7323. Procedure

  1. General Protection
    1. Regional Administrators, Regional Managers, and Directors shall ensure that portable fire extinguishers -- preferably a Halon type -- suitable for treating electrical fires are located near data processing equipment in their areas of responsibility.
    2. Users of computers shall:
      1. Protect diskettes from excess cold, heat, direct sunlight, electromagnetic sources such as telephones and static electricity, and from ball point pens and pencils.
      2. Remove all diskettes from the computer when they are no longer in use.
    3. Computer users shall utilize surge control devices to protect all computer and peripheral equipment.
    4. Staff shall not plug coffee pots, hot plates, or other high current devices into a surge protector serving computer equipment.
    5. Staff shall secure computer hardware and software when not in use. See chapter 15000, section 15212.
    6. User staff shall secure lap-top computers in file cabinets or closets at the end of each work day.
    7. When in travel status, staff shall not ship computers or printers as general luggage through the airlines.
  2. Security of Data
    1. Staff shall store confidential documents or data in accordance with chapter 15000, section 15203.
    2. Staff shall not leave documents or diskettes containing confidential information unattended in areas readily accessible to persons without authorization to see such documentation.
    3. Computer users shall save important documents and those for which there may future need in FamLink or on their F Directory, as applicable, to assure automatic back-up of files.
    4. When an employee ends employment in a location, supervisory personnel shall review all files on hard drive, main frame, and floppy diskettes controlled by the employee to determine which files to delete or retain.
  3. Software Use
    1. Computer users shall not use programs obtained through shareware or from a bulletin board until they have been certified as free of computer virus by the user's Computer Information Consultant (CIC) or other authorized staff.
    2. Staff shall install and/or use only software purchased, distributed, or approved by the department.
  4. Prohibited Activities-Staff are prohibited from the following activities:
    1. Unauthorized copying or use of software.
    2. Unauthorized entry into restricted data bases.
    3. Use of state computer resources for private business purposes.
    4. Loan of computer hardware or software to unauthorized individuals.
    5. Use of recreational computer games during work periods for other than supervisor-approved training purposes.
    6. Use of privately owned personal computer hardware during business hours except as part of a pre-approved telecommuting project.
  5. Accountability and Tracking of Laptop Computers: CA Directors and Regional Administrators are responsible for the accountability and tracking procedures. To assure accurate tracking and accounting for laptop computers, laptop computers must either be assigned to specific staff or signed out to staff following the procedures below.
    1. For managing laptop inventory:
      1. Each CA office will designate one specific employee, plus one backup employee, to be responsible for tracking laptop computers.
      2. Any lost, stolen, or missing equipment must be reported immediately to the designated staff, who will immediately report to the Regional Business Manager or headquarters property manager for reporting in the Tracks inventory system.
      3. Designated staff for the office must send a lost, stolen, or missing equipment report to the Regional Administrator or applicable Director on a monthly basis.
    2. Laptop Computers Signed Out by Staff
      1. All laptop computers will be kept in a locked cabinet or area unless checked out by staff.
      2. The designated staff responsible for tracking will ensure that each laptop has a sign-out log, which will be kept with the laptop in the locked area. When the equipment is signed out, the log sheet will remain in the locked area.
      3. Staff checking out the laptop will do so only through the designated staff. The designated staff will completely fill out the log sheet immediately upon a staff person checking out or returning the equipment.
      4. The staff person who signed out the equipment is responsible for the computer until it is returned to the designated staff and properly logged in and returned to the locked area.
    3. Laptop Computers Permanently Assigned to Specific Staff
      1. The designated staff person will maintain a current list recording the name of the staff person assigned the equipment, the date assigned, and the equipment's make, model, and State Tag Number.
      2. The staff person assigned to the equipment is responsible for it.
      3. If staff assigned to the equipment allows other staff to use it, the staff person assigned remains responsible for the equipment.