4.1 Legislation

4.1.1 Understand the key points and implications to employers of the relevant health and safety legislation:

Health and Safety at Work Act:

The health and safety at work regulations that are currently in place within the UK is held in high regard globally as legislation, to the point that other countries use this legislation as a benchmark for their own.

Created in 1974 the regulation was created as a result of a significant amount of harm and death related to employees undertaking their work roles and responsibilities. The government established a group of people chaired by Lord Robens to create a report on safety and health at work.  Lord Robens was tasked to create legislation that fit all business types regardless of size, from self-employed to large organisations. 

o key points:

– provide a safe working environment

– ensure staff are properly trained

– adequate welfare provision

– provide relevant information, instruction and supervision

You have been tasked with creating an engaging activity for 16-18 year olds on the Health and Safety at Work etc Act 1974, specifically linked to the digital support services sector. This activity should last 25-30 minutes and involve both a learning element and interactive participation. Below is an example of how this activity could be structured:

Activity Title: Ensuring Safety in the Digital Support Workspace

Objective:
By the end of the activity, you will understand key aspects of the Health and Safety at Work etc Act 1974 and how they apply to the digital support services sector. You will explore real-world examples from a well-known organisation and propose solutions to common safety challenges.

Materials Needed:
    •    Access to a computer or tablet with internet for research
    •    Whiteboard or flipchart for note-taking (optional for classroom setting)
    •    Handouts summarising the Health and Safety at Work etc Act 1974 (optional)

Step-by-Step Activity Plan:
 
   1.    Introduction (5 minutes)
Briefly explain the key points of the Health and Safety at Work etc Act 1974, focusing on its relevance to the digital support services sector. Highlight the importance of both physical safety (e.g., ergonomic workspaces) and mental health (e.g., managing stress in a high-demand environment).
Example:
“The Act is designed to ensure that employers provide a safe working environment for their employees. In digital support services, this can include everything from making sure workers have the right equipment to prevent injuries, to ensuring their mental health is supported during busy periods.”

    2.    Group Research (10 minutes)
Split into small groups and research how a well-known organisation, such as Google, applies health and safety measures within its digital support teams. Focus on aspects such as:
    •    Ergonomics (adjustable desks, chairs, screen positioning)
    •    Mental health support (stress management, mental health days)
    •    Work-from-home health policies (safe home office setup, guidance on screen time)
    •    Emergency procedures (fire drills, reporting unsafe working conditions)
Each group should use available resources (e.g., company blogs, news articles, or health and safety documentation) to identify 2-3 safety measures that Google has implemented.
   
3.    Group Presentations (5-10 minutes)
After the research phase, each group will present their findings, focusing on how these health and safety measures align with the Health and Safety at Work etc Act 1974.
Example Presentation:
“Google has implemented several health and safety measures that align with the 1974 Act. They provide adjustable workstations to prevent physical strain, offer counselling services to employees, and ensure that staff working remotely are supported with proper ergonomic advice.”

    4.    Interactive Discussion (5-10 minutes)
Group discussion what additional ways digital support teams can improve health and safety practices. Focus your conversation on areas like managing prolonged screen time, dealing with high-stress situations, and ensuring safety for remote workers.
Example Question:
“If you were managing a digital support team at Google, what other safety measures would you put in place to ensure your team’s well-being?”

    5.    Conclusion (2-5 minutes)
Summarise the key points discussed, emphasising how the Health and Safety at Work etc Act 1974 protects employees in the digital support services sector. Reinforce the importance of both physical and mental health in the workplace and think about these issues as you enter your future careers.

By engaging in this activity, you will have applied theoretical knowledge of the Health and Safety at Work etc Act 1974 to real-world examples from a major organisation, thinking critically about health and safety in a sector you may enter in the future.

