Schedule 29: IT and communications systems policy

Schedule 29:IT and communications systems policy

About this policy
- Our IT and communications systems are intended to promote effective communication and working practices. This policy outlines the standards you must observe when using these systems, when we will monitor their use, and the action we will take if you breach these standards.
- The Board has overall responsibility for this policy, including keeping it under review.
- Breach of this policy may be dealt with under our Disciplinary Procedure and, in serious cases, may be treated as gross misconduct leading to summary dismissal.
- This policy does not form part of any employee’s contract of employment, and we may amend it at any time.
Equipment security and passwords
- You are responsible for the security of the equipment allocated to or used by you, including mobile phones, laptops and tablet computers. If you have been issued with a mobile phone, laptop or tablet computer, you must ensure that it is kept secure at all times, whether on work premises, when travelling or when at home.
- You must not allow Company devices or equipment to be used by anyone other than in accordance with this policy. You should use passwords, pin numbers or face recognition (where possible) on all IT equipment, mobile phones and other devices, particularly items that you take out of the office. Passwords must be used to secure access to data kept on such equipment to ensure that confidential data is protected in the event of loss or theft. You should also be aware that when using equipment away from the workplace, documents may be read by third parties, for example, passengers on public transport. You should keep your passwords confidential and change them regularly.
- You must only log on to our systems using your own username and password. You must not use another person’s username and password or allow anyone else to log on using your username and password.
- If you are away from your desk, whether at home or in the office, you should log out or lock your computer. You must log out and shut down your computer at the end of each working day.
- Any mobile phone, laptop, tablet computer or other device provided to an employee shall remain the property of the Company.
Systems and data security
- You should not delete, destroy, or modify existing systems, programs, information, or data (except as authorised in the proper performance of your duties).
- You must not download or install software from external sources without authorisation from a director. Downloading unauthorised software may interfere with our systems and may introduce viruses or other malware.
- You must not attach any device or equipment including mobile phones, tablet computers or USB storage devices to our systems without authorisation from a director.
- We monitor all e-mails passing through our system for viruses. You should exercise caution when opening unsolicited e-mails from unknown sources. If an e-mail looks suspicious do not reply to it, open any attachments, or click any links in it.
- Inform a director immediately if you suspect your computer may have a virus.
E-mail
- Adopt a professional tone and observe appropriate etiquette when communicating with third parties by e-mail. You should also include our standard e-mail signature and disclaimer.
- Remember that e-mails can be used in legal proceedings and that even deleted e-mails may remain on the system and be capable of being retrieved.
- You must not send abusive, obscene, discriminatory, racist, harassing, derogatory, defamatory, pornographic, or otherwise inappropriate e-mails.
- You should not:
  - send or forward private e-mails at work which you would not want a third party to read;
  - send or forward chain mail, junk mail, cartoons, jokes or gossip;
  - contribute to system congestion by sending trivial messages or unnecessarily copying or forwarding e-mails to others who do not have a real need to receive them; or
  - send messages from another person’s e-mail address (unless authorised) or under an assumed name.
- Do not use your own personal e-mail account to send or receive e-mail for the purposes of our business. Only use the e-mail account we have provided for you.
Using the internet
- Internet access is provided primarily for business purposes. Occasional personal use may be permitted as set out in paragraph 6.
- You should not access any web page or download any image or other file from the internet which could be regarded as illegal, offensive, in bad taste or immoral. Even web content that is legal in the UK may be in sufficient bad taste to fall within this prohibition. As a general rule, if any person (whether intended to view the page or not) might be offended by the contents of a page, or if the fact that our software has accessed the page or file might be a source of embarrassment if made public, then viewing it will be a breach of this policy.
- We may block or restrict access to some websites at our discretion.
Personal use of our systems
- We permit the incidental use of our systems to send personal e-mail, browse the internet and make personal telephone calls subject to certain conditions. Personal use is a privilege and not a right. It must not be overused or abused. We may withdraw permission for it at any time or restrict access at our discretion.
- Personal use must meet the following conditions:
  - it must be minimal and take place exclusively outside of normal working hours (that is, during your lunch break, and before or after work);
  - personal e-mails should be labelled “personal” in the subject header;
  - it must not affect your work or interfere with the business;
  - it must not commit us to any marginal costs; and
  - it must comply with our policies including the Equal Opportunities Policy, Anti-harassment and Bullying Policy, Data Protection Policy and Disciplinary Procedure.

