Minnesota West Policies

Chapter 5 - Administration

5.22.1 Acceptable Use of Computers and Information Technology Resources

 

Part 1. Purpose
Subpart A. Acceptable use. This procedure establishes responsibilities for acceptable use of Minnesota State Colleges and Universities information technology resources. Minnesota West Community & Technical College information technology resources are provided for use by currently enrolled Minnesota West Community & Technical College students, administrators, faculty, other employees, and other authorized users. Minnesota West Community & Technical College information technology resources are the property of Minnesota State Colleges and Universities, and are provided for the direct and indirect support of the Minnesota West Community & Technical College’s educational, research, service, student and campus life activities, administrative and business purposes, within the limitations of available Minnesota West Community & Technical College technology, financial and human resources. The use of Minnesota State Colleges and Universities information technology is a privilege conditioned on compliance with MnSCU Policy 5.22, System Procedure 5.22.2 Cellular and Mobile Computing Devices and any  procedures or guidelines adopted pursuant to this procedure. Minnesota West Community & Technical College encourages the use of information technology as an effective and efficient tool within the framework of applicable State and federal laws, policies and rules and other necessary restrictions.


Subpart B. Academic freedom. Nothing in this procedure shall be interpreted to expand, diminish or alter academic freedom, articulated under Board policy and Minnesota West Community & Technical College collective bargaining agreements, or the terms of any charter establishing a Minnesota West Community & Technical College library as a community or public library.

Part 2. Applicability
This procedure applies to all users of Minnesota West Community & Technical College information technology, whether or not the user is affiliated with the college and to all uses of those resources, wherever located. This procedure establishes minimum requirements and Minnesota West Community and Technical College may adopt additional conditions of use, consistent with this procedure and Policy 5.22, for information technology resources under their control. Minnesota State Colleges and Universities is not responsible for any personal or unauthorized use of its resources, and security of data transmitted on its information technology resources cannot be guaranteed.

Part 3. Definitions
Subpart A. The definitions in System Procedure 5.22.2, Cellular and other Mobile Computing Devices apply to this procedure.

Subpart B. Security measures. Security measures means processes, software, and hardware used by Minnesota West Community & Technical College and network administrators to protect the confidentiality, integrity, and availability of the computer resources and data owned by the Minnesota West Community & Technical College or its authorized users. Security measures may include, but are not limited to, monitoring or reviewing individual user accounts for suspected policy violations and investigating security-related issues.

Subpart C. System. System means the Board of Trustees, the Office of the Chancellor and state colleges and universities and any combination thereof.  College means Minnesota West Community & Technical College students, employees and guests users.

Subpart D. Minnesota West Community & Technical College information technology. Minnesota West Community & Technical College information technology means all Minnesota West Community & Technical College facilities, technologies, and information resources used for information processing, transfer, storage and communications. This includes, but is not limited to, computer hardware and software, computer labs, classroom technologies such as computer-based instructional management and computing and electronic communications devices and services such as modems, e-mail, networks, telephones, voicemail, facsimile transmissions, video, mobile computing devices, and multimedia materials.

Subpart E. Transmit. Transmit means to send, store, collect, transfer or otherwise alter or affect information technology resources or data contained therein.

Subpart F. User. User means any individual, including, but not limited to, students, administrators, faculty, other employees, volunteers, and other authorized individuals using Minnesota West Community & Technical College information technology in any manner, whether or not the user is affiliated with Minnesota State Colleges and Universities.

Part 4. Responsibilities of All Users.
Subpart A. Compliance with applicable law and policy.

  1. Users must comply with laws and regulations, Board policies and Minnesota West Community & Technical College procedures, contracts, and licenses applicable to their particular uses. This includes, but is not limited to, the laws of libel, data privacy, copyright, trademark, gambling, obscenity, and child pornography; the federal Electronic Communications Privacy Act and the Computer Fraud and Abuse Act, which prohibit “hacking” and similar activities; state computer crime statutes; applicable conduct codes, including the System Procedure 1C.0.1, Employee Code of Conduct, student conduct codes; applicable software licenses; and Board policies 1.B.1, prohibiting discrimination and harassment;1. C.2, prohibiting fraudulent or other dishonest acts; and 3.26, concerning intellectual property.
  2. Users are responsible for the content of their personal use of Minnesota West Community & Technical College and System information technology, and may be subject to liability resulting from that use.
  3. Users must use only Minnesota West Community & Technical College and system information technology they are authorized to use and use them only in the manner and to the extent authorized. Ability to access information technology resources does not, by itself, imply authorization to do so.
  4. Users are responsible for use of Minnesota West Community & Technical College information technology under their authorization.


Subpart B. Unauthorized use. Users must abide by the security restrictions on all Minnesota West Community & Technical College and information to which access is authorized.

