IT & Electronic Communications Policy

advertisement
Registered Charity No: 1081381 - Company Reg’d in England & Wales No: 4024662
Boscombe Link, 3-5 Palmerston Road, Bournemouth BH1 4HN.
Tel & Fax: 01202 466130
email: [email protected]
IT & Electronic Communications Policy (Including Social Media
and use of Mobile Technology
This document outlines Bournemouth CVS’s policy and trustee, volunteer and
employee responsibilities for communication sent or received via the
organisation’s systems, it covers both internal and external communication,
including e-mail text messages, and social media. (This Policy replaces the
BCVS IT Policy –Use of Telephones, E-mail and Internet first introduced in
September 2002 and reviewed in January 2004).
1.
Purpose and scope
1.1
Bournemouth CVS (BCVS) provides information and communication
technology systems that enable us all to work efficiently. We recognise that
electronic communications (e.g. emails; text messages; social media
postings) play an essential role in the conduct of our organisation and that the
way in which we all communicate with people not only reflects on us as
individuals but also on us as a organisation.
1.2
In addition, BCVS provides access to the vast information resources of
the internet to help us all do our job and be well informed. The facilities that
we provide represent a considerable commitment of resources. This policy is
designed to help you understand our expectations for the use of those
resources and to ensure that you use those resources wisely.
1.3
This policy covers all individuals working for BCVS including trustees,
employees, consultants, contractors, volunteers.
1.4
The electronic communications and IT equipment referred to in this
policy includes, but is not limited to, computers, internet access, remote
access connections, email servers, file storage, webmail, personal digital
assistants (Blackberry’s, iPhones, iPads, Smart-Phones etc), telephones,
mobile phones and computing and networking facilities owned and operated
by BCVS
2.
Policy
2.1
Information and electronic communication technology systems are
provided to enable us all to work efficiently. They provide a means for
communicating both internally and externally and, a means for storing
2
information, including personal or sensitive information. All users are
therefore expected to use the systems provided in ways which:

comply with legislative requirements (e.g. data protection, equality
legislation, health and safety etc.)

enhance efficiency and productivity

enhance the reputation of BCVS
2.2
We recognise that the internet provides unique opportunities to
participate in interactive discussions and share information on particular topics
using a wide variety of social media, such as Facebook, Twitter, blogs and
wikis. However, your use of social media can pose risks to our confidential
information and reputation and can jeopardise our compliance with legal
obligations. To minimise these risks, to avoid loss of productivity and to
ensure that our IT resources and electronic communications systems are
used only for appropriate business purposes, we expect adherence to this
policy.
2.3
Breach of this policy may result in disciplinary action up to and
including dismissal. Disciplinary action may be taken regardless of whether
the breach is committed during working hours, and regardless of whether our
equipment or facilities are used for the purpose of committing the breach.
Guidance on how to use electronic communications and what would constitute
a breach are given in sections 4, 6, 7 and 8 of this policy. Anyone suspected
of committing a breach of this policy will be required to co-operate with our
investigation, which may involve handing over relevant passwords and login
details.
2.4
You may be required to remove internet postings which are deemed to
constitute a breach of this policy. Failure to comply with such a request may in
itself result in disciplinary action.
2.5
Third parties who have access to our electronic communication
systems and equipment are also required to comply with this policy.
3.
Implementing the policy
3.1
The Chief Executive has overall responsibility for the effective
operation of this policy, but has delegated day-to-day responsibility for its
operation to the Data Protection Officer. Responsibility for monitoring and
reviewing the operation of this policy and making recommendations for
change to minimise risks also lies with the Data Protection Officer.
3.2
All managers have a specific responsibility for operating within the
boundaries of this policy, ensuring that all staff understand the standards of
behaviour expected of them and taking action when behaviour falls below
requirements.
3
3.3
We are all responsible for the success of this policy and should ensure
that we take the time to read and understand it. Any misuse of social media
should be reported to the Chief Executive. Questions regarding the content or
application of this policy should also be directed to the Chief Executive.
4.
Compliance with related Policies and Procedures
4.1
The Organisation’s policies and procedures (e.g. Disciplinary, Equality
& Diversity Policy, Bullying and Harassment) apply equally to behaviour online
as off-line. The IT resources and social media should never be used in a way
that breaches any of our other policies. For example, if an internet post would
breach any of our policies in another forum, it will also breach them in an
online forum.
You should never provide references for other individuals on social or
professional networking sites, as such references, positive and negative, can
be attributed to and create legal liability for both the author of the reference
and BCVS.
5.
Monitoring
5.1
The contents of our IT resources and communications systems are our
property. Therefore you should have no expectation of privacy in any
message, files, data, document, facsimile, telephone conversation, social
media post, conversation or message, or any other kind of information or
communications transmitted to, received or printed from, stored or recorded
on our IT and communications systems.
5.2
We reserve the right to monitor, intercept and review, without further
notice, your activities using our IT resources and communications systems,
including but not limited to social media postings and activities, to ensure that
our rules are being complied with and for legitimate business purposes and
you consent to such monitoring by your acknowledgement of this policy and
your use of such resources and systems. This might include, without
limitation, the monitoring, interception, accessing, recording, disclosing,
inspecting, reviewing, retrieving and printing of transactions, messages,
communications, postings, log-ins, recordings and other uses of the systems
as well as keystroke capturing and other network monitoring technologies.
5.3
We may store copies of such data or communications for a period of
time after they are created, and may delete such copies from time to time
without notice.
5.4
Do not use our IT resources and communications systems for any
matter that you wish to be kept private or confidential from BCVS.
5.5
While an email that is clearly private does not fall within the definition of
a communication that is relevant to BCVS business, we maintain a right to
monitor such a communication where there is a reasonable suspicion that the
4
content breaches the policy, for example, by transmitting confidential
information or pornography.
5.6
BCVS exercises the right to intercept emails and internet access under
the Telecommunications (Lawful Business Practice) (Interception of
Communications) Regulations 2000 for the following reasons:

