Digital devices, services and information – staff use
Direction and guidance for staff on the use of authorised digital devices and online services and information.
Audience
All staff in schools and education support settings, including contractors, and any parties that access or use the department’s digital devices, systems and information.
Version | Date | Description of changes | Approved by |
---|---|---|---|
V06.1.1 | 03/10/2024 | Removed reference to the Expectations for Digital Communication procedure following absorption of the related content into the Our Culture policy. | Director, Cyber Security |
V06.1.0 |
02/08/2024 |
Re-allocation of Chief Information Security Officer (CISO) responsibilities to the Chief Information Officer (CIO) and Director, Cyber Security. |
Chief Information Officer |
V06.0.0 | 10/05/2024 | Updated under the 2023 Policy and procedure review program, including policy name change from Digital Devices and Online Services – Staff Use to Digital devices, services and information – staff use. Converted into the new template, and improved readability. Added requirements for taking or accessing department devices, systems and information from overseas. | Chief Operating Officer |
Document history
2024 Mar 21 - new policy procedure document 'Expectations for digital communication procedure' added to the policy.
2023 Feb 17 - updated policy statement contact details and minor text changes.
2023 Feb 02 - updated policy statement to reflect the mandating of equipment infrastructure in schools.
2021 Dec 01 - updated policy statement and implementation document contact details.
2020 Oct 11 - updated policy statement and implementation document to align with the NSW Cyber Security Policy and the department's Code of Conduct. Implementation document: Communication Devices and Associated Services Guidelines replaced by Digital Devices and Online Services Guidelines for Staff Use.
2019 Aug 28 - made typographical changes and updated contact details.
2014 - Version 5:
- The policy and guidelines have been comprehensively reviewed and consolidates the existing two policies Employer Communication Devices Staff Use Policy PD2002/0024/V04 and Mobile Communication Devices and Associated Services PD2005/0296/V02 into an updated Communication Devices and Associated Services Policy.
- The Employer Communication Devices Staff Acceptable Use Guidelines (PDF 77KB) has been replaced with the Communication Devices and Associated Services Guidelines.
- The policy and guidelines are now applicable to the whole of the Department of Education and Communities.
2007 - Version 4:
- Minor updates undertaken.
2007 - Jun Version 3:
- Removal of the Principles and Procedures sections of the previous policy, which have been incorporated into a guideline document to support the policy.
2004 Oct - Version 2 October 2004 (DGS04/0582):
- A one-page Summary has been added on page 4 which outlines the key elements in the policy.
- A new paragraph has been added to the Economic Use section (7.3) about power savings.
- Amendments have been made to the Security section (7.6) and one new dot point has been added to the Unacceptable Use section (7.8) concerning the sharing of passwords to comply with ICAC recommendations.
- A new paragraph has been added to the Security section (7.6) about logging out of network logins and corporate applications at the end of the day to assist with the efficient completion of overnight network data backups, security updates, and virus updates and scans.
- Two new dot points (2 and 6) have been added to the Unacceptable Use section (7.8) and changes have been made to the Associated Documents section (8) resulting from the release of the Department's new Code of Conduct in June 2004.
- Amendments have been made to ensure the policy aligns with the Department's Mobile Communication Devices policy.
- Amendments have been made to ensure the policy aligns with the Department's Records Management policy.
2000 Sept - Version 1 (DGS00/1908)
Superseded documents
Communication Devices and Associated Services Guidelines
The original version of the Use by Staff of Employer Communication Devices policy statement, published in September 2000 (DGS00/1908). The original version was distributed with a memorandum from the General Manager, Information Technology, dated 16 October 2000 (ITB00/387).
Revised version published in October 2004 Unique identifier: PD/2002/0024/V02
Implementation date: 26 October 2004.
Employer Communication Devices Staff Use Policy PD2002/0024/V04
Employer Communication Devices Staff Acceptable Use Guidelines (PDF 77KB) PD2002/0024 17/10/2008
Mobile Communication Devices and Associated Services PD2005/0296/V02
- Policy statement
- The department supports the operation of a secure computing environment by reducing the risk of compromised digital devices or systems and the impact this could have on its ongoing operation and security.
- The department provides standardised operating systems, equipment and software to school and education support to be used for official purposes only.
- All staff have a responsibility to use these properly and securely, ensuring the security of the department’s information.
- Staff must comply with state and federal laws governing the use of digital devices, online services and information.
- The department has put in place reasonable physical, electronic and managerial procedures to restrict access to private information and ensure the appropriate use of its digital devices and systems.
- The department will not provide third parties with sensitive personal information from user devices, unless authorised or required by law.
- Context
- This policy protects against inappropriate use and compromise of department digital devices, systems and information.
- The following procedure supports this policy:
- Policy contact
- Director, Cyber Security, Information Technology directorate
CyberCompliance@det.nsw.edu.au
- Director, Cyber Security, Information Technology directorate
- Monitoring the policy
- The Director, Cyber Security monitors the implementation of this policy, regularly reviews its contents to ensure relevance and accuracy, and updates it as needed.