Digital Devices and Online Services - Staff Use
Direction and guidance for staff on the use of authorised digital devices and online services.
Changes since previous version
2023 Feb 17 - updated policy statement contact details and minor text changes.
2023 Feb 02 - updated policy statement to reflect the mandating of equipment infrastructure in schools.
2021 Dec 01 - updated policy statement and implementation document contact details.
2020 Oct 11 - updated policy statement and implementation document to align with the NSW Cyber Security Policy and the department's Code of Conduct. Implementation document: Communication Devices and Associated Services Guidelines replaced by Digital Devices and Online Services Guidelines for Staff Use.
2019 Aug 28 - made typographical changes and updated contact details.
2014 - Version 5:
- The policy and guidelines have been comprehensively reviewed and consolidates the existing two policies Employer Communication Devices Staff Use Policy PD2002/0024/V04 and Mobile Communication Devices and Associated Services PD2005/0296/V02 into an updated Communication Devices and Associated Services Policy.
- The Employer Communication Devices Staff Acceptable Use Guidelines (PDF 77KB) has been replaced with the Communication Devices and Associated Services Guidelines.
- The policy and guidelines are now applicable to the whole of the Department of Education and Communities.
2007 - Version 4:
- Minor updates undertaken.
2007 - Jun Version 3:
- Removal of the Principles and Procedures sections of the previous policy, which have been incorporated into a guideline document to support the policy.
2004 Oct - Version 2 October 2004 (DGS04/0582):
- A one-page Summary has been added on page 4 which outlines the key elements in the policy.
- A new paragraph has been added to the Economic Use section (7.3) about power savings.
- Amendments have been made to the Security section (7.6) and one new dot point has been added to the Unacceptable Use section (7.8) concerning the sharing of passwords to comply with ICAC recommendations.
- A new paragraph has been added to the Security section (7.6) about logging out of network logins and corporate applications at the end of the day to assist with the efficient completion of overnight network data backups, security updates, and virus updates and scans.
- Two new dot points (2 and 6) have been added to the Unacceptable Use section (7.8) and changes have been made to the Associated Documents section (8) resulting from the release of the Department's new Code of Conduct in June 2004.
- Amendments have been made to ensure the policy aligns with the Department's Mobile Communication Devices policy.
- Amendments have been made to ensure the policy aligns with the Department's Records Management policy.
2000 Sept - Version 1 (DGS00/1908)
Communication Devices and Associated Services Guidelines
The original version of the Use by Staff of Employer Communication Devices policy statement, published in September 2000 (DGS00/1908). The original version was distributed with a memorandum from the General Manager, Information Technology, dated 16 October 2000 (ITB00/387).
Revised version published in October 2004 Unique identifier: PD/2002/0024/V02
Implementation date: 26 October 2004.
Employer Communication Devices Staff Use Policy PD2002/0024/V04
Employer Communication Devices Staff Acceptable Use Guidelines (PDF 77KB) PD2002/0024 17/10/2008
Mobile Communication Devices and Associated Services PD2005/0296/V02
- Policy statement
- Digital devices and online services are a valuable tool for conducting business. The department protects and maintains the safety, security and privacy of all staff while simultaneously protecting the department's information and ICT infrastructure.
- The digital devices and online services the department provides are public resources that are provided for official purposes. All staff members have a responsibility to use these properly and securely, as well as to ensure the security of the department's information.
- Staff members must be efficient, economical and ethical in their use and management of public resources, in accordance with Code of Conduct Procedures (PDF 400 KB), including digital devices the department issues to staff members.
- Corporate staff members may be provided with digital devices under the device program, including productivity software.
- The standard operating environment and equipment mandated for use in all government schools will be provided as a managed service from IT.
- All staff and contractors must complete annual cyber security training as mandated by the department.
- Staff must comply at all times with state and federal laws relating to the use of digital devices and online services. Those who do not comply may find themselves subject to criminal proceedings and/or disciplinary action.
- The department may monitor the use of devices provided to staff to ensure compliance with this policy.
- All staff using a personal digital device or online service to connect to the department's network may be similarly monitored.
- Any monitoring the department undertakes must comply with the NSW Workplace Surveillance Act 2005.
- The department has put in place reasonable physical, electronic and managerial procedures to restrict access to private information.
- The department will not access sensitive personal information from user devices or make it available to third parties, unless authorised or required by law.
- Audience and applicability
- All staff in schools and corporate offices, including contractors.
- Applies to both department-supplied and personal digital devices accessing the department's online services, including network, email and desktop and mobile applications.
- Digital devices include (but are not limited to) laptops and desktop computers, telephones, mobile phones, smartphones, tablets and any other device that can be connected to the department's network, or other networks to access the internet or mobile telephony. Additionally, the use of online services such as broadband, communications software, such as email and mobile applications, are subject to this policy.
- Read this policy with:
- If a staff member has any complaints relating to the implementation of this policy, refer to the Complaints Handling policy and procedures.
- Refer to the Cyber Security NSW Circular for more information on cyber security hygiene and practice requirements.
- Responsibilities and delegations
- Staff members (including contractors):
- use and support peers to use digital devices and online services in safe, responsible and respectful ways
- participate in professional development related to this policy
- report inappropriate use of digital devices and online services to the line manager and Professional and Ethical Standards in accordance with workplace procedure, department policy and the department's Code of Conduct policy
- are responsible for ensuring licences are held or purchased for any software in addition to the device's base build the department provided and installed on the devices provided to them.
- use digital devices and online services in safe, responsible and respectful ways
- maintain a positive workplace culture that includes and promotes safe, responsible and respectful use of all digital devices and online services
- inform staff, including new and casual staff, of this policy and procedure
- model appropriate use of digital devices and online services
- respond to and report any breaches and incidents of inappropriate use of digital devices and online services as required by school procedures, department policy and any statutory and regulatory requirements.
- Staff members (including contractors):
- Monitoring and review
- The department's Chief Information Security Officer monitors the implementation of this policy, regularly reviews its contents to ensure relevance and accuracy, and updates it as needed.
Chief Information Security Officer, Information Technology Directorate