ITEM ST5
The Use of Information and Communication Technology (ICT) Policy – Members of the County Council Scope
1. This policy applies to elected Councillors and other persons appointed by the Council to any Committee, Sub-Committee, working party or group whilst carrying out their duties in that capacity or engaged in Oxfordshire County Council business.
Policy
2. Any breach of this policy or exceptions to it will be dealt with by the Council’s Assistant Head of Finance (Audit) or the Monitoring Officer. Any serious breach of the Policy will be referred to the Standards Committee if it appears to also be a breach of the Members’ Code of Conduct.
Introduction
Every user is responsible for the proper use of his/her equipment.
3. Oxfordshire County Council equipment should not be used in any way for salacious, illegal, libellous or defamatory material or purposes that could bring the County Council into disrepute. User Responsibilities4. As a user of Oxfordshire County Council IT facilities you are responsible for: · informing the Council’s Assistant Head of Finance (Audit) or the Monitoring Officer if you believe that others are using systems inappropriately (see Raising Serious Concerns & Whistleblowing guidance for councillors) · notifying the ICT Service Desk if you think that someone else may be using your login details · safeguarding personal/confidential data · contacting the ICT Service Desk immediately in the event of a suspected virus infection · ensuring that personal use of Oxfordshire County Council ICT equipment remains very occasional and reasonable and does not interfere with everyday workload and commitments or endanger the council’s systems
Monitoring Officer responsibilities
5. The Monitoring Officer is responsible for ensuring that all members are aware of this policy and act in accordance with its requirements. Privacy
6. All systems may be monitored and audited for administrative and management purposes so personal privacy cannot be assumed.
Security & Integrity of Systems & Equipment
7. All use of Oxfordshire County Council ICT equipment is subject to authorisation by the Democratic Support Manager. As a user, you will be issued with one or more user IDs and associated passwords to enable authorised use. Your user ID is intended for your use alone. You must not permit its use by others.
· do look after your passwords · do not remove security measures on any system. Logout or lock your computer if you leave your workstation unattended. You are liable for any misuse of systems or data accomplished with your login information. · users of PDA’s (Personal Digital Assistants), or laptops must ensure that a PIN or password is required to use the device.
8. The rights of members to have access to confidential documents and other data will apply to that held and transmitted electronically as it applies to that held in paper form. (See Access to Information Procedure Rules and Protocol on Members Rights and Responsibilities).
9. You must not use ICT facilities to access, transmit or share material that is confidential to Oxfordshire County Council, or is confidential to an individual, without the appropriate permission.
10. Bear in mind the following: · do obtain authorisation from the ICT Service Desk for the installation of additional software on OCC equipment · do not change the configuration of installed ICT equipment unless authorised to do so. · do not access or attempt to access any ICT system for which you are not an authorised user. · do not connect non-OCC equipment to the County Council network unless authorised to do so · do not remove office-based ICT equipment or software without authorisation from ICT Services · if you have a standalone machine do make sure it is registered with the ICT Service Desk for regular updates of anti-virus software · do not let friends or family use OCC equipment assigned to you · do make sure that all critical documents are held on a network drive rather than the PCs/laptop’s hard drive (if this is impractical then ensure these documents are regularly copied to a back-up medium so as to minimise the loss in case of equipment failure. If they are backed up onto memory sticks/CDs then they must be kept secure) · unless there is a legitimate need for business purposes do not connect any digital media devices or load their associated software · unless there is a
legitimate need for business purposes do not play or copy CDs/DVDs Use of e-mail
11. Users must not e-mail OCC confidential information outside of the County Council network unless it is encrypted or password protected.
12. Users must maintain good data housekeeping e.g. deleting unwanted e-mails etc.
13. Comply with the e-mail data archiving and retention policies as published.
Working at home/remote working using OCC or personal equipment
14. This policy applies to all users when working from office, home or other location. Work carried out must always be with due regard to the terms of this policy and to data protection/ confidentiality issues.
15. Confidential data and documents must not be stored long term on non-Oxfordshire County Council equipment.
16. Very sensitive documents additionally should be password protected or otherwise encrypted to prevent unauthorised access.
17. Always ensure that at least one other person knows the password to retrieve information that you have encrypted.
Use of the Internet
18. Guidelines for acceptable use: · never attempt to access illicit or inappropriate web sites using County Council systems and equipment. Inform The ICT Service Desk straight away if you accidentally access an illicit/inappropriate website · respect the laws protecting copyright and intellectual property rights. Downloading and storage of copyright material like music and video files may be illegal. Where such files are found on ICT equipment without a bona fide business reason, files will be deleted. · accessing personal web-mail sites is acceptable provided personal e-mails are not stored on County Council systems and equipment · you must not use peer-to-peer file sharing technologies · instant messaging is not permitted other than using Council-supplied systems. · selling or taking part in online auctions etc is not permitted · on-line gambling is not permitted
Personal/Political Use of Systems and Equipment
19. Examples of the acceptable personal use of systems are: · limited communications with family/friends · communications with professional service providers who are normally only contactable during standard office hours · communication with further education establishments and work related professional associations · further education/learning opportunities/knowledge development with recognised institutions
20. The Council’s ICT equipment, services and devices should not be used for private business activity, fundraising, advertising or purely party political purposes.
21. Online shopping from a secure site is permitted. Users must not have goods delivered to council premises. The Council has no liability for any such transaction.
22. Users need to make it explicit that they are buying goods for their own personal use and not on behalf of the Council.
23. Councillors must not use their status as councillors of the Council to their personal advantage in ordering goods, etc.
24. Users of Council phones/mobile phones/PDAs (e.g. BlackBerrys) should ensure that: · they adhere to the Council’s specific policy on Mobile phone use in relation to driving · they never use mobile phones to distribute, receive or store any material which is offensive or prohibited · personal calls and texts are paid for when using Council equipment
Monitoring
25. Information about network traffic and about telephone calls may be logged in connection with: · automated filtering of inappropriate incoming/outgoing e-mails · routine administrative purposes · business continuity · compliance with Council policies
Misuse of ICT equipment or systems
26. Where users make inappropriate or excessive
personal use of systems or there is persistent or serious misuse,
disciplinary action may result that could lead to dismissal. Where equipment or
systems are used to access or engage in illegal activity, the police will be
informed and disciplinary action will also be taken. Returning Equipment
27. Where a Member is not re-elected or has to or chooses to stand down, IT equipment loaned to that person must cease to be used and must be returned within a month of the event.
28. If the Democratic Support Manager requests the return of any equipment at any time then this request must be complied with.
Other related policies:
Comprehensive equality policy Corporate Information Security Policy Data protection policy Data Management guidelines Dignity at work Driving at work Members’ Code of Conduct The General Principles Governing Member Conduct Access to Information Procedure Rules Protocol on Members Rights and Responsibilities Guidance for Councillors - Raising serious concerns and Whistle-blowing
These are all available on the intranet or from Democratic Services.
Review
This policy will be reviewed annually.
Responsible Officers: Peter G Clark Stephan Conaway Monitoring Officer Head of ICT January 2009 January 2009
Next Review Date: January 2010
Use of ICT Policy – Member Acceptance form
I have read and understood the terms of this policy and will abide by them.
Date of ICT Policy: _________________________________
Name of Councillor or Co-opted Member:
__________________________________________________
Signature: _________________________________________
Date: ______________________________________________
Please return this to Adrian Fenwick, ICT Manager (Councillors).
|