ELECTRONIC MAIL (E-MAIL) September 2014. Version 3.1



Similar documents
SERVER, DESKTOP AND PORTABLE SECURITY. September Version 3.0

MANAGEMENT OF USER ACCOUNTS AND PASSWORD POLICY AUGUST Version 2.0

Acceptable Use of ICT Policy For Staff

If you have any questions about any of our policies, please contact the Customer Services Team.

Policy. Version: 1.1. Date ratified: February 2014 Name of originator /author (s): Responsible Committee / individual:

Dene Community School of Technology Staff Acceptable Use Policy

UNIVERSITY OF ST ANDREWS. POLICY November 2005

Information Security and Electronic Communications Acceptable Use Policy (AUP)

Monitoring and Logging Policy. Document Status. Security Classification. Level 1 - PUBLIC. Version 1.0. Approval. Review By June 2012

Information Security Incident Management Policy

INTERNET, USE AND

2.1 It is an offence under UK law to transmit, receive or store certain types of files.

Internet Use Policy and Code of Conduct

Policy and Code of Conduct

INFORMATION SECURITY POLICY. Contents. Introduction 2. Policy Statement 3. Information Security at RCA 5. Annexes

How To Protect Decd Information From Harm

Terms and Conditions. Acceptable Use Policy Introduction. Compliance with UK Law. Compliance with foreign law

Services Policy

USE OF INFORMATION TECHNOLOGY FACILITIES

LAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY

Use of Social Networking Websites Policy. Joint Management Trade Union Committee. ENDORSED BY: Consultative Committee DATE: 14 February 2013

St. Peter s C.E. Primary School Farnworth , Internet Security and Facsimile Policy

Information Technology and Communications Policy

UTC Cambridge ICT Policy

Service Schedule for Business Lite powered by Microsoft Office 365

Strathfield Girls High School Bring your Own Device User Charter

CARRAMAR PUBLIC SCHOOL

HUMAN RESOURCES POLICIES & PROCEDURES

Sydney Technical High School

COMPUTER USER REGULATIONS INFORMATION TECHNOLOGY POLICY 1

Data Transfer Policy. Data Transfer Policy London Borough of Barnet

The Bishop s Stortford High School Internet Use and Data Security Policy

ICT SECURITY POLICY. Strategic Aim To continue to develop and ensure effective leadership, governance and management throughout the organisation

CCG LAPTOP AND PORTABLE DEVICES AND REMOTE ACCESS POLICY

Acceptable Use Policy (AUP) School Computing

ACCEPTABLE IT AND COMPUTER USE POLICY GUIDE FOR STAFF

ITU Computer Network, Internet Access & policy ( Network Access Policy )

MEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT

INFORMATION SECURITY POLICY

B. Privacy. Users have no expectation of privacy in their use of the CPS Network and Computer Resources.

Boston Public Schools. Guidelines for Implementation of Acceptable Use Policy for Digital Information, Communication, and. Technology Resources

Conditions of Use. Communications and IT Facilities

SURE Services Terms and Conditions SURE MAIL

WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY

Policy For Staff and Students

DATA PROTECTION IT S EVERYONE S RESPONSIBILITY. An Introductory Guide for Health Service Staff

Embedded Network Solutions Australia Pty Ltd (ENSA) INTERNET ACCEPTABLE USE POLICY

2.0 Emended due to the change to academy status Review Date. ICT Network Security Policy Berwick Academy

Bring Your Own Device Program: 2015 User Agreement

Terms & Conditions. In this section you can find: - Website usage terms and conditions 1, 2, 3. - Website disclaimer

Tameside Metropolitan Borough Council ICT Security Policy for Schools. Adopted by:

BUCKEYE EXPRESS HIGH SPEED INTERNET SERVICE ACCEPTABLE USE POLICY

Ulster University Standard Cover Sheet

Information Services. Regulations for the Use of Information Technology (IT) Facilities at the University of Kent

LEEDS BECKETT UNIVERSITY. Information Security Policy. 1.0 Introduction

Information Governance Framework

STFC Monitoring and Interception policy for Information & Communications Technology Systems and Services

Recommendations. That the Cabinet approve the withdrawal of the existing policy and its replacement with the revised document.

