Pine Technical College
Policy and Procedure
Policy Number: 708 Date: 09/13/2004
Revision Date:
Division/Department: Information Systems Author: Ken
Ries
Subject: Acceptable use of computers and information technology
resources
Authorities:
MnSCU Board policy 5.22, 1.B.1, 1.C.2, and 3.26; Minnesota Statutes
section 43A.38, 43A.32, 211B.09; Federal Electronic Communications Privacy Act;
the Computer Fraud and Abuse Act; State computer crime statutes; Student conduct
codes; and applicable software licenses
Purpose:
Computer and information technology resources are essential tools in
accomplishing the mission of Pine Technical College. These resources must be
used and managed responsibly in order to ensure their availability for the
competing demands of teaching, scholarship, administration and other
mission-related uses. This policy establishes responsibilities for acceptable
use of Pine Technical College information technology resources.
Policy:
Part 1. Purpose
Subpart A. Acceptable use. This procedure establishes responsibilities for
acceptable use of Pine Technical College information technology resources.
College information technology resources are provided for use by currently
enrolled College students, administrators, faculty, other employees, and other
authorized users. College information technology resources are the property of
Pine Technical College, and are provided for the direct and indirect support of
the College’s educational, research, service, student and campus life
activities, administrative and business purposes, within the limitations of
available College technology, financial and human resources. The use of Pine
Technical College information technology is a privilege conditioned on
compliance with this policy, procedure and any procedures or guidelines adopted
pursuant to this procedure. The College encourages the use of information
technology as an effective and efficient tool within the framework of applicable
State and federal laws, policies and rules and other necessary restrictions.
Subpart B. Academic freedom. Nothing in this procedure shall be
interpreted to expand, diminish or alter academic freedom, articulated under
College policy and System collective bargaining agreements.
Part 2. Applicability
This procedure applies to all users of College information technology,
whether or not the user is affiliated with Pine Technical College, and to all
uses of those resources, wherever located.
Pine Technical College is not responsible for any personal or unauthorized use
of its resources, and security of data transmitted on its information technology
resources cannot be guaranteed.
Part 3. Definitions
Subpart A. College. College, except where specified otherwise, means a Pine
Technical College, the Office of the Chancellor, or the Minnesota State Colleges
and Universities System.
Subpart B. Security measures. Security measures means processes,
software, and hardware used by system and network administrators to protect the
confidentiality, integrity, and availability of the computer resources and data
owned by the College or its authorized users. Security measures may include, but
are not limited to, monitoring or reviewing individual user accounts for
suspected policy violations and investigating security-related issues.
Subpart C. System. For purposes of this procedure, System means the
Board of Trustees, the Office of the Chancellor, each colleges and university
within the System, and any part or combination thereof.
Subpart D. College information technology. College information
technology means all College facilities, technologies, and information resources
used for information processing, transfer, storage and communications. This
includes, but is not limited to, computer hardware and software, computer labs,
classroom technologies such as computer-based instructional management systems,
and computing and electronic communications devices and services, such as
modems, e-mail, networks, telephones (including cellular), voicemail, facsimile
transmissions, video, mobile devices, and multimedia materials.
Subpart E. Transmit. Transmit means to send, store, collect, transfer
or otherwise alter or affect information technology resources or data contained
therein.
Subpart F. User. User means any individual, including, but not limited
to, students, administrators, faculty, other employees, volunteers, and other
authorized individuals using College information technology in any manner,
whether or not the user is affiliated with Pine Technical College.
Part 4. Responsibilities of All Users.
Subpart A. Compliance with applicable law and policy.
Users must comply with laws and regulations, MnSCU Board policies and
System procedures, Pine Technical College policies and College procedures,
contracts, and licenses applicable to their particular uses. This includes, but
is not limited to, the laws of libel, data privacy, copyright, trademark,
gambling, obscenity, and child pornography; the federal Electronic
Communications Privacy Act and the Computer Fraud and Abuse Act, which prohibit
“hacking” and similar activities; state computer crime statutes; student conduct
codes; applicable software licenses; and Board policies 1.B.1, prohibiting
discrimination and harassment; 1.C.2, prohibiting fraudulent or other dishonest
acts; and 3.26, concerning intellectual property.
Users are responsible for the content of their personal use of College
information technology, and may be subject to liability resulting from that use.
Users must use only system information technology they are authorized to use and
use them only in the manner and to the extent authorized. Ability to access
information technology resources does not, by itself, imply authorization to do
so.
