ICT Usage Policy

 

ICT Usage Policy

 

Approved by Governors:

 

Signed:   ________________________

 

Date:  ____/____/____

 

Review Date: ____/____/____


 
Contents Section

Page

1.

Scope

3

2.

Purpose

3

3.

Policy

3

4.

Access

3

5.

Monitoring

3

6.

Personal Use

4

7.

Inappropriate Use

4

8.

Authority to Express Views

4

9.

Confidentiality and Security of Data

4, 5

10.

Copyright, Legal and Contractual Issues

5

11.

Network Efficiency

5

12.

 Hardware and Software

5, 6

 

Appendix 1

 

Statement of Acceptance of the Terms and       Conditions of  the  ICT Usage Policy                   

 

 

7, 8     

       

Appendix 2               Professional Responsibilities : reminder           9

 


 

Aims

The aims of this policy can be summarised as follows:

  • To provide safeguards and rules for acceptable use to guide all users in their online experiences.
     
  • To emphasise the need to educate staff, children and parents about the advantages and disadvantages of using new technologies both within, and outside of, the school environment.
     
  • To ensure adults are clear about procedures for misuse of any technologies both within and beyond the school or educational setting, and how to manage breaches of policy in accordance with safer working practices.
     
  • To develop links with parents/carers and the wider community ensuring input into policies and procedures with continued awareness of the benefits and the potential issues related to technologies
     
  • To safeguard children and educate staff and parents by promoting appropriate and acceptable use of information and communication technology(ICT)
     
  • To outline the roles and responsibilities of all individuals who are to have access to and/or be users of, work-related ICT systems;
     
  • To ensure all ICT users have an acute awareness of risk, a clear understanding of what constitutes misuse and the sanctions that may be applied

 

1. Scope

This policy applies to all staff, children, governors, parents, visitors, volunteers and contractors accessing the internet or using technological devices on school premises It applies to all users of the School’s network, and the use of the school’s computer facilities, (including telephony, hardware, software, e-mail, internet, etc) used anywhere, for professional or personal purposes whether in working time or in the employee’s own time.  This policy is also applicable where staff, or individuals, have been provided with school issued devices for use off-site, such as a school laptop or mobile phone.

2. Purpose

The purpose of this policy is to:

  • Protect employees by making clear what is acceptable use of the school’s ICT facilities.
     
  • Protect the security and integrity of the school and its ICT facilities.

3. Policy

High standards of conduct and probity are as relevant to the use of the school computer facilities as they are to all other aspects of work, and employees must conduct themselves in line with the school’s code of conduct and disciplinary code.

Employees who are in any doubt about what is, or is not, acceptable use of the school’s computer facilities must seek advice from the Headteacher or the designated ICT Development Officer.

Employees must conduct themselves honestly, appropriately and in accordance with the law and this policy when using the school’s computer facilities.

Breach of this policy may lead to disciplinary action and result in withdrawal of access to some or all computer facilities. Serious breaches may be regarded as gross misconduct and may lead to dismissal. Employees are required to sign a statement agreeing to the terms and conditions of this Policy (Appendix 1).

The school will co-operate with any law enforcement activity.

Managers must ensure that employees have the skills to use the school’s computer facilities.

The school will purchase all hardware and software through approved suppliers.

4. Access

The school provides access to ICT to enable employees to undertake their duties.

The Headteacher or another designated senior person has authority to obtain access to an employee’s data and documents.

5. Monitoring

Each employee will be required to sign the Statement of Acceptance of the Terms and Conditions of the ICT Usage Policy.

The school’s computer facilities will be monitored to ensure this policy is adhered to and that these facilities are used properly.

Any information (including personal emails, documents, etc) within the school’s network or equipment can be inspected, at any time, without notice.