Privacy Statement for ACNM s Web sites

Terms of use of information and communication technologies at the University of Burgundy

Angard Acceptable Use Policy

WORTHING COLLEGE STUDENT IT SECURITY POLICY. October 2014

E-Gap Terms and Conditions of Use

COLLEGE POLICY MANUAL

APPROVED BY: DATE: NUMBER: PAGE: 1 of 9

Revelstoke Board of Education Policy Manual

ICT Student Usage Policy

Acceptable Usage Policy

Valdosta State University. Information Resources Acceptable Use Policy

POLICY ON USE OF INTERNET AND

IM&T POLICY & PROCEDURE (IM&TPP 01) Anti-Virus Policy. Notification of Policy Release: Distribution by Communication Managers

MOSMAN HIGH SCHOOL NSW DEC BRING YOUR OWN DEVICE STUDENT AGREEMENT

The term Broadway Pet Stores refers we to the owner of the website whose registered office is 6-8 Muswell Hill Broadway, London, N10 3RT.

Information & Communications Technology Usage Policy Olive AP Academy - Thurrock

R3321 ACCEPTABLE USE OF COMPUTER NETWORK(S)/COMPUTERS AND RESOURCES BY TEACHING STAFF MEMBERS

ATHLONE INSTITUTE OF TECHNOLOGY. I.T Acceptable Usage Staff Policy

Transcription:

ELECTRONIC MAIL (E-MAIL) September 2014 Version 3.1 Western Health and Social Care Trust Page 0 of 6 E-mail Policy V3.1

Policy Title ELECTRONIC MAIL (E-MAIL) POLICY Policy Reference Number CORP09/006 Original Implementation Date September 2009 Revised Date September 2014 Approved Date November 2014 Review Date November 2016 Responsible Officer FERGAL DUREY, AD for ICT and Telecommunications Western Health and Social Care Trust Page 1 of 6 E-mail Policy V3.1

Table of Contents 1. Background and Purpose 3 2. Obtaining an Email Account 3 3. Guidelines for staff 3 4. Counter Measures 5 5. Additional Resources 5 6. Training 6 7. Equality & Human Right s Statement 6 8. Further Information 6 Western Health and Social Care Trust Page 2 of 6 E-mail Policy V3.1

1. Background and Purpose Electronic mail (E-mail) is a significant business, information and communication tool for the Western Health and Social Care Trust (WHSCT) and staff need to be aware of their personal responsibilities with regards to its use and the potential consequences resulting from misuse. Email is a communication tool and not a replacement to any Trust information system. Failure to comply with this policy may lead to disciplinary action. The purpose of this policy is to ensure proper and appropriate use of WHSCT s corporate e-mail and associated communications technologies systems by making staff aware of the organisation s definition on acceptable and unacceptable use. The measures outlined in this policy will not be effective without the cooperation of all Western Trust staff. The cooperation of all such staff, and acceptance of this policy, is therefore a prerequisite to approval for e-mail access. 2. Obtaining an E-mail Account Access to Trust e-mail services will be provided upon receipt of a properly completed Request for New User Account form (available on the Trust Intranet under ICT). Managers should note that there may be a cost associated with the creation of an email account. The set-up and management of all user accounts is governed in accordance with guidelines and principles found in the WHSCT Management of User Accounts and Password Policy. 3. Guidelines for staff E-mail traffic within Health and Social Care (HSC) networks may be regarded as secure; however the risk that e-mails can be read by someone other than the intended recipient is real and cannot be ignored. This is particularly the case when e-mail is sent or received via less secure networks such as Internet web mail. The Trust employs a range of patient / client administration systems to manage healthcare data and, in accordance with DPA principles, access to these systems is granted to all professionals, clinicians and admin support staff whose work necessitates it. In the main this should remove the need to send patient / client data via e-mail to individuals or agencies operating within or outside the HSC network. The use of e-mail to transmit patient or client identifiable information raises particular issues and concerns for the Trust, particularly with respect to the following legislation: The Data Protection Act (DPA) places an onus on organisations handling personal data to employ and promote standards that will ensure the patient s / client s right to privacy and places a separate obligation on any member of staff or individual Western Health and Social Care Trust Page 3 of 6 E-mail Policy V3.1

