Element Human Limited (EHL) provides its technology resources on a discretionary basis and subject to compliance with this policy. In compliance with the UK cybersecurity standards, General Data Protection Regulation (GDPR) and generally accepted industry best practices, EHL provides for the security and privacy of the data stored on, redirected through, or processed by its technology resources.
Throughout this policy, the term “staff” means full- and part-time employees, contractors, consultants, temporaries, student assistants, volunteers, suppliers and other users including those affiliated with third parties who access EHL technology resources due to their job responsibilities. EHL management expects staff to comply with this and other applicable EHL policies and applicable laws.
Failure to abide by these conditions may result in forfeiture of the privilege to use technology resources, disciplinary action, and/or legal action.
The EHL IT Team regularly modifies this policy to reflect changes in industry standards, legislation, technology and/or products, services, and processes at EHL.
EHL reserves the right to monitor, duplicate, record and/or log all staff use of EHL technology resources. This includes but is not limited to e-mail, Internet access, keystrokes, file access, logins, and/or changes to access levels.
Staff shall have no expectation of privacy in the use of these technology resources.
Staff Responsibilities and Accountability
Effective information security requires staff involvement as it relates to their jobs. Staff are accountable for their actions and must take great care in relation to the use of their user identification code(s) for access to EHL technology resources. Staff must not let others log on using their user identification code(s). It is staff’s responsibility to abide by policies and procedures of all networks and systems with which they communicate.
Staff responsibilities in relation to EHL technology include but are not limited to:
Access and release only the data for which you have authorized privileges and a need to know (including misdirected e-mail)
Abide by all EHL policies and applicable laws applicable to your use of EHL Technology
Report security issues as soon as possible to the EHL IT team and cooperate fully with all related investigations
Protect assigned user IDs, passwords, and other access keys from disclosure
Mark all information which is confidential to EHL as “Element Human Limited Confidential”
Secure and keep confidential all printed EHL confidential information and EHL confidential information stored on magnetic media
Log off of EHL systems (or initiate a password protected screensaver) before leaving a workstation unattended
Use only EHL acquired and licensed software
Attend periodic information security training provided by EHL IT team
Although staff may receive individual devices or an individual password to access the EHL technology resources, such devices or resources and the content generated by them are the property of EHL.
EHL monitors communications sent on or via the EHL technology resources for problem resolution, providing security, investigative activities and to ensure the ongoing availability and reliability of the systems.
Staff may be subject to loss of privileges and/or disciplinary action if found using EHL technology resources contrary to this policy. Information which is confidential or proprietary to EHL must not be sent outside of EHL without the approval of the Line manager or the CEO.
Ethical Behaviour and Responsible Use
EHL provides EHL technology resources to staff to facilitate business communications, to assist in performing daily work activities and for reasonable personal use.
The following is a non-exclusive list of unacceptable use of EHL technology resources:
Violating any laws or EHL policies
Submitting, publishing, displaying, or transmitting any information or data that contains defamatory, false, inaccurate, abusive, obscene, pornographic, profane, sexually oriented, threatening, racially offensive, discriminatory, or illegal material
Compromising the privacy of staff, customers, or data and/or using personal information maintained by EHL for private interest or advantage
Engaging in any activities for personal gain, performing personal business transactions, or other personal matters (other than a limited amount of personal use which does not interfere with your work or that of any other staff)
Intentionally propagating, developing, or executing malicious software in any form (e.g. viruses, worms, trojans, etc.)
Viewing, intercepting, disclosing, or assisting in viewing, intercepting, or disclosing e-mail not addressed to you
Distributing unsolicited advertising
Using non-EHL e-mail systems or services (e.g. Hotmail, Yahoo!, Dropbox) for EHL work