to investigate or detect the unauthorised use of the systems, e.g. to
ensure that this policy is being observed, that no discriminatory or
offensive content appears in emails etc.

to maintain an adequate level of security for our computer systems

to detect any computer viruses

to check mailboxes of absent employees.
5.7
To exercise our right under the Regulations, the Organisation must
have made all reasonable efforts to inform every person who may use the
system that interception may take place. We believe that the communication
of this policy to trustees, volunteers and employees meets this requirement.
6
Computer procedures
6.1
You are responsible for any actions carried out using your logon-id and
password, therefore you must not:
7.

use another person’s logon-id unless expressly authorised by
management;

attempt to gain unauthorised information concerning passwords or any
other security measures;

knowingly use a BCVS computer to attempt to gain unauthorised
access to any other internal or external computer system;

use any disk or CD ROM from outside the Organisation’s business
unless it has been checked for viruses using an approved virus
checker;

forward virus warnings to anyone other than the Data Protection Officer
regardless of who sent the warning.
The use of email, social media or texting
7.1
The following sections of the policy provide common-sense guidelines
and recommendations for using email, social media or texting responsibly and
safely.
5
7.2
Protecting our reputation
7.2.1 You must not post disparaging or defamatory statements about BCVS
or its users
7.2.2 You should avoid communications that might be misconstrued in a way
that could damage our reputation, even indirectly.
7.2.3 Unless you are clearly speaking as part of your role within BCVS you
should make it clear in social media postings that you are speaking on your
own behalf. Write in the first person and use a personal e-mail address when
communicating via social media.
7.2.4 You are personally responsible for what you communicate in social
media. Remember that what you publish might be available to be widely read
(including by BCVS itself, future employers and social acquaintances) for a
long time. Keep this in mind before you post content. You should take
particular care with jokes, off the cuff remarks and never assume that what
you write will remain private.
7.2.5 You should ensure that your profile and any content you post are
consistent with the professional image you present on behalf of BCVS.
7.2.6 Avoid posting comments about sensitive business-related topics, such
as our performance. Even if you make it clear that your views on such topics
do not represent those of BCVS, your comments could still damage our
reputation.
7.2.7 You must not post anything of a confidential nature or which could
reasonably be expected to be confidential.
7.2.8 If you are uncertain or concerned about the appropriateness of any
statement or posting, refrain from making the communication until you discuss
it with your manager or the Chief Executive.
7.2.9 If you see content in social media that disparages or reflects poorly on
BCVS you should contact your manager or the Chief Executive. All staff are
responsible for protecting our reputation.
7.3
Respecting colleagues, customers and partners
7.3.1 Do not post anything that your colleagues, customers, or partners,
would find offensive, including discriminatory comments, insults or obscenity.
7.3.2 Do not post anything related to your colleagues, customers, or
partners, without their written permission.
6
7.4
Receipt of Email or text
7.4.1 Should you receive an email or text message which has been wrongly
delivered to your address you should redirect the message to that person.
Further, in the event the email or text message contains confidential
information, you must not disclose or use that confidential information. Should
you receive an email which contravenes this policy the e-mail should be
brought to the attention of your line manager. If you receive offensive material
from an external source by email or text, you should not respond to it and
should delete it immediately.
7.5
Personal Messages
7.5.1 Personal messages may be sent or posted on web logs but these
should respect the primary purpose of the electronic communications system.
This means the system should not be used for spreading gossip, or for
personal gain or in breach of any of BCVS standard employment policies or
