Docstoc

Email policy

Document Sample
Email policy Powered By Docstoc
					                      Whitby Community College – Policy Document




                                     Policy Document



                                            Email Policy



               Created 09 March 2011 based on NYCC
                             guidance

          Approved by the Governing Body on 5.04.11




Page 1

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document

Policy Statement
Whitby Community College will ensure that all users of College email facilities are aware of the
acceptable use of such facilities. The College has a legal responsibility with regard to acceptable
use of email within the College. The College must comply with the following legal statutes:

         ▪ Sexual Offences Act

         ▪ EU Privacy and Monitoring Directive

         ▪ Regulation of Investigatory Powers Act

         ▪ Human Rights Act

         ▪ Freedom of Information Act

         ▪ Data Protection Act

         ▪ Computer Misuse Act

         ▪ Copyright, Design and Patents Act

1    Purpose

The objective of this Policy is to direct all users of College email facilities by:

        Providing guidance on expected working practice.
        Highlighting issues affecting the use of email.
        Informing users about the acceptable use of ICT facilities in relation to emails.
        Describing the standards that users must maintain.
        Stating the actions that may be taken to monitor the effectiveness of this policy.
        Warning users about the consequences of inappropriate use of the email service.

The Policy establishes a framework within which users of College email facilities can apply self-
regulation to their use of email as a communication and recording tool.

2    Scope

This policy covers all email systems and facilities that are provided by Whitby Community College
for the purpose of conducting and supporting official business activity through the Colleges network
infrastructure and all stand alone and portable computer devices.

This policy is intended for all Whitby Community College staff and students who have been
designated as authorised users of email facilities. The use of email facilities by staff that have not
been authorised for that purpose will be regarded as a disciplinary offence.

3    Definition

All emails prepared and sent from Whitby Community College email addresses or mailboxes, and
any non-work email sent using Whitby Community College ICT facilities is subject to this policy.




Page 2

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document


Glossary of Definitions

Electronic mail (abbreviated "e-mail" or, often, "email") is a store and forward method of
composing, sending, storing, and receiving messages over electronic communication systems.

An email client is a computer programme that is used to read and send email.

Email spam involves sending nearly identical unauthorised, unsolicited messages to numerous
recipients by email.

A record is information created, received and maintained as evidence and information by an
organisation or person, in pursuance of legal obligations, or in the transaction of business (BS ISO
15489-1).

4     Risks

Whitby Community College recognises that there are risks associated with users accessing and
handling information in order to conduct official College business.

This policy aims to mitigate the following risks:

          Loss of data or information and data protection issues
          Misuse of the corporate email system
          Legal issues

Non-compliance with this policy could have a significant effect on the efficient operation of the
College and may result in the inadvertent disclosure of information that could be detrimental to the
effective running of the college.

5     Applying the Policy

5.1       Email as Records

All emails that are used to conduct or support official Whitby Community College business must be
sent using an authorised email address for example “@whitbycc.co.uk”.

Non-work email accounts must not be used to conduct or support official Whitby Community
College / Adult Education & Skills Service business. College users must ensure that any emails
containing sensitive information must be sent from an official College email. Encryption must be
used if emails contain information containing sensitive or personal information (eg; personnel
records or details of students). All emails that represent aspects of College business or College
administrative arrangements are the property of the College and not of any individual employee.

Emails held on College equipment are considered to be part of the corporate record and email also
provides a record of staff activities.

The legal status of an email message is similar to any other form of written communication.
Consequently, any e-mail message sent from a facility provided to conduct or support official
Whitby Community College business should be considered to be an official communication from the
College. In order to ensure that Whitby Community College is protected adequately from misuse of
e-mail, the following control will be exercised:

Page 3

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document

  i.     All official external e-mail must carry the following disclaimer:

