Security and Confidentiality Requirements
Some forms of flexible working, particularly home and mobile working, present additional challenges for confidentiality and data security. Whatever an employee works the arrangements for security/confidentiality of data, information and documentation, including adherence to the ICT Acceptable Use Policy and the Data Protection Policy (Accessed via Internal Network only) and related procedures to apply.
1. Points to Consider
- A risk assessment should be carried out by the employee’s manager in relation to security and confidentiality of data, information and documentation
- Employees must be informed that they must not in any circumstances transfer Council data or information to another PC, laptop or to the Internet.
- Employee must be informed that they must not upload software or other programs to a personal computer or laptop without the prior authorisation of ICT.
- Employees must be informed to have regard at all times to the type of work they are undertaking and where they are working, to ensure the security and confidentiality of Council information and data.
- Employees must have a facility to lock away any confidential manual information.
- Security and confidentiality must be observed when undertaking any travelling to and from workplaces or elsewhere, to ensure that Council data, information and manual files are kept secure at all times.
2. Use of Private Computer Equipment
Outlook webmail can be checked using the following link. This is only secure if the email is read and not attachments – if you open sensitive/confidential email attachments then you could be putting yourself and the Council at risk of being prosecuted under the Data Protection Act.
No Council data/information is to be stored on private computer equipment.
If you have to open an attachment then you must use a Council approved and supplied Integral Encrypted memory stick. These encrypted memory sticks can be obtained through an ICT Helpdesk call by supplying the relevant Budget Code.
If you open an attachment and save it to the Integral Memory Stick you must follow these instructions when you have finished with Outlook webmail:
- First click on the Tools tab in Internet Explorer (IE)
- Then click on Internet Options
- Then the General tab
- Then the delete browser history
- Then click OK and finally close IE
This clears any temporary data stored on the device (if you use other browsers such as Firefox, Chrome etc then you will need to carry out the same or similar actions).
Finally, if you use gsx emails (secure email) do no proxy into your account and access gsx emails whilst accessing webmail on a non-council device.
More information on data security, including the use of secure emails is available on the Zone.
3. Use of Council Telephones and Mobile Devices
This covers use by employees of the Council’s telephone systems for private calls and of mobile devices for private calls and digital messaging.
Whether you work flexibly or normally at a Council site you should avoid using either the Council’s telephone systems of any mobile devices provided to you by the Council, for private calls or messaging. If you have to make or receive private calls or messages then try to do that at periods of low workload and when it is least likely to inconvenience the public of other Council employee. Any time you spend on private calls or message must be kept to minimum.
To return to the Flexible Working page please click here.
Add a ‘Like’ and/or a ‘Rating’ below to indicate how useful you found this page