The designation or the authority of declaring a software as one of the open source applications and the release, relaunch of the application needs to be legally approved by group of developer as well as by the organization. Such decision shall be taken after consent of both team and organization.
Installation of the developed software on multiple computer systems without having a proper license.
Creation or maintenance of additional copies of the developed software is to prohibited. In addition to that, providing such copies to outsiders except the employees, without a proper license.
Copying of the documentation of the developed software, user manuals without the permission of authority is also prohibited.
The transferability, sublicensing and exclusivity of the product should be protected by the employees as well as management of the organization in making copies of the application.
Policy related to the emails using work place resources:
The employees of the organization, Utilizing the organizations resources to search out, get to or send any material of a defamatory, offensive, obscene nature is disallowed and may bring about disciplinary activity against them.
Social media usage:
It is to confirm that employees who use social media outside of the workplace or organization does not post or share inappropriate photos or comments on social media.
Internet usage policy: The employees of the organizations should not visit sites
hat contains objectionable (such as pornographic) or criminal content. In addition to that they are not allowed to exchange proprietary information, or any other sensitive information about the organization on the internet.
Occupational safety and health: None of the employees is allowed to commence or return to work, under the influence of drugs or alcohol. A breach of this policy is grounds for disciplinary action.
In the National Privacy Principle on collation of personal information, it states that, any organization must not collect individual data unless the data is essential for its functions. Therefore, the organizations cannot collect the data about the individuals for the operations that does not include the interest of the concerned individual or group of individuals.
An association should gather individual data only through the reasonable and legitimate means and not in an intrusive way. Thus if the individual is not interested in sharing their personal data then the organizations cannot pressurize to get their information.
At or before the time of collection of the data it is the responsibility of the organization to make aware the individuals or the group of individuals about the identity of the company and to guarantee that the individual knows about:
The type of the organization and how to get in touch with it if anything adverse happens or misuse of the data. In addition to that, the organization must provide ways to them in which they can access to that collected data.
Moreover this principle data collection makes the organization responsible for any kind accidental disclosure of the personal data provided to the organizations.
Taking consent of the individuals: while collecting data through internet platform using a web based form that is designed and intended to collect individual data should consist of a specific statement that explains the reason for which the collected information is to be utilized for. In addition to that, the individuals needs to inform, to whom this collected data may be disclosed.
Disposal of data: while collecting data over internet, it is important for the organizations to dispose the data that is not required for any functions or operations of the organization so that those data cannot be exposed to any third party.
Use of peer to peer or secured channel transmission: The collated data on the web forms must be transmitted through the secured transmission channels and after the encrypting the total data.
Review of the collected files: It is important for the organizations to make and store individual information where it has utmost importance. In addition to that, the organizations should Safely discard or erase any individual information which is outdated or not required. Therefore, after the collection of the data, it is important for the organizations to review the collected data and dispose of pointless or out of date information systematically.
Know that in the event that the organizations are utilizing an third party data processor e.g. for bulk mailing system or database administration and are giving them access to collected individual information, at that point the organization should have restrict the access or develop contract set up with them to guarantee that they treat such data privately, safely and in consistence with the Data Protection laws where applicable.
Element 1: In the event that an IT company holds individual data around an individual, it must give the individual with access to the data on their request to that specific person, but it have to ensure that: (an) on account of individual data other than their health related data giving access would represent and lead to a risk to the protection of the intellectual property acquired by person.
Giving access would have a nonsensical effect upon the protection of different products with description; the data identifies with existing or expected lawful procedures between the organization and the individual (the customer), and the data would not be open by the procedure of revelation in those procedures or products.
Example 1: Piratebay: It is a peer to peer data transfer website that shares different products or software’s that explicitly breaks the copy right laws of any software development organization such as Microsoft, Adobe etc. even though the sites are still operating using different techniques but in order to protect the intellectual properties (software’s, applications and movies), the site was brought down by the IT professionals in the month of March this year.
Example 2: Another example is preventing the distribution of the licenced software by the employees of the organization to the outsiders.
On the request by the employees the organization must encourage representation of the safety and health representatives (SHRs) to them as well as a security and wellbeing committee.
The management of the organization must counsel and collaborate with SHRs and different representatives in regards to work place safety and health legislation at the work environment. Discussion must be two-way and include sharing of data, giving workers a sensible chance to express their perspectives.
employees and Employers must try to resolve any kind of health and safety issues faced by the employees in accordance with an agreed and established procedure effective in the organization.