Employee Privacy Policy
Strategic Insight, Ltd.
By Jim Noble, IT Director
Publication date: October, 2024
PURPOSE
This policy describes the organization’s employee privacy guidelines and outlines employee privacy expectations.
SUMMARY
The organization provides computers, internet access, electronic messaging (email), smartphones and other IT equipment and services to enable employees, contractors, temporary staff, volunteers and other authorized agents to fulfill their professional responsibilities.
All IT equipment and services are provided only for the purpose of enabling business operations and increasing productivity.
AUDIENCE
This policy applies to all full-time employees, contract workers, consultants, part-time staff, temporary workers and other authorized personnel awarded organization-provided IT equipment and services.
EXCEPTIONS
There are no exceptions to this policy.
EMPLOYEE PRIVACY POLICY DETAILS
The organization’s IT equipment, services and systems are intended for business use only. However, the organization acknowledges that staff, consultants and volunteers occasionally require opportunities to make or receive personal phone calls, access personal email, utilize popular social media sites and visit internet sites, as long as the aforementioned activities are not excessive and do not violate other written organization policy prohibitions.
Excessive use of personal email, social media accounts or internet-based resources that interferes with regularly assigned duties violates other written policy prohibitions or violates any laws or regulatory standards will result in disciplinary action where appropriate, up to and including termination.
The organization’s staff, consultants and volunteers may expect a reasonable amount of privacy. The organization and management trust staff, consultants and volunteers to work on organization business while at work except for break periods or observed lunches.
During a staff member’s, consultant’s or volunteer’s regular work shift, the individual may receive phone calls, email messages, electronic communications and social media updates unrelated to work as long as these activities are not excessive or frequent and do not interfere with the regular performance of job duties or violate any written policy prohibitions.
The organization reserves the right to monitor and archive all communications sent through the organization’s servers, computers and systems. The data, communications and services that may be monitored and archived include but are not limited to:
-
Documents, spreadsheets and presentations.
-
Photographs.
-
Videos.
-
Email.
-
Instant messages.
-
Telephone calls.
-
Social media activity.
-
Web activity.
-
Text messages.
-
Voicemails.
-
Postal mail sent from or to organization-managed street addresses.
Employees, consultants and volunteers are advised that messages, communications and other material that is personal in nature and that might prove unsuitable for work should not be accessed using organization-provided IT systems, services and equipment. Any personal material of a questionable or sensitive nature should be accessed only from personal systems from non-organization-provided equipment, systems and services.
All files and information stored on organization-provided resources are subject to review, storage and permanent archiving as part of a larger disaster plan and recovery effort. Personal information accidentally stored on organization systems, even for a few hours, may become subject to permanent storage and be inaccessible for deletion. In some cases, any organization attempting to remove files from permanent or long-term storage could result in the violation of compliance regulations. Therefore, such requests can’t be accommodated.