Acceptable Use of Information and Communications Technology (Staff)

Policy

Home / Document / Ict acceptable use of school ict resources staff Print Download

1.   Purpose and Scope

The Acceptable Use of Information and Communications Technology (ICT) Policy sets out the standard of behaviour required by staff, contractors and volunteers when using the ICT resources of Christ Church Grammar School (the School).  For the purposes of this policy ICT resources include but are not limited to the ICT network, infrastructure, applications, portals, cloud, mobile devices, internet, storage, email, telecommunications, printers, photocopiers and video conferencing equipment.

The purpose of this policy is to:

  • Outline the general obligations and responsibilities of staff, contractors and volunteers in relation to the acceptable use of ICT resources across the School, including reasonable personal use
  • Prevent misuse of ICT resources and minimise the risks associated with unethical behaviour
  • Describe the access, monitoring and record keeping in relation to ICT resources, required by staff
  • Protect the various data repositories of the School from the risks associated with misuse
  • Identify the consequences of breaching this policy

All Christ Church Grammar School staff, volunteers and contractors who are provided with School supplied devices and/or access to the School’s systems and/or network are bound by the provisions of this policy.  This includes any person working in a permanent, temporary, casual, contracted, termed appointment or honorary capacity.  Individuals who breach the policy risk disciplinary action being taken against them.

2.   Definitions

Confidentiality  –  the treatment of information which an individual has disclosed in a relationship of trust and with the expectation that it will not be used or divulged to others in ways that are inconsistent with the understanding of the original disclosure, without permission

Data  –  the term ‘data’ generally refers to unprocessed information, while the term ‘information’ refers to data that has been processed in such a way as to be meaningful to the person who receives it. In this policy the terms ‘data’ and ‘information’ have been used interchangeably and should be taken to mean both data and information.

Information security  –  the practice of protecting information/data from unauthorised access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction

Malware  –  software that is specifically designed to disrupt, damage, or gain unauthorized access to a computer system

Minimal additional expense  –  expense associated with normal wear and tear or the use of small amounts of consumables

Password  –  A secret word or string of characters that is used for user authentication.  Many two factor authentication techniques rely on password as one factor of authentication

Personal information  –  information or an opinion, whether true or not and whether recorded in a material form or not, about an individual, whether living or dead (a) whose identify is apparent or can reasonably be ascertained from the information or opinion; or (b) who can be identified by reference to an identification number or other identifying particulars such as a fingerprint

Personal use  –  activity that is conducted for purposes other than accomplishing official duties

Social Media  are defined as a group of internet-based applications which allow individual users/organisations to create, share and exchange user-generated content in online communities.  Social media tools include but are not limited to the following:

  • Social networking sites – Facebook, LinkedIn, Google
  • Video/Photo Sharing sites – YouTube, Flikr, TikTok, Instagram, Vimeo
  • Micro-Blogging sites – Twitter, Yahoo Buz, Meme
  • Weblogs – corporate, personal or media blogs published through tools such as WordPress and Tumblr
  • Forums and discussion boards – Whirlpool, Yahoo Groups, Google groups, Discord
  • Instant message – Group SMS, WhatsApp, Facebook Messenger, WeChat
  • Vod and podcasting – Spotify

Social Networking  and social media are overlapping concepts, but social networking is usually understood as users building communities among themselves while social media is more about using social networking sites and platforms to build an audience.

3.  Policy Principles

3.1   General provisions, obligations and responsibilities for the use of ICT resources

Staff using Christ Church Grammar School issued devices are subject to the ICT Asset Agreement governing the ownership, use and care of the asset.

All staff, contractors and volunteers must use ICT resources in a professional, responsible and ethical manner.  Accordingly, these resources are not to be used

  • To circumvent established information security procedures
  • For any unlawful, illegal, malicious or improper purpose
  • To store, transmit, publish, display or communicate/distribute/post material, which is obscene, defamatory, offensive, abusive, indecent, sexually explicit, threatening, discriminatory on the basis of race, religion, colour, age, sex, disability, ethnicity or gender orientation, related to terrorist activities, otherwise unlawful or unauthorised or violates any law or regulation
  • To knowingly transmit a computer virus or other malware
  • To access without permission, another staff member’s ICT resources or damage the same
  • To infringe the School’s intellectual property rights or release commercial in confidence material
  • To disclose private or confidential data or look up data in a School system in relation to a relative, friend or person associated with the School for purposes which are unrelated to your official duties
  • To harass or menace any person
  • To conduct, maintain or promote a personal private business, use for profit or gain
  • To provide comments to journalists, politicians, lobby groups, endorsement of products outside fund-raising activities other than authorised in the course of your official duties
  • To interfere with any individual’s reputation, employment or other obligations
  • To send bulk emails (without express permission), collect or harvest email addresses of others for the purpose of sending unsolicited emails or for sharing with external parties, or for illegal activities
  • To create, send, or alter in any way the contents of emails for the purpose of hiding, obscuring or deleting the source of the message or making the message appear to come from someone other than the sender
  • To breach any laws or infringe any third-party rights

