 |
University Business Policies and Procedures Manual |
2500
ACCEPTABLE COMPUTER USE
Effective Date: August 28, 2000
Subject to Change Without Notice
University Business Policies and Procedures Manual
2500
ACCEPTABLE COMPUTER USE
Effective Date: August 28, 2000
Subject to Change Without Notice
1. General
The University of New Mexico provides computing services to University faculty, staff, students, retirees, and specified outside clients of the University. These services may be used only for furthering the education, research, and public service mission of the University and may not be used for commercial purposes or profit-making. The use of University computing services is a privilege. Users who have been granted this privilege must use the services in an appropriate, ethical, and lawful manner. Unauthorized access is prohibited and may be monitored and reported to the proper authorities. For the purposes of this policy computing services include all University information and systems using hardware, software, and network services including computer resources entrusted to the University by other organizations.
2. Rights and Responsibilities
The University does not provide a warranty, either expressly or implied, for the computing services provided. The University reserves the right to limit a computer user's session if there are insufficient resources, and to cancel, restart, or hold a job, process, or program to protect or improve system performance if necessary.
2.1. User Responsibilities
Users are responsible for all their activities using computing services and shall respect the intended use of such services. Each computing facility has specific rules and regulations that govern the use of equipment at that site and users shall comply with the rules and regulations governing the use of such computing facilities and equipment. Users must understand and keep up-to-date with this policy and other applicable University computer policies and procedures.
Users shall respect all copyrights including software copyrights. Users shall not reproduce copyrighted work without the owner's permission. In accordance with copyright laws, including the Digital Millennium Copyright Act, University Counsel's Office, upon receipt of official notice from a copyright owner, may authorize blocking access to information alleged to be in violation of another's copyright. If after an investigation information is determined by University Counsel's Office to be in violation of another's copyright, such information will be deleted from University computing systems.
2.2. Misuse of Computing Services
The University reserves the right to sanction a user pursuant to Section 4. herein if it is determined, after an investigation by the appropriate office, that the user violated federal or state law or University policy by misusing University computing services. In addition to other standards listed in this policy, examples of misuse include, but are not limited to:
- attempting to defeat or circumvent any security measures, controls, accounts, or record-keeping systems;
- using systems for unauthorized access;
- intentionally altering, misappropriating, dismantling, disfiguring, disabling, or destroying any computing information and/or services;
- using computing services for workplace violence of any kind as defined in "Campus Violence" Policy 2210, UBP;
- using computing services for unlawful purposes including fraudulent, threatening, defamatory, harassing, or obscene communications;
- invading the privacy rights of anyone;
- disclosing or using non-public information for unauthorized purposes,
- disclosing student records in violation of FERPA;
- accessing medical information about a patient, employee, or student without having a legitimate and authorized University purpose;
- disclosing or transmitting any identifiable medical information except as permitted by University policy and applicable state and federal law and regulations; or
- violating copyright laws.
2.3. Incidental Personal Use
The University allows incidental personal use of computing services. Such use must not interfere with an employee fulfilling his or her job responsibilities, interfere with other users' access to resources, or be excessive as determined by management. Each department should document and communicate what use is acceptable.
3. Privacy Limitations
Users, including managers, supervisors, and systems administrators shall respect the privacy of other users. Users must be aware, however, that computing systems can never be totally secure and the University cannot guarantee privacy.
While the University does not routinely monitor individual usage of its computing resources, the normal operation and maintenance of the University's computing resources require the backup and storage of data and communications, the logging of activity, the monitoring of general usage patterns, and other such activities that are necessary for the rendering of services.
The University may also specifically access and examine the account of an individual user if necessary to comply with federal or state law or if there is reasonable suspicion that a law or University policy has been violated and examination of the account is needed to investigate the apparent violation. Requests for access based on reasonable suspicion must be approved in writing, in advance, by the cognizant vice president. Each request must specify the purpose of access and such access will be limited to information related to the purpose for which access was granted. If such access is being requested by a vice president, access must be approved by the President. If such access is being requested by the President, access must be approved by the UNM Board of Regents. The Regents' Internal Auditing Policy authorizes the University Audit Department full and unrestricted access to all University records.
Accessing an employee's computer files for work-related, noninvestigatory purposes--i.e., to retrieve a file or document needed while the employee who maintains the file or document is away from the office--is permitted and does not require authorization by a vice president as long as access is limited to the work-related need. When an employee separates from the University, work-related files remain the property of the University.
Communications and other documents made by means of University computing resources are generally subject to New Mexico's Inspection of Public Records Act to the same extent as they would be if made on paper. Information stored electronically may also be made available in administrative or judicial proceedings; therefore, all employees are urged to use the same discretion and good judgment in creating electronic documents as they would use in creating written paper documents. The University will disclose illegal or unauthorized activities to appropriate University personnel and/or law enforcement agencies.
4. Sanctions
Use of University computing services in violation of applicable laws or University policy may result in sanctions, including withdrawal of use privilege; disciplinary action, up to and including, expulsion from the University or discharge from a position; and legal prosecution under applicable federal and/or state law.
Comments may be sent to UBPPM@UNM.edu
http://www.unm.edu/~ubppm
| Contents | Section 2000 Contents | Policy Listing | Forms | Index | UBP Manual Homepage | UBP Homepage | UNM Homepage |