“~~~~~~~ DISCLAIMER ~~~~~~~ Communications on or through Whitby Community College's
computer systems may be monitored or recorded to secure effective system operation and for
other lawful purposes. This communication is to be treated as confidential and the information in it
may not be used or disclosed except for the purpose for which it has been sent. If you have reason
to believe that you are not the intended recipient of this communication, please contact the sender
immediately. No employee or agent is authorised to conclude any binding agreement on behalf of
Whitby Community College with another party by e-mail without express written confirmation.
Employees of Whitby Community College are required not to make any defamatory statements and
not to infringe or authorise any infringement of copyright or any other legal right by e-mail
communications. Any such communication is contrary to organisational policy. Any issues you can
contact post@whitbycc.co.uk or helpdesk@whitbycc.co.uk.
 ~~~~~~~~~~~~~~~~~~~~~~~~~~”

Whilst respecting the privacy of authorised users, Whitby Community College maintains its legal
right, in accordance with the Regulation of Investigatory Powers Act 2000, to monitor and audit the
use of email by authorised users to ensure adherence to this Policy. Any such interception or
monitoring will be carried out in accordance with the provisions of that. Users should be aware that
deletion of e-mail from individual accounts does not necessarily result in permanent deletion from
the College‟s ICT systems.

It should also be noted that email and attachments may need to be disclosed under the Data
Protection Act 1998 or the Freedom of Information Act 2000. Further information regarding this
can be obtained from the Data Management Officer.

Users should also consider, before sending an email, how they would feel if the message was read
out in Court. Email messages may have to be disclosed in litigation.

5.2    Email as a Form of Communication

Email is designed to be an open and transparent method of communicating. However, it cannot be
guaranteed that the message will be received or read, nor that the content will be understood in
the way that the sender of the email intended. It is therefore the responsibility of the person
sending an email to decide whether email is the most appropriate method for conveying time
critical or privileged information in the particular circumstances.

All emails sent to conduct or support official Whitby Community College business must comply with
corporate communication standards.

Email must not be considered to be any less formal than memos or letters that are sent out from a
particular service or the authority. When sending external email, care should be taken not to
contain any material which would reflect poorly on the College‟s reputation or its relationship with
customers, clients or business partners.

Under no circumstances should users communicate material (either internally or externally), which
is, for example, defamatory, obscene, or does not comply with the College‟s Equal Opportunities
Policy, or which could reasonably be anticipated to be considered inappropriate. Any user, who is
unclear about the appropriateness of any material, should consult their line manager prior to
commencing any associated activity or process.

ICT facilities provided by the College for email should not be used:

Page 4

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document

        For the transmission of unsolicited commercial or advertising material, chain letters, or
         other junk-mail of any kind, to other organisations.
        For the transmission of restricted or protect classified information. For further details please
         ask the Data Management Officer or the ICT Information Security Officer.
        For any form of illegal activity which will lead to criminal and disciplinary action.
        For the transmission or creation of illegal material.
        For the unauthorised transmission to a third party of PROTECT or RESTRICTED material or
         any sensitive data concerning the activities of the College, staff or students.
        To impersonate any other person or amend messages received.
        In the pursuit of private business.
        For the transmission of material such that this infringes the copyright of another person,
         including intellectual property rights.
        For activities that unreasonably waste staff effort or use networked resources, or activities
         that unreasonably serve to deny the service to other users.
        For activities that corrupt or destroy other users‟ data.
        For activities that disrupt the work of other users.
        For the creation or transmission of any offensive, obscene or indecent images, data, or
         other material.
        For the creation or transmission of material which is designed or likely to cause significant
         annoyance, inconvenience or needless anxiety.
        For the creation or transmission of material that is abusive or threatening to others, or
         serves to harass or bully others.
        For the creation or transmission of material containing derogatory, insulting or aggressive
         remarks.
        For the creation or transmission of material that either discriminates or encourages
         discrimination on racial or ethnic grounds, or on grounds of gender, sexual orientation,
         marital status, disability, political or religious beliefs.
        For the creation or transmission of defamatory material.
        For the creation or transmission of material that includes false claims of a deceptive nature.
        For so-called „flaming‟ - i.e. the use of impolite terms or language, including offensive or
         condescending terms.
        For activities that violate the privacy of other users.
        For unfairly criticising individuals, including copy distribution to other individuals.
        For publishing to others the text of messages written on a one-to-one basis, without the
         prior express consent of the author.
        For the creation or transmission of anonymous messages - i.e. without clear identification of
         the sender. This may be by use of group email address or by being granted proxy access to
         another persons mailbox