Users are responsible for use of College information technology under their
authorization.
Subpart B. Unauthorized use. Users must abide by the security restrictions on
all systems and information to which access is authorized.
Users must not:
a. use any account or password assigned by the College to
anyone else;
b. share any account or password, assigned to the user by the
College, with any other individual, including family members;
c. allow others to use College information technology under
the user’s control;
d. use College cellular telephones for personal use unless
specifically authorized by College, System or State policy or procedure.
Users must not circumvent, attempt to circumvent, or assist another in
circumventing security controls in place to protect the privacy and integrity of
data stored on College information technology.
Users must not change, conceal, or forge the identification of the person using
College information technology, including, but not limited to, use of e-mail.
Users must not knowingly download or install software onto College information
technology unless it has been preapproved through established campus procedures
including Pine Technical College policy 703, or by the Chief Information
Officer, or prior authorization is received from the Chief Information Officer.
Users who knowingly or negligently do not comply may be held responsible for
damages, cost of system debugging, and payment of software fees, licenses and
infringement penalties.
Users must not engage in activities that interfere with or disrupt network
users, equipment or service; intentionally distribute viruses, worms, trojans,
or other malicious code; or install software or hardware that permits
unauthorized access to College information technology.
Users must not engage in inappropriate uses, including:
a. activities that violate State or federal law or
regulation;
b. wagering or betting;
c. harassment, threats to or defamation of others, stalking,
and/or illegal discrimination;
d. fund-raising, private business, or commercial activity,
unless it is related to the mission of the College, System or its colleges and
universities. Mission related activities are determined by the College, or
Office of the Chancellor, and include activities of authorized campus or
System-sponsored organizations;
e. storage, display, transmission, or intentional or
solicited receipt of material that is or may be reasonably regarded as obscene,
sexually explicit, or pornographic, including any depiction, photograph, audio
recording, or written word, except as such access relates to the academic
pursuits of a College student or professional activities of a College employee;
and
f. “spamming” through widespread dissemination of unsolicited
and unauthorized e-mail messages.
Subpart C. Protecting privacy. Users must not violate the privacy of other users
and their accounts, regardless of whether those accounts are securely protected.
Technical ability to access others’ accounts does not, by itself, imply
authorization to do so.
Subpart D. Limitations on use. Users must avoid
excessive use of College information technology, including but not limited to
network capacity. Excessive use means use that is disproportionate to that of
other users, or is unrelated to academic or employment-related needs, or that
interfere with other authorized uses. The College may require users to limit or
refrain from certain uses in accordance with this provision. The reasonableness
of any specific use shall be determined by the College or Office of the
Chancellor in the context of relevant circumstances.
Subpart E. Unauthorized trademark use. Users must
not state or imply that they speak on behalf of the College or the System, and
must not use College or System trademarks or logos without prior authorization.
Affiliation with the College does not, by itself, imply authorization to speak
on behalf of the College.
Part 5. College Employee Users.
All employees of Pine Technical College are subject to Minnesota Statutes
section 43A.38, the code of ethics for employees in the executive branch, Pine
Technical College policy 700. In addition to compliance with that statute and
this procedure, it is expected that employees will use the traditional
communication rules of reasonableness, respect, courtesy, and common sense when
using College information technology.
Subpart A. Personal use. In accordance with Minnesota Statutes section
43A.38, subdivision 4, System employees may make reasonable use of College
information technology for personal communications as long as the use is in
accordance with state law, Board policy, System procedure, College policy, and
the use, including the value of employee time spent, does not result in an
incremental cost to the State, or results in an incremental cost that is so
small as to make accounting for it unreasonable or administratively
impracticable, as determined by the College or the Office of the Chancellor.
Reasonable use means use consistent with this procedure.
Subpart B. Union activities. In the interest of
maintaining effective labor-management relationships and efficient use of State
time and resources, System e-mail systems may be used by employee
representatives of the union for certain union activities, in accordance with
State policy and/or the provisions of applicable collective bargaining
agreements.
College-owned property or service, including the e-mail system, may not be used
for political activities, fund-raising, campaigning for union office, union
organizing activities, or solicitation of employees for union membership.
Union use of electronic communication technology is subject to the same
conditions as employee use of such technology, as set forth in Policy 5.22 and
this procedure, including security and privacy provisions.
Subpart C. Political activities. College employees
shall not use College information technology for political activities prohibited
by Minnesota Statutes sections 43A.32 or 211B.09, or other applicable State or
federal law.
