Whitworth Home Page > Information Systems > Policies & Standards >
The purpose of this document is to specify computer use policies for Whitworth. All persons who are provided with and make use of university-owned technology hereby agree to abide by this policy.
- The goal of Whitworth is to provide adequate computer facilities for support of education, research and administration for all Whitworth computer users and to update these facilities as needed to keep the university competitive.
- Access to the Whitworth computer system or network is not in itself a right, but a privilege granted with the understanding that there are responsibilities to ensure fairness to all other users. Inappropriate use may result in withdrawal of this privilege, employee or academic discipline and/or prosecution through the appropriate civil or criminal justice system.
- It is the policy of Whitworth to abide by all applicable laws governing computer software use, privacy, copyright and recognition of intellectual property.
- Information Systems will maintain and update detailed procedures and guidelines for use of all computer, network and information systems. These guidelines will be posted on the Information Systems web pages.
Computer Procedures and Guidelines
- Information Systems is committed to training as an integral element of computer use. Training in various applications, procedures and processes will be provided on a regular basis and at a variety of times.
- All new users must receive computer user instruction and acknowledge online the Whitworth University Computer Users Responsibility Agreement within 10 days of being assigned an active account on the Whitworth computer system. This acknowledgement will be renewed on a regular basis established by Information Systems.
- Family Educational Rights and Privacy Act (FERPA) training is mandatory for all employees of Whitworth and will be renewed on a regular basis established by the Registrar's office.
- Demographic training is mandatory for all employees whose duties require them to add or change demographic data.
- Additional training may be mandatory based on employee performance or change in assigned duties.
II. Computer Privacy
- Computer user privacy on multi-user computers means that each account, and the content of files associated with that account, are the property of the university and the custodian of those files is the designated user. These files must not be used or intruded upon by anyone else without the explicit permission of either the custodian or the university.
- Pursuant to the Electronic and Communications Privacy Act of 1989, Title 18, United States Code, Sections 2510 and following, notice is hereby given that there are no facilities provided by Whitworth for guarantee of confidential files. The Information Systems staff has the ability to view all network activity, messages and files of any user. However, it is not the routine policy of the staff to view others' files and the intention is to keep files private, even though such privacy cannot be guaranteed.
- Notice is hereby given that Whitworth has in place an Internet filter which has the capability of logging Internet activity for all end users.
- Computer access for users is primarily for educational and university-business purposes. In general, educational use is interpreted loosely; however, abuse for economic gain or use of the computer or network that adversely affects others will not be tolerated. If a problem becomes evident or there is a complaint regarding usage of networks or university computers, Whitworth has the right to review the contents of your computer memory and storage, trace information, backups, file server accounts and any central multi-user computer account contents to determine your complicity.
- Employees should be aware that messages created and sent via the Whitworth University e-mail system may be subject to disclosure outside of the control of the Computer User Policy. An example would be in the case of a formal subpoena where records are requested by a court of law.
- Use of files or other software that is solely for the purpose of pestering other persons is generally considered just cause for administrative action. Possession of software solely intended to compromise system security or performance is prohibited.
- Accounts on Whitworth multi-user computers and servers are usually identified as personal information access points. Although data may sometimes be shared within the computer by various users, the "Login" access point is considered personal. Usernames identifying a particular person are for the exclusive use of that person. Each user agrees not to share his or her password with others. If a user believes his or her password has been revealed to others, he or she should change it immediately, or if unable to change it, contact Information Systems for assistance. Any use of a personal account by someone other than the designated owner should be reported immediately to Information Systems.
III. Guidelines for Desktop Computer Users
- A personal computer in an office is as private as a desk or filing cabinet. The Information Systems staff (including student assistants) will make every attempt to honor this.
- Use common sense about messages you send because you cannot control who will ultimately read them. Confidentiality is a misnomer and privacy does not truly exist. A good rule of thumb is "never write anything in e-mail that you would not want to have become public knowledge."
- Information Systems personnel will only view or copy data files on a personal computer upon invitation by the user as part of a technical problem analysis and resolution or computer audit. If personnel need to access a user's computer for installation and updates, they will attempt to notify the user. If access is urgently needed to control a network problem and the user cannot be reached, the Information Systems staff will attempt to contact the appropriate supervisor for access.
- Whenever Information Systems personnel go to a user's work space without the user present, they will leave a message indicating why they were there and what was done.
- When an employee leaves Whitworth any files abandoned will be deleted or retained for use by the university as determined by the Director, Information Systems and the employee's supervisor. Supervisors who need access to a previous employee's e-mail must notify Information Systems immediately as e-mail is not recoverable past seven days after deletion.
- Student network and e-mail accounts and any associated files are subject to deletion on the tenth day of the next fall or spring term for which the student fails to register. Student status is determined by current enrollment as reflected in the Whitworth Registrar's administrative system.
