Your IT

For many businesses, information technology (IT) is now more than just a business tool – purchasing the right IT and using it effectively is critical for business success. As part of your IT management, you should ensure that you understand and manage the legal issues involved.

Purchasing IT

Purchasing an IT system can be complex. A typical purchase might involve buying hardware (or leasing computer equipment) together with software and services.

While it can be tempting to specify what you want to buy (these machines, that software, those services), with complex purchases it tends to be more effective to specify what you want it to do. This puts you in a stronger position if the solution fails to deliver. A clear, written contract is always a good idea, particularly for complex developments, which have a tendency to overrun on time and costs.

Bear in mind too that while hardware can be purchased outright, software legal arrangements are more complex. Software is typically acquired on licence, with the software agreement governing how you can use the software – for example, how many copies you can use. Software copyright remains with the creators or publishers of the software. If you are commissioning bespoke software, you will probably want agreement that copyright is passed to you.

Using IT

Clear policies on the appropriate use of IT systems minimise the risks of a whole host of potential problems. As part of your software licence management, you should aim to prevent employees using unlicensed software.

An internet policy can help avoid problems such as employees visiting inappropriate websites or copying copyright material without permission. Your email policy should cover issues such as sending offensive emails and ensuring that employees are aware of the potential contractual implications of an email. You may want systems that limit risk – for example, by automatically including company details and a disclaimer on every email.

For employees who spend more than a short time using computers – the majority in most offices – you need to take into account computer health and safety. Well-designed workstations and regular breaks are important elements of reducing risk.

IT maintenance and security

Given the importance of IT systems, appropriate maintenance, security and disaster prevention planning are essential. If your systems hold data on individuals, personal information security is a priority to comply with data protection regulations.

For critical IT systems, you should have clear maintenance contracts and service level agreements. These should set out routine servicing, how quickly emergency services will be provided if systems fail, what alternative provisions are in place and so on. Testing out system backup and disaster recovery plans on a regular basis is worthwhile; once things have gone wrong, it could be too late.