Safeguards

A) CONFIDENTIALITY

All information that:-

  1. has been acquired by you during, or in the course of your employment, or has otherwise been acquired by you in confidence;
  2. relates particularly to our business, or that of other persons or bodies with whom we have dealings of any sort; and
  3. has not been made public by, or with our authority;

shall be confidential, and (save in the course of our business or as required by law) you shall not at any time, whether before or after the termination of your employment, disclose such information to any person without our prior written consent.

You are to exercise reasonable care to keep safe all documentary or other material containing confidential information, and shall at the time of termination of your employment with us, or at any other time upon demand, return to us any such material in your possession.

Any breach of the above will lead to disciplinary action being taken against you which may lead to the termination of your employment.

B) COPYRIGHT

All written material, whether held on paper, electronically or magnetically which was made or acquired by you during the course of your employment with us, is our property and our copyright.  At the time of termination of your employment with us, or at any other time upon demand, you shall return to us any such material in your possession.

 C) STATEMENTS TO THE MEDIA

Any statements to reporters from newspapers, radio, television, etc. in relation to our business will be given only by the Managing Director or their nominee.

You may not, under any circumstances, make any statement to any media concerning any matter relating to the company without first obtaining written approval from the Managing Director.

D) POLICY FOR USE OF COMPUTER SYSTEMS

1. Company Policy for Use of Computer Systems

 We have invested significant resources in the provision of office computer systems and the development of software for the use of these systems.

As with all other business assets, employees have a duty of care in respect of these systems.  In essence the employee using or responsible for office computer systems has a duty to:-

  1. Use the computer hardware in a careful manner.
  2. Protect the data held in the computer by the taking of regular data backups.
  3. Use the system in a manner consistent with the Data Protection Act.

2. Care of the Computer Hardware

A typical office computer system costs in excess of £1,000.00.  Users of these systems should treat the equipment in an appropriate manner.

Systems should be kept away from sources of heat such as radiators.

  1. Systems should be kept away from sources of excessive dust such as photocopiers.
  2. Screens and keyboards should be kept clean and excessive levels of dirt and dust should not be allowed to build up.
  3. No cleaning sprays of any form should be used.
  4. No excessive force should be used when operating the system, particularly when changing stationery, ribbons or cartridges in printers.
  5. Equipment should not be personalised or decorated with personal effects.

 3. Information Security Policy

 The information held in a computer system is of great value to the Company and in many cases is ‘worth’ more than the computer system itself.  The data must be protected as in many cases lost data is irreplaceable.  Security copies or ‘backups’ of data must be taken on a regular basis.  Security copies must be taken every working day or more frequently if requested by the IT Department.

Arrangements will be made to hold copies of data off site at another location or at an employee’s home.  This provides protection in case of say ‘fire damage’ to the office premises when normal backups may perish with the computer system.

The safe keeping of data and ensuring backups held on computer systems within their area of responsibility is a key part of the duties of any Manager within the Company.

Our full Information Security Policy is attached as Appendix A.

4. Compliance with Legislation

 There are now several Acts of Parliament which govern the use of computer systems

a. Data Protection Act

 The Company has registered as a data user under the Act and complied with all the initial requirements of the Act.

 To comply with the Act system users must:-         

  • Collect and use Personal Data fairly and lawfully.
  • Use only data registered by the Company.
  • Ensure data is relevant, accurate, current and not excessive.
  • Protect obsolete personal data.
  • Provide data subjects with a copy of all data on request.

 The computer system developed by the Company complies with the Act if used correctly and in line with our Information Security Policy procedures and training courses.

To ensure compliance with the Act users should:-

  •  Store printouts of Personal Data securely in files or cupboards.
  • Take and protect security copies of data.
  • Use, maintain and protect passwords and prevent unauthorised access to data.
  • Position VDU’s to prevent unauthorised personnel viewing personal data.
  • Dispose of printouts safely by shredding or other secure disposal method.

 b. Computer Misuse Act

The Computer Misuse Act governs the usage of and access to computer systems.  Unauthorised users are punishable in law if they are aware they are misusing a computer system.

 Usage of computer system within the Company by employees of the Company in pursuit of their normal duties is not an offence under the Act.  Any other usage by employees or usage by external persons is a misuse and could be punishable under the Act.

 c. Copyright and Intellectual Property Rights

 Computer programs used within the Company are either the property of the Company or licensed for use by the Company.  It is not permissible to use any computer programs provided by the Company on any other computer systems nor is it permissable to use any other computer programs from whatever source on computer systems which are the property of the Company.  This restriction applies even to the types of computer software known as ‘freeware’ or ‘shareware’.

d. Financial Services Act

 The Financial Services Act governs the conduct of investment business and the advice given to clients in this area by the companies.

The strict rules of the act and need for software to comply with the detailed rules defined by the F.S.A. mean that software used in this area must be used properly and accurately.

5. Computer Viruses

Computer viruses are programs which if run either interfere with the normal workings of a computer system or cause damage to information stored in the computer.