IV. Data Privacy, Integrity and Use
- Information Systems realizes that the increasing use of computers and information technology, while beneficial to the efficient operations of management, has magnified the potential for invasion of individual privacy which can occur from collection, maintenance, use and dissemination of personal information. Information Systems is aware of the right of privacy and treats any data identifiable to an individual as confidential.
- The custodian of data is the department head or area supervisor responsible for the maintenance of the data.
- Confidential data may be released for external use or for internal
use outside of the area which is responsible for maintaining the data,
only with the permission of the custodian of the data. Data that is
released externally must be encrypted. Information released to an external
party also requires that the receiving party sign the Whitworth University
Data Confidentiality Agreement or that the Whitworth University confidentiality
clause be included in any contracts (if one exists) with the party.
- As a general principle, data shall be used only for the purposes for which it was obtained. For example, social security numbers may only be used internally and for those purposes outlined by law unless the party supplying the number was informed and agreed to another use.
- In general all institutional data should be maintained in or synchronized
with Whitworth's central database. Specifically, standalone databases,
spreadsheets or word processing mailing lists will not be used for external
correspondence. Information Systems should be contacted for assistance.
- Whitworth uses its photos for a number of internal operations including, but not limited to, identification cards, intranet campus directory, class rosters, campus yearbook, campus security, web pages etc. Photos may be released to external law enforcement agencies on a specific case-by-case basis. Photos will not be released to the media without the expressed consent of students or employees. Whitworth routinely takes promotional photographs that include faculty, staff and students for use in publications or on the web. Whitworth reserves the right to use such photos in publications and on the web unless such rights are withheld by the student, in writing, to the Office of the Registrar or by a faculty/staff member, in writing, to the Office of Human Resources.
- Because ID cards are date sensitive, new ID cards are mandatory every year for all faculty, staff and students.
V. Electronic Communications Policy
- Notice is hereby given that the Information Systems staff has the ability to view all messages and files of any user. However, it is not the routine policy of the staff to review messages and the intention is to keep messages private, even though such privacy cannot be guaranteed.
- Privacy of messages routed off campus is not within the control of Whitworth.
- E-mail addressed to a Whitworth network address for any user who is no longer employed or enrolled at Whitworth will be deleted. There will be no attempt made to ascertain the contents of messages whether previously read by the addressee or not.
- E-mail is required to carry a valid "from" name of the individual who sent it. Mail represented as being from someone other than the sender is a violation of state law and will be considered a violation of these guidelines that may result in disciplinary action.
- E-mail is the standard, and sometimes preferred, means of internal communication at Whitworth. All full-time and part-time faculty and staff, including active adjunct instructors, are expected to regularly check their Whitworth e-mail account and to acknowledge messages in a timely manner. Employees are expected to use the automated out-of-office notification functions in e-mail and voice-mail when they are away from the office for an extended period. In the interest of providing the highest level of service to external and internal customers, the university encourages all employees to follow the "Golden Rules of Phone and E-mail" which can be found on Whitworth web pages.
- Campus-wide e-mail messages should be sent only by those employees specifically assigned that responsibility by their job description or by their supervisor. Campus-wide e-mail messages should be restricted to messages that affect the general business of Whitworth and those that are of interest to most or all members of the campus community.
- Employees will be held accountable to these standards in Whitworth's annual performance communication process.
VI. External Network Use
The Internet at Whitworth is for the use of persons legitimately affiliated with Whitworth or affiliate organizations to facilitate the exchange of information consistent with the academic, educational, research and administrative purposes of its members. Use of external networks shall:
- Avoid interfering with the work of other users of the network. Messages that are likely to result in the loss of a recipient's work or systems are prohibited.
- Avoid disrupting the network host systems (nodes).
- Avoid disrupting network services.
Users of external networks are expected to be responsible in their use of:
- Chain letters "broadcasting" messages to lists or individuals and other types of use which would cause congestion of the network or otherwise interfere with the work of others are not allowed.
- External networks are not to be used from Whitworth for commercial purposes such as marketing, reselling bandwidth or business transactions between commercial organizations.
- Any communication that violates applicable laws and regulations is not allowed. In particular, messages and data sent to destinations outside the U.S. must satisfy the Department of Commerce regulations.
- Whitworth University is a Section 501(c)(3) organization. Section 501(c)(3) rules prohibit the direct or indirect endorsement, support, or opposition of any political candidate by the university. The underlying principal is that the university must remain neutral.
- Whitworth policy is to license all software used on campus in accordance with applicable law. In order to maintain documentation of compliance with these laws, Information Systems must maintain certain records on software acquisition and track information about Whitworth's investments in the software.
- Information Systems has the responsibility to ensure compliance with software copyright laws. Information Systems reserves the right to conduct software audits on all university-owned systems without notice. Any software found out of compliance will be immediately removed and the supervisor notified.
- Software license rules must be followed regardless of the physical location of the software that is used and the access method used to activate the software.
