Home | News | Changes to HR Policies and Forms

Changes to HR Policies and Forms

bandwidth close up computer 1148820

We would like to let you know about work that is currently being undertaken to prepare the transition of all HR policies and HR forms from the Document Library on the Trust’s Intranet to the ‘Policies’ section of MetaCompliance. This project aims to make all policies more accessible and in a more user-friendly format.  

The MetaPolicy section of MetaCompliance is designed to:

  • make it easier to find policies, procedures, and other important documents;
  • deliver new and updated polices via a link to your inbox ensuring that you are aware of the most recent copy; 
  • provide you with a personal online portal, helping you to locate the policies you need.

No changes have been made yet; you can still access HR policies and forms in the usual way.  Further communications will follow keeping you updated on next steps and when the changes will take place.

Background to MetaCompliance

In 2021, the Trust introduced a new system called MetaCompliance, and this may be familiar to most of you when accessing staff awareness alerts and additional learning you may have been sent.

MetaCompliance are a market leader in some of the key elements to achieving a data safe environment. The various elements covered by their application bring together a range of tools that aim to raise the internal understanding of information security by raising user awareness, helping to reduce avoidable human errors and to adopt a more comprehensive approach to data security both at home and at work.

MetaCompliance can be broken down into four modules/subgroups:

  1. MetaLearning: This provides responsive and appropriate content in small bitesize pieces.  The content will be delivered through direct emails, links from Need to Know as well as many other places.  The content is updated regularly and takes into consideration the current cyber and data security landscape. This application is designed to complement the mandatory training provided through the evolve platform with agile and dynamic content.
  2. MetaPolicy: This is designed to make finding policies, procedures, and other important documents easier. It will also deliver new and updated polices via a link to your inbox ensuring that you are aware of the most recent copy.  It will also provide you a personal online portal, helping you to locate the policies you need.
  3. MetaPrivacy: This ensures that the Trust is compliant with one of the key requirements of UK Data Protection Legislation.  This is to maintain a comprehensive list and evidence of Information Assets, those responsible for them, the way they are used (processing activities) and the legal basis for the processing activity. It also has provision for extra assessment requirements to be added such as those in the NHS Data Security and Protection Toolkit (DSPT).
  4. MetaPhish: This provides a whole suite within which to plan and design a robust program of simulated phishing attacks (including whale and spearfishing).  These can include both social engineering (which can also be backed up with a vishing attack), as well as credential harvesting. These simulated attacks can correspond with MetaLearning to provide reinforcement for those who click and endorsement for those who do not.

The image below is the homepage that you will see once logged in to MetaCompliance. This can be accessed via Quick Links on East24 or by using the link below. Please navigate and familiarise yourself with this site and complete any training on policies that may be outstanding.

MetaCompliance - MyCompliance Cloud

Published 9th June 2023