015 Agreed: Leadership & Management Committee: May 2015 Next review:
More informationUniversity of South Wales Software Policies
University of South Wales Software Policies Updated 23 rd January 2015 Page 1 University of South Wales - Software Policies The University s software policies are applicable to all software and datasets
More informationPersonal use of computers
Personal use of computers Personal Use In addition to the internal mail system, ICO staff have direct access to the Internet and external email from their IT equipment. This statement of the Commissioner
More informationBOARD OF DIRECTORS PAPER COVER SHEET. Meeting date: 22 February 2006. Title: Information Security Policy
BOARD OF DIRECTORS PAPER COVER SHEET Meeting date: 22 February 2006 Agenda item:7 Title: Purpose: The Trust Board to approve the updated Summary: The Trust is required to have and update each year a policy
More informationITEM NO: 4. Date: 23 March 2010. Pam Williams Borough Treasurer Wendy Poole Head of Risk Management Audit Services. Reporting Officers:
ITEM NO: 4 Report To: AUDIT PANEL Date: 23 March 2010 Reporting Officers: Subject: Report Summary: Recommendations: Links to Community Strategy: Policy Implications: Financial Implications: (Authorised
More informationComputer, Network, and Email Usage Guidelines Building Computer Support
1/1/15 Eccles Broadcast Center Computer, Network, and Email Usage Guidelines Building Computer Support I. PURPOSE Information Resources at the Eccles Broadcast Center (EBC) are to be used for educational
More informationJob Description. Part A: Job purpose The post of Event Manager is one of 3 reporting to the Operations Manager
Job Description Job Title: Post No: Grade: Division: Location: Responsible to: Event Manager G The Cheltenham Trust Cheltenham Town Hall & Pittville Pump Room Operations Manager Responsible for: Operations
More informationClient Advisory October 2009. Data Security Law MGL Chapter 93H and 201 CMR 17.00
Client Advisory October 2009 Data Security Law MGL Chapter 93H and 201 CMR 17.00 For a discussion of these and other issues, please visit the update on our website at /law. To receive mailings via email,
More informationData Protection Policy. Information Security Review Group. Version Date Author Notes on Revisions
Document Control Table Document Title: Author(s) (name, job title and Division): Version Number: Document Status: Date Approved: Approved By: Effective Date: Date of Next Review: Superseded Version: Data
More informationPacific Smiles Group Privacy Policy
Pacific Smiles Group Privacy Policy Pacific Smiles Group Limited and its related bodies corporate (PSG, we, our, us) recognise the importance of protecting the privacy and the rights of individuals in
More information