I am currently reviewing data protection proceedures to bring them in line with the new codes of practice.
In particular the company are considering to start monitoring personal inernet and e-mail use.
Any ideas for how to apprach this mammoth task?
I am looking to find out how other companies have approached this – Have you used a series of polices or one all encompassing policy?, Have you audited the company?, Have employees signed agreements etc?
All advise would be much appreciated. If you have any sample procedures and/or policies for guidance i would be very grateful. If anybody knows of any links to web sites which offer useful and easy to follow guidance on this topic please let me know!!!
Thanks
Claire Hayes