Staff are required to minimise the risk associated with the misuse of ICT resources by:

  • Keeping passwords confidential and by not using the logons and passwords of others
  • Changing passwords if anyone else may know them
  • Activating the screen saver or locking the system when away from workstations
  • Logging out of systems when use is finished
  • Not sharing devices with friends, family or non-approved staff members
  • Not leaving devices in vehicles unattended
  • Reporting lost or stolen devices to ICT Support as soon as possible and if stolen, lodging a report with the WA Police

3.2   Electronic communications 

When communicating using the School’s ICT resources staff are expected to act in a manner that reflects the school’s values, views, and ethos. As a minimum staff are expected to:

  • Maintain professional standards including spelling check, grammar check and compliance with all statutory obligations
  • Adhere to the School’s current style guide for communication including signatures, colours and fonts
  • Use only school provided communications technologies e.g. email, Nexus or MS Teams when communicating with students, establishing any teacher-student collaboration or information distribution
  • Respond to parents withing 24 working hours

3.3   Social Media and Social Networking

3.3.1    School Social Media Sites

Christ Church Grammar School uses social media tools to communicate with stakeholders including current and prospective parents and other interested parties.  To maintain and grow the Christ Church brand, these tools are actively managed, and the requirements set out below are to be strictly followed:

  • Authorisation from the Principal / Director of Communication and Engagement is required to set up a School social media account
  • Communication to the school community will include a statement of purpose and that the objective is to share school communications – not to raise complaints
  • Only authorised staff can publish content on the specific social media site with respect to which they have received authorisation
  • Holders of site administration rights are responsible for uploading content, monitoring interactions on the site and taking down inappropriate posts

All queries and requests for advice on the use of the School’s Social Media sites must be addressed to the Director of Communication and Engagement.

3.3.2   WhatsApp or other social media for year groups

Where WhatsApp or equivalent is used by the parents of students in a year group they are required to adhere to Guidelines set out in Appendix A to the Parents Code of Conduct.

3.3.3   External Social Networking Sites

Staff will not:

  • Initiate online friendships with Christ Church Grammar School students and/or students from other schools
  • Accept invitations from Christ Church Grammar School and non-Christ Church Grammar students as friends
  • Discuss students or colleagues online
  • Comment on or criticise school policies and/or personnel

3.4   Reasonable personal use of ICT resources 

Reasonable personal use of ICT resources is permitted where ICT resources are already provided for work purposes, and this does not result in loss of productivity, does not interfere with official duties or result in more than minimal expense to the School.  For example, this could include making a few photocopies, printing out a few pages of material, making an occasional brief personal telephone call, infrequently sending a personal email message, and limited use of the internet.

3.5   Compliance Monitoring 

All electronic communication exchanged via the school’s communication infrastructure remains the property of the School.  The School has established processes to manage and monitor compliance with this policy.  Whilst systematic and ongoing surveillance of staff member emails and internet access logs does not occur, authorised ICT staff may monitor or investigate staff use of the School ICT network systems and resources.  This will occur to confirm compliance with the requirements of this policy and to investigate possible incidents of breaches of security, unauthorised access, or a breach in confidentiality.  Unauthorised access, use and disclosure of confidential data will be deemed to be misconduct and will lead to disciplinary action.

3.6   Disclaimer

Christ Church Grammar School makes no warranties of any kind, whether express or implied, in relation to the electronic communication system.

The School will not be liable for any loss incurred by a person who provides personal information, including bank and/or credit card details over the internet or via email.

4.   Related Policies and Resources

School Education Act 1999
School Education Regulations 2000
The Teachers Registration Act 2012
Corruption and Crime Commission Act 2003
Human Rights and Equal Opportunity Commission Act (1986)
Western Australian Equal Opportunities Act (1984)
Work Health and Safety Act 2020(WA)
Child Safety and Wellbeing
Child Protection and Mandatory Reporting
Code of Ethics
Code of Conduct Staff, Volunteers, Contractors
Parents Code of Conduct
Privacy Policy
Visual Identity Style Guide