They have read and are familiar with the Trust’s data protection policies and procedures and up to date in IG training.  

They only use Trust’s approved device and systems for handling personal data. This includes holding communication securely via video, messaging and online document sharing facilities.  

Information must only be accessed using Trust’s VPN and must never be accessed via public networks or in public spaces such as cafes and public transport. 

They are aware that printing from Trust IT systems is not enabled for data security reasons. 

They are taking all necessary steps to ensure that information must always be kept securely, and this include locking devices and papers away from potential unauthorised access.  

Confidential material is never saved to a non-Trust device, this can include (but is not limited to) downloads and screenshots of information.  

They are extra vigilant about opening web links and attachments in emails or other messages.  

They report any IG breaches without delay in line with the Trust’s incident reporting procedure.