        For the creation or transmission of material which brings the College into disrepute.
        To enter into contracts.

When using ICT facilities provided by the College for email users should:

        Seek confirmation of receipt of outgoing important emails.
        Store copies of important emails sent and received.
        Include the senders‟ name and job title/department where appropriate.
        Check the email content is unlikely to be misconstrued in anyway before sending it.

In   normal  circumstances,                  it    is     forbidden   to   use   another       person’s
account/password/user ID.

5.2.1 Definitions

Page 5

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document

       1. Illegal Material

         It is illegal to create, access, store, transmit or publish any material which falls into the
         following categories:

                 1. National Security such as instructions on bomb-making, illegal drug production or
                 terrorist activities.
                 2. Abuse in the form of marketing, violence or pornography
                 3. Incitement to racial hatred or discrimination
                 4. Economic fraud such as instructions on pirating credit cards
                 5. How to breach security via malicious hacking

         In addition it is necessary to protect the reputation of the College by not distributing
         unauthorised works protected by copyright such as software or music.

         2. Forbidden material

         For the purposes of this Policy Statement, obscene and vulgar are defined as follows:-

                 1. Obscene - indecent, lewd, repulsive
                 2. Vulgar - offending against good taste, coarse

         When assessing whether material is unacceptable, each case will be judged on its merits,
         taking into account the individual circumstances.

         Pornography can take many forms. For example, textual descriptions, still and moving
         images, cartoons, and sound files. Some pornography is illegal in the UK and some is legal.
         Pornography considered legal in the UK may be illegal elsewhere. Because of the global
         nature of the Internet and email, these issues must be taken into consideration. Therefore,
         the County College defines pornography as the description or depiction of sexual acts or
         naked people that are designed to be sexually exciting. The College will not tolerate its
         facilities being used for this type of material and considers such behaviour to constitute a
         serious disciplinary offence

         3. Harassment

         What is harassment?

         The contents of an email can give rise to complaints of harassment. Harassment is a
         complex and sensitive issue and it can be described as unwanted, unsolicited and
         inappropriate words or conduct affecting the dignity of another person. It can be isolated or
         repetitive behaviour and may be directed at an individual or group.

         Harassment can also be of a sexual nature. For example:

                Where a worker is subject to any form of unwanted verbal, non-verbal or physical
                 conduct of a sexual nature which has the purpose or effect of violating that worker‟s
                 dignity or creating an intimidating, hosting, degrading, humiliating or offensive
                 environment for that person;

                It will also take place where the unwanted verbal, non verbal or physical conduct of
                 a sexual nature relate to a person‟s sex, to the sex of another person, sexual

Page 6

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document

                 orientation or to the fact that a person intends to undergo or is undergoing or has
                 undergone gender reassignment.

         Harassment is considered to be very personal, because what constitutes acceptable
         behaviour by one individual may be deemed to be harassment by another.

         What are the consequences of not following this policy?

         In accordance with the information given in the College's Policy and Procedure on Resolving
         Issues at Work, an investigation will be carried out. Many complaints can be resolved
         through conciliation but, if necessary, disciplinary action will be taken against the harasser
         or bully.

         If you are subject to e-mail harassment, keep a copy of all relevant emails. Users should
         contact their line manager if appropriate or report it using the grievance procedure laid out
         in I:\Staff-Read Only\College Policies\Employment\Resolving Issues at Work.doc.

         4. Defamation

         What is defamation?

         Defamation is the issuance of a statement which exposes a person to hatred, ridicule or
         contempt or which causes them to be shunned or avoided, or which has a tendency to
         injure him in his office, profession or trade. If such a statement is published in a form to
         which some degree of permanence attaches the individual can bring a libel action.

         What are the consequences of not following this policy?

         The College and the sender may risk court action if the College's email system is used to
         disseminate defamatory information. Any person sending such an email will, if necessary,
         be disciplined under the College's Disciplinary Procedure.

         5. Entering Contracts

         A contract is an agreement enforceable at law. Employees may inadvertently enter into
         contracts or vary terms which the College would not wish to honour. Users must not enter
         into a contract or vary a term of a contract by using the College's email system unless it is
         authorised by a member of the Strategic Team and is in accordance with the Contract
         Procedure Rules and/or Procurement Guidelines. A breach of this rule could result in the
         College‟s Disciplinary Procedure being invoked.

         6. Personal Data

         Personal data is subject to the Data Protection Act 1998. Under the terms of the Act,
         personal data includes any information about a living individual, including their name,
         address, phone number Email address and any other information about the individual. If
