1. Policy Statement
1.1 Sanctuary Group (Sanctuary) will offer access to Wi-Fi at some of its Sanctuary Care and Sanctuary Supported Living properties (the Service). Customers of the Service will include residents and visitors of residents. Sanctuary will endeavour to provide each Customer with access to Wi-Fi for their personal non-commercial use, subject to the Terms and Conditions of Use.
1.2 The objective of this policy is to assist colleagues and Customers with their roles and responsibilities in connection to the Service. This includes who has access to use the Service, the controls in place and the terms and conditions of use. This policy, including its appendices, set out to advise users of their responsibilities in relation to the use of these services.
1.3 Supporting definitions can be found in Section 6 of this policy.
2. Roles and responsibilities
2.1 Sanctuary will ensure all Customers of the Service are aware of this policy prior to accessing the Service and that a user friendly and reliable process for managing access to the Service is in use
2.2 Sanctuary will not actively control and monitor the use of the Service, but data will be collected regarding its use. This data will only be accessed in exceptional circumstances to support activities such as:
- Complaint investigation.
- Technology investigation.
- Police investigation.
2.3 The Chief Information Officer is responsible for executive oversight of this Policy.
2.4 Members of the Group's Technology team are responsible for:
- Implementation of this policy, including:
- access control;
- monitoring;
- blocking of illegal content; and
- updating the Terms and Conditions of Use.
- Annual review of this policy.
- Taking account of all data and privacy considerations including ensuring the relevant privacy notice, Records of Processing Activities (ROPA), and lawful basis of processing are established in accordance with the Data Protection - Group Policy and Procedure.
2.5 In using the Service Sanctuary’s Customers, which includes visitors to Sanctuary customers, are:
Responsible for complying with the Terms and Conditions of Use
- Recommended to comply with best practice in protecting their data, devices and security, including but not limited to:
- Ensuring their devices used to access the Service are regularly having systems updated, where possible.
- The security and protection of the operating system of personal devices should not be bypassed (including Jailbreaking and Rooting).
- Utilising two-factor authentication, safety features and ensuring they are not left unattended without a password or passcode.
3. References and sources
3.1 In providing the Service to Customers Sanctuary is obliged to abide by all relevant UK legislation.
3.2 The requirement for Sanctuary to comply with this legislation shall be devolved to employees and agents of Sanctuary, who may be held personally accountable for any breaches of information security for which they may be held responsible. Sanctuary shall comply with the following legislation and other legislation as appropriate:
- Data Protection Act 2018
- UK General Data Protection Regulations (UK GDPR)
- Computer Misuse Act 1990
- Copyright Designs and Patents Act 1988
- Electronic Communications Act 2000
- Human Rights Act 1998
- Regulation of Investigatory Powers Act 2000
- Freedom of Information Act 2000
- Health and Social Care Act 2012
- Public Interest Disclosure Act 1998
- Privacy and Electronic Communications (EC Directive) Regulations 2003
4. Impact on diversity
4.1 The policy applies to all Sanctuary customers who access the Service.
4.2 Sanctuary demonstrates its commitment to diversity and promoting equality by ensuring that this policy is applied in a manner that is fair to all sections of the community, with due regard to the protected characteristics identified under the Equality Act 2010 and in accordance with the ‘Sanctuary Inclusion for All Strategy 2024-2026’.
5. Resident consultation
5.1 This policy will require resident consultation as it directly relates to the services provided to the Group’s residents (customers).
5.2 This policy should be used in conjunction with House Rules and Regulation 22 of the Supported Accommodation Regulations including Quality Standards.
6. Definitions
6.1 The following definitions aim to support the end user’s understanding of the terms included in this policy.
| Customer | A resident or visitor of a resident within Sanctuary Care or Sanctuary Supported Living. Customers shall be interpreted accordingly. |
| Terms and Conditions of Use | The agreement between the owner of the Service and the end user. For more information, please see our Terms and Conditions of Use page. |
| Jailbreaking | Modify (a smartphone or other electronic device) by bypassing security to remove restrictions imposed by the manufacturer or operator, for example to allow the installation of unauthorised software. |
| Rooting | Rooting is the process of unlocking or jailbreaking a device, such as a smartphone or tablet. It most commonly refers to android devices. A rooted device gives the user much more freedom to customise the device and achieve more administrative control. Phone carriers and hardware manufacturers often place limitations on these devices for security reasons. A rooted device allows a user to change the operating system (OS), replace or alter settings and system applications, install custom themes, and download specialised apps. Rooting an android device can cause a myriad of issues, including rendering the phone useless if it is done wrong, losing data, and allowing access for malware. Rooting a phone makes you a superuser, giving you admin privileges, but it can also void the warranty and cause damage to the device. |
| Two-Factor Authentication | Two-factor authentication enhances the security needed to access an account or service. This requires two different forms of identification to be provided to gain access. The items that can be used in this process used are categorised as:
|
7. What's new - What's different?
7.1 January 2026 - This is a new policy.
8. Monitoring and compliance
8.1 Period of review
8.1.1 Until a new policy is formally adopted this document will remain in force and operational.
8.1.2 This policy will be reviewed in accordance with the policy review programme agreed by Executive Committee.
8.1.3 If there are significant changes to legislation or regulation or there are found to be deficiencies or failures in this policy, as a result of complaints or findings from any independent organisations, the Chief Information Officer will initiate an immediate review.
8.1.4 Where appropriate, key stakeholders, and interested parties will be consulted as part of any review of this policy.
9. Approval
9.1 This policy is approved by the Group’s Executive Committee.