Computer Use

Effective date: September 30, 2011

Revised January 2018

Relevant Legislation:

Not applicable to this policy.

Intent:

LOFT Community Services is committed to using and improving on its computer technology to enable its staff to provide excellent service to our consumers. This technology includes the computers required by staff as well as access to electronic messaging and the internet. LOFT encourages the use of these new media and their associated services because they make communication more efficient. The internet can also serve as a valuable source of information.  However, without the appropriate safeguards on computer use, the free flow of information between users and the internet could cause possible civil and criminal liability for LOFT, particularly in the transfer of pornographic images or pirated software. This policy is intended to create uniform standards regarding the appropriate use of computers in the work place, ensure the maximum protection of client confidentiality and the efficient functioning of the computer systems.

All staff should understand that the computer resources provided by LOFT Community Services are intended to assist staff in the performance of their jobs. These resources are the property of LOFT and all records or data (including electronic communications) that result from the use of the computers are also the property of LOFT. The Agency may access, read, use, disclose or delete this material at any time at its own discretion. Users should not have any expectation to privacy regarding anything created, sent or received on the computer, whether the use is business or personal. The use of the computer by staff is subject to audit at any time. However, LOFT does respect the privacy of its staff and will not monitor their actions on an ongoing basis. LOFT reserves the right, in its discretion, to review any staff member’s electronic files, messages and usage to ensure that the electronic media are being used in compliance with this policy and the law. It is expected that the computers will be used appropriately and that computer resources should be used for business purposes only. However, this expectation is similar to that for telephone usage, that limited personal use of the computer is permissible. This is provided that personal use does not interfere with the operation of network resources, the user’s job performance and that users never engage in unacceptable computer use.

Definitions:

Not applicable to this policy.

Policy:

GENERAL CARE OF COMPUTER RESOURCES

Every staff member is responsible for helping to reduce the possibility of damage or theft of the computer work stations and the information they contain. This equipment is expensive and is usually an unfunded portion of program costs. Accidental damage or theft may be covered by LOFT’s insurance, as long as neither is due to negligence. Staff may be responsible for covering the costs of damage due to negligence.

 

Staff will be responsible for adhering to the general care and maintenance practices as specified by LOFT. This will include:

  • placing the computers as far as possible from sources of direct heat,
  • protecting the computers against extremes of temperature,
  • isolating the computers from possible electrical or magnetic interference,
  • ensuring that the CPU and monitor are well ventilated or that the circulation of air around the machine is unimpeded,
  • keeping all food and drinks away from the computer and its keyboard,
  • shutting down the computer at the end of the day,
  • turning off the computer during an electrical storm.

 

Staff travelling with a lap top computer should keep them within reach at all times and NOT left behind in cars or hotel rooms. If they cannot be carried at all times, the lap tops should be left in a well hidden area of the car or in a secure location at a hotel, i.e. a safe. Lap tops should also not be left in the car for long periods of time due to the extremes of temperature which may occur within the vehicle. All confidential material on the machine must also be removed and placed on a disk which should be kept secured.

 

 

SYSTEM INTEGRITY

 

Software Licenses

All software in use by LOFT is purchased from authorized vendors. This is because LOFT is required to have legal licenses for all software installed on its computers. Only IT staff are authorized to install any software to LOFT computers.  To ensure that LOFT does not violate the terms of the licenses and that software is only used within the terms of the license, staff must not:

  • Install any additional software.
  • Install pirated or personal software.
  • Copy authorized software onto other computers without proper approval.

 

Virus Protection

All of LOFT’s computers are protected with anti-virus software and may have other security hardware or software installed for further protection. This is to ensure that the data or hard drives are not damaged or destroyed by a virus which has entered the system from any source. Staff must do everything possible to ensure that the security features are operating as planned, which includes:

  • ensuring that their computer anti-virus software is updated at least monthly,
  • ensuring that the installed anti-virus software is never disabled,
  • knowingly importing viruses into the computer network,
  • downloading materials from external networks or the internet without subjecting the files to anti-virus checking.

Staff may wish to seek assistance or approval on opening an electronic message from an unrecognizable sender, as viruses are often introduced to a network this way.

 

Passwords

All computers at LOFT will be protected with a hardware based “boot-up” password in order to protect the information stored on its networks. This confidential password must not be disabled. Users are responsible for safeguarding their systems password and any other passwords required for their computer use. These passwords must not be transmitted, printed, stored online or be given to others. If users suspect that their passwords have been compromised, they should take immediate steps to change them. Only the systems administrator may, in some cases, be able to know staff passwords and change them as required. Staff should get into the habit of changing their password regularly. Supervisors may consider, collecting all passwords used by their staff members as a failsafe measure. This can be done, and still retain their confidentiality, by having them recorded, placed in a sealed envelope, initialed over the seal and stored in a secure location.

 

Data

All information created or collected on the computers regarding LOFT and its clients should be treated as confidential and is to be protected at all times. This is why user passwords should be kept secure. To ensure this confidentiality of information, the computers are to be used only by persons employed by LOFT, (i.e. no client or family use) and only for conducting LOFT business or for purposes authorized by LOFT. Staff should not allow others, especially members of the public, to read their screens when working on this information. Any materials that are printed from the computer must be retrieved from public printers as soon as it is available.

Staff should realize that most information sent out over the internet is unprotected. While the sharing of public information regarding LOFT is allowed, any Agency and client data or information that is intended to be confidential will not be transmitted over the internet unless protected by encryption software. This includes any material that is considered sensitive, proprietary or privileged. LOFT will install encryption software for Programs that are required to transmit confidential information over the internet.

It will be the responsibility of each staff to ensure that backup copies are made of all of their data files. This means that there be at least two copies of each data file, and that those copies be kept on different storage media, e.g. fixed or removable disks or tape. This is essential for all files kept on a lap top or a desktop not connected to the LOFT network. These files should be backed up on a weekly basis. Machines that are connected to the network will be regularly backed up by the network servers.

 

UNACCEPTABLE COMPUTER USE

This is not meant to be an exhaustive list of the inappropriate use of computers in the work place, as other rules, procedures and guidelines may be instituted as the need arises, or as required locally by an individual program. The following will outline those practices, in addition to the ones provided earlier that are improper and unacceptable.

They are:

• Sending or soliciting communications containing material that is fraudulent, discriminatory, harassing, threatening, pornographic, profane, obscene, vulgar, intimidating or unlawful.

• Participating in inappropriate internet discussion groups such as pornographic, hate-based or terrorist discussion groups.

• Downloading copyrighted content from web sites on the internet except for research or non-commercial use. All copyrights must be respected and staff may not copy, retrieve, modify or forward copyrighting materials except as permitted.

• Using LOFT computers to intentionally broadcast messages, producing and/or propagating non-business documents or messages such as chain letters, or knowingly transmitting destructive programs.

• Sending unauthorized mass mailings.

• Using the computer to interfere with, or impair the computer of another staff member, and engaging in any activity which may cause congestion or disruption to the networks.

• Attempting to gain unauthorized access to other systems, passwords or to breach computer/network security measures.

• Attempting to send anonymous communications or to falsify information regarding the origin of the message by any means, including the use of another user’s identification.

• Sending communications purporting to represent the interests of LOFT, its management or Board of Directors.

• Sending or soliciting transmissions of commercial or personal advertisements, solicitations, promotions or political material for unauthorized or personal use.

• Storing great amounts of personal information on the computer.

• Conducting personal business or money making activities.

 

Staff who is found to be abusing their computer privileges will be subject to corrective action. This includes possible loss of computer privileges and discipline, up to and including dismissal.

Procedures:

See program manual.