  1. Users must not allow others who are not authorized to:
    1. use any account or password assigned by the college or system to anyone else;
    2. share any account or password, assigned to the user by the college or system , with any other individual, including family members;
    3. allow others to use college or system information technology under the user’s control;
    4. use college or system  cellular telephones or computer services for personal use unless specifically authorized by college or system policy or procedure.
  2. Users must not circumvent, attempt to circumvent, or assist another in circumventing security controls in place to protect the privacy and integrity of data stored on system or  college information technology.
  3. Users must not change, conceal, or forge the identification of the person using college information technology, including, but not limited to, use of e-mail. 
  4. Users must not knowingly download or install software onto college or system information technology unless it has been pre-approved through established college or system  procedures, or prior authorization is received from the designated officials. Users who knowingly or negligently do not comply may be held responsible for damages, cost of college debugging, and payment of software fees, licenses and infringement penalties. 
  5. Users must not engage in activities that interfere with or disrupt network users, equipment or service; intentionally distribute viruses, worms, Trojans, or other malicious code; or install software or hardware that permits unauthorized access to college or system information technology.
  6. Users must not engage in inappropriate uses, including:

 

  1. activities that violate State or Federal law or regulation;
  2. wagering or betting;
  3. Harassment, threats to or defamation of others, stalking, and/or illegal discrimination;
  4. Fund-raising, private business, or commercial activity, unless it is related to the mission of the college or system Mission related activities are determined by the college, or Office of the Chancellor, and include activities of authorized campus or college -sponsored organizations;
  5. storage, display, transmission, or intentional or solicited receipt of material that is or may be reasonably regarded as obscene, sexually explicit, or pornographic, including any depiction, photograph, audio recording, or written word, except as such access relates to the academic pursuits of the college student or professional activities of a college employee; and
  6. “spamming” through widespread dissemination of unsolicited and unauthorized e-mail messages.


Subpart C. Protecting privacy. Users must not violate the privacy of other users and their accounts, regardless of whether those accounts are securely protected. Technical ability to access others’ accounts does not, by itself, imply authorization to do so.

Subpart D. Limitations on use. Users must avoid excessive use of college and system  information technology, including but not limited to network capacity. Excessive use means use that is disproportionate to that of other users, or is unrelated to academic or employment-related needs, or that interfere with other authorized uses. Colleges and system may require users to limit or refrain from certain uses in accordance with this provision. The reasonableness of any specific use shall be determined by the college system in the context of relevant circumstances.

Subpart E. Unauthorized trademark use. Users may not use system information technology  to state or imply that they speak on behalf of the System or a college and must not use system or college trademarks or logos without prior authorization. Affiliation with the system or college does not, by itself, imply authorization to speak on behalf of the system or college .

Part 5. College Employee Users.
All employees of Minnesota State Colleges and Universities are subject to Minnesota Statutes section 43A.38, the code of ethics for employees in the executive branch and system procedure 1C.0.1 Employee Code of Conduct. In addition employees are expected to use the traditional communication rules of reasonableness, respect, courtesy, and common sense when using college or system  information technology.

Subpart A. Personal use.

 

  1. Personal Use of college or system owned cellular devices is not allowed. See system Procedure 5.22.2 Cellular and Other Mobile Computing Devices.
  2. In accordance with Minnesota State Statutes section 43A.38, subdivision 4, System and college employees may make reasonable use of college information technology for personal communications as long as the use is in accordance with state law, Board policy and college and system procedure and the use, including the value of employee time spent, does not result in an incremental cost to the State, or results in an incremental cost that is so small as to make accounting for it unreasonable or administratively impracticable by the system or college. Reasonable use means use consistent with this procedure.


Subpart B. Union activities. In the interest of maintaining effective labor-management relationships and efficient use of State time and resources, College e-mail system may be used by employee representatives of the union for certain union activities, in accordance with State policy and/or the provisions of applicable collective bargaining agreements.

College or system owned property or services, including the e-mail  may not be used for political activities, fund-raising, campaigning for union office, union organizing activities, or solicitation of employees for union membership.

Union use of college or system electronic communication technology, as authorized, is subject to the same conditions as employee use of such technology, as set forth in Policy 5.22 and this procedure, including security and privacy provisions.

Subpart C. Political activities. College employees shall not use information technology for political activities prohibited by Minnesota Statutes sections 43A.32 or 211B.09, or other applicable State or federal law.

Subpart D. Religious activities. College employees shall not use college information technology in a manner that creates the impression that the system or college supports any religious group or religion generally in violation of the Establishment Clause of the First Amendment of the United States Constitution or Article 1, Section 16 of the Minnesota State Constitution.