         such information is included in an Email or an attachment to an Email, individuals will be
         deemed to be “processing” personal data and must abide by the law. In particular, they
         must not collect such information without the person concerned knowing they propose to
         do this. Such information may not be disclosed or amended except in accordance with the
         purpose for which the information was collected. Users must ensure that the information is
         accurate and up to date. In addition, the individual has the right to inspect what is held
         about him or her on the Email system. The individual can demand correction of inaccurate
Page 7

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document

         information, can request blocking or erasure of damaging information, and can sue for
         damage caused by inaccurate information.

         Employees must be aware that although the Data Protection Act states that personal data
         relates to living individuals, information relating to a deceased person can also constitute
         personal data therefore it must be handled in the same way as data relating to a living
         individual.

         The law imposes rules on the storing of personal data. Such data should be kept only for as
         long as it is needed for the purpose for which it was collected.

5.3      Email Signature

         All staff should follow this email signature format to comply with corporate branding and
         readability guidelines, and to reduce unnecessary load on email servers.

         For many users, the default display for emails is text-only. This means that images and
         graphics will not be displayed. Therefore, you should not normally include graphics
         (including the Whitby Community College / Adult Education & Skills Service logo) in your
         email signatures.

         The standardised email signature, below, provides a consistent brand across the College
         and ensures signatures can be viewed by all with, or without, rich text editors.

         The Whitby Community College standard email signature should appear as follows in an
         easy-to-read, regular font (ie, Arial/Tahoma/Tw Cen MT):

         Name
         Job title
         Postal address (optional);
         <space>
         Telephone number (including STD code;
         Fax number (optional);
         Email address: all lower case (optional);
         <space>

         For example:

         Joe Bloggs
         Post Title
         Whitby Community College
         Prospect Hill
         Whitby
         North Yorkshire
         YO21 1LA

         Telephone: 01947 602406
         Fax: 01947 821169
         Email: j.bloggs@whitbycc.co.uk

         The Disclaimer text will appear below this signature

         5.31 Scanned Signatures
Page 8

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document


         What is a scanned signature?

         A written signature, which has been scanned, that can be embedded into an electronic
         document.

         Using Scanned Signatures

         It should be noted that a scanned signature is as valid as a hand written signature, where it
         is the intention of the signatory to endorse the document.

         Efficiencies can be gained by the use of scanned signatures when either sending large
         volumes of similar correspondence, or to expedite internal approval or communication
         processes.

         With any signature there is a risk that someone may fraudulently use it elsewhere, and the
         risks are the same whether the signature is on paper, or electronically embedded.

         It is a fact that if people wish to misuse signatures, whether they are written or electronic,
         they will. But we can take some precautions to reduce the security issues resulting from the
         use of scanned signatures and minimise the potential risks of misappropriation and/or
         inappropriate use of scanned signatures.

             No electronic signature may be used without authorisation which must be in writing
              and signed otherwise than electronic signature from the signatory.

             No electronic signature shall be used except for the purpose for which it was
              authorised, and in accordance with the terms and conditions of the authorisation.

             Steps should be taken to ensure that no one has access to a scanned signature other
              than those permitted to use it. Generally, documents should be saved without the
              signature. Where it is necessary to save a signature in a document, it must be
              protected.

             If a document is to be sent by e-mail, or uploaded to the internet/intranet, the
              signature should be suitably protected.

5.4     Personal Use

        Occasional and reasonable personal use of the ICT facilities provided by the College for email
        is permitted provided that such use takes place outside of core working hours and it is in
        adherence with this policy.

      User sending a personal email should:

        1. Include the word „personal‟ in the subject field.
        2. Start or sign off the email with the following statement:

         “This email is personal. It is not authorised by or sent on behalf of Whitby Community
         College, however, the College has the right and does inspect emails sent from and to its
         computer system. This email is the sole responsibility of the sender.”


Page 9

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document

5.5     Junk Mail

        There may be instances where a user will receive unsolicited mass junk email or spam. It is
        advised that users delete such messages without reading them. Do not reply to the email.
        Even to attempt to remove the email address from the distribution list can confirm the
        existence of an address following a speculative e-mail.

        Before giving your e-mail address to a third party, for instance a website, consider carefully
        the possible consequences of that address being passed (possibly sold on) to an unknown
        third party, and whether the benefits outweigh the potential problems.

        Chain letter e-mails (those that request you forward the message to one or more additional
