Introduction

This document explains the policy and procedure that governs use of the Internet and World Wide Web within the trust.

Compliance with this policy will ensure that access to the Internet will be available and responsive to the business needs of the trust.

This policy also assists the trust to comply with NHS security regulations relating to controlled connections to national computer networks, for example, HSCIC for access to the NHS National Network (N3)

 

Policy Overview

It is the intention of Ashford and St. Peter's to provide access to the resources of the Internet. The facilities to provide such access commit a considerable amount of organisational resources for telecommunications, networking, software, storage etc and this policy is designed to help you understand the Trust's expectations for the use of those resources in the particular conditions of the Internet, and to help you use those resources efficiently and effectively.

Access to the Internet will be provided automatically to networked PCs. The Trust reserves the right to refuse or remove access subject to the terms of this policy. Employees may use their Internet facilities for non-work research or browsing during meal times or other breaks, or outside of work hours, provided that all other usage policies are adhered to.

In order to restrict access to certain sites, the Trust subscribes to a service which maintains a database of forbidden sites. This is updated on a daily basis and exists to protect staff from visiting sites, which are deemed to be contrary to this policy.

While explicit requirements for Internet usage are set out below, it is worth summarising the overall intent.

First and foremost for the Trust, the Internet is a business tool, provided at significant cost and we expect Internet access to be used primarily for Healthcare business related purposes, eg to communicate with colleagues, customers and suppliers, to research relevant topics; and to obtain useful information pertinent to your work responsibilities. You are required to conduct yourself honestly and appropriately on the Internet, and respect the copyrights, software licensing rules, property rights, privacy and prerogatives of others, just as you would in any other business dealings. In this respect, as a communication medium, the Internet is not exceptional. All existing Trust policies apply to your conduct on the Internet, especially (but not exclusively) those that deal with intellectual property rights, privacy, misuse of organisation resources, sexual or racial harassment, information and data security, confidentiality and discipline.

Unnecessary or unauthorised Internet usage can cause network and server congestion. It can delay other users, take away from work time, consume supplies, and tie up printers and other shared resources. Unlawful Internet usage may also result in negative publicity for the Trust and expose both it and the individual concerned to significant legal liabilities.

Computer-mediated communication, which can be synchronous (such as instant messaging, online chat, web and video conferencing), asynchronous (e-mail, blogs, wikis, newsgroups) or a mixture of both (social networking sites) is increasing in variety and scope. This offers unprecedented opportunity for the individual user to communicate widely and to promote the Trust. Because of this, we must take special care to maintain the clarity, consistency and integrity of the Trust's corporate image. Anything that one employee writes or says on the Internet can be taken as representing the Trust as a whole. For this reason we expect you to forgo a measure of your individual freedom when you participate in such communication fora on the organisation's business, as outlined below.

While direct connection to the Internet offers a plethora of potential benefits, it can also open the door to some significant risks to our data and systems if we do not follow appropriate security discipline. This may mean preventing systems with sensitive data or applications from connecting to the Internet entirely, or it may mean that certain users must be prevented from using certain Internet features like file transfers. The overriding principle is that security is to be everyone's first concern. An Internet user can be held accountable for any breaches of security or confidentiality.

 

Policy Details

Download: PDF version
Compiled by: Malcolm Flier, Head of IT
Ratified by: AD of Health Informatics
Date Ratified: December 2015
Date Issued: March 2016
Review Date: December 2018
Target Audience: All Staff
Contact name: Malcolm Flier, Head of IT