Birkbeck IT regulations

The Birkbeck IT regulations (also referred to as 'Birkbeck computing regulations' or 'computing regulations') have been produced to ensure that users of the IT facilities at Birkbeck, University of London are aware of the conduct that is required of them.

All users must abide by the policies and codes of practice below. Guidance notes and guideline documents are provided to help.

All users are advised that monitoring of individual usage may occur to ensure compliance with these regulations, and all allegations of misuse will be thoroughly investigated.

These regulations were approved by Strategic Planning Committee.

POLICIES

• Main policy: Birkbeck information security policy (PDF)
• Supporting policy 1: Birkbeck data protection policy (PDF)
• Supporting policy 2: Birkbeck acceptable use policy (PDF) (and acceptable use guidelines (PDF))
• Supporting policy 3: Birkbeck staff electronic communications policy (PDF)
• Supporting policy 4: Birkbeck IT facilities monitoring and access policy (PDF)
• Supporting policy 5: Birkbeck mobile and remote device security policy (PDF)
• Supporting policy 6: Birkbeck wireless network policy (PDF)
• Supporting policy 7: Birkbeck information security roles and responsibilities policy (PDF)
• Supporting policy 8: Birkbeck outsourced IT service management policy (PDF)
• Supporting policy 9: Birkbeck supplier relationship policy (PDF)
• Supporting policy 10: Birkbeck web presence policy (PDF)
• Supporting policy 11: Birkbeck network connection policy (PDF)
• Supporting policy 12: Birkbeck data classification and information handling policy (PDF)

Codes of practice

• Code of practice 1: Birkbeck granting secure systems access to third parties (PDF)
• Code of practice 2: Birkbeck granting access to WP Engine to third parties (PDF)
• Code of practice 3: Birkbeck web standards (PDF)
• Code of practice 4: Birkbeck network connections (PDF)
• Code of practice 5: Birkbeck business and technical service owners (PDF)

GUIDELINES AND FORMS

• Guidelines 1: Birkbeck acceptable use guidelines (PDF)
• Guidelines 2: Birkbeck information storage options (PDF)
• Form M01: Request for authorisation of monitoring in accordance with Birkbeck IT Account Monitoring and Access Policy
• Form M02: Request for authorisation for access to stored documents in accordance with Birkbeck IT Account Monitoring and Access Policy

The forms, and help with requests, is available from the Information Security team.

In producing these regulations, the College has adopted the 'UCISA (Universities and Colleges Information Systems Association) framework model for the use of institutional IT facilities and systems' and adapted the guidance accordingly to meet the institution's needs.

ISO/IEC 27001 COMPLIANCE STATEMENT

Birkbeck has an information security policy which has been drawn up in line with the ISO requirements. Policies are updated from time to time as needed to keep up with legal, procedural and technological developments.

For enquiries please contact the Information Security team.

RELEVANT LEGISLATION

There are many articles of UK legislation that are particularly relevant to the use of IT. It must be remembered that not all use of IT by a user based in the UK is necessarily governed by UK law - the law of other nation states may apply. Therefore, the list of legislation here cannot be considered comprehensive - but exists as a guide.

• Obscene Publications Act 1959 and Obscene Publications Act 1964
• Protection of Children Act 1978
• Police and Criminal Evidence Act 1984
• Copyright, Designs and Patents Act 1988
• Criminal Justice and Immigration Act 2008
• Computer Misuse Act 1990
• Human Rights Act 1998
• Data Protection Act 2018
• Regulation of Investigatory Powers Act 2000
• Prevention of Terrorism Act 2005
• Terrorism Act 2006
• Police and Justice Act 2006
• Freedom of Information Act 2000
• Freedom of Information (Scotland) Act 2002
• Equality Act 2010
• Privacy and Electronic Communications (EC Directive) Regulations 2003 (as amended)
• Defamation Act 1996 and Defamation Act 2013
• Counter-Terrorism and Security Act 2015

Other Birkbeck policies and guidelines related to the use of IT:

• Principles for the use of social media by Birkbeck staff and students (PDF)
• Copyright and licenses

Policies and guidelines set out by relevant external organisations:

• Jisc legal guides
• Janet acceptable use policy
• Janet security policy
• Janet network connection policy (PDF)
• eduroam (UK) policy
• Chest user acknowledgement of third party rights (from Chest user obligations page)
• Suggested charter for system administrators
• Universities UK guidance: Oversight of security-sensitive research material

Information SERVICES CONTACT DETAILS

For help and guidance from Information Services, including assistance in understanding the Birkbeck IT Regulations, please visit our help page on the Birkbeck website.