processing or handling information of a personal nature to maintain the confidential nature of that information. The Freedom of Information (FOI) Act 2000 provides patients and clients with rights of access to the information held by public authorities. However, in cases where transmission of this type of information is unavoidable, staff should ensure: I. Approval has been received and a Data Access Agreement must be in place. II. Appropriate encryption must be used as mandated in the DHSSPNI approved standard. For more information on how to encrypt e-mails please refer to the procedure listed on the Intranet Website (under ICT, E-mail encryption). Further material on the use of e-mail can be found on the Intranet site. Refer to Guidelines, procedures and protocols section and document titled Protocol for the Electronic Transmission of Confidential Information. Never e-mail Trust user account and/or password details. Personal Use Must be within staff s own time and not interfere with other staff carrying out their work duties The user must not create any unauthorised contractual liability on the part of the Trust. Unauthorised access to staff e-mails and messaging, business or private, is strictly prohibited. The Trust will not accept any liability for financial loss while using Trust systems for personal transactions. The Trust reserves the right to monitor the e-mail service. Users might be personally liable to prosecution, and open to claims for damages, if their actions are found to be in breach of the law Tone and Content Business related e-mails should be concise yet formal. E-mails with content that may be deemed offensive (including e-mail attachments) should not be sent. These may lead to disciplinary action. Staff should refrain from sending e-mail that:- I. May potentially infringe copyright II. Contains defamatory comments III. Requires the recipient to forward to further recipients for no business purpose (i.e. chain letters) All e-mails are discoverable documents under the terms of the Freedom of Information (FOI) Act. External Webmail on Trust Devices (E-mail on the Internet) Only access to doctors.net.uk and approved web mail services will be allowed via a web browser Further exceptions will be at the discretion of the AD for ICT and Telecommunications. Western Health and Social Care Trust Page 4 of 6 E-mail Policy V3.1

4. Countermeasures This policy should be seen as one of a number of countermeasures put in place to protect the organisation and its employees from such things as inadvertent exposure to illicit material, malicious software etc, and also the possibility of legal action that may result directly from e-mail abuse or misuse. Additional protection is provided by the following:- Endpoint Security All computers have Endpoint (anti-virus software) installed. The software runs continuously and is updated with the latest version several times a day. Users of other third party devices/modalities that are attached to the Trust network must make special arrangements to have Endpoint software installed via the ICT Service Desk. As part of the Endpoint control measures, certain e-mail attachments are blocked from entering or exiting the HSC network. If an attachment is blocked the user is informed via e-mail of the steps to take to request its release. Content Filtering All e-mail content (including attachments) is filtered. Content filtering is used to aid the detection and removal of spam e-mail. Filters are refined on a daily basis; however users may still find these types of messages in their Inbox. Upon discovery users should forward these items to spam@westerntrust.hscni.net E-mail Archiving All e-mail (sent or received) is electronically archived to assist in the Trust s compliance with certain legislation (e.g. Data Protection Act and Freedom of Information) Monitoring i) The Trust reserves the right to monitor the e-mail service and may, with appropriate approval, open messages in the absence of a member of staff. ii) Suspected cases of abuse on the system or breaches in policy will be rigorously investigated within HR guidelines and in conjunction with HR staff. Removal i) Access to the e-mail services may be withdrawn at any time as a result of, or pending the outcome of, investigations into suspected abuse or misuse ii) iii) E-mail accounts will be terminated (and e-mail archived) for staff who leave the organisation Dormant e-mail accounts, or accounts not otherwise accessed on a regular basis (6 months), will be deemed suitable for suspension. Special leave or periods of extended absence will be taken into consideration. 5. Additional Resources This policy should be read in conjunction with other policies relating to effective and appropriate use of ICT services, including 1) WHSCT Internet Policy 2) WHSCT Management of User Accounts and Password Policy. 3) WHSCT Server, Desktop and Portable Security Policy 4) WHSCT Malicious Software Policy 5) WHSCT Protocol for the Electronic Transmission of Confidential Information by Fax and Email 6) WHSCT Social Media Policy 7) Freedom Of Information & E-mails Guidance (issued by WHSCT Communications Department) Western Health and Social Care Trust Page 5 of 6 E-mail Policy V3.1

8) DHSSPS Code of Practice on Protecting the Confidentiality of Service User Information 9) Information Commissioner Anonymisation: managing data protection risk code of practice (www.ico.gov.uk) 10) Information Commissioner Data sharing code of practice (www.ico.gov.uk) 11) Regulation of Investigatory Powers Act 2000 12) BSO ICT policies 6. Training The Trust is committed to staff development and seeks to consistently improve development standards and opportunities for staff in line with organisational objectives, policies and procedures. Should you or your staff require support in the effective use of ICT please contact the ICT Training Team via the ICT Service Desk. 7. Equality & Human Right's Statement The Western Health & Social Care Trust's Equality and Human Right's statutory obligations have been considered during the development of this policy. 8. Further Information For further information in relation to this policy please refer to:- The ICT User Forum on the ICT service desk portal available on the Trust intranet link below. (http://wta-eservicedesk/portal/) Western Health and Social Care Trust Page 6 of 6 E-mail Policy V3.1

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information