Policies and Procedures

IT/BYOD Policy

Stubton Parish Council IT Policy 

1. Introduction

Stubton Parish Council recognises the importance of effective and secure information technology (IT) and email usage in supporting its business, operations, and communications.

This policy outlines the guidelines and responsibilities for the appropriate use of IT resources and email by council members, employees, volunteers, and contractors.

2. Scope

This policy applies to all individuals who use Stubton Parish Council’s IT resources, including networks, software, devices, data, and email accounts.

3. Acceptable use of IT resources and email

Stubton Parish Council’s IT resources and email accounts are to be used for official council-related activities and tasks. Limited personal use is permitted, provided it does not interfere with work responsibilities or violate any part of this policy. All users must adhere to ethical standards, respect copyright and intellectual property rights, and avoid accessing inappropriate or offensive content.

4. Data management and security

All sensitive and confidential Stubton Parish Council data should be stored and transmitted securely using approved methods. Regular data backups should be performed to prevent data loss, and secure data destruction methods should be used when necessary.

5. Network and internet usage

Network and internet connections should be used responsibly when used for official purposes. Downloading and sharing copyrighted material without proper authorisation is prohibited.

6. Email communication

Email accounts provided by Stubton Parish Council are for official communication only. Emails should be professional and respectful in tone. Confidential or sensitive information must not be sent via email unless it is encrypted.

Be cautious with attachments and links to avoid phishing and malware. Verify the source before opening any attachments or clicking on links.

7. Password and account security

Stubton Parish Council users are responsible for maintaining the security of their accounts and passwords. Passwords should be strong and not shared with others. Regular password changes are encouraged to enhance security.

8. Retention and archiving

Emails should be retained and archived in accordance with legal and regulatory requirements. Regularly review and delete unnecessary emails to maintain an organised inbox.

9. Reporting security incidents

All suspected security breaches or incidents should be reported immediately to the designated IT point of contact for investigation and resolution. Report any email-related security incidents or breaches to the IT administrator immediately.

10. Policy review

This policy will be reviewed annually to ensure its relevance and effectiveness. Updates may be made to address emerging technology trends and security measures.

 

______________________________________________________________________________________________________________________________________________________

Stubton Parish Council, Bring Your Own Device (BYOD) Policy.                                 

1. Purpose
This policy sets out how councillors, clerk, and volunteers may use personal devices (such as mobile phones, tablets, and laptops) to access Parish Council information and systems.

2. Scope
This policy applies to anyone using a personal device to handle Parish Council data, emails, or documents.

3. Acceptable Use

  • For smaller Parish Councils where I.T. costs are prohibitive, personal devices may be used for council work, subject to precautionary measures in regard to how data is accessed and stored.
  • Devices must be kept secure with a passcode, fingerprint, or similar protection.
  • Users must ensure council information is not accessible to unauthorised people.

4. Data Protection

  • Parish Council data must be stored securely and must not be shared via personal accounts or apps.
  • Confidential or sensitive information must not be saved permanently on personal devices.
  • If a device is lost or stolen, this must be reported to the Clerk immediately.

5. Security Requirements

  • Devices must have up-to-date operating systems and security updates.
  • Anti-virus software must be installed where applicable.
  • Users must not attempt to bypass council security measures.

6. Council Email and Documents

  • Wherever possible, council email should be accessed through secure, approved platforms.
  • Documents should be stored in the council’s official cloud or shared system, not on local device storage.

7. Leaving the Council or Changing Device

  • All council data must be deleted from personal devices when a user leaves their role or replaces the device.
  • Access to council systems will be removed.

8. Compliance
Any breach of this policy may result in withdrawal of BYOD permissions and may be treated as a data protection incident.