As part of the “Keeping Children Safe in Education 2016”3 , updated statutory guidance for schools was provided by the DfE. This document states that: “The school [must] ensure that there is not only appropriate filtering in place, but that the school is proactive in monitoring internet usage (pupil and staff). Governing Bodies are reminded to avoid internet filters that might “over block” therefore placing unreasonable restrictions on what children can be taught. The focus must be on an effective Online Safety (formerly known as e-Safety) curriculum to teach about managing risk.”

6. Personal use

Employees can use the school’s computer facilities for reasonable personal use provided it:

  • Does not interfere with the performance of their duties;
     
  • Is appropriate;
     
  • Is on an occasional, rather than a regular or substantial basis;
     
  • Does not compromise the security of the school’s systems or reputation.
     
  • Personal ICT equipment, such as laptops or memory sticks, must not be connected to the school network without explicit consent from the Network Manager or ICT Co-ordinator and a thorough virus check.

6.1 Mobile/Smart Phones

Staff/Visitor use:

  • All staff must ensure that their mobile phones, personal cameras and recording devices are stored securely during working hours or when out on outings (this includes visitors, volunteers and students);
     
  • Mobile phones must not be used in any teaching area in the school (unless authorised by the Headteacher) or within toilet or changing areas;
     
  • During school outings nominated staff will have access to a school mobile/personal phone (if authorised by the Headteacher) which can be used for emergency contact purposes;
     
  • It is the responsibility of the adult to ensure that there is no illegal or inappropriate content stored on their device when brought onto school grounds;
     
  • Personal mobile phones should never be used to contact children, young people or their families, nor should they be used to take videos 16 or photographs of the children. School issued devices only should be used in these situations.

6.2 Laptops/Hand-held devices (e.g. iPads/tablets)

Staff use:

  • Staff must ensure that all sensitive school data is stored on the network (shared drive) and not solely on the laptop or device, unless the device is encrypted. In the event of loss or theft, failure to safeguard sensitive data could result in a serious security breach and subsequent fine. Password protection alone is not sufficient.
     
  • Personal use of school laptops or computing facilities, whilst on site, is left to the discretion of the Headteacher and may be permissible if kept to a minimum, used outside of lesson times and does not interfere with an employee’s work.
     
  • Staff are provided with laptops to allow for school related work to be completed off site. Personal use of the laptop from home (such as web browsing/online shopping etc.) is permitted but should be kept to a minimum and use of the device is strictly restricted to the authorised member of staff only (i.e. not family members)
     
  • Staff are aware that all activities carried out on school devices and systems, both within and outside of the school environment, will be monitored in accordance with this policy.
     
  • Staff will ensure that school laptops and devices are made available as necessary for anti-virus updates, software installations, patches, upgrades or routine monitoring/servicing.

 

Staff use:

  • Where staff may require removable media to store or access sensitive data (e.g. pupil attainment and assessment data) off site, only encrypted memory sticks will be used.
     
  • Any passwords used for encrypted memory sticks/or other devices will be remain confidential to the user and shared only with authorised IT personnel for security and monitoring purposes.

7. Inappropriate Use

Employees must not use the school’s computer facilities to:

  • Send or access messages that are, or perceived to be, libellous, harassing or defamatory, or cause offence to the dignity of an individual or group.
     
  • No communication device whether personally owned or part of the school provision may be used to bully another person.
     
  • Access inappropriate internet sites or material. These may include pornographic, racist or any other sites not appropriate for a school. In the case of accidental access, the employee must immediately disconnect and inform their manager.
     
  • Store, view, print or redistribute any inappropriate material.
     
  • Access chat rooms, social networking sites or newsgroups for personal use.
     
  • Advertise or send personal messages to large groups internally or externally unless through a specified facility or with the permission of an authorised person.
     
  • Spread harmful programmes that may damage the school’s computer facilities.
     
  • Download, use or distribute software including entertainment software or games for personal purposes.
     
  • Download video and audio streaming for personal purposes.
     
  • Use their school e-mail address for the purchase of personal goods or financial transactions.

