Policy Portal

University Policy

Acceptable Use of Computing Resources

Policy Number: 3349-09-05
Effective Date: 07/01/2009
Updated: 05/01/2017
Reviewed:
Responsible Department: Information Technology
Applies To: All University Employees, Students, Authorized Users

A. Purpose

  1. The purpose of this Policy is to outline the acceptable use of computer equipment at NEOMED without inhibiting the use of the information technology environment that is intended for the greater benefit of NEOMED community. Inappropriate use exposes NEOMED to risks including virus attacks, compromise of network systems and services, and legal issues.

B. Scope

  1. The scope of this policy includes all Authorized Users who have access to the NEOMED network, are responsible for an account on any system that resides at any NEOMED facility, and/or store any NEOMED information on NEOMED equipment or systems.This policy applies to all equipment and systems that are owned or leased by NEOMED, including, but not limited to: computers, laboratories, lecture theaters, and video conferencing rooms across the University together with the use of all associated networks, internet access, e‐mail, hardware, VPN, data storage, computer accounts, software, telephony services, and voicemail.

C. Definitions

  1. “Information Technology Facilities” includes but is not limited to NEOMED computers, servers, networks, phones, printers and software.
  2. “Users/Community” refers to all NEOMED employees, students, alumni, and authorized external users for legitimate University purposes (including contractors and vendors with access to NEOMED systems).

