Unguarded use of the Internet can be tremendously damaging to your staff and congregation. With all the focus on fall ministries gearing up, it’s easy for church leaders to overlook the need to make sure their church’s Internet use policy is thorough and that their system is secure and up to date.
It’s essential that your church have a policy in place that protects people and guards confidential information while allowing access to the Internet’s benefits.
The prudent sees danger and hides himself, but the simple go on and suffer for it. –Proverbs 22:3 & 27:12, ESV
Failing to respond to the dangers the Internet presents is like having no locks on your church doors, filing cabinets, or desk drawers. Not very prudent. A smart Internet policy can help prevent a lot of headaches for church leaders and staff.
Review staff and volunteer background checks
Security starts with having the right people in positions of trust. Your church should require background checks of both staff and volunteers, especially if they work with minors or have access to finances or sensitive, confidential information.
Why your church needs an Internet use policy
• To protect information
Churches routinely handle sensitive personal information—addresses, phone numbers, emails, children’s ages, giving records, counseling notes, and so on. This information has to be protected against identity theft and other misuse of personal data.
• To protect minors
Digital media have made it easier than ever to publish pictures and video taken at church activities. It is vitally important that you know and follow proper procedures for the publishing of images, especially of minors. You can find more information on the Children’s Online Privacy Protection Act at www.coppa.org.
• To protect staff
You will want to protect your church staff from exposure to illicit material such as pornography. While this is ultimately an issue of character and spiritual maturity, having the appropriate policy and practices in place (e.g., filters, accountability) can add an important wall of protection for your staff.
• Prevent infection by malware
Filtering out certain types of illicit sites helps here, because simply visiting the homepage of an infected site can allow malware to infect your system. Consider installing filters and malware protection and make sure they are activated and kept up to date.
Review security settings on your ChMS
Your database and website software solutions come with security settings. Take time now to review them and make sure they are set to provide the level of secure access your staff and volunteers need.
What your Internet policy should cover
All church-owned devices
Your Internet policy should apply to all church-issued devices, including desktop and laptop computers, telephones, smart phones, and tablets. Users should be made aware of their responsibility to securely use these devices so that the user’s integrity and that of the church are protected.
Your policy should define who the authorized users will be from among these categories:
• Paid staff
• Select volunteers
• Guests? For example, a guest speaker or missionary on campus
• Church attendees; will they have access to open or secure Wi-Fi?
Your policy should also describe authorized uses by staff and select volunteers. Will it allow for personal use of the church’s hardware or Internet connection? What categories will it allow? News? Shopping? Sports sites? Will it restrict personal use to select times? What activities will be completely off-limits at all times?
You might want to spell out guidelines for these uses in particular:
• Social media
Social media especially has great potential for both good and harm. To see how top businesses and nonprofits address this ever-changing medium, see http://socialmediagovernance.com/policies/. The site currently lists the social media guidelines for 245 companies and organizations.
Consequences of unauthorized use
How will you respond if someone misuses your church’s Internet account? Whatever uses you authorize or prohibit, you should determine ahead of time what the consequences will be, and this information should be given to everyone that it applies to.
Your church website and other media should include the appropriate legal notices and disclaimers regarding the contents that appear on it.
While privacy and confidentiality should be regarded highly and respected in the church, users should be informed that designated staff members have the right to monitor all communications made on the church’s network.
The church’s Internet use policy should be included in the employee handbook and written volunteer guidelines. Workers should sign and date their agreement to abide by the policy, and this should be renewed at regular intervals (e.g., once a year).
A sample policy
Here is an example of a church policy that strives for that balance. (You may want your policy to be more detailed):
The use of communication tools and electronic media has exploded in recent years. Although practical and often necessary for business and ministry use, we ask that the use of these communication tools (e.g., telephone) and electronic tools (e.g., Internet, email) for personal use be very limited (e.g., emergency, necessity, break or personal time). Please note that _______ Church has the right to monitor any information sent or received on the ministry’s electronic equipment. If it is found that information is being sent or received that is contrary to _______Church’s Code of Conduct (e.g., viewing pornography), it may lead to discipline or termination of employment.
Your staff and congregation are invaluable. Be prudent; protect them and their personal information with a smart Internet policy.
Ministries often overlook the value of policies because of the inherent character that comes along with the staff and approved volunteers. However, we are all human and our humanity requires that healthy discipline and accountability be in place to protect our personal walk and influence on others.
How has your church managed this balance? And what encouragement could you offer to other church partners facing this same challenge?