Introduction
This policy is part of the medDigital ISMS and must be fully complied with.
This policy ensures that employees and contractors understand their responsibilities and are suitable
for the roles for which they are considered and are aware of and fulfil their information security
responsibilities.
Screening
All offers of employment must be contingent on the receipt of satisfactory references and the individual must prove their right to work in the UK.
Terms and conditions of employment
Employment contracts must contain a clause requiring compliance with the ISMS and that disciplinary
action will be taken for failing to do so.
Contractors
Agreements with contractors must contain a clause requiring compliance with the ISMS and that legal
action will be taken for failing to do so.
Contractors must have professional indemnity insurance in place that matches the level of insurance
held by medDigital which is always set at the minimum required to comply with client requirements.
Responsibilities
Paul Gardner is responsible for soliciting references.
Line managers are responsible for ensuring that employees/contractors complete their initial and annual
training inline with the Training policy
and that contractors have sufficient professional indemnity insurance.