DATA PROTECTION
Each employee must have a unique username for system access and usernames
must never be reused for different employees.
Designated System Owner(s):
Each system used at our company must have a designated system owner that is
involved in decisions related to system access and usage as needed, as well as
specific information related to the system itself. System Owners are in addition to
our Tech team members.
Tech Team/System Change Audit Logs:
Each system used at our company will have a primary tech team owner with an
assigned back-up to limit the number of administrators making changes.
System change audit logs will be enabled and reviewed as needed for all systems
modified by our employees. Any discrepancies/issues will be addressed through
disciplinary action including and up to termination. In addition, employees’ access
may be revoked or modified if determined a breach or violation of this policy has
occurred, which may impact ability to complete job requirements and continued
employment.
Sharing User Access/Information:
Users must never share their usernames and/or passwords to company systems
with anyone, including other employees. In addition, the information contained
within our company systems is not to be shared with anyone, including other
employees, that are not authorized to have access to the information.
Employees are not allowed to ask other employees for their usernames and
passwords to access our systems and/or data/information.
Employees found to be asking others for their user information or sharing their
system access and/or information with others, including other employees, will face
disciplinary action up to and including termination. In addition, employees’ access
may be revoked or modified if determined a breach or violation of this policy has
occurred, which may impact ability to complete job requirements and continued
employment.