Memo to employees on confidentiality of data on computer systems

TO: All Employees

FROM: Executive Management

DATE:

SUBJECT: Confidentiality of data on computer systems

We would like you to be aware that [COMPANY NAME] computer systems, including E-mail and computerized voice mail, are intended for business use and as such do not offer privacy protections as you might expect from a truly personal system. [COMPANY NAME] personnel and even unauthorized computer users outside the company may have access to your files. We therefore want to advise you that the confidentiality of your work cannot be guaranteed. If there is a business necessity-for example, if a file necessary for a report is on the hard disk of an employee absent from work-a manager or supervisor, with the approval of the department head, can have the system accessed so the file can be retrieved.

Since we also have an obligation to prevent so-called pirated software from being used on our systems, a department of the company has been designated the responsibility to scan hard drives from time to time to see what programs are loaded on them. Scanning is also used to audit the versions of authorized software that are being used so that upgrades can be ordered properly. Because of our obligations to prevent unauthorized duplication of software and concern about computer viruses, only software provided by the company should be loaded onto [COMPANY NAME] systems. While the concept of business necessity and a respect for legitimate confidentiality do guide our actions, outsiders do not share these concerns. We encourage you to use passwords and encryption to decrease the likelihood that unauthorized people will be able to access your data or voice mail. Unfortunately, these methods are not foolproof. For this reason, we encourage you to be cautious when leaving messages on voice mail systems. If you would like advice on protecting confidential computer data please contact your local Security representative.

Finally, we would like you to be aware that the software and data on [COMPANY NAME] systems belong to the [COMPANY NAME] and as such should not be copied or removed when someone leaves the company.