 Virus programs may be attached to normal programs or included in E-Mails and may not be activated for some time.  Because of this, what seems a perfectly ‘good’ program may include a virus.  Copying of the program from one computer to another can transmit the virus on.  Viruses can make their presence known in many ways from spurious screen messages to files disappearing.

 To prevent the problem of computer viruses occurring within the company, no computer software of any sort may be loaded on computer systems belonging to the company unless the software has been tested and authorised by the IT Department.

 Suspicion that a computer system has a virus should be reported immediately to the IT Department and all use of the computer system ceased other than as directed by the IT Department.


E) USE OF COMPUTER EQUIPMENT

In order to control the use of the Company’s computer equipment and reduce the risk of contamination the following will apply:-

  1. The introduction of new software must first of all be checked and authorised by a nominated senior member of the Company before general use will be permitted.
  2. Only authorised staff should have access to the Company’s computer equipment.
  3. Only authorised software may be used on any of the Company’s computer equipment.
  4. Only software that is used for business applications may be used.
  5. No software may be brought onto or taken from the Company’s premises without prior authorisation.
  6. Unauthorised access to the computer facility will result in disciplinary action.
  7. Unauthorised copying and/or removal of computer equipment/software will result in disciplinary action, such actions could lead to dismissal.

 G) E-MAIL AND INTERNET POLICY

  1. Introduction

The purpose of the Internet and E-Mail policy is to provide a framework to ensure that there is continuity of procedures in the usage of Internet and E-Mail within the Company.  The Internet and E-Mail system have established themselves as an important communications facility within the Company and have provided us with contact with professional and academic sources throughout the world.  Therefore, to ensure that we are able to utilise the system to its optimum we have devised a policy that provides maximum use of the facility whilst ensuring compliance with the legislation throughout. Misuse of the Internet or E-mail leaves an individual liable to disciplinary action which could lead to dismissal.

  1. Internet

Where appropriate, duly authorised staff are encouraged to make use of the Internet as part of their official and professional activities.  Attention must be paid to ensuring that published information has relevance to normal professional activities before material is released in the Company name.  Where personal views are expressed a disclaimer stating that this is the case should be clearly added to all correspondence.  The intellectual property right and copyright must not be compromised when publishing on the Internet.  The availability and variety of information on the Internet has meant that it can be used to obtain material reasonably considered to be offensive.  The use of the Internet to access and/or distribute any kind of offensive material, or material that is not work-related, constitutes a breach of this policy.

  1. E-Mail

The use of the E-Mail system is encouraged as its appropriate use facilitates efficiency.  Used correctly it is a facility that is of assistance to employees.  Inappropriate use however causes many problems including distractions, time wasting and legal claims.  The following procedure sets out the Company’s position on the correct use of the E-Mail system.

  1. Procedures – Authorised Use

a. Unauthorised or inappropriate use of the E-Mail system may result in disciplinary action which could include summary dismissal.

b. The E-Mail system is available for communication and matters directly concerned with the legitimate business of the Company. Employees using the E-Mail system should comply with Company communication standards which give particular attention to the following points:-

  1. E-Mail messages and copies should only be sent to those for whom they are particularly relevant;
  2. if E-Mail is confidential the user must ensure that the necessary steps are taken to protect confidentiality. The Company will be liable for infringing copyright or any defamatory information that is circulated either within the Company or to external users of the system;
  3. Any attachment which contains information which might be considered confidential should be password protected. The password to open the attachment should never appear in the accompanying e-mail;
  4. Any material, links or attachments to an outbound e-mail must be signed off or authorized (either as a template or as a specific item) by a manager within the Company before being sent to any recipient outside of the Company;
  5. Management Information which is sent to recipients outside of the Company must only be sent by the MI team who will follow their own strict protocols to ensure that the correct information is sent to the correct recipient;
  6. E-Mail should not be used as a substitute for face-to-face communication or telephone contact. Flame mails (i.e. E-Mails that are abusive) must not be sent.  Hasty messages sent without proper consideration can cause upset, concern or misunderstanding; and
  7. offers or contracts transmitted by E-Mail are as legally binding on the Company as those sent on paper.

c. The Company will not tolerate the use of the E-Mail system for unofficial or inappropriate purposes, including:-

i) any messages that could constitute bullying, harassment or other detriment;

ii) excessive personal use (e.g. jokes, cartoons, chain letters or other private matters);

iii)    on-line gambling;

iv) accessing or transmitting pornography;

v) transmitting copyright information and/or any software available to the user; or

vi) posting confidential information about other employees, the Company or its customers or suppliers.

  1. Summary

 This policy is designed to provide all staff with a clear understanding of the responsibilities and duties incumbent upon them as users of the Company’s computer systems.  If a member of staff has any doubt or questions regarding any aspect of this statement they should either discuss them with their Manager to obtain clarification or else contact the IT Department.

H) SOCIAL MEDIA POLICY

 We recognise that staff may be required to make use of social media in order to carry out their duties, and that staff may make use of social media in their own time. Our policy on the use of social media is set out in Appendix 2.

Was this article helpful?

Yes No

Related Articles