|Conditions of Use of
Updated: February 2002
By using Departmental computer services
, you agree to abide by the
conditions of use as outlined in the following pages and as
otherwise determined by the policies of the Department.
Failure to comply with the conditions of use may result in
disciplinary action and can result in significant penalties,
Acceptable use of Computer Services
The Department of Human Service's computer services are provided
for the conduct of the business of the Department. They must not
be used for any purpose that breaches any law, infringes the civil
rights of any person or that breaches the Victorian Public Service
Code of Conduct. They may be used for reasonable communication
between employees and/or their industrial representatives and for
limited and occasional non-business use as defined in these
'Conditions of Use'.
It is prohibited to use the Department's computer services for:
- Accessing computer systems, applications, databases or files
that the user is not authorised to use.
- Accessing, storing or sending material that is defamatory,
obscene, indecent, offensive, discriminatory or harassing,
including pornography and other sexually explicit material.
- Unauthorised distribution of confidential, personal or
- Downloading or storing unauthorised computer software
(including games) or any material that breaches copyright law.
- Knowingly interfering with or damaging the computer services
of the Department or any other person, including creating,
downloading, opening or sending a virus or other malicious code.
- Obtaining personal profit or gain, including the conduct of
outside business activity.
Staff are required to take reasonable steps to protect the
Department's computer systems and the information they contain.
Acceptable information security practices include:
- Passwords should not be shared. They should not be based on
personal names or recognised words or recycled and they should be
- Staff should use clear desk and clear screen practices
appropriate to the sensitivity of the information they handle.
Screen savers and screen locks should always be used to prevent
unauthorised viewing or access.
- Sensitive or private information must not be sent by email
unless it is protected appropriately according to the sensitivity
of the information.
- Sensitive information must not be stored on the hard disk of
a PC or notebook unless it is appropriately protected as it may
be accessible to other users and is not recoverable following
hardware failure or theft.
- Staff should take care to protect remote access PCs, notebook
computers and hand-held appliances, such as Palm Pilots, from
theft or unauthorised access.
- Staff should effectively manage computer storage that is
under their control including the timely archiving and disposal
- Staff should take care when disposing of information.
Electronic memory devices such as diskettes, CDRom and hard disks
must be erased or destroyed before disposal.
Acceptable Use of the
Additional rules regarding the use of internet services are:
- Web based applications must not be used to share private or
confidential information unless approved secure transmission and
storage arrangements are implemented.
- Purchasing via the Internet is only permitted by staff
authorised to undertake this function using approved
e-procurement procedures on approved sites and using approved
purchasing applications. The use of Corporate Card through these
applications is subject to the terms and conditions of Corporate
Card use as ratified and acknowledged by each cardholder.
- Computer software must not be downloaded from the internet
unless authorised by the Director, Information Services.
- Internet services should not be used for streaming (eg radio
or television type transmissions) or other resource intensive
activity unless authorised by the Director, Information Services.
- Downloading, storing or distributing computer hacking or
password cracking tools is prohibited.
- Internet services must not be used to download any product
that may place the user or the Department in breach of copyright
law. This includes music, images and software that are copyright
protected. Internet services must not be used for any purpose
that may bring the Department into disrepute or that may convey a
personal opinion as representing the views of the Department.
- Non-business use of the internet is restricted to limited and
occasional browsing and minor transactional activity such as
banking and bill paying, and:
- Should not exceed 15 minutes in any day or a total of 60
minutes in any week and should occur in the person's own time,
at times acceptable to the person's line manager.
- Must comply with general standards of use as expressed in
these Conditions of Use or other Departmental policy.
- Must not include personal 'for profit activity' including
the conduct of a personal business and may not be used to
advertise personal property for sale other than through a
corporately sponsored 'Trading Post'.
- Must not be used for on-line gambling.
- Only material that is directly related to the business of
the Department may be saved on the Department's network.
- Downloading computer software, games, videos and music for
personal use is specifically prohibited. This includes software
plug-ins where these are required to enable personal
transactions such as banking or bill paying.
- Participation in personal chat rooms or internet discussion
groups is prohibited.
Acceptable Use of
Additional rules regarding the use of email are:
- Email must not be used for any purpose that may bring the
Department into disrepute.
- Email must not be used to send confidential or private
information to users outside the Department's secure network
unless the information is protected as appropriate to the
sensitivity of the information.
- Email must not be used to send or pass-on pyramid or chain
mail or to knowingly distribute hoaxes.
- Email sent and received in the course of business activity
should be treated as a public record and included in Departmental
record keeping systems as required by Departmental policy and
- To prevent mail-storms (continuously bounced mail), users
should not set message forwarding to an email account that is
external to the Department's network.