Manual handling operations:

o key points:

– avoid hazardous manual handling operations as far as possible

– assess any hazardous manual handling operations

– provide information on load and centre of gravity

– reduce the risk of injury so far as is reasonably practicable

Work at height regulations:

The regulations around "working at height 2005" play a very important part when linked to the installation of possible network infrastructure as placing equipment such as network access points (APs), Wi-Fi hubs and physical network cabling. These elements of a network can be located in ceilings and overhead gantries that require access to be done using ladders and in some situations scissor lifts called cherry pickers. As a result, the legislation is designed to ensure that employees are protected when undertaking any activities associated to accessing this equipment. The legislation requires that any employer ensure appropriate precautions are in place to reduce any possible injury, such as falling from height.

The Legislation and regulation ensure that the employee understands their duty to protect its employees by;

Ensuring that the equipment they are using or provided with is suitable for the job being undertaken, that it is strong enough for the task in hand, and that it is regularly checked for integrity and maintenance.

Appropriate training has been provided to ensure that the employees don't act in a way that could lead to harm to them or others, such as overreaching.

Provide the employees and potential members of the public with protection that reduces their being hit by falling materials.

Identifying Work at Height Risks in a Digital Support Environment

Objective:
You will develop an understanding of the Work at Height Regulations 2005 and apply them in the context of digital support services, specifically in identifying risks when dealing with cabling, server racks, and other equipment maintenance that may involve working at height.

Duration: 10-15 minutes

Materials Needed:
    •    Notepad or digital device for note-taking
    •    Floor plan or basic map of the educational environment (optional)

Instructions:
    1.    Introduction (2 minutes):
You will be briefly introduced to the Work at Height Regulations 2005, which are laws designed to prevent injuries and accidents when working at height. Examples could include accessing high server racks, cable installations, or fixing projectors.
    2.    Task Explanation (3 minutes):
You will be tasked with identifying potential risks associated with working at height within your current educational environment (e.g., IT support office, classroom, or server room). You will leave the classroom and observe locations where digital equipment maintenance may require working at height.
    3.    Activity (5 minutes):
You will walk around the educational environment and find at least two locations where work at height might occur. Consider:
    •    Where a ladder or steps would be needed (e.g., adjusting a ceiling-mounted projector, accessing cabling on high walls or ceiling panels).
    •    Whether there are secure, safe means to access the area.
    •    Any hazards like unstable surfaces, improper equipment, or inadequate protective measures.
    4.    Example Scenario:
You might observe the server room, where the top shelf of a rack is used for critical hardware. You should note that reaching this level requires the use of steps or a ladder, and you should evaluate whether proper equipment is in place to access the height safely (e.g., if the ladder is sturdy, if there are railings, and if the space is clear of obstructions).
    5.    Reflection & Discussion (5 minutes):
Once you return, you will share your observations. You will describe one risk you identified and suggest how it could be mitigated in line with the Work at Height Regulations 2005 (e.g., use of secure ladders, ensuring no tripping hazards below the workspace, using harnesses if necessary).

Expected Output Example:
You might report:
“In the server room, the top shelf of the rack requires a ladder to reach. The ladder present was sturdy but positioned on uneven flooring, which could cause instability. To comply with the Work at Height Regulations 2005, the ladder should be moved to a flat surface or a platform should be used to ensure stability before accessing the top shelf.”

This activity should encourage you to recognise the importance of safety when working at height in digital support roles and to think critically about how to mitigate risks in your surroundings.

o key points:

– make sure the work is properly planned, supervised and carried

out by competent people

– do as much work as possible from the ground

– ensure workers can get safely to and from where they work

at height

– ensure equipment is suitable, stable and strong enough for

the job

– provide protection from falling objects

– consider emergency evacuation rescue procedures

Display screen equipment:

o implications to employers:

– conduct a display screen equipment workstation assessment

– reduce risks including making sure workers take breaks from

display screen equipment work

– provide an eye test if an employee asks for one

– provide training and information for employees.

Have you ever had neck pain after a long gaming session or after doing work on a computer, or, found that your eyes have gotten tired and sore after looking at screens all day? This is where the Health and Safety (Display Screen Equipment) Regulations 1992 come in. This regulation is designed to protect users who continually use display screens for a long period.
 

Some of the key principles of the regulations to keep you safe when using computers, laptops, and tablets for extended periods are:

• Adequate Training: Just like learning the controls in a game, employers need to train staff on using screens safely. This could involve learning proper posture, taking breaks, and adjusting screen settings to avoid eye strain.

• Adequate Welfare Provision: Imagine getting a health boost after defeating a boss! Employers need to provide breaks for staff to move around, stretch, and rest their eyes. This could be short breaks every hour or longer breaks throughout the day.

• Safe Working Environment: Wouldn't it be annoying to fight enemies in a dark, cramped cave? Similarly, the regulations ensure a safe working environment for screen users. This includes proper lighting, comfortable seating, and avoiding glare on the screen. Imagine a well-lit gaming setup with an ergonomic chair – that's what they're aiming for!
   

   

• Suitable Information, Instruction & Supervision: Every good game has a handy guide, right? Employers need to provide staff with clear information on how to use screens safely. This could be posters, online resources, or even talks from health and safety experts. IT support can also play a role by helping set up screens and suggesting ergonomic adjustments.

5-Minute Challenge: In Pairs assess your computer setup for 5 minutes. Here's what to check: 
Posture: Are you sitting up straight with your back supported?  
Screen Distance: Is the screen an arm's length away? 
Lighting: Is there any glare on the screen? 
Breaks: Do you take breaks to move around and rest your eyes?

Discuss any improvements you can make and how you can work with your tutor to create a screen-safe environment.

Create a poster that uses terminology and images that a 16 year old might use to inform them of the DSE legislation of 1992. Using images in your poster will support your information and explainations, ensure that any images are referenced and attributed.

4.1.2 Understand the health and safety risks and preventative measures of

working with digital systems:

• possible risks:

o using display screen equipment

o working at heights

o cable installation (ground level, onto walls)

o manual handling

o health and safety requirements

• methods of mitigating risk:

o adequate training

o safe working environment

o suitable provision of relevant safety equipment

o safe working practices

o suitable provision of relevant information, instruction

and supervision.

4.1.3 Understand Data Security and Protection legislation, including their effect on organisations and individuals:

• Data Protection Act/General Data Protection Regulations:

o purpose of legislation

o eight principles.

4.1.4 Understand Computer Misuse legislation:

The computer Misuse act was introduced in 1990, however it was partially introduced in 1988 in response to a legal case titled "R v Gold & Schifreen (1988) where a journalist hacker broke into the then Duke of Edinburgh’s (Prince Phillip) email account. Once the general public were aware of the situation there was outcry that uncovered the fact that no law existed against computer hacking. As a result of this the legislation was created partially and released in 1988 followed 2 years later with the full release.

How easy is it to get caught out? 

Refelect on your own use of digital devices, have you experienced this?

• the principles of the Computer Misuse Act (CMA) 1990

Key aspects of the feature governing unauthorized access include:

Prohibition of Unauthorised Access: The Act clearly defines unauthorised access as accessing computer systems, programs, or data without proper authorisation. This includes bypassing security measures or accessing areas of a computer system beyond one's authorised privileges.

Protection of Data: The legislation aims to protect the confidentiality, integrity, and availability of data by preventing unauthorised access. This helps safeguard sensitive information from being accessed, modified, or deleted without proper authorisation.Scope: The legislation applies to unauthorised access to any computer system, whether it's owned by individuals, businesses, or the government. It covers a wide range of devices and networks, including computers, servers, and online platforms.

• consequences for company and employee

Penalties: The Act establishes penalties for unauthorized access, including fines and imprisonment, depending on the severity of the offense. For example, accessing a computer system without authorisation with the intent to commit further offenses carries a maximum penalty of up to 2 years in prison and/or a fine.

• employee awareness

• types of crimes covered by legislation.

Secure Your Digital Vault

Objective: Understand the importance of authorization and security in compliance with the Computer Misuse Act 1990.

Materials Needed: Personal computer or laptop Internet connection Basic understanding of computer operations

Steps:
1 - Introduction to the Act: Explain what the Computer Misuse Act 1990 is and why it's important for protecting digital information.