Users may use personally purchased software on Whitworth's system providing:
- The software is used according to its license requirements.
- The software does not adversely react with other university software installed on the system or violate any licensing requirement of Whitworth software.
- The software does not adversely affect operation, traffic or security of the network and its other computer nodes.
- Operation and/or consulting assistance is not needed for successful use of software.
Software purchased for use on Whitworth hardware WILL NOT BE INSTALLED ON HOME COMPUTERS unless specifically authorized under licensing agreements. Users who have software licensed through the university on their home computers are responsible for removing the software from their computer upon termination of employment.
VII. Scanning Documents
- It is the policy of Whitworth to comply with any federal, state or local regulations related to electronic scanning of documents. Computer input and output devices are becoming so powerful that counterfeiting is a concern. Copyright laws must be strictly adhered to when scanning documents.
- Under guidelines from the U.S. government, anyone who scans "sensitive documents" (such as money, stamps, checks, bonds, securities or identification documents) with the intent of illegally reprinting for unscrupulous use, risks "constructive seizure" of their computer equipment, up to $25,000 in fines or up to fifteen years imprisonment.
VIII. Academic Integrity
- Academic dishonesty takes many forms and the wide use of computers and networks on campus raise some particularly important issues. In general, computer users who attempt to violate privacy, steal software or gain more than their fair share of resources may be subject to academic/professional discipline. To have a fair share of resources means that each person use only his or her allocated resources and make no attempt to degrade system performance or use special knowledge to gain more than their fair share.
- The individual instructor, dean and employment supervisor have wide latitude in handling cases involving academic dishonesty within their various areas. Instructors, work supervisors or Information Systems staff may refer matters of academic dishonesty to the Vice President for Student Life or to the Director of Human Resources at their discretion.
- A violation of responsibilities or a breach of academic honesty may result in the denial of computer system and network access in addition to other disciplinary actions.
- Whitworth may also choose to prosecute violators through civil or criminal justice systems. Note that any violations in use of networks may also result in prosecution by operators of the remote compromised node. When violations involve networks crossing state lines, federal law enforcement agencies may become involved.
IX. Computer Hardware, Software or Network Connections
- The Whitworth University standard hardware platform is PC-compatible hardware. Apple equipment may be attached and used on the university network but technical support will not be provided. Purchase of new Apple equipment is not authorized for the general desktop.
- Participation of Information Systems staff is required for any of the following:
- The relocation of a computer system on campus, unless the system is explicitly designated as a portable system.
- Hardware configuration changes and repairs, including swapping of keyboards and/or monitors.
- Reassignment of a user system to another person.
- Transfer of licensed software application programs to, from or between computers.
- Desktop computer systems will not be removed from campus unless by special arrangement made with the Director of Information Systems.
- If a user leaves Whitworth, he or she is expected to leave behind all hardware, software, accessories and documentation that were provided by the university.
- Passwords will not be shared with anyone and users are responsible for activities executed under their passwords and logon.
- Users should log off or use a locked screen saver when not at their workstation.
- Passwords will be changed at scheduled intervals. The interval is determined by the Director, Information Systems based on the sensitivity of the system in question and current best operating practices.
- All computers connected to the Whitworth network must run a current version of the Whitworth-supplied anti-virus software. The anti-virus software does not decrease the need to exercise care when opening suspicious e-mail.
- Any machine capable of running the Microsoft Automatic Update shall be set to run automatic updates without user intervention.
- All Whitworth University institutional data maintained on any off-campus
computer, any laptop computer or other portable computing device, or
on any removable media shall be encrypted.
- Use of unauthorized wireless access points is prohibited.
XI. Appropriate Use of Technology
- Computing and related technology is provided by Whitworth for legitimate applications directly related to one's academic and/or professional work to conduct academic research or Whitworth-related business and for communication related to classes and class assignments. Inappropriate uses of this technology include behaviors that:
- Impede its intended purpose;
- Intentionally block or overload the system or prevent its use by others;
- Are solely or mainly for commercial gain;
- Are offensive, threatening, or harassing in nature: (among those that are considered offensive are any messages that contain sexual implications, racial slurs, gender-specific comments, or any other comment that offensively addresses someone's age, sexual orientation, religious or political beliefs, national origin, or disability);
- Are destructive or disruptive of educational endeavors, employment or community life. Private use of the internet and e-mail system should not impede the normal working operation of the university.
- Downloading or viewing of sexually explicit material, other than for legitimate academic purposes, is considered destructive to healthy perspectives on relationships and community interactions and therefore constitutes a violation of this policy.
- Individuals are responsible for the content of work produced or transmitted under their password and may not use another person's password or allow another to use their password.
XII. Guideline Revisions
- This document will be maintained and revised by Information Systems with faculty consultation, coordinated by the dean of the faculty in matters concerning academic use of university computing systems.
- Approved by the Whitworth President's Cabinet, Spring, 2005.