USE OF INFORMATION TECHNOLOGY INTERNET ARCHIVING & RETENTION & OTHER SOCIAL MEDIA
Section 5 – Procedure 4 Date of Issue: January 2013 Date of Review: January 2015
Purpose To help employees determine what information sent or received by email should be retained and for how long, this procedure identifies the broad categories of electronic messages processed by the BINSA system and sets out the factors to be considered in setting practice guidelines to be adopted in each case. Acceptable Use Staff may use the Internet access provided by BINSA for:
Work-related purposes
Sending and receiving personal email messages, provided that if email messages are sent with a BINSA email address in the From: or Reply-To: header, a disclaimer shall accompany the email to the effect that the views of the sender do not represent those of BINSA
Accessing the World Wide Web for personal purposes
Utilising any other Internet service or protocol for personal purposes after obtaining permission to do so provided in each instance that the personal use is moderate in time and does not incur any additional cost to BINSA. Any balance is to be repaid.
System Monitoring
You must have no expectation of privacy in anything you create, store, send or receive on the organisation’s computer system
Your emails can be monitored without prior notification if BINSA deems this necessary
If there is evidence that staff/COM members do not adhere to the guidelines set out in this policy, the organisation reserves the right to take disciplinary action, including termination and/or legal action.
Security The following practices should be observed to maintain the security of BINSA’s computers and IT facilities:
Staff must not attempt to interfere with or bypass the operation or security of IT facilities including restrictions or quotas relating to usage
Staff must keep their user name and password safe and not make their password available to others or use any account set up for another user or make any attempt to find out the password of a facility or an account for which they do not have authorised access
Staff must ensure that the confidentiality and privacy of data is maintained
Staff who have been granted access to computer systems are responsible for the safe keeping of data within their own area of work
Staff must not divulge any confidential information that they may have access to in the normal course of their employment
G:\Policies & procedures\BINSA POLICY AND PROCEDURES MANUAL 2013\Section 5 - Administration Policies and Procedures\4 Use of Information Technology Internet Archiving & Retention & Other Social Media Procedure Jan 2013.doc
Page 1 of 5
Staff must not seek access to data that is not required as part of their duties
Staff who inadvertently obtain data to which they are not entitled or who become aware of a breach of security pertaining to data from any information technology facility must immediately report this, as relevant, to the Executive Officer (EO) or Chair of the COM
Unauthorised release or use of data inadvertently obtained may lead to legal action
Staff must ensure the security of their workstation by logging off or observing other security measures when it is left unattended.
Copyright The copyright of an email message is owned by the sender, or the sender's employer:
Copyright owners have a variety of rights, including the right to reproduce their work and the right of communication to the public
Forwarding information to an email discussion list would be construed as "to the public".
Consider the expectations of the originator - did that person set any conditions on the further communication of their email, or expect that it would not be forwarded to anyone else, or would not be forwarded to a particular recipient?
Disclaimer The following disclaimer will be added to each outgoing email: This email is intended only for the use of the individual names above. It may contain confidential or legally privileged information or both. No confidentiality or privilege is waived or lost by any mis-transmission. If you receive this correspondence in error, please immediately delete it from your system and notify the sender. You must not disclose, copy or rely on any part of this correspondence in you are not the intended recipient. Neither the sender nor the Brain Injury Network of South Australia Inc warrants that any communication via the internet is free of errors, viruses, interception or interference. Information is distributed without warranties of any kind. Non Acceptable Use Except in the course of an employee’s duties or with the express permission of the organisation the Internet may not be used for:
Personal commercial purposes
Sending unsolicited bulk email
Disseminating confidential information of the organisation
Any illegal purpose
Knowingly causing interference with or disruption to any network information service, equipment or any user thereof
Sending pornographic material or other images or content that may cause offence to any other individual
It is illegal and therefore prohibited to send or forward emails containing libellous, defamatory, offensive, racist or obscene remarks
If you receive an e-mail of this nature, you must immediately notify the EO.
G:\Policies & procedures\BINSA POLICY AND PROCEDURES MANUAL 2013\Section 5 - Administration Policies and Procedures\4 Use of Information Technology Internet Archiving & Retention & Other Social Media Procedure Jan 2013.doc
Page 2 of 5
Consequences of Unacceptable Use Employees must indemnify the organisation for any direct loss and reasonably foreseeable consequential losses suffered by the organisation by reason of breach of this policy:
The organisation shall be informed of the alleged breach, the employee given an opportunity to respond to the allegation and if it is not satisfactorily explained, be asked to desist from or where applicable to remedy the breach
Management may withdraw the privilege of personal emails at any time.
Please note that all email traffic is recorded and may be monitored at the discretion of BINSA management. Archiving and Retention To help employees determine what information sent or received by email should be retained and for how long, this policy identifies the broad categories of electronic messages processed by the BINSA system and sets out the factors to be considered in setting practice guidelines to be adopted in each case. Processes All BINSA email information shall be categorised into five main classifications with appropriate retention guidelines: 1.