practices on issues such as equal opportunities, sexual, racial and disability
discrimination and harassment. If an external message or web log posting is
personal, you should make it clear that the message is not being sent on
behalf of BCVS. BCVS reserves the right to restrict or forbid such use.
7.6
Legal Action against the Organisation
7.6.1 Messages sent over the electronic communications system or by web
log can give rise to legal action against BCVS. Claims of defamation,
breaches of confidentiality or contract could arise from a misuse of the
system. It is therefore vital for email or web log messages to be treated like
any other form of correspondence and where necessary hard copies to be
retained. You are also reminded that messages may well be disclosed in any
legal action commenced against BCVS relevant to the issues set out in the
electronic communication.
7.7
Business use of social media
7.7.1 If your duties require you to speak on behalf of the organisation in a
social media environment, you must still seek approval for such
communication from your manager, who may require you to undergo training
before you do so and impose certain requirements and restrictions with regard
to your activities.
7.7.2 If you are contacted for comments about the organisation for
publication anywhere, including in any social media outlet, do not respond
without prior approval.
7.8
Respecting intellectual property and confidential information
7.8.1 Our policies and contracts of employment restrict use and disclosure of
our confidential and intellectual property. You should treat our valuable trade
7
secrets and other confidential information and intellectual property accordingly
and not do anything to jeopardise them through the use of social media.
7.8.2 In addition, you should avoid misappropriating or infringing the
intellectual property of other companies and individuals, which can create
liability for BCVS, as well as the individual author.
7.8.3 Do not use our logos, brand names, slogans or other trademarks, or
post any of our confidential or proprietary information without prior written
permission.
7.8.4 To protect yourself and BCVS against liability for copyright
infringement, where appropriate, reference sources of particular information
you post or upload and cite them accurately. If you have any questions about
whether a particular post or upload might violate anyone's copyright or
trademark, ask your line manager before making the communication.
8.
Organisation mobile phones
8.1
If you have been provided with a mobile phone by BCVS this section of
the Policy will apply.
8.2
You should always bear in mind that conversations on your mobile may
be overheard. Please ensure that you do not discuss information of a
confidential nature in public where others may be able to hear your
discussion.
8.3
You may use the phone for some personal calls and messages but you
should respect that the primary purpose of the phone is for business use.
BCVS reserves the right to charge you for personal use of the phone and/or to
limit your personal use in particular if in the opinion of BCVS your personal
use of the phone is excessive or inappropriate.
8.4
BCVS is responsible for insuring the phone and therefore if the phone
is lost or damaged you agree to inform the Finance Officer immediately so
that the insurers can be notified.
8.5
BCVS is also responsible for repairing and maintaining the phone and
you should notify the Finance Officer as soon as possible if any maintenance
or repairs are required so that appropriate arrangements can be made. The
written permission of BCVS must be obtained before any maintenance or
repair work is undertaken.
8.6
The phone remains the property of BCVS at all times and should be
returned upon request. Upon the termination of your employment you must
return the phone to the Finance Officer in good condition subject to
reasonable wear and tear, and must notify BCVS of any passwords necessary
to access the phone.
8
8.7
You should be aware that as the phone is the property of BCVS our
usual rules regarding interception of communications apply. You agree that all
your communications (including telephone conversations, text messages
and/or use of the Internet) made using the BCVS phone may be monitored
and/or recorded by the Organisation.
Date:
Signed:
Chair of BCVS Board
Policy agreed:
Reviewed:
Chief Executive BCVS
Download