2 - Create a Digital Vault: Create a digital vault on a computer using encryption software. This could be a folder where you store sensitive files such as passwords, personal documents, or financial records.
3 - Set Authorization Levels: Set up authorisation levels for accessing the digital vault. This could involve creating a strong password or using biometric authentication if available.
4 - Test Authorisation: Demonstrate the importance of proper authorisation by attempting to access the digital vault without permission. Discuss why this would be illegal under the Computer Misuse Act 1990.
5 - Implement Security Measures: Implement additional security measures such as firewall protection, antivirus software, and regular software updates to further protect the digital vault from unauthorised access.
6 - Discuss Legal Implications: Discuss the potential legal implications of unauthorised access under the Computer Misuse Act 1990. Emphasize the importance of staying within the bounds of the law and respecting others' digital privacy.
7 - Reflection: Reflect on what has be learnt. Think about how you can apply these principles to safeguard your digital information and promote ethical behavior in your IT practices.

This activity provides a practical and hands-on approach for the you to understand the concept of unauthorised access and the importance of authorisation and security measures in compliance with the Computer Misuse Act 1990. It also encourages you to have critical thinking about digital ethics and responsible behavior in handling sensitive information.

4.1.5 Understand Equality legislation:

• the nine protected characteristics

• types of discrimination:

o direct

o indirect

o harassment

o victimisation

• where individuals are protected

• when to take action against discrimination

o time limits for claims.

4.1.6 Understand Intellectual Property legislation:

• unregistered designs

• registered designs

• patents.

4.1.7 Understand Electrical Waste legislation:

The WEEE regulations are a set of environmental regulations that are designed to ensure that any electrical equipment is recycled, reused, or disposed of in an ethical and non-environmentally impacting way. Within companies, any electrical material or devices are in most situations, disposed of in specialist bins that external contractors will take away and do the recycling of the materials if they cannot be reused again, however, in some situations, some of the electrical devices may need to be destroyed beyond any repair or reuse as these may store personal and sensitive information, and must be disposed of destructively.

In small groups of 2-3 reflect on the disposal of electrical equipment, research and discuss the main minerals found in most electrical devices and the current issue of e-waste in the UK.

o key features:

governs the safe and environmentally responsible disposal of electrical equipment

• Waste Electrical and Electronic Equipment Regulations

• safe disposal

• environmentally responsible disposal.

4.1.8 Understand the interrelationships between digital support and security

and digital legislation, and make judgements about the impact on

organisations, society and individuals.

4.1.9 Know that international law applies to some offences:

• international law in cyberspace

• international law and surveillance.

4.2 Guidelines

4.2.1 Know the sources of codes of conduct:

• organisations

• professional:

o British Computer Society (BCS)

o The Institution of Analysts and Programmers (IAP)

o Chartered Institute of Information Security (CIISec)

• governmental.

4.2.2 Understand how guidelines in codes of conduct influence professional

behaviour:

• ensure individuals follow policies, procedures and legislation

• ensure quality of work:

o minimising risk to the public

o acting with competence and integrity

• meeting deadlines

• effective communication

• maintaining confidentiality and trust.

4.2.3 Know the sources of digital industry standards:

• International Organization for Standardization (ISO)

• Web Content Accessibility guidelines (WCAG)

• World Wide Web Consortium (W3C®)

• Internet Engineering Task Force (IETF)

• Electronic Industries Alliance/Telecommunications Industry Association

(EIA/TIA)

• British Standard (BS)

• Institute of Electrical and Electronics Engineers (IEEE)

• Payment Card Industry Security Standards Council (PCI SSC).

4.2.4 Understand the purpose of acceptable use policies (AUP):

• purpose of AUP

• typical content:

o permitted activities

o prohibited activities

o working practices including confidentiality

o communication etiquette including projecting correct

organisation image

o sanctions/penalties.

4.2.5 Understand the importance of whistleblowing procedures.

4.2.6 Understand the interrelationships between digital support and security and guidelines, and make judgements about the impact on organisations, society and individuals