Material of permanent significance (perpetual)
2.
Administrative correspondence (4 years)
3.
Fiscal correspondence (4 years)
4.
General correspondence (1 year)
5.
Ephemeral correspondence (retain until read and acted upon, then destroy).
Classification of Correspondence: 1.
Material of Permanent Significance Material that requires permanent retention would include items of historical significance to the organisation, emails creating or recording permanent legal relationships, and items recording significant policies or precedents. To ensure material of permanent significance is retained in an accessible format, users should copy (cc) to the admin officer at info@binsa.or or karen@biinsa.org when receiving or sending such email. Retention of such material will be administered by the Admin Officer and saved in the appropriate folder in the G drive as deemed necessary.
2.
Administrative Correspondence BINSA’s administrative correspondence includes, though is not limited to, confidential management information, employee-related information, and project-related correspondence.
3.
Fiscal Correspondence BINSA’s fiscal correspondence includes all information related to revenue and expense for the organisation. To ensure fiscal correspondence is retained in an accessible format, users should copy (cc) to the EO when receiving or sending such email. Retention of such material will be administered by the Accountant and saved in the appropriate folder.
G:\Policies & procedures\BINSA POLICY AND PROCEDURES MANUAL 2013\Section 5 - Administration Policies and Procedures\4 Use of Information Technology Internet Archiving & Retention & Other Social Media Procedure Jan 2013.doc
Page 3 of 5
4.
General Correspondence BINSA’s general correspondence covers information that relates to client interaction and the operational decisions of the organisation. The individual employee is responsible for email retention of general correspondence where this is likely to be of continuing usefulness. a. Correspondence Involving Intellectual Property Any correspondence that involves the creation of any significant intellectual property rights shall be retained at the discretion of the EO. Retention of such material will be administered by the admin officer and saved in the G Drive in the appropriate folder. b.
Correspondence of Legal Significance When legal proceedings are in process (or reasonably to be anticipated), particular considerations apply to document retention. It is the responsibility of the EO to inform staff should these considerations be applicable and to circulate to staff any relevant changes in policy and procedures. Retention of such material will be administered by the Executive Officer and saved in the G Drive in the appropriate folder.
5.
Ephemeral Correspondence BINSA’s ephemeral correspondence is by far the largest category and includes personal emails, emails dealing with the work of the day, and emails containing information outdated by events. Staff may destroy this after reading and acting on the material.
Classification of Correspondence Further classifications of correspondence may also be created with their own retention guidelines:
BINSA’s Instant Messenger Correspondence may be saved with the logging function of Instant Messenger, or copied into a file and saved. Instant Messenger conversations that are administrative or fiscal in nature should be copied into an email message and sent to the appropriate email retention address.
Social Media Tools Regardless of what Social Media may be used, BINSA privacy and confidentially policies and procedures take precedent in all cases. BINSA will not authorise any distribution of any client and or participant information nor access to any BINSA data base contact without the express approval of the EO and or as relevant the Chair of the COM. Social Media platforms allow users to share and upload media content such as photographs, videos and comments to the Internet quickly and easily. Social networks are one of the fastest growing areas in modern communications technology and are an effective way to encourage two-way communication with stakeholders:
Social networking sites such as Facebook, Google, The Sphere, Friendster, Bebo
Video and photo sharing sites, such as Flickr and You Tube
Micro-blogs such as Twitter, LinkedIn
Weblogs
For a and discussion boards,
Encyclopaedias such as Wikipedia
Online communities
G:\Policies & procedures\BINSA POLICY AND PROCEDURES MANUAL 2013\Section 5 - Administration Policies and Procedures\4 Use of Information Technology Internet Archiving & Retention & Other Social Media Procedure Jan 2013.doc
Page 4 of 5
Some examples of acceptable usage of social media are to:
Promote the BINSA purpose, beliefs or values
Reach a wider, more diverse audience
Educate, inform and entertain
Promote events and exhibitions
Learn more about the community and its needs
Access to social media sites (e.g. Facebook and Twitter) is provided by BINSA in accordance with other technology usage policies. In the same way as it applies to staff use of the telephone, fax, email or other BINSA assets, personal use is only allowed if it is incidental to formal duties and all relevant policies, procedures and guidelines are followed. Social Media may be accessed only within personal pages and staff are expected to maintain the same high standards of conduct and behaviour online as would be expected elsewhere. Storage It shall be the responsibility of ALL STAFF who have access to their own designated desktop and/or lap top computer to maintain back-up copies of all their data in the password protected shared drive or G drive on a daily basis.
G:\Policies & procedures\BINSA POLICY AND PROCEDURES MANUAL 2013\Section 5 - Administration Policies and Procedures\4 Use of Information Technology Internet Archiving & Retention & Other Social Media Procedure Jan 2013.doc
Page 5 of 5