- Inappropriate messages received unsolicited from another
person should be reported to the IT Service Centre. Such material
must not be retained or stored on the Department's computer
- Non-business use of email should be restricted to 'limited
and occasional' use and:
- Should occur in the person's own time at times acceptable to
the person's line manager.
- Should be short (not exceeding a single page of plain text).
- Should only be addressed to a small number of recipients
(not more than 10).
- Must not include attachments such as games, music, video or
Software and Hardware
The installation of inappropriate software and hardware poses
serious risks to the Department's network.
- Servers and network switching equipment must not be connected
to HSNet unless specifically authorised by the Director,
- Modems must not be connected to an HSNet connected
workstation unless specifically authorised by the Director,
- All other computer hardware connected to HSNet:
- Must be approved by the applicable Information Services
- Must meet product and version standards as established by
the Director, Information Services.
- All software installed on Departmental workstations or
network appliances should meet product and version standards as
established by the Director, Information Services, where these
- All software installed on Departmental workstations must be
for the conduct of the business of the Department.
- Hacking and password cracking tools are prohibited unless
specifically authorised by the Director, Information Services.
- All software must be installed in accordance with the
software licence agreement. Licences and agreements are to be
kept by the Manager responsible for the installation. Software
for which a licence agreement cannot be substantiated should be
Monitoring of Computer
Reporting of Information Security
- The Department respects the privacy of staff and will
endeavour to ensure that routine monitoring and systems
maintenance activities intrude as little as possible on their
privacy. Only suspicious activity, likely to contravene the
policies of the Department, will invite closer scrutiny.
- Routine monitoring and screening of computer services is
conducted to identify security risks such as unauthorised access,
viruses and prohibited or otherwise suspicious activity.
- Back-up tapes are taken to enable restoration of services and
activity logs kept for the purpose of systems management, these
may be used to investigate alleged misuse of computer services.
- Computer systems administrators will not access data stored
by other users without good reason, will limit access to the
minimum necessary for proper administration and will not share or
disclose any data discovered other than as permitted under the
policies of the Department.
- Information security incidents should be reported to the
local Information Systems Manager (ISM) or to the IT Service
Centre on 131765, at the earliest opportunity.
- Employees who breach the Department's information security
policies may have network privileges terminated and may be
subject to a discipline investigation as per the Department's
Discipline Policies. The serious misuse of computer services may
result in warning counselling or dismissal.
Conditions of Use
The Director, Information Services may provide an exemption to the
Conditions of Use of Computer Services for a compelling
business need. Applications for exemption must be approved in
writing prior to the conduct of any prohibited activity.
Limitation on the Conditions of Use
No part of the Conditions of Use of Computer Services shall
be taken to restrict the rights of any staff member as provided
for by law or industrial agreement.
Authorisation and Updating
The Conditions of Use of Computer Services are authorised
by the Director, Information Services and apply to all persons
using the computer services of the Department of Human Services.
The Conditions of Use are reviewed twice yearly. The date
of the last update is displayed on the front page. Any change
affecting the meaning of the Conditions of Use will be displayed
in blue until the next scheduled update.
Information about the Department's security policy and practice is
available on KnowledgNet or from the Information Security
Manager on (03) 9637 4536.
Conditions of Use for
Secure ID Tokens
The SecureID Token that has been issued to you is a security
device and must be protected. Your PIN (personal identification
number) and the periodically changing code displayed on the token,
are used in conjunction with your username & password to provide a
higher level of user identification for certain systems you will
The Department of Human Services (DHS) expects that you will take
proper care and protection of your SecureID Token and associated
PIN, and your eBusiness Username and associated Password.
By accepting the SecureID Token and PIN, you agree to abide by the
following Conditions of Use:
- Your eBusiness Username, Password and PIN number must be kept
confidential, must not be shared, and must not be stored with or
on your SecureID Token.
- Your SecureID Token is to be stored in a secure location.
- You must immediately inform the IT Service Centre (13 17 65)
if you believe your SecureID Token is lost or stolen, or the
confidentiality of your PIN has been compromised.
- You must follow the standard log-off procedure when each
session of use is complete.
In addition, you agree to the:
- “Conditions of Use” of the Department’s computer systems and
“Monitoring of Computer Services” as published during login to
eBusiness; and or
- “Conditions of use for RSA Enabled Computers”, for users of
|DHS Workspace LOGIN
By logging in you accept the conditions of use
> Click here for supported browser and required browser
> To operate the DHS Workspace, your browser requires loaded a Java Runtime Environment (JRE). Click here to download the Sun Java Runtime
> If you require citrix access, download the citrix client by clicking here