Common use of Electronic Records Clause in Contracts

Electronic Records. Organisations may have different electronic methods for storing and sharing information securely. Some have local restrictions which block access to information shared using specific tools. Parties must make sure the chosen method is suitably secure and that access is only provided to those who need it, and only to the data needed. Unencrypted email (i.e. sent in plain text over the public internet) must not be used to share information under this DSA. Sharing methods that may be appropriate include: ● Email encryption tools where the email and attachments are encrypted from named sender to named recipient (e.g. Microsoft 365 Message Encryption; Egress Protect) ● Encryption via Transport Layer Security (TLS) where the email and attachments are encrypted in transit over the internet. Both the sender and recipient email domains must have TLS enabled. This can be checked using xxxxx://xxx.xxxxxxxx.xxx/ ● Secure corporately managed data repository and sharing platforms (e.g. MS Teams; Google Docs) ● Secure group email services (e.g. CJSM: xxxxx://xxxx.xxxxxxx.xxx.xx/index.html) ● Secure File Transfer Protocols ● Virtual Private Networks The above are examples, get advice from your organisation’s information security or IT teams on secure methods of sharing available at your organisation and document these in the organisation’s process documents. Information may be shared over the phone, in a virtual meeting, or at face to face meetings. Meeting attendance and distribution of content, e.g. meeting minutes or recordings, must be limited to those with a need to know. Sharing by telephone should be avoided unless the requirement is urgent and email is not practicable. Individuals should be aware of their surroundings and the presence of other individuals or voice recognition or ‘Internet of Things’ devices (e.g. virtual assistant apps like Xxxxx, Cortana, SIRI) to ensure they aren’t overheard by those that should not have access to the information discussed. Printed paper records must always be kept to a minimum and kept secure whether in the office, home or during transit. Organisations must adopt an appropriate policy surrounding the use and transfer of paper records. Appropriate security methods must be applied when storing or disposing of paper records.

Electronic Records. Organisations may have different electronic methods for storing and sharing information securely. Some have local restrictions which block access to information shared using specific tools. Parties must make sure the chosen method is suitably secure and that access is only provided to those who need it, and only to the data needed. Unencrypted email (i.e. sent in plain text over the public internet) must not be used to share information under this DSA. Sharing methods that may be appropriate include: ● Email encryption tools where the email and attachments are encrypted from named sender to named recipient (e.g. Microsoft 365 Message Encryption; Egress Protect) ● Encryption via Transport Layer Security (TLS) where the email and attachments are encrypted in transit over the internet. Both the sender and recipient email domains must have TLS enabled. This can be checked using xxxxx://xxx.xxxxxxxx.xxx/ ● Secure corporately managed data repository and sharing platforms (e.g. MS Teams; Google Docs) ● Secure group email services (e.g. CJSM: xxxxx://xxxx.xxxxxxx.xxx.xx/index.html) ● Secure File Transfer Protocols ● Virtual Private Networks The above are examples, : get advice from your organisation’s information security or IT teams on secure methods of sharing available at your organisation and document these in the organisation’s process documents. Information may be shared over the phone, in a virtual meeting, or at face to face meetings. Meeting attendance and distribution of content, e.g. meeting minutes or recordings, must be limited to those with a need to know. Sharing by telephone should be avoided unless the requirement is urgent and email is not practicable. Individuals should be aware of their surroundings and the presence of other individuals or voice recognition or ‘Internet of Things’ devices (e.g. virtual assistant apps like Xxxxx, Cortana, SIRI) to ensure they aren’t overheard by those that should not have access to the information discussed. Printed paper records must always be kept to a minimum and kept secure whether in the office, home or during transit. Organisations must adopt an appropriate policy surrounding the use and transfer of paper records. Appropriate security methods must be applied when storing or disposing of paper records.

Electronic Records. Organisations may have different electronic methods for storing and sharing information securely. Some have local restrictions which block access to information shared using specific tools. Parties must make sure the chosen method is suitably secure and that access is only provided to those who need it, and only to the data needed. Unencrypted email (i.e. sent in plain text over the public internet) must not be used to share information under this DSA. Sharing methods that may be appropriate include: ● · Email encryption tools where the email and attachments are encrypted from named sender to named recipient (e.g. Microsoft 365 Message Encryption; Egress Protect) ● · Encryption via Transport Layer Security (TLS) where the email and attachments are encrypted in transit over the internet. Both the sender and recipient email domains must have TLS enabled. This can be checked using xxxxx://xxx.xxxxxxxx.xxx/ ● · Secure corporately managed data repository and sharing platforms (e.g. MS Teams; Google Docs) ● · Secure group email services (e.g. CJSM: xxxxx://xxxx.xxxxxxx.xxx.xx/index.html) ● · Secure File Transfer Protocols ● · Virtual Private Networks The above are examples, get advice from your organisation’s information security or IT teams on secure methods of sharing available at your organisation and document these in the organisation’s process documents. Information may be shared over the phone, in a virtual meeting, or at face to face meetings. Meeting attendance and distribution of content, e.g. meeting minutes or recordings, must be limited to those with a need to know. Sharing by telephone should be avoided unless the requirement is urgent and email is not practicable. Individuals should be aware of their surroundings and the presence of other individuals or voice recognition or ‘Internet of Things’ devices (e.g. virtual assistant apps like Xxxxx, Cortana, SIRI) to ensure they aren’t overheard by those that should not have access to the information discussed. Printed paper records must always be kept to a minimum and kept secure whether in the office, home or during transit. Organisations must adopt an appropriate policy surrounding the use and transfer of paper records. Appropriate security methods must be applied when storing or disposing of paper records.