Waterlooville Baptist Church Information Technology Policy

IT Policy approved and adopted at the 3rd July 2014 Church Meeting.

 1.0 Overview

This policy addresses use of Information Technology (IT) equipment on Church Premises and also remotely e.g. Church web site and social media sites. It is specifically designed to protect all users but particularly children and vulnerable adults but is good practice for all. 

2.0 Church Premises Equipment

2.1 IT Equipment

2.1.1 All church owned IT equipment should have the following set up on it to protect the user and any sensitive personal information which is stored about church members.   

1. Automatic downloading and applying of security update patches.
2. Functioning and up to date Antivirus software.
3. If used by children / vulnerable adults a suitable content filtering software.
4. Ideally, Sensitive Personal Information should not be stored.  If Sensitive Personal Information has to be stored the data must be encrypted
5. Sensitive personal information should not be shared by email, or other electronic communication unless encrypted.

Note: Sensitive Personal Information is defined as: personal data which consists of information concerning a person’s racial or ethnic origin, political opinions, religious beliefs or beliefs of a similar nature, membership of a Trade Union, physical or mental health condition, sexual life, commission or alleged commission of any offence, a record of any proceedings for any offence committed or alleged, or a record of any sentence or proceedings. Much of the information which the church is likely to process will be sensitive personal data as it is likely to concern the person’s religious beliefs.

2.1.2 All church owned equipment may be subject to audit at any point in time with the approval of the deacons. 

2.1.3 If Sensitive Personal Information is stored on personally owned computers used for church business, then these criteria also apply to the personally owned computers.

2.2 Church Internet and Wifi

You should be aware that every Internet site you visit is capable of determining who you are, and whom you represent. Accordingly, access to the Internet should include the use of good judgment, common sense, and careful discretion. The following rules apply:

1. Internet access should be limited to appropriate Church use only. Visiting adult sites or access for more than minor personal use is prohibited.  
2. Use of the Church’s Internet in attempts to gain unauthorized access to remote systems is prohibited.
3. The Church Wifi is only to be used by approved people and gives unfiltered access to the Internet. 
4. The Church Wifi has two zones a private zone for Church Officers and staff to use and a more general zone giving just access to the Internet for Organisation Leaders or equivalent.  A list of approved users is maintained by the Church and the Wifi key should not be shared. Any user found sharing the key or violating the Church IT policy will have their access removed.

2.3 If the Church policy has been seriously violated by the ministers, officers, employees, volunteers or members, they will be subject to disciplinary procedures, up to and including immediate termination of employment / Church Membership.

3.0 Church Web Page and Social Media Policy

3.1 General Policy

Waterlooville Baptist Church (WBC) values the potential good that comes from web pages, social networking pages, blogs, texting, instant messaging, e-mail and other forms of electronic social networking/communication. Simultaneously we recognise that misunderstanding, personal offense, hurt, legal exposure and damage to church community can potentially accompany use of these mediums. The Apostle Paul instructs that “Everything is permissible but not everything is constructive. Nobody should seek his own good, but the good of others.” With the principles of 1 Corinthians 10:23-33 in mind, all church employees and volunteers are to abide by the following communication guidelines.

All information shared on the Church web site, Church Facebook page or other social media site should be considered public domain information. It will probably have also been printed and available to anyone visiting the Church. There is an important exception of the Church Directory which should not be shared on the Internet. Therefore details of events, reports, contact information for organisations including email addresses and telephone numbers can be shared publicly on the Internet.

3.2 Ensure Integrity

Electronic communications should be consistent with the teaching of scripture and the values of WBC. Nothing should be written online that would not be said in person as a representative of the church (Proverbs 10:9). If a public dialogue gets heated, it is best to stop using a public forum and make the conversation private (Matthew 18:15-17). Leaders are expected to have the foresight to anticipate, within reason, how their words and/or actions may be perceived by their audience and to those under their care.  It is highly recommended that any potentially difficult posting should be reviewed by the church officers.

3.3 Promote Credibility

Facts should be checked to ensure they are correct; in proper context and that positions are justifiable (1 Corinthians 13:5-7). Response to those who disagree should be in a spirit of love and grace (Luke 6:28-30). Electronic communications should not be used to resolve interpersonal conflicts that are best handled face-to-face. It is highly recommended that any potentially difficult posting should be reviewed by the church officers.

3.4 Keep Confidences and Avoid Libel

Communications should not inadvertently share confidential information (sometimes we deal with a lot of confidences in church work so extra care must be taken with this). With any public postings the author is legally liable for what is written. Laws governing slander, libel, defamation and copyright apply. Outside parties can pursue legal action against individuals for postings.

