2. Data protection policy statement
We comply with all relevant legislative and regulatory provisions governing the management and storage of data in both electronic and paper formats. We are registered with the Information Commissioner. We comply with the data protection principles, i.e that all data covered by the Act (which includes not only computer data, but also personal data held in a filing system in a systematic manner) is:
3. Information management responsibilities and processes
Protection and security guidelines:
Do not install any software unless it has been authorised and can be supported on our system.
Do not disclose your password to anyone.
If someone else finds out your password, change it.
Do not use other people’s log-ins.
Log off when you leave your PC or workstation unattended.
Ensure above all that no member of the public has access to our system when you leave your PC or workstation.
Always secure laptops and mobile devices in unattended offices.
Do not take equipment, data, information sources or software off-site unless you have written authority to do so.
To preserve the integrity of data, ensure it is transferred between laptops, mobile devices and the main system as soon as possible.