Part 6. Security and Privacy.
Subpart A. Security. Users shall employ reasonable physical and technological security measures to protect college and system records in all phases of handling.  This may include but is not limited to, appropriate use of secure facsimiles or encryption or encoding devices when electronically transmitting data that is not public.

Subpart B. Privacy. Data transmitted via system or college (Board Policy 5.23- Security and Privacy of Information Resources) Deletion of a message or file may not fully eliminate the data from the system.

Subpart C. Right to employ security measures. The college or system reserves the right to employ security measures, including but not limited to the right to monitor any use of college or system information technology, including those used for personal purposes. Users have no expectation of privacy for any use of college or system technology resources, except as provided under federal wire tap regulations (21 U.S.C. sections 2701-2711).

The college or system does not routinely monitor individual usage of its information technology resources. Normal operation and maintenance of college and system information technology require the backup and caching of data and communications, the logging of activity, the monitoring of general usage patterns and other activities that are necessary for such services. When violations are suspected, appropriate steps shall be taken to investigate and take corrective action or other actions as warranted.  The college or system officials may access data on college or system information technology, without notice, for other business purposes including, but not limited to, retrieving business-related information, re-routing or disposing of undeliverable mail; or responding to requests for information permitted by law.

Part 7. Application of Government Records Laws.
Subpart A. Data practices laws. Government data maintained on college and system information technology is subject to data practices laws, including the Minnesota Government Data Practices Act and the federal Family Educational Rights and Privacy Act, to the same extent as they would be if kept in any other medium. Users are responsible for handling government data to which they have access or control in accordance with applicable data practices laws.

Subpart B. Record retention schedules. Official college or system records created or maintained electronically are subject to the requirements of the Official Records Act, Minnesota Statutes section 138.17 to the same extent as official records in any other media. Official records must be retained in accordance with the applicable approved records retention schedule appropriate for the type, nature, and content of the record. Willful improper disposal of official records may subject an employee to disciplinary action.

Part 8. College and University Policies and Procedures.
The college and the Office of the Chancellor, must adopt policies and procedures consistent with Policy 5.22 and this procedure:

 

  1. For breach notification and reporting possible illegal activities to appropriate authorities; Contact CIO
  2. To implement state, system and college security policies, procedures and guidelines to protect integrity of system and , college and its users accounts; Contact CFO
  3. To establish reasonable use and access procedures for handling government data in electronic form consistent with its classification under Minnesota Government Data Practices Act, Family Education Rights and Privacy Act and other applicable law or policies; CFO/ CIO
  4. To specify the name and contact information of the official to be contacted by users and others to address questions, concerns or problems regarding the use of college or system information technology  or concerning intended or unintended interruptions of service; CIO
  5. for reviewing requests to use the trademarks or logos of the college, or Minnesota State Colleges and Universities; CFO
  6. to provide information and education to users concerning applicable information technology policies and procedures; CIO
  7. for identifying the official(s) designated to make decisions regarding approved hardware or software use. CIO


Part 9. Enforcement.
Conduct which involves the use of college or system information technology resources to violate a college or system policy or procedure, or state or federal law, or to violate another’s rights, is a serious abuse subject to limitation or termination of user privileges and appropriate disciplinary action, legal action, or both.

Subpart A. Access Limitations. Minnesota State Colleges and Universities reserves the right to temporarily restrict or prohibit use of college or system information technology  by any user without notice, if it is determined necessary for business purposes.

Subpart B. Repeat violations of copyright laws. Minnesota State Colleges and Universities may permanently deny use of system or college technology by any individual determined to be a repeat violator of copyright laws governing Internet use.

Subpart C. Disciplinary proceedings. Alleged violations shall be addressed through applicable college or system procedures, including but not limited to college Procedure 1.B.1.1 to address allegations of illegal discrimination and harassment; student conduct code for other allegations against students; or the applicable collective bargaining agreement or personnel plan for other allegations involving employees. Continued use of college or system information technology is a privilege subject to limitation, modification, or termination.

Subpart D. Sanctions. Willful or intentional violations of this policy are considered to be misconduct under applicable student and employee conduct standards. Users who violate this policy may be denied access to system or college information technology and may be subject to other penalties and disciplinary action, both within and outside of the college and system. Discipline for violations of this policy may include any action up to and including termination or expulsion.

Subpart E. Referral to Law Enforcement. Under appropriate circumstances, Minnesota State Colleges and Universities may refer suspected violations of law to appropriate law enforcement authorities, and provide access to investigative or other data as permitted by law.

Minnesota West adheres to the Minnesota State Colleges and Universities Board Policy 5.22 on Acceptable Use of Computers and Information Technology Resources.

See MnSCU Policy 5.22 and MnSCU Policy 5.22.1


Approved by: Ric Shrubb, President
Date: 4-6-10
History & Revision: