Any modern business will have a range of IT systems that employees have access to. As an employer, you probably provide your staff with access to hardware such as: 

  • work computers;
  • work phones; 
  • a company email; 
  • a social media page; and 
  • software that stores confidential information.

With your employees constantly interacting with multiple company IT systems, it is crucial that you develop an IT acceptable use policy for your workplace. This article will detail the key features that you should include in your IT policy and outline the risks your business may face if you do not have a clear policy.

What Does the IT Acceptable Use Policy Cover?

Your IT acceptable use policy will clearly set out what you expect of your employees and contractors when they interact with company systems. The content of the policy will vary depending on your industry and business practices, but some key features include:

  • outlining the acceptable use of company email;
  • setting a code of conduct for employees that you will not tolerate bullying and harassment through IT systems;
  • prohibiting employees from accessing inappropriate websites;
  • restricting the type of software that an employee may download without permission;
  • setting out what employees must do if they think a data breach has occurred;
  • regulating how an employee must conduct themselves on both personal and company social media channels; and
  • notifying employees of how they are being monitored.

4 Reasons Why You Need an IT Acceptable Use Policy

1. Setting Clear Expectations With Your Employees

When an employee commences work with your business, it is crucial to clearly set out the guidelines they need to follow. By clearly setting expectations surrounding your IT systems, you will ensure that employees are aware of the appropriate approach to your systems and processes. This will reduce the risk of employees inadvertently causing harm because they are unaware of the correct approach.

You can also clearly set out the consequences of breaching your IT acceptable use policy. These consequences might include termination or disciplinary action.

However, before you take disciplinary action against an employee because they breached your IT Policy, it is important to speak to an employment lawyer to minimise your risk of a Fair Work claim arising.

2. Surveillance

If you intend to monitor your employees’ behaviour via IT systems or video cameras, you must have an IT policy which details the type of surveillance you will be conducting. 

In the age of working flexibly, your employees use of IT both for work and personal uses will overlap. They may use company laptops to work from home, or answer work calls and respond to work emails on a personal phone. If your employees are using work devices for personal matters, or personal devices for work matters, it is crucial to let them know the kind of monitoring that you perform. 

Most Australian states and territories have legislation in place that regulates how an employer can monitor staff in the workplace. If you plan on using CCTV or monitoring your employees’ email, in many states you need to let your employees know upfront. If you do not have an IT acceptable use policy that details exactly how you monitor your employees’ behaviour, you could be breaching state laws in and may face penalties.

3. Protecting Your Organisation From Security Breaches

You will be able to better protect your organisation from security threats if you have a clear IT acceptable use policy that sets out: 

  • how employees should respond to suspicious emails;
  • the types of websites they can visit; and 
  • what is acceptable for them to download.

Cybersecurity is crucial for any organisation, and data breaches can damage your organisation’s credibility. If you experience a data breach and are an APP entity, you will need to notify all impacted individuals as soon as possible, or you could face penalties. 

4. Legally Protecting Your Organisation

Under workplace health and safety laws, you have an obligation to provide a workplace that is free of: 

  • discrimination;
  • bullying; and
  • harassment. 

Focusing on IT specifically, you must manage and respond to instances of cyberbullying. You also have a responsibility to prevent cyberbullying as much as you reasonably can.

If one of your employees decides to harass another via an IT system and you do not have a policy that clearly prohibits this, you could be held legally responsible for the harm inflicted on your bullied employee. Having an IT acceptable use policy is one factor that can demonstrate the steps you have taken to prevent bullying and harassment in the workplace.  

Key Takeaways

Your IT acceptable use policy sets clear expectations with your staff on how they are to use workplace IT systems. Key sections of the policy include: 

  • cybersecurity;
  • anti-bullying and harassment; and 
  • notification of surveillance.

The policy is crucial both in preventing issues from arising and protecting your company from legal responsibility if they do. If you have any questions about obtaining an IT acceptable use policy for your business, contact LegalVision’s IT lawyers on 1300 544 755 or fill out the form on this page.

COVID-19 Business Survey
LegalVision is conducting a survey on the impact of COVID-19 for businesses across Australia. The survey takes 2 minutes to complete and all responses are anonymous. We would appreciate your input. Take the survey now.

About LegalVision: LegalVision is a tech-driven, full-service commercial law firm that uses technology to deliver a faster, better quality and more cost-effective client experience.

The majority of our clients are LVConnect members. By becoming a member, you can stay ahead of legal issues while staying on top of costs. For just $199 per month, membership unlocks unlimited lawyer consultations, faster turnaround times, free legal templates and members-only discounts.

Learn more about LVConnect

Blythe Dingwall
Need Legal Help? Get a Free Fixed-Fee Quote

If you would like to receive a free fixed-fee quote or get in touch with our team, fill out the form below.

  • By submitting this form, you agree to receive emails from LegalVision and can unsubscribe at any time. See our full Privacy Policy.
  • This field is for validation purposes and should be left unchanged.
Our Awards
  • 2019 Top 25 Startups - LinkedIn 2019 Top 25 Startups - LinkedIn
  • 2019 NewLaw Firm of the Year - Australian Law Awards 2019 NewLaw Firm of the Year - Australian Law Awards
  • 2020 Fastest Growing Law Firm - Financial Times APAC 500 2020 Fastest Growing Law Firm - Financial Times APAC 500
  • 2020 AFR Fast 100 List - Australian Financial Review 2020 AFR Fast 100 List - Australian Financial Review
  • 2020 Law Firm of the Year Finalist - Australasian Law Awards 2020 Law Firm of the Year Finalist - Australasian Law Awards
  • Most Innovative Law Firm - 2019 Australasian Lawyer 2019 Most Innovative Firm - Australasian Lawyer
Privacy Policy Snapshot

We collect and store information about you. Let us explain why we do this.

What information do you collect?

We collect a range of data about you, including your contact details, legal issues and data on how you use our website.

How do you collect information?

We collect information over the phone, by email and through our website.

What do you do with this information?

We store and use your information to deliver you better legal services. This mostly involves communicating with you, marketing to you and occasionally sharing your information with our partners.

How do I contact you?

You can always see what data you’ve stored with us.

Questions, comments or complaints? Reach out on 1300 544 755 or email us at

View Privacy Policy