D.Body of the Policy

  1. General Use and Ownership
    1. Users should be aware that the data they create on University systems remains the property of NEOMED.
    2. Each user is responsible for using the information technology facilities in an ethical and lawful way, in accordance with NEOMED policies and relevant laws.
    3. Each user is responsible for cooperating with other users of the information technology facilities to ensure fair and equitable access to the facilities.
    4. Each user is responsible for exercising good judgment regarding the reasonableness of personal use.  The University accepts no responsibility for the integrity or confidentiality of personal files stored on NEOMED’s information technology facilities.
    5. NEOMED reserves the right to audit networks, systems, and equipment on a periodic basis.
  2. Security and Proprietary Information
    1. Users should take all necessary steps to prevent unauthorized access to any information stored on NEOMED’s systems.
    2. Each user is responsible for the unique computer accounts which the University has authorized for the user’s benefit. Authorized users are responsible for the security of their passwords and accounts.
    3. All devices that are connected to the NEOMED network, whether owned by the user or NEOMED, shall execute a real‐time virus‐scanning software with a current virus definition file.
    4. NEOMED recommends that any information that users consider sensitive or vulnerable be encrypted before sending it outbound electronically or on magnetic media.
  3. Confidentiality and Privacy Information: Use of the NEOMED network and systems is restricted to authorized users only. All users accessing this system:
    1. must maintain high levels of security & confidentiality;
    2. must preserve the privacy required for these data;
    3. will access records only as required to perform assigned duties;
    4. will not access or release private information without proper authorization; and
    5. will not publicly discuss data in a way that might identify a person.Unauthorized use is a violation of applicable NEOMED policies and state/federal laws and regulations (such as Graham‐Leach‐Bliley, FERPA, and HIPAA) and will be subject to criminal, civil and/or administrative action.
  4. Prohibited Activities Constituting Unacceptable Use
    1. The following activities are strictly prohibited on NEOMED Information Technology Facilities:
      1. Unauthorized access to accounts, data, or files
      2. Using of the University’s name, seal, and/or logo on personal web pages, e‐mail, or other messaging facilities unless expressly authorized by the University
      3. Procuring or transmitting material that is in violation of sexual harassment or hostile workplace laws in the user’s local jurisdiction
      4. Accessing, creating or distributing pornographic material
      5. Running a personal business on NEOMED equipment
      6. Making fraudulent offers of products, items, or servicesoriginating from any NEOMED account
      7. Making statements about warranty, expressly or implied, unless it is a part of normal job duties
      8. Effecting security attacks or disruptions of network service. Security attacks include, but are not limited to:
        1. Disruptive activities, such as denial of service attacks, packet spoofing, and forging information for malicious purposes
        2. Introduction of malicious programs into the network or server (e.g., viruses, worms, Trojan horses, phishing attacks, etc.)
        3. Port scanning or vulnerability scanning
        4. Executing any form of network monitoring which will intercept data not intended for the user’s host, unless this activity is a part of the user’s normal job/duty
      9. Providing information about, or lists of, NEOMED employees directly to parties outside NEOMED without proper authorization.
    2. The following email and communications activities are strictly prohibited:
      1. Sending unsolicited email messages, including the sending of “junk mail” or other advertising material to individuals who did not specifically request such material (commonly known as ‘spam’)
      2. Sending defamatory, aggressive or rude e‐mail messages
      3. Sending threatening, harassing, or hate‐related communications to another person via email or telephone, whether through language, frequency, or size of messages
      4. Sending sexually explicit material
      5. Propagating chain mail (e‐mail sent to a number of people asking the recipient to send copies of the e‐mail with the same request to a number of recipients)
      6. Impersonating another person by sending a message which appears to have come from another person’s computer or represent themselves as being of a different gender, race, age, etc. (e.g., in a chat session or electronic conference)Users are entitled to use the NEOMED’s e‐mail and messaging facilities for private purposes, provided such use is lawful. Messaging facilities may include chat sessions, newsgroups, and electronic conferences. NEOMED reserves the right to withdraw this permission in the event that such use places the information technology facilities at risk or poses a security or other threat. Users must respect the privacy and personal rights of others.
  5. Copyright Violations
    1. Violations of the rights of any person or institution protected by copyright, trade secret, patent, or other intellectual property, or similar laws or regulations, including, but not limited to, the installation or distribution of “pirated” or other software products that are not appropriately licensed for use by NEOMED is strictly prohibited.
    2. Unauthorized copying of copyrighted material including, but not limited to, digitization and distribution of text and/or photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which NEOMED or the end user does not have an active license is strictly prohibited.
    3. Original multimedia works are protected by copyright. The Copyright Act’s exclusive rights provision gives developers and publishers the right to control unauthorized exploitation of their work. Multimedia works are created by combining content, music, text, graphics, illustrations, photographs, and software.
    4. Authorized users are expressly forbidden to make digital files of any commercially available multimedia works including, but not limited to, recordings, music albums, album covers, and videos, without permission of the copyright owner.  Investigative bodies are able to detect infringing activities of a student, faculty, or staff member. Individual members of the University community may be held liable for damages and costs if a copyright owner takes action for infringement of copyright.
    5. Distribution of music/film files for the purpose of trade or any other purpose which affects the copyright owner prejudicially, making music files available for downloading free of charge on an internet website, is a criminal offense.
  6. Enforcement
    1. Login access to the information technology facilities is a privilege that is granted by the Department of Information Technology. An individual’s access may be restricted on the grounds that the user is in breach of this policy. Any user found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
    2. For security and network maintenance purposes, authorized individuals within NEOMED may monitor equipment, systems and network traffic at any time. The University does not generally monitor e‐mail, personal Web sites, files, and data stored on the University’s computers or traversing the University’s network. However, the University reserves the right to access and monitor e‐mail, web sites, server logs and electronic files and any computer or electronic device connected to the NEOMED network, should it determine that there is reason to do so.
    3. Unlawful use will breach this policy and will be dealt with as a discipline offense. Unlawful use of the information technology facilities may also lead to criminal or civil legal action being taken against the individual. This could result in serious consequences such as a fine, damages and/or costs being awarded against the individual or even imprisonment. The University will not defend or support any client of the network who uses the information technology facilities for an unlawful purpose.
      Such reason would include, but not be limited to, suspected or reported
      breaches of this policy, or breach of any statutes, regulations or policies
      of the University, or suspected illegal activity.

CONTACT

Lisa Noland
Administrative Specialist
Phone: 330.325.6354
Email: lnoland@neomed.edu

Office of General Counsel

Northeast Ohio Medical University