This policy should be read in conjunction with other information security policies, data protection protocols and measures for a complete approach to securing and protecting personal information.

The organisation recognises the collective solutions that make up the O365 platform are a necessary and standard way to communicate in UK healthcare and makes up an essential part of the organisation’s communication with other employees, other NHS organisations, third parties and even our customers.

Like all forms of technology used by the organisation, the solutions that make up the O365 platform can pose security or business risks if used or set up incorrectly or used inappropriately. This includes the risk of legal action due to breaches of, for example, data protection and confidentiality requirements, threats to IT and information security and ineffective communication. If these risks materialise the organisation and/or the individual employee could be at risk of prosecution.

This policy sets out our approach and expectations for safe and secure use of the solutions throughout the organisation and provides guidelines on good etiquette for those using and accessing the solutions and the data contained within it.


Policy Details

Download: PDF version
Compiled by: Nicki Rayment, Head of Digital Programme Delivery
Ratified by: IG Steering Group
Date Ratified: July 2021
Date Issued: August 2021
Review Date: July 2024
Target Audience: All staff.
Contact name: Nicki Rayment, Head of Digital Programme Delivery


See also: