Home FOI Disclosure

Email/Network Services Policy

Published 28 November 2016 | Reference: 2016-000436 | Charge: No Charge

Question

A copy of your use of email/network services policy for staff.

Response

EMAIL POLICY

NHS National Services Scotland (NSS) email services is provided by a third party who is responsible for managing and securing the service provided.  The service provider has issued a service user Acceptable Use Policy (AUP) and is available at http://systems.digital.nhs.uk/nhsmail/policies/aup.pdf.

In addition to this AUP, NSS allows its staff to use this email service for limited appropriate personal use.  This means staff can use the service for personal use as long as they follow the other aspects of the policy (e.g. do not sent offensive materials, share company data, does not interfere with their contractual duties, etc).  Staff are also aware we can review this access and if appropriate revoke this privilege at any time.

NETWORK POLICY

The following is an extract from out IT Acceptable User Policy that relates to staff use of network services:

12 NETWORK ACCESS

12.1 NSS wired/cabled network

Only devices purchased, owned and managed by NSS and authorised by the IT SBU Information Governance Group are allowed to be physically connected to the NSS wired/cabled network.

Personally owned devices are not permitted to use the NSS business wired network.

12.2 NSS wireless network

12.2.1 NSS business wireless network

Only NSS purchased and authorised devices are permitted to be connected to the NSS business wireless network.  NSS devices connecting to this network will, where possible and appropriate, be protected and kept up-to-date with the NSS authorised security software (e.g. patch management, anti-virus software, etc).

Personally owned devices are not permitted to use the live NSS business network.

12.2.2 NSS guest wireless network

Users of this service should get the appropriate wireless service access password by following the links from the home page of geNSS.  Third party users of this wireless service should obtain the password from their NSS host.

The changing and publication of this password will be the responsibility of the authorised ITSBU technician.

Access to the NSS guest wireless network is provided as a courtesy rather than a right and also at local management's discretion and as such access can be revoked at any time. 

All NSS desktop and laptop computers must not be connected to the guest wireless network; they must only connect to the business wired or wireless networks to ensure appropriate security is applied.

All users using the NSS guest wireless network must comply with this policy.  Visitors to NSS can use the guest wireless network.  Their NSS host should provide them with the appropriate password and inform them of appropriate use of these services providing a copy of this policy if required.

12.3 Non-NSS networks

Where NSS data is being transferred across non-NSS networks (either wired or wireless) either the network service must be encrypted or the data is encrypted first prior to the data transfer.

Image of nurse caring for elderly patient

Our annual review 2017 to 2018

Find out more about our work in 2017 to 2018

Supporting health and social care integration with key insights

Supported by NSS Information and Intelligence.
National Services Scotland logo

Find out more about the Scottish Infected Blood Support Scheme

More information on the single Scottish Scheme.