IT Policy

Essential Healthcare Solutions Ltd and Essential Training group Ltd provides employees with access to various computer facilities for work and communication purposes. To ensure compliance with all applicable laws in relation to data protection and GDPR,

information security and compliance monitoring, the Company has adopted an IT communications and monitoring policy, which should be read in conjunction with the GDPR policy.

Breach of the Policy

Breach of this policy will be regarded as a disciplinary offence and will be dealt with under the Company’s formal discipline procedure.

Employees who consider that there has been a breach of this policy in relation to personal information about them held by the Company should raise the matter via the Company’s formal grievance procedure.

IT, Communications and Monitoring

The Company makes extensive use of IT systems, for data storage, communications and as a source of information. We have adopted an IT, communications and monitoring policy to:

  • Prevent inappropriate use of computer equipment (such as extended personal use or for accessing and circulating pornographic, racist, sexist or defamatory material);
  • Protect confidential, personal or commercially sensitive data;
  • Prevent the introduction of viruses;
  • Prevent the use of unlicensed software;
  • Ensure that Company property is properly looked after;
  • Monitor the use of computer facilities to ensure compliance with internal policies and rules and to detect abuse.

IT, Communication and Monitoring Policy

Essential Healthcare Solutions Ltd and Essential Training Group Ltd provides you with access to various computing, telephone and postage facilities to allow you to undertake the responsibilities of your position and to improve internal and external communication.

This policy sets out the Company’s policy on your use of the Facilities and it includes:

  • Your responsibilities and potential liability when using the facilities;
  • The monitoring policies adopted by he Company; Guidance on how to use the facilities.

This policy has been created to:

  • Ensure compliance with all applicable laws relating to data protection, information security and compliance monitoring;
  • Protect the Company and its employees from the risk of financial loss, loss of reputation or libel; and Ensure that the Facilities are not used to cause harm or damage to any person or organisation.

This policy applies to the use of:

  • Local, inter-office, national and international, private or public networks (including the internet and intranet) and all systems and services accessed through those networks;
  • Desktop, portable and mobile computers and applications;
  • Mobile telephones (including the use of WAP services);
  • Electronic mail and messaging services.

Computer Facilities: Use of Computer Systems

Subject to anything to the contrary in this policy the Facilities must be used for business purposes only.

To maintain the confidentiality of information held on or transferred via the Company’s facilities, security measures are in place and must always be followed. A log-on ID and password is required for access to the Company’s network. Despite your use of a password, the Company reserves the right to override your password and obtain access to any part of the Facilities.

You are responsible for keeping your password secure. You must not give it to anyone, including colleagues, except as expressly authorised by the Company.

You are expressly prohibited from using the Facilities for the sending, receiving, printing or otherwise disseminating information which is the confidential information of the Company or its clients other than in the normal and proper course of carrying out your duties for the Company.

To ensure proper use of computers, you must adhere to the following practices:

  • Anti-virus software must always be kept running;
  • All forms of media storage must be checked by the IT department before the contents are accessed or stored on the Company’s network or hard drives;
  • Obvious passwords such as birthdays and spouse names, etc, must be avoided (the most secure passwords are random combinations of letters and numbers);
  • When you are sending data or software to an external party by disk always ensure that the this has been checked for viruses by the IT department before sending it;
  • All files must be stored on the network drive which is backed up regularly to avoid loss of information; and
  • Always log off the network before leaving your computer for long periods of time or overnight.

Software

Software piracy could expose both the Company and the user to allegations of intellectual property infringement.

The Company are committed to following the terms of all software licences to which the Company is a contracting party. This means:

  • Software must not be installed onto any of the Company’s computers unless this has been approved by the IT department. They will be responsible for establishing that the appropriate licence has been obtained, that the software is virus free and compatible with the computer facilities;
  • Software should not be removed from any computer nor should it be copied or loaded on to any computer without the prior consent of the IT department.

 Laptop Computers

At various times during your employment with the Company, you may use a laptop. These computers, along with related equipment and software are subject to all of the Company’s policies and guidelines governing non- portable computers and software (see two paragraphs in software section above). However, use of a laptop creates additional problems especially in respect of potential breaches of confidentiality. When using a laptop:

  • You are responsible for all equipment and software until you return it. The laptop must always be kept secure;
  • You are the only person authorised to use the equipment and software issued to you;
  • You must not load or install files from any sources without the IT department inspecting such files for viruses;
  • All data kept on the laptop must be backed up regularly to protect data against theft or mechanical failure or corruption;
  • You must password protect confidential data on disks or on the hard drive to protect against theft;
  • If you discover any mechanical, electronic, or software defects or malfunctions, you should immediately bring such defects or malfunctions to the attention of the IT department;
  • Upon the request of the Company at any time, for any reason, you will immediately return any laptop, equipment and all software to the Company;
  • If you are using your own laptop to connect with the Company’s network or to transfer data between the laptop and any of the Company’s computers you must ensure that you have obtained prior consent of the IT department, comply with its instructions and ensure that any data downloaded or uploaded is free from viruses.

