COMMUNICATIONS AND INFORMATION:
ACCEPTABLE USE POLICY
The policy has been developed to advise employees of if, when and under what conditions they may use the school’s communications and information systems for personal reasons. It sets standards to ensure that employees understand the position and do not inadvertently use communications and information in inappropriate circumstances.
The school recognises employees' rights to privacy but needs to balance this with the requirement on the school (as a public service) to act appropriately, with probity, to safeguard its business systems, and to be seen to be doing so.
In applying the policy, the school will act in accordance with the Human Rights Act 1998 and other relevant legislation and will recognise the need of employees to maintain work/life balance.
This policy covers all forms of communication, information retrieval (from any source), media and equipment, used for official business and regardless of origin, ownership or place of use, for example:
Ø mail systems (internal and external)
Ø internet and intranet (email, web access and video conferencing)
Ø telephones (hard wired and mobile)
Ø fax equipment
Ø computers – this covers ANY computer used for work purposes, whether at the place of work or elsewhere i.e. Laptops For Teachers
Ø photocopying, printing and reproduction equipment
Ø recording / playback equipment
Ø documents and publications (any type or format)
The policy applies to all employees (as a contractual term), agency staff and to other people acting in a similar capacity to an employee. It will also apply to staff of Contractors and other individuals providing services/support to the school (e.g. volunteers). It takes account of the requirements and expectations of all relevant legislation.
Headteachers/Managers will discuss the policy with their teams and agree parameters within which team members will act. This will take into account for example, whether or not there is a public phone in the building, whether or not employees are able to leave the premises during break periods, etc, and should be in writing. Every employee will have the policy explained to them at induction, and be given a copy for future reference. If at any stage employees require further clarification, they should speak to their Headteacher/manager in the first instance.
Where an employee needs to discuss personal information with Occupational Health, Personnel or their Trade Union, they will be given privacy to do this.
Headteachers/Managers will agree with Trade Union representatives the arrangements for using school communication and information systems which will be provided in accordance with trade union facilities agreement and the ACAS Code of Practice.
The Council's Code of Conduct for Officers states that staff must not carry out personal activities during working hours, nor mix private business with official duties. Official equipment and materials should not be used for general private purposes without prior permission from the Headteacher or an appropriate line manager. This will usually be in writing or may be covered by the parameters agreed by the Headteacher/manager with the team.
To encourage employees to use and learn about ICT methods and means and to meet reasonable private needs, the Council have provided computing equipment for personal use during an employee's own time at some establishments (e.g. the cybercafés). Use of this equipment is on the terms specified at the sites.
If an employee needs to use a school phone for private purposes that are permissible within this policy, the call should be logged in the private telephone call book in the school office and duly paid for. Payment is not required where employees need to phone to notify someone they have been delayed at work or in other emergencies.
In terms of using other equipment and materials, the decision to allow such use is at the Headteacher’s/Manager's discretion. However the following are provided as examples to illustrate where it might be reasonable for permission to be given for reasonable use for private purposes, under the conditions shown and after getting prior approval, in writing if this is required. The Headteacher or a senior manager may veto private use at any time if they consider that circumstances justify this in general or particular cases, e.g. because of improper use or over-use. A charge may be made for materials if the values are significant.
Ø Social or recreational activities associated with school employment.
Ø Regular activity for a legitimate voluntary body or charity - but prior written approval from a senior manager must be obtained.
Ø Training or development associated with school employment.
Ø Occasional and brief essential family communications or other personal messages. In emergencies permission might need to be obtained retrospectively or again this may be covered by the general parameters agreed with the team.
If given permission, approved acceptable private use should normally take place in the employee's own time but where this is not practicable or sensible, any disruption to the employee's official work or that of colleagues must be minimal. Official work will always take precedence.
All uses, whether for private or official purposes, must observe:
Ø the law
Ø Financial Regulations and Codes of Practice on Financial Management
Ø Terms of employment, especially the Code of Conduct for Employees
Ø Communications & Information Technology (ICT) Code of Practice
It is not acceptable to use school equipment and materials or an employee's own equipment/materials in the workplace in any of the following contexts:
Ø Illegal activity.
Ø Activities for private gain.
Ø Personal shopping.
Ø Excessive personal messages.
Ø Playing games.*
Ø Political comment or any campaigning.
Ø Personal communications to the media.
Ø Use of words or visual images that are offensive, distasteful or sexually explicit.
Ø Insulting, offensive malicious or defamatory messages or behaviour.
Ø Harassment or bullying.
Ø Random searching of the web.
Ø Accessing sites which could be regarded as sexually explicit pornographic or otherwise distasteful or offensive.
Ø Using message encryption or anonymised web search, except where encryption is required for official school/CCC business purposes.
Ø Racist, sexist or other conduct or messages which contravene the Council's employment diversity policies.
Ø Actions which could embarrass the school/Council or bring it into disrepute.
* except those games pre-loaded as part of the Microsoft programme suite, which may be accessed in the employee's own time.
If an employee inadvertently accesses an inappropriate web site, they should leave it immediately but notify their school/manager of the incident, giving the date and time, web address (or general description) of site and the action taken. This will help safeguard their position in circumstances where disciplinary action would otherwise result.