        recipients who are unknown to the original sender) must not be forwarded using Whitby
        Community College systems or facilities.

5.6     Mail Box Size

        In order to ensure that the systems enabling email are available and perform to their
        optimum, users should endeavour to avoid sending unnecessary messages. In particular,
        the use of the “global list” of e-mail addressees is discouraged.

        The College system uses INTY as the email host and users then download their emails using
        Outlook for storage in their User Area. Email users should manage their emails so that they
        do not fill up their user area with unnecessary mail, and thereby filling up valuable server
        space. The maximum size email to be sent over the network is 5MB.

        Email messages can be used to carry other files or messages either embedded in the
        message or attached to the message. If it is necessary to provide a file to another person,
        then a reference to where the file exists should be sent rather than a copy of the file. This
        is to avoid excessive use of the system and avoids filling to capacity another person‟s
        mailbox. If a copy of a file must be sent then it should not exceed 5MB in size.

5.7     Monitoring of Email Usage

        All users should be aware that email usage is monitored and recorded centrally. The
        monitoring of email traffic (outgoing and incoming) will be undertaken so that Whitby
        Community College:

            can plan and manage its resources effectively
            ensures that users act only in accordance with policies and procedures
            ensures that standards are maintained
            can prevent and detect any crime
            can investigate any unauthorised use.

        Monitoring of content will only be undertaken by staff specifically authorised for that
        purpose. These arrangements will be applied to all users and may include checking the
        contents of email messages for the purpose of:

            establishing the existence of facts relevant to the business, client, supplier and related
             matters
            ascertaining or demonstrating standards which ought to be achieved by those using the
             facilities
            preventing or detecting crime
Page 10

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document

            investigating or detecting unauthorised use of email facilities
            ensuring effective operation of email facilities
            determining if communications are relevant to the business.

        Where a manager suspects that College email facilities are being abused by a user, they
        should contact the Headteacher. Staff in the ICT department will investigate and provide
        evidence and audit trails of access to systems where necessary. The ICT department will
        comply with any legitimate requests from authorised bodies under the Regulation of
        Investigatory Powers legislation for this information.

        Access to another employee‟s email is strictly forbidden unless the employee has given their
        consent, or their email needs to be accessed by their line manager only for specific work
        purposes whilst they are absent. If this is the case a request can be made via the ICT
        Department. This must be carried out with regard to the rights and freedoms of the
        employee. Managers must only open emails which are relevant.

5.8     Categorisation of Messages

        Users at the College should be aware that protected information of a personal or private
        nature (e g disciplinary or medical) should not be sent via insecure email. Agencies within
        North Yorkshire County Council use a secure email system known as GCSx. This is not
        available to users at Whitby Community College. But users may need to be aware of the
        following in case they receive protectively marked email by accident.

        When creating an email, the information contained within it must be assessed and classified
        by the owner according to the content, when appropriate. It is advisable that all emails are
        protectively marked in accordance with the HMG Security Policy Framework (SPF). The
        marking classification will determine how the email, and the information contained within it,
        should be protected and who should be allowed access to it.

        The SPF requires information to be protectively marked. The way the document is handled,
        published, moved and stored will be dependant on this scheme.

        The classifications are:

            PROTECT.
            RESTRICTED.

        Information up to RESTRICTED sent via GCSx must be marked appropriately using the SPF
        guidance. The ICT technicians can advise staff regarding such matters.

5.9     Security

        Emails sent between the whitbycc.co.uk address are held with the same network and are
        deemed to be secure to a certain extent. However, emails that are sent outside this closed
        network travel over the public communications network and are liable to interception or
        loss. There is a risk that copies of the email are left within the public communications
        system. Therefore, personal and private information must not be sent via email outside a
        closed network, unless it is encrypted with a password sent via a different email or by other
        means. Users should adopt the approach of “would I want my personal details sent to all
        and sundry?”


Page 11

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document

5.10    Confidentiality

        All staff are under a general requirement to maintain the confidentiality of information.
        There are also particular responsibilities under Data Protection legislation to maintain the
        confidentiality of personal data. If any member of staff is unsure of whether they should
        pass on information, they should consult the Data Management Officer (NYCC).

        Staff must make every effort to ensure that the confidentiality of email is appropriately
        maintained. Staff should be aware that a message is not deleted from the system until all
        recipients of the message and of any forwarded or attached copies have deleted their
