June 12, 2017
Last Revision Date
Information Technology Services
All users have the responsibility to use Marymount University (“University”) technology resources in an efficient, ethical and legal manner, consistent with the goals of the university.
Faculty, staff, affiliates, and consultants/contractors are expected to abide by the following policies which are intended to preserve the utility and flexibility of university resources, protect the rights and work of students, employees, and preserve the right to access resources to which the university is connected. These policies operate in conjunction with the university’s Code of Ethics. These policies are representative but not all inclusive, and also applies to the use of personal technology devices when being used for University business and/or when it is being used to capture and/or communicate university subject matter. Individual University computer laboratories may post additional operational rules and restrictions that are considered part of this policy. Users are responsible for reading and following these rules. University also maintains computerized data on students, personnel, and financial records that are integral to the administration of the university. The University has the responsibility to manage this data and to provide the security necessary for its use.
- Users will be assigned a University account to access University technology resources. The university reserves the right to access individual accounts and systems at any time at its sole discretion.
- A password will allow access to a user’s account. It is the user’s responsibility to protect his or her account from unauthorized use by changing passwords periodically and by using passwords that are not easily guessed.
- Users should identify themselves clearly and accurately in all electronic communications. Concealing or misrepresenting a name or affiliation is a serious abuse. Using identities of other individuals constitutes fraud.
- Access to administrative data repositories will be granted to authorized users who require it to perform their jobs.
2.0 Responsibility of Every User
2.1 General Use Responsibilities:
- Users must accept responsibility for their own work by learning appropriate uses of software to maintain the integrity of what they create. Users should keep archives and backup copies of important work; learn and properly use the features for securing or sharing access to files on any computers they use.
- Any attempt to circumvent system security, guess other passwords, or in any way gain unauthorized access to local or network resources is forbidden. Distributing passwords or otherwise attempting to evade, disable or “crack” passwords or other security provisions threatens the work of many others and is therefore grounds for immediate suspension of privileges and could lead to additional disciplinary action, up to and including termination of employment. Users may not develop programs or use any mechanisms to alter or avoid accounting for the use of technology resources or to employ means by which the facilities and systems are used anonymously or by means of an alias.
- The university cannot and does not guarantee the security of electronic files and communications on its systems.
- Information Technology Services (ITS) may impose limitations or restrictions on technology resources, such as storage space, time limits, or amount of resources consumed, when necessary.
- Use of technology resources for instruction and related course work takes priority over other uses. Information Technology Services may restrict access to certain programs, sites, or services for security or administrative purposes.
- Users are expected to refrain from engaging in deliberately wasteful or resource consuming practices such as sending spam or file sharing. Unauthorized transferring of copyrighted materials to or from the Marymount University network without express consent of the owner is a violation of federal law. In addition, use of the Internet from an educational site for commercial gain or profit is prohibited.
- Users are expected to refrain from engaging in any illegal activity while using the University technology resources.
- Unauthorized transferring of copyrighted materials to or from the University computer system without express consent of the owner is a violation of federal law. In addition, use of the Internet from an educational site for commercial gain or profit is prohibited.
- Use of electronic mail and other network communication resources to harass, offend or annoy other users is forbidden. Obscene, defamatory, or any other material which violates University policy on non-discrimination, the University Code of Ethics or the laws of any jurisdiction will not be tolerated.
- Use of personal technology devices (e.g. smart phone, tablet) to perform University business or to capture/communicate University related subject matter must also protect the privacy rights of students as specified in the University policy on Confidentiality of Student Records and in relevant laws (e.g., FERPA, HIPPA, GLB) and regulations that govern disclosure of applicable information. Examples include communication via text message with members of the Marymount community (e.g. students and employees), taking pictures, recording/streaming video, or recording audio on university premises or at university events.
- University expects its employees to comply with applicable laws regarding safe driving. University prohibits employees from talking on University issued mobile phones without using hands-free devices while driving where prohibited by law, as well as texting and emailing while driving, while using University issued mobile phones, during work hours, or for any work-related purposes. Failure to comply with this policy may constitute grounds for disciplinary action, up to and including termination.
2.2 Administrative User Responsibilities
In accepting access to administrative systems, users assume the responsibility of adhering to all relevant laws, regulations and university policies including the policy on Confidentiality of Student Records and the policies and procedures contained in this document. The University retains the right to and will monitor the use of its technology resources. As such, no user should have any expectation of privacy relating to the use of University technology resources. Failure to conform to policy can result in sanctions as defined in this and other relevant documents. Specifically, the following applies to all users:
- Administrative data on University technology resources will be utilized only as necessary in the fulfillment of job responsibilities.
- Computerized information used for administrative purposes is confidential, and users agree to maintain that confidentiality. Confidential information will not at any time during employment or association with Marymount University, or after employment or association ends, be accessed, used, or disclosed for any purpose, except as necessary to fulfill job responsibilities.
- Departments are provided access to certain financial information which is essential to conducting the business aspects of their operation. This information is intended for use only by the specific department authorized with its access and should be considered restrictive in nature.
- A password is private information. Users must never give out their IDs or passwords to anyone. Sharing an ID or password or logging on and allowing another employee to access information is a violation of this policy. The user is responsible for all transactions, which take place under his or her ID.
- Users will log off or lock systems when use is completed.
- Users agree to protect the privacy rights of students as specified in the University policy on Confidentiality of Student Records and in relevant laws and regulations that govern disclosure of student information.
- Users will not attempt to view or utilize data that may be available to them but which is not necessary in the performance of their job function.
- All files containing sensitive information as defined by University policy, federal law (e.g., FERPA, HIPPA, GLB), or state laws that are extracted from University technology resources, obtained from outside sources, and/or created by individual University employees or departments must be stored on university resources and systems. No files containing sensitive information are to be stored on the disk drive of the employee’s local computer or removable storage devices. The creation of and/or access to files containing sensitive information stored in a shared location must be restricted to only those employees authorized to view sensitive information.
- External storage devices (e.g. thumb drive) containing sensitive information shall be locked in a secure area when not in use and properly destroyed when no longer needed or obsolete.
3.0 Procedures in the Case of Employee Transfer or Departure from the University
When an employee’s departure from the institution is processed by Human Resources, ITS will be notified and access to University technology resources will be terminated immediately. Managers are responsible for maintaining the currency of access rights within their units and for notifying ITS of changes as a result of job change or transfer. Access rights will be adjusted or terminated accordingly. Temporary university employees will be terminated automatically one month after the account has been created. Managers may request an extension.
Employees are expected to take proper care of the equipment in University facilities. Food, drink, and smoking are not permitted in university labs. Report any malfunctions to the lab assistant on duty or send email to ‘its@MARYMOUNT.EDU’. Do not attempt to move, repair, reconfigure, modify, or attach external devices to the systems.
Violations of this policy may be treated as violations of University policy and/or as violations of civil or criminal law. ITS will investigate apparent or alleged violations of these guidelines. ITS reserves the right to immediately suspend user privileges pending investigation of a suspected violation of this policy. Such action will be taken to protect the security and integrity of all University technology resources and will take precedence over its impact on the individual’s work. When appropriate, at the discretion of the Director of ITS, cases of apparent abuse will be reported to the appropriate division Vice President (VP), as well as Human Resources.