 

8. Authority to Express Views

Employees using school computer facilities must communicate the schools, and not their personal, views.

Employees must not participate in newsgroups/chat rooms/social networking sites, unless in a professional capacity relevant to their duties and with prior agreement from their manager or the designated authorised person.

Employees must not use the school or its name to endorse any non-school commercial product or service.

 

9. Confidentiality and Security of Data

The school is legally responsible for all information stored or transmitted by its computer systems and for any improper disclosure. Disclosure of data, even unintentionally, can breach the Data Protection Act. Security measures are in place to ensure the confidentiality of data held by the school and employees are accountable for breaches of security or confidentiality.

  • Employees must not attempt to disable or evade any security facility
    .
  • User IDs and passwords must be kept secure and confidential, and passwords changed if an unauthorised person may be aware of them.
     
  • Employees must carefully address e-mails to avoid sending sensitive information to the wrong recipient.
     
  • Employees must ensure that data they are storing, updating or transmitting is accurate, and must not amend or alter e-mails they receive.
     
  • To ensure security it may be necessary to prevent machines with sensitive data from connecting to the internet, or restrict usage of file transfers.
     
  • Employees must use the appropriate system/method e.g., password-protected screen saver, if leaving their computer for short periods and switch computers off at the end of the working day .
  • When information is being carried from one safe source at school for completion off site this must be done with care. The information must be kept safely whilst it is being used and be erased as soon as the work is complete.

 

10. Copyright, Legal and Contractual Issues

Downloading and copying data and software or sending the work of others to third parties without permission can infringe copyright. The school retains the copyright to any original ICT based material produced by an employee in the course of their duties at the school.

  • Copyright should be checked and appropriate permissions sought. In the case of subscription services the appropriate licenses must be obtained.
     
  • Software can only be downloaded with permission from the Headteacher or the designated authorised ICT person. Downloaded software becomes the school’s property and must be used only under the terms of its license. Employees must arrange to license and register such software, where required. Software downloaded without permission must be deleted.
     
  • Employees must not transfer any software licensed to the school or data owned or licensed by the school without authorisation from the Headteacher or the designated ICT person.
     
  • The use of computer facilities can lead to contractual obligations in the same way as verbal or written transactions. Employees must not exceed their delegated authority to enter into contracts or authorise expenditure.
     
  • Records of computer transactions must take place through archiving or backup. Where appropriate, confirmation of receipt of important e-mails must be gained which may be disclosed in litigation.
     
  • Transactions through computer facilities must be treated in the same way as transactions on the schools headed paper.

 

11. Network Efficiency

Employees must regularly delete or archive files no longer required or needed for immediate access.

The school’s ICT unit will scan all files for viruses.

Wherever possible intensive operations such as large file transfers, video downloads, mass e-mailing should be scheduled during off-peak hours.

Video and audio streaming and downloading must be for work or professional purposes only.

 

12.  Hardware and Software

The school must ensure all Hardware is legally licensed and is responsible for the management, maintaining and upkeep of all of the peripherals related to this equipment. The school will procure this equipment from trusted and established suppliers. No unknown equipment can be put in place without the permission of the Headteacher or the designated ICT Development Officer.

The provision of a Laptop for every teacher in the school will be made by the school. Members of staff must make sure that that the school Laptop (if one is supplied) is always looked after in a secure manner when it is used off site. The school Laptop should be locked securely in the boot of a car when parked although this should be avoided if possible. The Laptop should not be left unattended at any time. The information stored on the Laptop should not be disclosed to any other parties. The information on the Laptop should be password protected. If a Laptop is issued to a member of staff then they are responsible for the safety of that Laptop and the information contained on it at all times. If information is transferred on the Laptop to complete work away from school the information should be erased from the Laptop as soon as possible after the extra work is complete.

The school must ensure all software is legally licensed and is responsible for managing and maintaining the register of software and for holding licenses and the original media.

