Electronic Communications Policy - Principles and Procedures.doc
Upcoming SlideShare
Loading in...5
×
 

Electronic Communications Policy - Principles and Procedures.doc

on

  • 4,197 views

 

Statistics

Views

Total Views
4,197
Views on SlideShare
4,197
Embed Views
0

Actions

Likes
0
Downloads
22
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft Word

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Electronic Communications Policy - Principles and Procedures.doc Electronic Communications Policy - Principles and Procedures.doc Document Transcript

  • UNIVERSITY OF WALES INSTITUTE, CARDIFF ELECTRONIC COMMUNICATIONS - PRINCIPLES AND PROCEDURES Introduction 1.1 Communication plays an essential role in the conduct of business. UWIC values the ability of staff to communicate with colleagues, students and business contacts and invests substantially in information and communication technology systems enabling efficient working. It is expected that such equipment is used responsibly. 1.2 How communication is conducted not only reflects on the individual but on UWIC as an organisation. Therefore, although we will respect personal autonomy and privacy, the policy and these principles and procedures indicate what is expected of staff and what can be expected of UWIC in relation to the use of e-mail, the Internet and other means of electronic communication such as fax, fixed line or mobile phones. 1.3 Staff are expected to use the information technology and communications facilities sensibly, professionally, lawfully, consistently with their duties, with respect for colleagues and in accordance with the policy and UWIC’s rules and procedures. 1.4 These principles and procedures apply to all UWIC employees whatever their position in the organisation and to both temporary and permanent staff. Any use of UWIC’s electronic communications systems in contravention of the policy may lead to disciplinary action being taken under UWIC’s disciplinary procedures. 1.5 It is important that this policy is read carefully. Once the document has been read and understood the Declaration of Acceptance must be signed and returned to the Personnel. General Principles 1.6 Care must be taken when using e-mail as a means of communication as all expressions of fact, intention and opinion via e-mail may bind the individual and/or UWIC and can be produced in court in the same way as oral or written statements. 1.7 All staff are trusted to use the Internet sensibly. Note that when visiting an Internet site the unique address for the computer used (your IP address) can be logged by the site so UWIC can be identified. Therefore any activity you engage in may affect UWIC. 1.8 The advantage of the Internet and e-mail is that it is an extremely easy and informal way of accessing and disseminating information. However, the same principles apply to information exchanged in this way as apply under the terms of employment to any other means of communication. For example, sending defamatory, sexist or racist jokes or other material are grounds for an action for defamation, harassment or incitement to racial hatred in the same way as making defamatory, sexist or racist comments to a colleague. Therefore, do not use the Internet and e-mail for purposes that would be subject to disciplinary or legal action in any other context. 1.9 Due care should be exercised when collecting, processing or disclosing any personal data. Such data should only be processed on behalf of UWIC where it is a necessary part of the duties of the post concerned. 1.10 Although e-mail and Internet access is intended to be used for institutional purposes, it is appreciated that there may be occasions when the system and/or the facilities need to be used for personal purposes. Staff are expected to use them responsibly and to abide by the guidelines for the use of such facilities. 1.11 Telephones and Fax Machines are intended to be used for business purposes
  • 1.12 Generally, intellectual property rights protect all aspects of communication. These rights are infringed by any form of copying. Downloading, copying, possessing and distributing material from the Internet may be an infringement of Copyright or other Intellectual Property Rights. 1.13 If there is any doubt concerning the use of facilities, permission should be sought from the appropriate line manager. Monitoring Communications 1.14 Network level monitoring will be carried out on an ongoing basis to ensure the correct operation and security of the systems and services and in order to provide any billing data required. This monitoring will not generally include accessing individual business and personal communications, however UWIC retains the right to examine the content of email and monitor use of Internet without any further notice. Any such monitoring would only be carried out if evidence existed that a particular usage policy was being abused or law broken and would require written authorisation from a member of the Vice Chancellor and Principal’s Management Board or their nominated authority. 1.15 Any monitoring performed will be done so in line with appropriate legislation and records generated from this will only be used for the purposes originally identified and will only be distributed to those requiring access for the uses intended. Procedures Use of UWIC’s Information & Communication Technology Facilities: 1.15.1 When accessing remote facilities through network links or any other method these procedures remain applicable. In addition, users should be aware that they are subject to any regulations applicable at the remote site. Users must also observe the Acceptable Use Policy (AUP) of the Joint Academic Network (JANET). 1.15.2 Networked services administered by UWIC must not be used for unauthorised access to, or activity on, remote facilities. 1.15.3 To enforce compliance with the JANET Acceptable Use Policy, and regulate the extent and management of the network, no equipment may be connected in any way into any network or other IT facility of UWIC without the prior agreement of the Head of Information Systems (or nominee). For this purpose, and to protect the security of its network, UWIC will record all successful and failed attempts to login to its network. 1.15.4 Unless prior consent from a user, or authorisation from the Head of Information Systems has been obtained, staff are expressly prohibited from: a) introducing packet-sniffing software (i.e. software which is used to intercept data on a network) or password detecting software; b) seeking to gain access to restricted areas of the network; c) knowingly seeking to access data which is known or ought to have been known to be confidential; d) introducing any form of computer viruses; and e) carrying out any other hacking activities. UWIC – Electronic Communications - Principles and Procedures 2
