IS and Technology Code of Responsibility for Employees
Information Security and Technology Code of Responsibility for Employees
All information maintained by Eastern Mennonite University (EMU) is subject to this agreement. It applies to all constituent records including, but not limited to, prospective students, students, alumni, employees, donors, contractors and vendors. The records may be in any form, electronic or otherwise, stored in manual systems, the Student Information System (SIS) or any other EMU-owned or controlled technology resources.
The security and confidentiality of this information affects all EMU constituents. Individuals with access to this sensitive information are in a position of responsibility to maintain that security and confidentiality. Any breach of this security and confidentiality will be strictly dealt with by university officials and may result in discipline up to and including termination of employment.
All EMU employees (e.g. full-time, part-time, adjunct, temporary, work-study, contractors, etc.) must read and periodically agree to the following:
____________________________________________________________________________________________________________________________________
As an EMU employee and/or user of the EMU network, I agree to the following statements with attestation by my signature:
1. I will abide by all EMU Information Systems Policies at www.emu.edu/is/policies.
2. I will not engage in prohibited activities, including, but not limited to:
- Using technology resources to threaten or harass others, even as a joke.
- Using, distributing or propagating chain letters.
- Knowingly distributing viruses or other malicious code.
- Attempting to gain access to computers or network accessible resources for which I am not authorized.
- Transmitting music, movies, or software in breach of copyright over the network.
- Hosting for-profit activities using EMU resources (e.g. selling items for personal profit, promoting a personal business--with the exception of advertisements in the eClassifieds system on www.emu.edu).
- Using the EMU network or other technology resources for criminal or malicious activities.
- Engaging in prohibited activities outlined in the EMU Community Lifestyle Commitment.
3. I will safeguard my account access to EMU systems by:
- Not allowing others to use my EMU accounts; nor will I use someone else's account.
- Securing my computer against unauthorized access, including using a password-secured screen saver.
- Not leaving my computer unattended without securing it by either logging out from it or using a password-protected screen saver.
- Using strong passwords[1] and not writing my password(s) in places where others can easily see them.
4. I will respect all copyright laws by not infringing upon copyrights.
- The Digital Millennium Copyright Act (DMCA) provides strict rules governing the use of copyright protected materials. [www.copyright.gov/legislation/dmca.pdf]
Some examples of copyright infringement
- Downloading digital formats of music, videos or other electronic media resources and using/sharing them with others without copyright holder permission.
- Using peer-to-peer networks or similar utilities to download copyright protected music, movies or software without permission from the copyright holder.
- Using corporate logos or corporate owned photos without permission.
EMU response to copyright infringement allegations
- When EMU receives notification of alleged copyright infringements, the computer owner (if computer is not owned by EMU) or the computer user (if the computer is owned by EMU) will face disciplinary actions outlined in the Responsible Use of Technology Resources Policy.
5. I will report any suspicious activity related to electronic equipment or information systems to my supervisor or the Information Systems Helpdesk.
6. I will safeguard the integrity and security of personal or confidential information by:
- Not knowingly including false, inaccurate or misleading data in records or reports.
- Not inappropriately sharing confidential information gained by my position, nor benefiting from it.
- Accessing information only to the extent I need it to perform my job responsibilities.
7. I will accept responsibility for ensuring the appropriate use and confidentiality of constituents’ information according to the Family Educational Rights and Privacy Act (FERPA) and all other applicable federal, state and local laws and regulations.
8. I will properly secure and/or securely dispose of all documents containing EMU constituents’ personal information (e.g. EMU ID numbers, Social Security Numbers, birth dates, addresses, and any other personally identifiable information).
___________________________________ _________________ ______________
Employee's signature EMU ID# Date
Employees may be periodically prompted during the network login process to affirm that by using the EMU network they are agreeing to this code of conduct. A version of this code of conduct appropriate for signing is available at http://www.emu.edu/is/tech-code-of-responsibility-emp.pdf .
Distribution: Faculty/Staff Handbook
[1] Refer to EMU strong password recommendation at www.emu.edu/is/wiki/index.php/Password#Royal_Password