  • No software can be loaded onto or used on any computer owned or leased unless approved by and licensed to the school.
     
  • All software must be procured by the school and installed by the designated authorised ICT person.
     
  • Software must not be copied or distributed by any means without prior approval from the Headteacher or the designated authorised ICT person.

 

13. Photographs and Videos

Digital photographs and videos are an important part of the learning experience for our children. We recognise our responsibility to ensure that our children learn about the safe and appropriate use of digital imagery, and that our staff model good practice. To this end, there are strict policies and procedures for staff, children and parents about the use of any digital imagery within school.

 

  • Written consent will be obtained from parents or carers before photographs or videos of children will be taken or used within the school environment, including the school website or associated marketing material
     
  • Permission will be sought from any child or staff member before an image or video is taken and the purpose of the activity and intended use of the image will be made clear.
     
  • Staff are not permitted to use personal devices, such as cameras, video equipment or camera phones, to take photographs or videos of students. However, in exceptional circumstances, such as equipment shortages, permission may be granted by the Headteacher for use of personal equipment for school related photographs or videos, provided that the there is an agreed timescale for transfer and deletion of the image from the staff member’s device.
     
  • Where photographs of children are published or displayed (e.g. on the school website) first names only will be displayed.
     
  • Wherever possible, group shots of children will not be taken (unless for display purposes), and images should never show young people in compromising situations or inappropriate clothing.
     
  • Digitised images will be deleted from devices immediately after they have been used. Unused photographs will be destroyed (shredded) or returned directly to parents.
     
  • Staff are to ensure that parents/visitors do not use mobile phones or other hand-held devices to take pictures of their children.
     
  • Parents and carers are permitted to take photographs of their own children during a school production or event. The school protocol requires that photos of other people’s children are not published on social networking sites.

 

14. Parent /Carer Involvement

As part of the school’s commitment to developing Online/e-Safety awareness amongst children and young people, every effort is made to engage parents and carers in the process.

  • All parents/carers will be made aware of our ‘Technology Rules’ (see Appendix XYZ)
     
  • Online/e-Safety information will be provided to carers to help raise awareness of key internet safety issues and highlight safeguarding measures in place within school.

 

Meadow High School

Statement of Acceptance of the Terms and Conditions of the ICT Usage Policy

 

ICT and the related technologies such as email, the internet and mobile devices are an expected part of our daily working life in school.  This policy is designed to ensure that all staff are aware of their professional responsibilities when using any form of ICT.  All staff are expected to read and sign to say that they have understood this policy and adhere at all times to its contents.  Any concerns or clarification should be discussed with the Headteacher or the designated ICT Development Officer.

 

I agree to follow the rules and practices set out in the ICT Usage Policy.

 

I will use the ICT network in a responsible way and observe all the restrictions explained in the Policy.

 

I am responsible for the safety, storage and usage of my school Laptop at all times.(If I have a school Laptop.) 

 

I will ensure that all electronic communications with pupils, staff and Parents/Carers are compatible with my professional role.

 

I will ensure that my online activity, both in school and outside school, will not bring my professional role into disrepute.

 

I will not give out my own personal details, such as mobile phone number and personal email address, to pupils.

 

I will only use the school’s email / Internet / Intranet / Learning Platforms(e.g. .Abacus Evolve, Oliver)/ MIS system (SIMs) and any related technologies for professional purposes or for uses deemed ‘reasonable’ by the Headteacher or Governing Body.

 

I will comply with the ICT system’s security and not disclose any passwords provided to me by the school or other related authorities. I will make sure that I do not allow any PC`s or other devices away from school to automatically remember these passwords.

 

I will ensure that personal data (such as data held on SIMS) is kept secure and is used appropriately, whether in school, taken off the school premises or accessed remotely.  Personal data can only be taken out of school or accessed remotely when authorised by the Headteacher or Governing Body.

 

I will only use the approved, secure email system(s) for any school business.

