This policy should be read in conjunction with other information security policies, data protection protocols and measures for a complete approach to securing and protecting personal information.
The organisation recognises the collective solutions that make up the O365 platform are a necessary and standard way to communicate in UK healthcare and makes up an essential part of the organisation’s communication with other employees, other NHS organisations, third parties and even our customers.
Like all forms of technology used by the organisation, the solutions that make up the O365 platform can pose security or business risks if used or set up incorrectly or used inappropriately. This includes the risk of legal action due to breaches of, for example, data protection and confidentiality requirements, threats to IT and information security and ineffective communication. If these risks materialise the organisation and/or the individual employee could be at risk of prosecution.
This policy sets out our approach and expectations for safe and secure use of the solutions throughout the organisation and provides guidelines on good etiquette for those using and accessing the solutions and the data contained within it.
|Compiled by:||Nicki Rayment, Head of Digital Programme Delivery|
|Ratified by:||IG Steering Group|
|Date Ratified:||July 2021|
|Date Issued:||August 2021|
|Review Date:||July 2024|
|Target Audience:||All staff.|
|Contact name:||Nicki Rayment, Head of Digital Programme Delivery|
- Information Security Policy
- Acceptable Use Policy
- Policy for the use of Email (NHSMail)
- Records Management Policy
- Policy for the Photographing and Filming of Patients
- Incident Reporting and Management Policy
- Social Media Policy