From 7065f158d906718af65f02ecdd8cba345da2ea48 Mon Sep 17 00:00:00 2001
From: karlchillmaid <karl.chillmaid@digital.cabinet-office.gov.uk>
Date: Mon, 18 Nov 2019 13:48:54 +0000
Subject: [PATCH] Update Classifications and security vetting

---
 app/templates/views/security.html | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/templates/views/security.html b/app/templates/views/security.html
index 5b4781c10..f2ddf350b 100644
--- a/app/templates/views/security.html
+++ b/app/templates/views/security.html
@@ -77,7 +77,8 @@
   <p>Notify also has approval from the Office of the Government’s SIRO to host data within the EEA.</p>
 
   <h2 class="heading-medium">Classifications and security vetting</h2>
-  <p>Any information in Notify is classified as ‘OFFICIAL’ under the Government Security Classifications Policy.</p>
-  <p>All system administration staff working on Notify are cleared to Security Check (SC) level by United Kingdom Security Vetting.</p>
+  <p>You can use Notify to send messages classified as 'OFFICIAL' or 'OFFICIAL-SENSITIVE' under the <a href="https://www.gov.uk/government/publications/government-security-classifications">Government Security Classifications</a> policy.</p>
+  <p>You must not use Notify to send '<a href="https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/special-category-data/">special category data</a>', as defined in the General Data Protection Regulation (GDPR).</p>
+  <p>The Notify team has Security Check (SC) level clearance from <a href="https://www.gov.uk/guidance/security-vetting-and-clearance">United Kingdom Security Vetting</a> (UKSV).</p>
 
 {% endblock %}