Subpart D. Religious activities. College employees
shall not use College information technology in a manner that creates the
impression that the College supports any religious group or religion generally
in violation of the Establishment Clause of the First Amendment of the United
States Constitution or Article 1, Section 16 of the Minnesota State
Constitution.
Part 6. Security and Privacy.
Subpart A. Security. Users shall employ appropriate
security practices, including the appropriate use of secure facsimiles or
encryption or encoding devices, when electronically transmitting data that is
not public.
Subpart B. Privacy. Data transmitted via College
information technology are not guaranteed to be private. Deletion of a message
or file may not fully eliminate the data from the system.
Subpart C. Right to employ security measures. The
College reserves the right to employ security measures, including but not
limited to the right to monitor any use of College information technology,
including those used for personal purposes. Users have no expectation of privacy
for any use of College technology resources, except as provided under federal
wire tap regulations (21 U.S.C. sections 2701-2711).
The College does not routinely monitor individual usage of its information
technology resources. Normal operation and maintenance of College information
technology require the backup and caching of data and communications, the
logging of activity, the monitoring of general usage patterns and other
activities that are necessary for such services. When violations are suspected,
appropriate steps shall be taken to investigate and take corrective action or
other actions as warranted. College officials may access data on College
information technology, without notice, for other business purposes including,
but not limited to, retrieving business-related information, re-routing or
disposing of undeliverable mail; or responding to requests for information
permitted by law.
Part 7. Application of Government Records Laws.
Subpart A. Data practices laws. Government data
maintained on College information technology is subject to data practices laws,
including the Minnesota Government Data Practices Act and the federal Family
Educational Rights and Privacy Act, to the same extent as they would be if kept
in any other medium. Users are responsible for handling government data to which
they have access or control in accordance with applicable data practices laws.
Subpart B. Record retention schedules. Official
College records created or maintained electronically are subject to the
requirements of the Official Records Act, Minnesota Statutes section 138.17 to
the same extent as official records in any other media. Official records must be
retained in accordance with the applicable approved records retention schedule
appropriate for the type, nature, and content of the record. Willful improper
disposal of official records may subject an employee to disciplinary action.
Part 8. Enforcement.
Conduct which involves the use of information resources to violate a
College policy, System policy or procedure, or state or federal law, or to
violate another’s rights, is a serious abuse subject to limitation or
termination of user privileges and appropriate disciplinary action, legal
action, or both.
Subpart A. Access Limitations. Pine Technical
College reserves the right to temporarily restrict or prohibit use of its
College information technology by any user without notice, if it is determined
necessary for business purposes.
Subpart B. Repeat violations of copyright laws. Pine
Technical College may permanently deny use of College information technology by
any individual determined to be a repeat violator of copyright laws governing
Internet use.
Subpart C. Disciplinary proceedings. Alleged
violations shall be addressed through applicable System procedures, including
but not limited to System Procedure 1.B.1.1 to address allegations of illegal
discrimination and harassment; student conduct code for other allegations
against students; or the applicable collective bargaining agreement or personnel
plan for other allegations involving employees. Continued use of College
information technology is a privilege subject to limitation, modification, or
termination.
Subpart D. Sanctions. Willful or intentional
violations of this policy are considered to be misconduct under applicable
student and employee conduct standards. Users who violate this policy may be
denied access to College information technology and may be subject to other
penalties and disciplinary action, both within and outside of the College.
Discipline for violations of this policy may include any action up to and
including termination or expulsion.
Subpart E. Referral to Law Enforcement. Under
appropriate circumstances, Pine Technical College may refer suspected violations
of law to appropriate law enforcement authorities, and provide access to
investigative or other data as permitted by law.
Part 9. Contact information.
Any questions, concerns or problems regarding the use of Campus information
technology or concerning intended or unintended interruptions of service should
be directed to the Pine Technical College Helpdesk via email at
helpdesk@pinetech.edu.
Specific questions related to policy, including interpretation and enforcement,
should be directed to Ken Ries, CIO/Technology Director (email:
riesk@pinetech.edu. Phone: 320-629-5195, Fax 320-629-5105, Postal mail: 900 4th
Street SE, Pine City, MN 55056).
Dissemination:
All Pine Technical College students, employees, and other authorized
users of Pine Technical College information technology.
Reviewed by Leadership Team: 09/13/2004
Reviewed by Faculty Senate: 08/31/2004
Approved: Date: 09/13/2004
___________________________ ____________________
Robert L. Musgrove, Ph.D. Date