6.3 Where breaches of this policy are identified, action may be taken under the disciplinary procedure. We reserve the right to restrict or prevent access to certain telephone numbers or internet sites if we consider personal use to be excessive.

Monitoring
- Our systems enable us to monitor telephone, e-mail, voicemail, internet, and other communications. For business reasons, and to carry out legal obligations in our role as an employer, your use of our systems including the telephone and computer systems (including any personal use) may be continually monitored by automated software or otherwise.
- We reserve the right to retrieve the contents of e-mail messages or check internet usage (including pages visited and searches made) as reasonably necessary in the interests of the business, including for the following purposes (this list is not exhaustive):
  - to monitor whether the use of the e-mail system or the internet is legitimate and in accordance with this policy;
  - to find lost messages or to retrieve messages lost due to computer failure;
  - to assist in the investigation of alleged wrongdoing; or
  - to comply with any legal obligation.

Prohibited use of our systems
- Misuse or excessive personal use of our telephone or e-mail system or inappropriate internet use will be dealt with under our Disciplinary Procedure. Misuse of the internet can in some cases be a criminal offence.
- Creating, viewing, accessing, transmitting, or downloading any of the following material will usually amount to gross misconduct (this list is not exhaustive):
  - pornographic material (that is, writing, pictures, films and video clips of a sexually explicit or arousing nature);
  - offensive, obscene, or criminal material or material which is liable to cause embarrassment to us or to our clients;
  - a false and defamatory statement about any person or organisation;
  - material which is discriminatory, offensive, derogatory or may cause embarrassment to others (including material which breaches our Equal Opportunities Policy or our Anti-harassment and Bullying Policy);
  - confidential information about us or any of our staff or clients (except as authorised in the proper performance of your duties);
  - unauthorised software;
  - any other statement which is likely to create any criminal or civil liability (for you or us); or
  - music or video files or other material in breach of copyright.

Schedule 29:IT and communications systems policy

Staff handbook – Introduction

Schedule 1: Dress code policy

Schedule 2: Quality policy

Schedule 3: Expenses policy

Schedule 4: Equal opportunities policy

Schedule 5: Anti-harassment and bullying policy

Schedule 6: Anti-corruption and bribery policy

Schedule 7: Whistleblowing policy

Schedule 8: Holidays policy

Schedule 9: Disciplinary and capability procedure

Schedule 10: Grievance procedure

Schedule 11: Sickness absence policy

Schedule 12: Time off for antenatal appointments policy

Schedule 13: Time off for adoption appointments policy

Schedule 14: Maternity policy

Schedule 15: Adoption policy

Schedule 16: Paternity policy

Schedule 17: Shared parental leave (birth) policy

Schedule 18: Shared parental leave (adoption) policy

Schedule 19: Parental leave policy

Schedule 20: Time off for dependents policy

Schedule 21: Compassionate leave policy

Schedule 22: Parental bereavement leave policy

Schedule 23: Flexible working policy

Schedule 24: Time off for public duties policy

Schedule 25: Health and safety policy

Schedule 26: Smoking policy

Schedule 27: Substance misuse policy

Schedule 28:Data Protection Policy

Schedule 29: IT and communications systems policy

Schedule 30: CCTV policy

Schedule 31: Social media policy

Schedule 32: Adverse weather and travel disruption policy

Schedule 33: COVID-19 vaccination and testing policy

Schedule 34: Ethics and Conduct Policy

May We Suggest?