Crockenhill Baptist Church logo Crockenhill Baptist Church

Information security policy

Information security involves preserving confidentiality, preventing unauthorised access and disclosure, maintaining the integrity of information, safeguarding accuracy and ensuring access to information when required by authorised users.

In addition to complying with this policy, all users must comply with the Data Protection Legislation and the Data Protection Policy. ‘Church data’ means any personal data processed by or on behalf of Crockenhill Baptist Church.

Information security is the responsibility of every member of staff, trustee, office holder, church member and volunteer using Church data on but not limited to the Church information systems. This policy is the responsibility of the church administrator, Jill Clarridge, who will undertake supervision of the policy.

Our IT systems may only be used for authorised purposes. We will monitor the use of our systems from time to time. Any person using the IT systems for unauthorised purposes may be subject to disciplinary and/or legal proceedings. We will take appropriate technical and organisational steps to guard against unauthorised or unlawful processing. In particular:

  • All data will be stored in a secure location and precautions will be taken to avoid data being accidentally disclosed.
  • Manual records relating to church members or staff will be kept secure in locked cabinets. Access to such records will be restricted.
  • Access to systems on which information is stored must be password protected with strong passwords and these should be changed at once if there is a risk they have been compromised. Passwords must not be disclosed to others.
  • We will ensure that staff and members who handle personal data are adequately trained and monitored to ensure data is being kept secure.
  • We will ensure that only those who need access will have access to data.
  • We will take particular care of sensitive data and security measures will reflect the importance of keeping sensitive data secure (definition of sensitive data is set out above in the Data Protection Policy), e.g. password protection for documents and encryption.
  • Where personal data needs to be deleted or destroyed adequate measures will be taken to ensure data is properly and securely disposed of. This will include destruction of files and back up files and physical destruction of manual files. Particular care should be taken over the destruction of manual sensitive data (written records) including shredding or disposing via specialist contractors (who will be treated as data processors -see below).
  • We will ensure that any data processor engaged to process data on our behalf (e.g. for payroll) will act under a written contract and will give appropriate undertakings as to the security of data.
  • Appropriate software security measures will be implemented and kept up to date.
  • We will ensure that if information has to be transported or transferred, this is done safely using encrypted devices or services.
  • Where personal devices are used to store or process personal data, they must be subject to appropriate security.

All breaches of this policy must be reported to the administrator, Jill Clarridge.

This policy will be regularly reviewed and audited.

Related pages

Data breach policy

Data breach policy

Data protection complaints process

Data protection complaints process

Data protection policy

Data protection policy

Find us

Directions to Crockenhill Baptist Church and details about car parking.

History

Find out about the history of Crockenhill Baptist Church

Leadership

Crockenhill Baptist Church is an independent congregational church. Under Christ, we are governed by the church members, and led by the officers they appoint.

Links

Links to other organisations

Members' Handbook

The members' handbook outlines how the church is run, how to become a member, and what is expected of members.

Pastor

Our pastor, Mark Drury, works full time for the church and is responsible for praying for us, preaching God's word to us and leading us to grow in our faith.

Policies

To ensure the church is run biblically, wisely, and in compliance with charity law, the church has a constitution. This constitution is summarised for members in the Members' Handbook. Additionally, to care for the church's members and visitors to its activities, the church has adopted several specific policies in different areas.

Privacy notice

Privacy notice

Records retention policy

Records retention policy

Safeguarding policy

Safeguarding policy

Statement of Faith

What we believe as a church, complete with Bible references

What we believe

The good news of Jesus Christ