Acceptable use of Information Systems
The Trust provides all staff with information technology resources as tools to fulfil their roles within the Trust. However, we must also be aware that improper use can impact the Trust, our colleagues, patients, the reputation of the NHS and the public purse.
You will only be given access to systems and information that you require to carry out your work. Accessing or attempting to gain access to systems or information for which you have no ‘Need to Know’ or ‘Need to Use’, could be deemed a disciplinary offence.
In line with Trust policies as well as legal requirements, you must always ensure that you adequately protect the confidentiality and integrity of any system or information you have been authorised access to. This includes protection against access by unauthorised persons.
Protection of Trust Systems
• Avoid eating and drinking within the vicinity of any IT equipment to minimise risk of damage.
• Only authorised IT staff are allowed to open or move IT Equipment, or reconfigure or change system settings.
• When left unattended, even for a short period, you should ensure that you lock your workstation or laptop
• If you are issued a laptop, tablet or other mobile device, it should only be used by you and not shared with or used
by anyone else, including your work colleagues.
• Do not connect privately owned or non NHS devices or use such devices with your NHS IT equipment or install
unapproved or privately owned software, or upload any non-Trust work related personal files on NHS IT equipment.
• You must ensure that any device lost or stolen is reported immediately to your local Security Team.
Acceptable Internet Use
Internet access via the Trust system is provided for business purposes to simplify everyday tasks. Limited private use, such as
access to web banking, public web services and phone web directories is accepted but excessive personal use of the Internet
during working hours should be avoided. You must not use Trust systems to access the Internet or use your NHS e-mail
address for private business activities (such as eBay or auction sites), downloading software, images, music and videos or for
personal financial advantage or for private social media and discussion forums.
Work email acceptable use
Email services are provided to you for business purposes. Limited private use for the purpose of simplifying everyday tasks is
accepted. You must be aware that if it is necessary to retrieve or access your emails in your absence, for business or
investigatory purposes, ALL your email messages can be inspected.
Misuse of Information Systems
Storage of data for personal use; e.g. personal digital images, music or video files. Should the IT Department during
routine housekeeping find personal material, these will be deleted without notice to the user.
Use of Trust systems for malicious purposes shall be deemed a disciplinary offence; this includes:
• Penetration attempts (hacking) of internal or external systems
• The use of discriminatory materials
• The acquisition or storage of pornographic or offensive or criminal material
• Accessing or attempting to access clinical or confidential information concerning yourself, family or friends or other
person without a legitimate purpose
• Use of Trust system for personal gains or for profit
If misuse is considered a criminal offence, this will be reported to the relevant authorities and information handed
over to said relevant authorities.