Access - Computer Access

-
Computer Access
The Computer Misuse Act 1990 makes offences of:

- Unauthorised access to computer material (i.e. both hacking and access by Unauthorised users);

- Unauthorised modification of computer material (e.g. the insertion of a time bomb such as the 'Friday 13th' data destruction program); and

- Ulterior intent (i.e. Unauthorised access for the purpose of committing a crime).


Penalties for Unauthorised access (apart from those provided for under the Act which are up to 5 years imprisonment and/or an unlimited fine) may include dismissal for employees.

A policy/procedure such as the following might be appropriate:

1. Employees may only operate within their own departmental operations and service areas. Access to other areas is restricted to Authorised personnel only. Access to the systems, particularly, but not exclusively, the computer systems, is reserved to Authorised personnel only. Unauthorised access to, or in any way tampering with, any computer system or software, or computer installation (including but not restricted to the items in this rule) will be regarded as gross misconduct and may render the offender liable to dismissal and prosecution under the Computer Misuse Act 1990.

2. All computer records will be backed up daily (or more often if required) with back up stored in (a remote location).

3. Data files altered during daily working will also be backed up daily with back up stored in (a remote location).

4. In no instance should any computer owned or leased by the business be used for playing games or for any purpose other than the legitimate work of the business. Nor shall employees using their computers or electronic equipment use them for such purposes in the workplace. Nor may employees access the Internet (or any other information service obtained via computer access) whilst at work other than with the previous written permission of [a director]. The attention of all employees is drawn to [the organisation] ELECTRONIC COMMUNICATIONS policy.

4. Breach of these rules is regarded as gross misconduct, the maximum penalty for which under the organisation disciplinary policy is summary (without notice) dismissal.

5. No software and/or disks, etc. other than those owned or leased by [the Organisation] may be used in its computers. All software and disks must be purchased new from recognised and reputable suppliers, backed by a confirmation that all such items are free from viruses, etc., and/or with a guarantee/liability acceptance that, in the event that virus(es) which have caused damage, were present on purchase, the supplier will reimburse losses.

6. Anti-virus programs should be used regularly (specify intervals) to check that all systems, software and disks, etc. (including backup files) are virus free. Any item found infected must be immediately separated from any networking arrangement, and steps taken to eliminate the virus.


Destruction of Data
Since it may be possible to access data, formerly stored on the hard disk of a computer even though the user deleted it, suitable protection (or destruction) must be considered for such disks. This problem becomes more acute in considering the number of personal computers used both in and outside the Organisation - including many which commute with employees.

Comments

Post a Comment

Popular posts from this blog

Canteens and Rest Rooms for Employees-Cooperation, Employee's Duty Of

-
Canteens and Rest Rooms for Employees Key points Whether or not employers are legally-bound to provide their workers with dedicated canteens or rests room will depend in large part on the type of activity or process in which an employer is engaged. Regulation 25(5) of the Workplace (Health, Safety & Welfare) Regulations 1992 - that apply to every workplace - states that 'suitable and sufficient facilities shall be provided for persons at work to eat meals where meals are regularly eaten in the workplace'. By way of explanation, the accompanying Approved Code of Practice points out that 'seats in work areas can be counted as eating facilities provided they are in a sufficiently clean place and there is a suitable surface on which to place food. Eating facilities', it continues, 'should include a facility for preparing or obtaining a hot drink, such as an electric kettle, a vending machine or a canteen'. Furthermore, 'workers who work
Read more

Dismissal for Lack of Qualifications

-
Image
Key points §   'Lack of qualifications' is one of the permitted (or legitimate) reasons for dismissal listed in section 98(2) of the Employment Rights Act 1996. The expression qualifications means any degree, diploma or other academic, technical or professional qualification relevant to the position that a dismissed employee held ( ibid. section 98(3)(b)). §   Although an employee can legitimately be dismissed for not having the qualifications needed to do his (or her) job, that is not necessarily an end to the matter. What an employment tribunal must decide is whether the dismissal was fair. Given the particular circumstances (including the size and administrative resources of his undertaking) did the employer act reasonably or unreasonably in treating the employee's lack of qualifications as a sufficient reason for dismissing him? That question, says section 98(4) of the 1996 Act, shall be determined 'in accordance with equity and the substantial merits of the case&
Read more

References

-
Key points As the High Court remarked in  Lawton v BOC Transhield Ltd  [1987] IRLR 404, an employer is under no legal obligation to give a former employee a reference. But, if he (or she) does do so, he owes a duty to that employee to take reasonable care to ensure that the opinions he expresses in it are based on accurate facts and, in so far as the reference itself states facts, that those facts are themselves accurate. When an employer approaches another employer for information and opinions about one of the latter's employees (past or present), it should be self-evident, said the court, that the employee in question has proffered his (or her) former employer's name as referee, that he is being seriously considered for employment elsewhere, that he is relying on the former employer to get his facts right, and that an adverse report would almost certainly result in his being taken off the short list or remaining unemployed for an unspecified period. In other words, th
Read more