Information Technology (IT) Policy

1. Introduction
Lindal & Marton Parish Council recognises the importance of effective and secure Information Technology (IT) and email usage in supporting its business, operations, and communications. This policy outlines the guidelines and responsibilities for the appropriate use of IT resources and email by Council members, staff, and contractors.

2. Scope
This policy applies to all individuals who use Lindal & Marton Parish Council’s IT resources, including computers, networks, software, devices, data, and email accounts.

3. Acceptable use of IT resources and email
Council IT resources and email accounts are to be used for official Council-related activities and tasks. Personal use of Council assets is discouraged. All users must adhere to ethical standards, respect copyright and intellectual property rights, and avoid accessing inappropriate or offensive content.

4. Device and software usage
Where possible, authorised devices, software, and applications will be provided by the Council for work-related tasks. Unauthorised installation of software on authorised devices or hosted services (such as the Council website), including personal software, is strictly prohibited due to security concerns.

5. Data management and security
All sensitive and confidential Council data should be stored and transmitted securely using approved methods. Regular backups of stored Council data should be performed to prevent data loss, and secure data destruction methods should be used when necessary.

6. Network and internet usage
The Council does not possess any complex IT infrastructure, such as networks or internet access. Nevertheless, downloading and sharing copyrighted material using Council resources without proper authorisation is prohibited.

7. Email communication
Email accounts provided by the Council are for official communication only. Emails should be professional and respectful in tone. Confidential or sensitive information must not be sent via email unless it is encrypted. Be cautious with attachments and links to avoid phishing and malware. Verify the source before opening any attachments or clicking on links.

8. Password and account security
Council users are responsible for maintaining the security of their website and email accounts and passwords. Passwords should be strong and not shared with others. Occasional password changes are encouraged to enhance security. Use of Multi-Factor Authentication (MFA) is strongly encouraged for securing access to Council website and email accounts.

9. Mobile devices and remote working
There are currently no mobile devices provided by the Council. Personal mobile devices which may be used for Council business should be secured with passcodes and/or biometric authentication. When working remotely with mobile devices, users should follow the same security practices as if they were at home or in the office. Sensitive data must never be transmitted via vulnerable shared internet connections, such as in hotels and restaurants, unless in conjunction with an active Virtual Private Network (VPN). Use of a dedicated mobile phone service and/or a VPN is strongly preferred.

10. Email monitoring
Lindal & Marton Parish Council reserves the right to monitor Council email communications to ensure compliance with this policy and relevant laws. Monitoring will be conducted by the Council’s Data Protection Officer, in accordance with the Data Protection Act and GDPR.

11. Retention, archiving and disposal
Council emails should be retained and archived within the Council email system in accordance with legal and regulatory requirements. Regularly review and delete unnecessary emails to maintain an organised inbox. Avoid printing emails unless absolutely necessary. Use a shredder to dispose of any printed Council emails or other sensitive Council information.

12. Reporting security incidents
All suspected security breaches or incidents should be reported immediately to the designated IT point of contact for investigation and resolution. Report any email-related security incidents or breaches to the IT point of contact immediately.

13. Training and awareness
Lindal & Marton Parish Council will provide suitable training and resources to educate users about IT security best practices, privacy concerns, and technology updates. All employees and councillors will receive training on email security and best practices.

14. Compliance
Breach of this IT Policy may result in the suspension of IT privileges and further consequences as deemed appropriate.

15. Policy review
This policy will be reviewed annually to ensure its relevance and effectiveness. Updates may be made to address emerging technology trends and security measures.

16. Contacts
For IT-related enquiries or assistance, users should contact Cllr Neil Fleming. For data protection issues, users should contact the Parish Council’s Data Protection Officer, Jack Smith. By everyone adhering to this IT Policy, Lindal & Marton Parish Council aims to create a secure and efficient IT environment that supports its mission and goals.