EMAIL AND INTERNET USAGE POLICY - Library

Contents1 Introduction .................................................................................................... 42. Scope............................................................................................................. 53. Policy Statements .......................................................................................... 54. Training and Awareness ................................................................................ 65. Review ........................................................................................................... 76. Contacts......................................................................................................... 7Appendix A Dos and Don’ts concerning the use of Email and the Internet.............. 8Page 3 of 8

2. Scope2.1. This policy applies to all members of staff employed by UHL. It also applies tohonorary contract holders, secondees, locum staff, bank staff, voluntary workers andagency staff using the resources of the Trust, as well as contractors and any othersworking on behalf of UHL.2.2 Managers at all levels are responsible for ensuring that their staff are aware of andadhere to this policy.3. Policy Statements3.1 E-mail and internet are available to staff for limited personal use only.3.2 The Trust has the right to monitor staff usage of the e-mail and internet facilities toensure compliance with this Policy.3.3 Where there is apparent cause for concern at an employees use of the e-technologyfacility the appropriate and agreed investigating process (see Procedure for theMonitoring of Internet Access from within the UHL) will be pursued which shall includethe obtaining of records through the IM&T Department.3.4 Personal email accounts (such as Hotmail and Doctors.net) are insecure and must notbe used to conduct Trust business or transmit or receive personal identifiable data.UHL e-mail must not be auto forwarded to such insecure e-mail systems. Similarly,sensitive or patient-identifiable information should not be forwarded to Universityaccounts.3.5 Where appropriate, the Trust offers the facility for accessing Trust systems, includingemail, from a users “home” pc. The IM&T Helpdesk, ext. 8000, should be contactedfor further information on this. 13.6 E-mail and web site publishing have the same legal status as written documents;therefore staff must take care to ensure that facilities are used legally and avoid (forexample) defamation, breach of copyright, breach of confidence etc. Staff must alsowrite e-mails in the same courteous manner as letters and documents which areprinted.3.7 Trust facilities must not be used in a way which would breach the Computer MisuseAct, for example, hacking, virus transmission or unauthorised access to systems.3.8 Staff must not transmit or intentionally access any material which is (or participate inany social chatroom or internet community whose subject matter is) unlawful or whichis or could reasonably be deemed to be, objectionable or likely to cause offence to thepublic at large.Generally this will include material which is potentially libellous, pornographic, sexuallyexplicit, relating to controlled drugs, dating or gambling or which contains offensive1 See the Working From Home page on Insite.Page 5 of 8

material relating to gender, sex, race, sexual orientation, bullying, religious or politicalconvictions or disability. This also includes incitement of hatred and violence or anyactivity which contravene the Trust’s Policies including Equal Opportunities Policy(DMS article number 13739) and Dignity at Work (DMS article number 13653).Staff must be aware that whilst the immediate recipient may not find a transmission tobe offensive or objectionable the transmission may well be forwarded to a wideraudience which may do so.3.9 The Trust will restrict access to the type of site mentioned in 3.8 above, and to othersites deemed unsuitable such as social networking sites so as to prevent accidentalaccess.3.10 Users must not download, distribute or install software not supported by the TrustsIM&T Department. Any queries should be referred to the IM&T Help Desk on 8000.3.11 Password management is the responsibility of the employee. Passwords must neverbe shared, written down or left close to a terminal or PC, and should not easily beguessable.3.12 Under no circumstances are patient identifiable or any sensitive personal data (asdefined in the Data Protection Act) to be sent over the Internet unencrypted. The NHSMail system 2 can be used for sending patient identifiable or personal information, butonly to another NHS Mail account. Please contact the IM&T Helpdesk for advice onencryption.3.13 Staff using the Trust’s e-mail facility for their personal messages should use the“Personal” sensitivity from the view, option button on the toolbar to protect the privacyof their communications. Personal emails should be deleted once they have beenread.3.14 Staff must retain e-mail messages in accordance with the Trust’s Policy for theRetention of Records (Trust reference B10/2004).3.15 Staff must be aware that e-mails are potentially subject to disclosure under theFreedom of Information Act or the Data Protection Act and must take care not toinappropriately include any personal (as defined in the Data Protection Act) or othersensitive information in e-mails sent.3.16 The Trust may forward details of e-mail account holders to the appropriate body forinclusion in the national (NHS) e-mail system (NHS Mail).4. Training and Awareness4.1 Online training for NHSMail and Outlook can be obtained from the Microsoft NHSResource Centre 3 .4.2 The policy statements (above) will be sent to new users via e-mail when the networkaccount is set up.2 See www.nhs.net3 Microsoft NHS Resource CentrePage 6 of 8

Appendix A Dos and Don’ts concerning the use of Email and the InternetDo remember that emails have the same standing in law as other written communication andcan be released under Freedom of Information and Data Protection legislation.Do use distribution lists, especially when sending emails which may contain personal orcommercially sensitive information.Do use NHS Mail for sending emails containing personal or commercially sensitiveinformation to other NHS bodies.Do ensure that emails sent are clear, precise and say what you mean to say. Remember,emails may be forwarded by the recipient to people who do not know you and/or understandthe context in which the email was sent.Do apply common email etiquette when composing messages, e.g.• The inappropriate use of CAPITALS is considered to be aggressive• Standard (Arial or Times New Roman) fonts in an appropriate size should be used.• Excessive use of acronyms and mobile phone “text speak” should be avoided.Do remember that the Internet is, to a great extent, uncontrolled and so information held on itmust be treated with care and not automatically accepted as accurate and/or correct.Do take great care when entering personal details on websites. There is no guarantee thatany information entered is not visible to individuals other than the expected recipient.Do use e-mail and internet facilities for limited personal use only.Don’t send or forward emails which may contain personal or commercially sensitiveinformation to non UHL email accounts.Don’t send or forward emails which may be reasonably deemed to be objectionable or likelyto cause offence to the public at large.Don’t initiate or forward “spam” emails.Don’t attempt to download and install software from the Internet onto Trust computingequipment.Page 8 of 8