        copies. Moreover, confidentiality cannot be assured when messages are sent over outside
        networks, such as the internet, because of the insecure nature of most such networks and
        the number of people to whom the messages can be freely circulated without the
        knowledge of Whitby Community College / the Adult Education Service.

        Care should be taken when addressing all emails, but particularly where they include
        sensitive information, to prevent accidental transmission to unintended recipients. Particular
        care should be taken if the email client software auto-completes an email address as the
        user begins typing a name.

        Automatic forwarding of email to an external address is prohibited; such arrangements
        must be discussed and managed through the ICT Department. Rules can be implemented
        to include or exclude certain mail based on the sender or subject. If you require assistance
        with this, please contact the ICT Department in the first instance.

5.11    Negligent Virus Transmission

        Computer viruses are easily transmitted via email and internet downloads. Full use must
        therefore be made of Whitby Community College / Adult Education & Skills Service‟s anti-
        virus software. If any user has concerns about possible virus transmission, they must
        report the concern to the ICT Department.

        In particular, users:

             must not transmit by email any file attachments which they know to be infected with a
              virus
             must not download data or programmes of any nature from unknown sources
             must ensure that an effective anti-virus system is operating on any computer which
              they use to access College facilities
             must not forward virus warnings other than to the ICT Department
             must report any suspect files to the ICT Department.

        In addition, the College will ensure that email is virus checked at the network boundary and
        at the host, and uses two functionally independent virus checkers.

        If a computer virus is transmitted to another organisation, the College could be held liable if
        there has been negligence in allowing the virus to be transmitted. Users must therefore
        comply with the Software Policy.




Page 12

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document

6       Policy Compliance

        Users at College are required to comply with this policy in respect of its provisions and
        ethos. Failure to do so may be regarded as a breach of the Users' Code of Conduct and
        could result in action being taken against the member of staff concerned.

        If you do not understand the implications of this policy or how it may apply to you, you
        should seek advice from the Data Management Officer or the ICT Information Security
        Officer.

7       Policy Governance

        The following table identifies who within Whitby Community College / Adult Education &
        Skills Service is Accountable, Responsible, Informed or Consulted with regards to this policy.
        The following definitions apply:

       Responsible – the person(s) responsible for developing and implementing the policy.
       Accountable – the person who has ultimate accountability and authority for the policy.
       Consulted – the person(s) or groups to be consulted prior to final policy implementation or
        amendment.
       Informed – the person(s) or groups to be informed after policy implementation or
        amendment.


Responsible            ICT Information Security Officer: AW

Accountable            Senior Information Risk Officer: SLM

Consulted              College Governing Body

Informed               All College employees, temporary staff, contractors and students.


8       Review and Revision

        This policy will be reviewed as it is deemed appropriate, but no less frequently than every
        12 months.

        Policy review will be undertaken by the ICT Information Security Officer.

9       References

        The following legislation is pertinent to this policy

            The Data Protection Act (1998)
            The Data Protection (Processing of Sensitive Personal Data) Order 2000.
            The Copyright, Designs and Patents Act (1988)
            The Computer Misuse Act (1990)
            The Health and Safety at Work Act (1974)
            Human Rights Act (1998)
            Regulation of Investigatory Powers Act 2000
            Freedom of Information Act 2000
            Health & Social Care Act 2001
            Health & Social Care Act 2008
Page 13

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc
                      Whitby Community College – Policy Document

            Mental Health Act 1983
            Mental Health Act 2007
            The European Union (EU) Directive 2002/58/EC Directive on Privacy and Electronic
             Communications
            The Equalities Act (2010)
            Electronic Communications Act 2000
            Intellectual Property 1994

10      Key Messages

            All emails that are used to conduct or support official Whitby Community College / Adult
             Education & Skills Service business should be sent using a “@whitbycc.co.uk” address.
            Non-work email accounts should not normally be used to conduct or support official
             Whitby Community College / Adult Education & Skills Service business.
            College users should ensure that any emails containing sensitive information are sent
             from an official College email address and is encrypted.
            All official external email should carry the official College disclaimer (see section 5.1).
            Under no circumstances should users communicate material (either internally or
             externally), which is defamatory, obscene, or does not comply with the College‟s Equal
             Opportunities policy.
            Automatic forwarding of email is prohibited; such requests must be discussed with and
             managed through the ICT Department.




Page 14

C:\Docstoc\Working\pdf\f31cdbfc-8370-45c0-ac12-fcb36a850c8c.doc

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:9
posted:8/9/2011
language:English
pages:14