Employees may find themselves receiving emails which contravene this policy. In the case of comparatively innocuous material (e.g. 'clean jokes'), the recipient should point out to the sender that they do not wish to receive such messages at their workplace because they believe they contravene the school’s/Council's policy. If there is repetition, the employee should retain the messages and notify their Headteacher/manager. If the emails are racist or sexist or could otherwise be regarded as offensive, they should be left in the inbox and the Headteacher/manager notified immediately. Employees should notify the sender that they do not wish to receive further such material and keep a record of doing so.
SCHOOL/COUNTY COUNCIL MONITORING
Monitoring information will not be accessible (or distributed) any more widely than is necessary for the purposes for which it is needed.
All employees should be made aware at induction, at intervals thereafter and possibly through automatic messages on school equipment, that, in relation to any electronic communication, there can be no expectation of absolute privacy when using school equipment provided for official/ work purposes; and that the school/County Council reserves the right to monitor all communications including their content. This monitoring is carried out to ensure that equipment and systems are used efficiently and effectively, to maintain systems security and to detect any breaches of this policy or the law. Normally monitoring consists of the following:
Ø Telephones and fax. The school/Council reserves the right to monitor communication content selectively if abuse is suggested. However such monitoring would only take place following an assessment that such steps are necessary to further a particular investigation or concern. It would only be authorised following the advice of the Council's Statutory Officers. Where calls are made via the CCC network, an automatic record is kept of every number called, from where and the duration of the call. Further action is taken where particular numbers called or the frequency and duration of calls suggest abuse of this policy.
Telephone response times will be sampled from time to time.
Ø Emails. When using the CCC network, every incoming and outgoing email message is automatically swept for key words which could indicate misuse. The school reserves the right to apply similar screening to its own email systems.
Ø Web access. When using the CCC network, access to some web sites is automatically prevented (e.g. pornographic, racist and violent sites) and others are restricted (e.g. MP3 music sites and Web Chat) and a message warns that these types of sites are strictly for business purposes. However, an automatic record is made of all sites visited and a sweep made of site names and content against pre-determined criteria, to identify inappropriate sites together with attempts made to access such sites. The school reserves the right to apply similar restrictions and screening to its own web access systems.
Ø Mail. The privacy of internal and external postal communications marked 'personal' will normally be respected (unless abuse of this policy is suspected) but all other communications may be opened for good reason by a Headteacher, manager, secretary or colleague.
In the case of CCC systems, access to routine monitoring information is restricted to specified employees in Information & Communication Technology Services and Audit. If they identify a potential issue of abuse the relevant Headteacher/senior manager will be given access to the information to enable appropriate action to be taken. They will respect the confidentiality of all communications and disclose the contents of communications only where there are grounds for suspecting abuse of this policy. Where this is the case, other senior managers may then be involved and are likely to be made aware of the contents of communications.
Permanently fitted surveillance cameras are installed by the School/County Council only for security and safety reasons and will always be visible to people within their range. Any video recording tapes will be kept secure, the information used only for security purposes. No automatic connections will be made between information from security cameras and other monitoring sources.
Covert monitoring will only be used in connection with a criminal investigation or where abuse of terms of employment, e.g. the sickness scheme, is being investigated. This will always be in accordance with the statutory safeguards applicable to such activity (the Regulation of Investigatory Powers Act and the Human Rights Act) and only authorised following careful consideration of the need for such action in accordance with the attached policy entitled "Surveillance under the Regulation of Investigatory Powers Act 2000".
This policy provides safeguards in relation to who can sanction covert surveillance (only the Monitoring Officer (County Solicitor) or his authorised deputy), the reasons it can be undertaken and how long it can continue.
Every employee must observe the school’s/Council's communications and information technology security requirements (as detailed in the ICT Code of Practice) and act responsibly when using equipment and materials. Employees will be provided with the necessary briefing and training to enable them to comply with this requirement. The Headteacher will take the most serious view of any action or inaction on the part of an employee who deliberately, recklessly or carelessly jeopardises the security of records or systems. Any employee detecting a potential security problem (e.g. a virus or unauthorised access) must immediately take any action within their authorised power to safeguard or resolve the situation (e.g. disconnect any infected machine from the network (remove the cable) and, if appropriate, notify the person responsible for ICT) and notify the Headteacher or a senior manager.
If any employee suspects activity which may constitute misuse or activities which could jeopardise system security, they must report this immediately to the Headteacher or a senior manager or use the Confidential Reporting Procedure. The Headteacher or senior manager must consider whether it would be appropriate to involve Internal Audit and must always ensure that all relevant records and documents (paper and electronic) are safeguarded and retained securely. If necessary, a strategy for investigation will be agreed between the Headteacher/manager, Internal Audit and County Personnel, taking legal advice as necessary.
Breaches of this policy may result in the application of the Disciplinary Procedure and may, if deemed sufficiently serious, be treated as gross misconduct. In the case of Contractors, agency staff, volunteers or partnership employees, breach may result in termination of the contract or relevant arrangement and/or withdrawal of the relevant facility. Police involvement and prosecution may follow if the conduct in question constitutes possible criminal activity.
CCC Appendix 4.10 01/04, JPG 01/04
CCC Policy Adopted by School – 12 February 2009
(Comm & Info Acc Use/Policies)
ST BEDE’S CATHOLIC SCHOOL HAS ADOPTED THE LOCAL AUTHORITIES
COMMUNICATIONS AND INFORMATION
ACCEPTABLE USE POLICY
I have read and agree to abide by the Communications and Information Acceptable Use Policy.