 

I will not install any hardware of software without permission of the Headteacher or the designated ICT Development Officer.

 

I will not browse, download, upload or distribute any material that could be considered offensive, illegal or discriminatory.

 

I agree to report any misuse of the school’s ICT network to the Headteacher or the designated ICT Development Officer.

 

I also agree to report any websites that are available on the school Internet that contain inappropriate material to the Headteacher or the designated ICT Development Officer immediately.

 

Images of pupils and/ or staff will only be taken, stored and used for professional purposes inline with school policy and with written consent of the parent, carer or staff member.  Images will not be distributed outside the school network without the permission of the parent/ carer, member of staff or Headteacher.

 

I will support the school approach to online safety and not deliberately upload or add any images, video, sounds or text that could upset or offend any member of the school community

 

I will respect copyright and intellectual property rights.

 

I will support and promote the school’s e-Safety policy and help pupils to be safe and responsible in their use of ICT and related technologies.

 

I understand that all ICT usage (including unrestricted website activity Laptop activity, Mobile Devices, Smart Phones, Mobile Phones and memory Devices can be automatically logged by the ICT network and will be subject to spot checks. This is to confirm that the ICT Usage Policy is being adhered to.

 

I understand that any breaches of the Policy may result in loss of access to all of the ICT resources and can be subject to disciplinary action.

 

I realise that staff under reasonable suspicion of misuse in terms of time or content may be placed under retrospective investigation or have their usage monitored.

 

 I agree to follow this code of conduct and to support the safe use of ICT throughout the school.

 

Name of Employee: ______________________________ Date: _______________

 

Signature of Employee: _______________________________________________

 

Job Title  __________________________________________________________

 


 

PROFESSIONAL RESPONSIBILITIES

When using any form of ICT, including the Internet,  in school and outside school                  

For your own protection we advise that you:

 

  • Ensure all electronic communication with pupils, parents, carers, staff and others is compatible with your professional role and in line with school policies.
     
  • Do not talk about your professional role in any capacity when using social media such as Facebook and YouTube.
     
  • Do not put online any text, image, sound or video that could upset or offend any member of the whole school community or be incompatible with your professional role.
     
  • Use school ICT systems and resources for all school business. This includes your school email address, school mobile phone and school video camera.
     
  • Do not give out your own personal details, such as mobile phone number, personal  e-mail address or social network details to pupils, parents, carers and others.
     
  • Do not disclose any passwords and ensure that personal data (such as data held on MIS software) is kept secure and used appropriately.
     
  • Only take images of pupils and/ or staff for professional purposes, in accordance with school policy and with the permission of  the SMT.
     
  • Do not browse, download, upload or distribute any material that could be considered offensive, illegal or discriminatory.
     
  • Ensure that your online activity, both in school and outside school, will not bring your organisation or professional role into disrepute.

 

You have a duty to report any e-Safety incident which may impact on you, your professionalism or your organisation.


                

(Appendix 2)

MHS major DP vulnerabilities and enforcement issues (most of these are within the policy but I’ve added cloud storage)

 

Personal equipment such as laptops must not be connected to the school network without permission from the head, ict co-ord, network mngr

 

Personal hard drives or memory sticks must not be used on the school system. Only MHS supplied and encrypted memory sticks can be used.

 

Data stored in cloud services such as google drive and drop box can only be accessed on devices outside of school with 2 level authentication (passwords: laptop screen lock then gmail for example) and devices/ browsers must never be set to remember passwords.

 

Screens should always be locked when not in use and set to time out after…????……..minutes non-use in and out of school

 

Sensitive personal data must never be used via cloud services.

 

Digital images will be deleted from any device immediately after they have been used

 

All personal devices must be stored securely during working hours

 

Mobile phones must not be used in teaching areas

 

Staff must regularly delete or archive files no longer needed or required for immediate access

 

Managers must ensure employees have the skills to use the school computer system safely securely and efficiently via performance management and effective identification of CPD.