Email (Internal or External use)

Internet email is not a secure medium of communication; it can be intercepted and read. Do not use it to say anything you would not wish to be made public. If you are sending confidential information by email this should be sent using password protected attachments;

Email should be treated as any other documentation. If you would normally retain a certain document in hard copy you should retain the email;

Do not forward emails message unless the original sender is aware that the message may be forwarded. If you would not have forwarded a copy of a paper memo with the same information do not forward the email;

Your email inbox should be checked on a regular basis;

As with many other records, email may be subject to discovery in litigation. Like all communications, you should not say anything that might appear inappropriate or that might be misinterpreted by a reader;

If you are using email for private purposes, then you must ensure that it contains the following message: “This email does not reflect the views or opinions of Essential Healthcare Solutions Ltd or Essential Training Group Ltd ”

Use of email facilities for personal use is permitted during your lunch break providing that:

  • Such emails do not contain information or data that could be obscene, racist, sexist,
  • otherwise offensive and provided that such use is not part of a pyramid or chain letter; and
  • Such emails are not used for trading or carrying out any business activity other than Company business.

If you are away from the office and use email as an external means of communication, you must ensure that the autoreply service is used to inform the sender that you are unavailable. Failure to do so could lead to disciplinary action. If you have any doubt as to how to use these facilities, please contact the IT department.

Internet

Use of the internet, or internet services, by unauthorised users is strictly prohibited. You are responsible for ensuring that you are the only person using your authorised Internet account and services.

Downloading any files from the internet using the computer Facilities is not permitted. If there is a file or document on the internet that you wish to acquire, contact the IT department to decide for it to be evaluated and checked for viruses. It will be at the discretion of the IT department on whether to allow such download.

Viewing, downloading, storing (including data held in RAM or cache) displaying or disseminating materials (including text and images) that could be obscene, racist, sexist, or otherwise offensive may constitute harassment and such use is strictly prohibited. The legal focus in a harassment case is the impact of the allegedly harassing material on the person viewing it, not how the material is viewed by the person sending or displaying it.

Posting information on the internet, whether on a newsgroup, via a chat room or via email is no different from publishing information in the newspaper. If a posting is alleged to be defamatory, libellous, or harassing, the employee making the posting and the Company could face legal claims for monetary damages.

Using the internet for trading or carrying out any business activity other than Company business is strictly prohibited.

Subject to the above you can use the Internet for personal use during your lunch break. Use of the internet for personal use at any other time is strictly prohibited.

For the avoidance of doubt the matters set out above include use of WAP facilities.

Monitoring policy

The policy of the Company is that we may monitor your use of the facilities.

The Company recognises the importance of an individual’s privacy but needs to balance this against the requirement to protect others and preserve the integrity and functionality of the facilities.

The Company may from time to time monitor the facilities. Principle reasons for this are to:

  • Detect any harassment or inappropriate behaviour by employees, ensuring compliance with contracts of employment and relevant policies including the health and safety, ethical and sex discrimination policies;
  • Ensure compliance of this policy;
  • Detect and enforce the integrity of the facilities and any sensitive or confidential information belonging to or under the control of the Company;
  • Ensure compliance by users of the facilities with all applicable laws (including data protection), regulations and guidelines published and in force from time to time;
  • Monitor and protect the wellbeing of employees.

The Company may adopt at any time a number of methods to monitor use of the facilities. These may include:

  • Recording and logging of internal, inter-office and external telephone calls made or received by employees using its telephone network (including where possible mobile telephones). Such recording may include details of length, date and content;
  • Recording and logging the activities by individual users of the Facilities. This may include opening emails and their attachments, monitoring Internet usage including time spent on the internet and websites visited;
  • Physical inspections of individual users’ computers, software and telephone messaging services;
  • Periodic monitoring of the facilities through third party software including real time inspections;
  • Physical inspection of an individual’s post;
  • Archiving of any information obtained from the above including emails, telephone call logs and Internet downloads.

If at any time an employee wishes to use the facilities for private purposes without the possibility of such use being monitored, they should contact their direct supervisor or the person to whom their supervisor reports. This person will consider such request and any restrictions upon which such consent is to be given. If such a request is granted by the Company (unless required by law) it will not monitor the applications of private use.

The Company will not (unless required by law):

  • Allow third parties to monitor the facilities;
  • Disclose information obtained by such monitoring of the facilities to third parties.

The Company may be prohibited by law from notifying employees using the facilities of a disclosure to third parties.

General guidance

Never leave any equipment or data (including client files, laptops, computer equipment, mobile phones and PDAs) unattended on public transport or in an unattended vehicle.

When using email or sending any form of written Correspondence:

  • Be careful what you write; never forget that email and written correspondence are not the same as conversation: they are a written record and can be duplicated at will;
  • Use normal capitalisation and punctuation; typing a message all in capital letters is the equivalent of shouting at the reader;
  • Check your grammar and spelling;
  • Do not forget that emails and other forms of correspondence should maintain the high standards expected by the Company. Where applicable, you should use formal headings and introductions such as “Dear ” and “Yours sincerely” etc.

Observation of this policy is mandatory and forms part of the terms and conditions of employment. Misuse of the facilities will be treated as gross misconduct and may lead to dismissal.