  • 1.15.5 For information, the following activities are criminal offences under the Computer Misuse Act 1990: a) Unauthorised access to computer material: this makes illegal the activity of “hacking”; whether by a “remote” hacker, working from a distance, who attempts to gain unauthorised access to any program or data held in any computer; or by persons such as employees or students who may have limited authorisation to use the computer but knowingly exceed that authority. The "hacking" need not be directed at a particular computer, program or data. For example, it is unlawful, without proper authority; to use another person's ID and password in order to access a computer or use data or a program; to alter, delete, copy or move a program or data, or simply to output a program or data; to lay a trap to obtain a password. b) Unauthorised access to a computer system with intent to commit or facilitate the committing of a further offence: this covers the situation where an unauthorised access offence (as in the paragraph above) is committed with intent to commit a further offence. It covers a range of situations, eg where a person gains unauthorised access to computer material in order to commit theft by re-directing funds to his/her own bank account. c) Unauthorised modification of computer material: this offence includes the deliberate erasure or corruption of programs or data, including introduction of viruses and worms, modifying or destroying another user's file or system files, etc. 1.15.6 UWIC has means of checking upon individual access to prohibited material and will exercise these powers as a reasonable service provider for those purposes. Following an appropriate investigation, where an unacceptable use is established, disciplinary action will follow. 1.15.7 Where access to materials that would normally be prohibited is deemed necessary for scholarship or research, permission from your Head of School/Unit should be obtained in advance. This procedure extends to material that might be deemed to be racist or sexist in its application. 1.15.8 In considering what constitutes acceptable use of its IT facilities and equipment UWIC has determined that: a) Users should be responsible for ensuring that they are sufficiently familiar with the operation of any equipment they use to make their use of it safe and effective and to avoid interference with the use of it by others. b) Users must take every precaution to avoid damage to equipment caused by smoking, eating or drinking in its vicinity. c) No equipment or other IT facility may be moved without the prior agreement of the designated authority. A permanent or long-term move of equipment should be recorded in the departmental, or central inventory (held by ISD), and with Estates to enable portable appliance testing records to be updated. d) No equipment or facility may be taken off site without written permission in the appropriate form from the user’s line manager. Such equipment must be returned by the due agreed date. It is the user’s responsibility to ensure that equipment and facilities are used for the benefit of UWIC; otherwise the terms of insurance cover will be void. e) Users may be charged for the cost, as determined by the line manager or Head of Information Systems, of remedying any loss or damage they cause. UWIC – Electronic Communications - Principles and Procedures 3
  • Use of Electronic Mail General Principles 1.15.9 In conducting business, it should be expressly agreed with the recipient that the use of e-mail is an acceptable form of communication bearing in mind that if the material is confidential, privileged, price sensitive or commercially sensitive un-encrypted e-mail is not secure. 1.15.10 Some intended recipients might have rigorous e-mail gateway protocols (or firewalls) that can automatically screen all incoming e-mail for content and source. If this is the case, consider whether this means of communication is appropriate. 1.15.11 Prior to encrypting a message, consult the appropriate line manager to obtain confirmation that encryption is suitable in that particular case. Further details on the encryption of e-mail messages can be obtained from the E-mail Code of Practice. 1.15.12 Activate the recipient read receipt mechanism when it is important that you record a message has been received. Unacceptable Use 1.15.13 The term "unacceptable use" is used here, as with other institutions and organizations providing e- mail facilities, to refer to any use that could lead to disciplinary action. a) Unauthorised Access - E-mail facilities are provided to registered staff and students for their own use, and departmental e-mail addresses are provided for use by nominated staff. The following constitute unauthorised forms of access to these facilities and would be subject to disciplinary action. The first three of these also render the user liable to prosecution under the Computer Misuse Act 1990. i) permitting anyone else to send e-mail using the username or e-mail address you have been given; ii) sending e-mail using another user's username or e-mail address; iii) sending e-mail from a departmental username you are not authorised to use; iv) attempting to disguise the e-mail address from which your message is sent or the identity of the sender. b) Unauthorised Purposes - The e-mail system is intended to support UWIC's institutional activities, and in principle, any other use is not permitted. In practice, limited use of e-mail for personal purposes is regarded as acceptable, while more extensive use of e-mail for the purposes listed below could lead to disciplinary action: i) private commercial use of UWIC's e-mail facilities; ii) use of e-mail which is self-evidently trivial and therefore constitutes a waste of the UWIC's resources; iii) sending unsolicited mail to multiple recipients, except where it relates to the academic or administrative activities of UWIC. c) Legitimate Use - Students may legitimately use UWIC's e-mail facilities to keep in touch with their families. If there is a need to use e-mail for commercial purposes or a need to send substantial amounts of personal e-mail, a personal account should be set up with a commercial Internet Service Provider. UWIC – Electronic Communications - Principles and Procedures 4
  • d) Improper Content - Any e-mail message which lays the sender and/or UWIC open to civil or criminal proceedings may also result in disciplinary action (UWIC may be jointly liable, as employer, for any infringements by staff). An e-mail message is, for legal purposes, treated as a publication, and is therefore subject to all the normal legal restrictions on publication. In addition, there are some types of content that contravene UWIC’s Regulations and Policies. It is a disciplinary offence to send an e-mail message that is: i) Defamatory; ii) Obscene; iii) Racist; iv) Sexist; v) Threatening. vi) constitutes racial or sexual harassment; vii) might cause unnecessary distress to the recipient. viii) include copyright material in an e-mail message without the permission of the copyright holder. Since an e-mail message itself is protected by copyright, forwarding a message without permission could be construed as a breach of copyright. Of course, permission need not be sought where a message obviously contains information intended for forwarding or for wider dissemination. Head of ISD September 2002 UWIC – Electronic Communications - Principles and Procedures 5