Redmine Usage Policy¶

This document outlines the policy for using Redmine within Aprexis. The purpose of this policy is to ensure consistent and effective use of Redmine for project management, issue tracking, and collaboration. All employees are expected to adhere to the guidelines set forth in this document.

Warning!¶

This is a private system. Unauthorized access to or use of this system is strictly prohibited. Unauthorized users are subject to criminal prosecution and penalties.

NOTICE TO USERS¶

THIS IS A PRIVATE COMPUTER SYSTEM. It is for authorized use only. Users (authorized or unauthorized) have no explicit or implicit expectation of privacy. Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to authorized site and law enforcement personnel, as well as authorized officials of other agencies. By using this system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of authorized site personnel. Unauthorized or improper use of this system may result in administrative disciplinary action and civil and criminal penalties. By continuing to use this system you indicate your awareness of and consent to these terms and conditions of use.

LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning.

1. Access and Accounts¶

• Account Creation: All Redmine accounts will be created by Mike Howe or authorized IT personnel. Users should not attempt to create their own accounts.
• Account Security: Users are responsible for maintaining the confidentiality of their Redmine login credentials. Passwords should be strong and unique, and never shared.
• Account Termination: Redmine accounts will be deactivated upon an employee's departure from the company or if their role no longer requires Redmine access.

2. Project Creation and Management¶

• New Projects: New projects in Redmine should be approved by Daemmon Hughes before creation. A request for a new project can be submitted to daemmon@aprexis.com.
• Project Archiving: Projects that are completed or no longer active should be archived in Redmine.

3. Issue and Task Management¶

• Issue Creation: When creating an issue or task, users should provide clear and concise descriptions, including all relevant information such as steps to reproduce, expected behavior, and actual behavior.
• Assignees: All issues and tasks should be assigned to a specific person responsible for its completion.
• Prioritization: Issues and tasks should be assigned an appropriate priority level based on their impact and urgency.
• Status Updates: Users are responsible for regularly updating the status of their assigned issues and tasks to reflect current progress (e.g., "New", "In Progress", "Resolved", "Closed").
• Comments: Use the comments section for all communication related to an issue or task. Avoid using external communication channels for task-specific discussions unless absolutely necessary.
• Attachments: Relevant documents, screenshots, or other files should be attached directly to the corresponding issue or task.

4. Document Management¶

• Document Storage: Redmine can be used to store project-related documents. When uploading documents, ensure they are appropriately named and organized.
• Version Control: Utilize Redmine's version control features for important documents to track changes and maintain history.

5. Communication and Collaboration¶

• Notifications: Configure your Redmine notification settings to receive relevant updates on projects and issues you are involved with.

6. Security¶

• Confidentiality: Do not store sensitive or confidential information directly in Redmine unless it is protected by appropriate access controls.

7. HIPAA Compliance and Sensitive Information¶

No user should put sensitive information such as Protected Health Information (PHI), passwords, access keys, or any other sensitive information directly into Redmine.

• PHI Handling: If a Redmine task requires access to PHI, users should provide secured links to the relevant resource. Users should follow the Policy for Storing Sensitive Documents Related to Redmine Tasks for specific guidelines on storing sensitive documents. See https://docs.google.com/document/d/13MruGCuu9Ku46ZLLxSOm6iXkYL3dG_YOWV0C8u3XSWQ/edit?tab=t.0#heading=h.hlkgdd2ula50
• System Access Information: For passwords, access keys, or other information related to systems access, the sensitive information should be shared via Aprexis' password management tool Lastpass.

8. Policy Review and Updates¶

This policy will be reviewed annually by and updated as needed to reflect changes in best practices or organizational requirements. Any significant changes will be communicated to all Redmine users. Updates to this document will be posted in Redmine.

9. Compliance¶

Failure to comply with this Redmine Usage Policy may result in disciplinary action.

Last Updated: 10/16/2025

Source Document: https://docs.google.com/document/d/1y7jBQof5excr3xoHl4Bow16sHH68vOmhpTcFSMdFjHY/