~5-page information security policy on monitoring and surveillance.
Both the organization and individuals have legal and ethical obligations and rights concerning monitoring and surveillance of people and activities for information security and other purposes. This policy balances the privacy concerns and rights of individuals against the security and business concerns and rights of the organisation. It notes legitimate reasons for the use of monitoring and surveillance by the organisation, and controls to ensure that such activities comply with legal obligations and ethical expectations.
It prohibits the use of surveillance for illegitimate, illegal or unethical purposes, and requires workers to report surveillance-related incidents and suspicions for further investigation.
Given the ubiquity of small, cheap, portable surveillance devices today (smartphones for instance) and the potential for theft of valuable information, privacy breaches etc., most organisations need clear policies in this area. Does yours?
Supplied as an MS Word document, readily customised for your organisation's specific situation.
top of page
bottom of page