This Acceptable Usage Policy covers the security and use of all (Saluja Eye Care Center’s) information and IT equipment. It also includes the use of email, internet, voice and mobile IT equipment. This policy applies to all (Saluja Eye Care Center’s) employees, contractors and agents (hereafter referred to as ‘individuals’).
This policy applies to all information, in whatever form, relating to (Saluja Eye Care Center) business activities worldwide, and to all information handled by (Saluja Eye Care Center) relating to other organisations with whom it deals. It also covers all IT and information communications facilities operated by (Saluja Eye Care Center) or on its behalf.
Access to the (Saluja Eye Care Center) IT systems is controlled by the use of User IDs, passwords and/or tokens. All User IDs and passwords are to be uniquely assigned to named individuals and consequently, individuals are accountable for all actions on the (Saluja Eye Care Center) IT systems.
Line managers must ensure that individuals are given clear direction on the extent and limits of their authority with regard to IT systems and data.
Use of (Saluja Eye Care Center) internet and email is intended for business use. Personal use is permitted where such use does not affect the individual’s business performance, is not detrimental to (Saluja Eye Care Center) in any way, not in breach of any term and condition of employment and does not place the individual or (Saluja Eye Care Center) in breach of statutory or other legal obligations.
All individuals are accountable for their actions on the internet and email systems.
In order to reduce the risk of unauthorised access or loss of information, (Saluja Eye Care Center) enforces a clear desk and screen policy as follows:
It is informed that laptops and mobile devices will be taken off-site only in special situations and with due written permission. The following controls must be applied:
Mobile devices such as memory sticks, CDs, DVDs and removable hard drives must be used only in situations when network connectivity is unavailable or there is no other secure method of transferring data. Only (Saluja Eye Care Center) authorised mobile storage devices with encryption enabled must be used, when transferring sensitive or confidential data. It should be ensured that such activities are approved by the authorities of Saluja eye care center, in writing.
Employees must use only software that is authorised by (Saluja Eye Care Center) on (Saluja Eye Care Center’s) computers. Authorised software must be used in accordance with the software supplier’s licensing agreements. All software on (Saluja Eye Care Center) computers must be approved and installed by the (Saluja Eye Care Center) IT department.
The IT department has implemented centralised, automated virus detection and virus software updates within the (Saluja Eye Care Center). All PCs have antivirus software installed to detect and remove any virus automatically.
Use of (Saluja Eye Care Center) voice equipment is intended for business use. Individuals must not use (Saluja Eye Care Center’s) voice facilities for sending or receiving private communications on personal matters, except in exceptional circumstances. All non-urgent personal communications should be made at an individual’s own expense using alternative means of communications.
All (Saluja Eye Care Center) equipment and data, for example laptops and mobile devices including telephones, smartphones, USB memory devices and CDs/DVDs, must be returned to (Saluja Eye Care Center) at termination of contract.
All (Saluja Eye Care Center) data or intellectual property developed or gained during the period of employment remains the property of (Saluja Eye Care Center) and must not be retained beyond termination or reused for any other purpose.
All data that is created and stored on (Saluja Eye Care Center) computers is the property of (Saluja Eye Care Center) and there is no official provision for individual data privacy, however wherever possible (Saluja Eye Care Center) will avoid opening personal emails.
IT system logging will take place where appropriate, and investigations will be commenced where reasonable suspicion exists of a breach of this or any other policy. (Saluja Eye Care Center) has the right (under certain conditions) to monitor activity on its systems, including internet and email use, in order to ensure systems security and effective operation, and to protect against misuse.
Any monitoring will be carried out in accordance with existing laws and regulations.
It is the responsibility of the user to report suspected breaches of security policy without delay to your line management, the IT department, the information security department or the IT helpdesk.
All breaches of information security policies will be investigated. Where investigations reveal misconduct, disciplinary action may follow in line with (Saluja Eye Care Center) disciplinary procedures and existing laws of the state.