 3.5 Do Not Engage in Polarising Political Speech

As a charity the government does not tax WBC as if it were a business because of this, however, there are certain restrictions placed on charities such as ours, specifically we cannot be seen to endorse or support political candidates. Nothing in public communications should lead people to believe that WBC is endorsing a political candidate or party.  Any public posting on a political issue which is made speaking on behalf of the church must be agreed by the church officers.  It is recognised that Church ministers may wish to speak in their own right on political issues when posting blogs, facebook postings, tweets etc., but they should make it clear that this is their own view and not necessarily the view of the church and church IT platforms should not be used in these cases.

3.6 Respect the Church and its Staff

Since electronic communications are public (or easily made public), we expect everyone associated with us to be respectful to the church and leaders, employees, volunteers and members. Any employee or member who uses electronic communications to disparage the name or reputation of the church, its practices, or its ministers, officers, employees, volunteers or members will be subject to discipline, up to and including immediate termination of employment / Church Membership. 

3.7 Limit Expression in Written Words

Remember that written words can easily convey the wrong message. Written words do not have the “non-verbal” channels that accompany face-to-face communication. Missing are body language, facial expressions and tone of voice that can help ensure proper context. As such, reread everything prior to sending. See if there is any possibility of misunderstanding. Every year the church deals with many relational problems brought on by poor word choices or communications sent in anger/haste. A good motto is “Think before you press send”.

3.8 Communicate as if the Words are to Be Published in the Local Newspaper

A good tool for determining what is correct communication is to behave as if the local newspaper were printing the electronic communication for all to see. Consider if WBC would want the actions/words to be seen on the front page, if not then handling the situation differently would be appropriate. 

3.9 Specific Guidance for Communication with Children and Vulnerable adults

All interaction via social media sites with children and vulnerable adults should be via a corporate / group account not through leader’s personal individual accounts. One central WBC private group would be set up for all the Church Young people to communicate through regardless of the organisation they belong to.    
It is WBC’s default practice not to make one on one connections with young people through social media, though it is acknowledged that this is a useful communication tool. On rare occasions it might be necessary but this should be for a specific purpose and then the conversation terminated.  It is expected that each group will find its own way of using social media to communicate within the law and in a way that is a positive, safe, experience for all members of the group.

The following guidelines relate to the use of Facebook but apply in principle to all social media platforms to ensure safe practice.

• Set up a group Facebook account to make connections with young people (under 18s) thus avoiding inappropriate one to one interactions through private individual social media/Facebook accounts. I.e. Personal user account holders should not accept “Friend” requests from under 18’s in their care. 
• Apply a closed group setting when for set up and maintenance of any group. This will keep all content outside the public domain.
• Ensure that one (or more) trained volunteers (18+) act/s as administrators for the group taking responsibility for approving new members and content.
• Post all information – news, events, information or reminders - on the wall, thus avoiding the use of one to one private/inbox messages.
• Keep up to date with Facebook policies e.g. age, privacy settings etc., noting that at present Facebook requires all users to be over the age of 13 years.
• The administrator(s) should be responsible for the addition of photographs (following the WBC guidelines for good practice), ensuring that permission has been given for their use and that no picture is tagged or used as a personal profile picture
• Be aware that even though volunteers’ private social media accounts are not used for one to one connection with group members, they may be open to public view. Ensure that what is seen or read reflects the values and ethos that WBC professes.
• To engage the group in good practice, involve the young people in each group created in writing a positive code of conduct relating to behaviour, purpose, management, setting, monitoring and use of the site.

3.10 Conclusion

WBC understands the good that comes from electronic communications and social networking. It is not our desire to create consternation or dampen creativity when it comes to the use of these media. At the same time we recognise the tremendous potential for hurt and misunderstanding that go with these media. We trust that by following these guidelines and common sense, we are all able to both reap the rewards of electronic communications … and avoid their potential pitfalls.  

The following is information that WBC believes is Sensitive Personal Information (SPI) and needs protecting as stated in the WBC IT policy. 

1. Church Membership List including Baptism details. 
2. Church Directory.
3. Deacons minutes.
4. Care Group information lists. 
5. Registers of groups. E.g. Sunday school registers. 
6. Financial information including giving by individuals.  

In all cases written permission either general for all Church activities (see below) or specific for the data held will have been sought from the person / parent. 
Example Disclaimer:

<Data Subject Name> gives permission to Waterlooville Baptist Church to process sensitive Personal information about me in line with the church IT policy in perpetuity or until I withdraw my permission in writing to the Church Secretary.