Employee Handbook 12.17, TVI Technology Use Policy TVI promotes and provides Information Technology (IT) resources that enhance educational services and facilitate job performance and Institute operations. These resources are shared by students, faculty, staff, and the public. All persons using these systems share the responsibility for seeing that they are used in an effective, efficient, ethical, and lawful manner. The aim of this administrative directive is to safeguard equipment, networks, data, and software that are acquired and maintained with public funds as well as define the acceptable use of these resources. Users of TVI technology resources, including those who interface with TVI systems and networks, are subject to this administrative directive, in addition to local, state, and federal laws relating to copyrights, security, and other issues regarding electronic media. Any violation of this TVI policy, administrative directive, the Employee Handbook, or the Student Code of Conduct may result in the removal of access privileges and subject the violator to administrative and disciplinary action. Examples of Information Technology Use violations are listed on the Violation Matrix. Information Technology at TVI This administrative directive applies to all
individuals and groups utilizing Institute-owned Information Technology
resources, whether individually controlled or shared, stand-alone or
networked. 1. Promotion of Information Technology Use TVI encourages students, instructors, and employees to make use of Information Technology resources. To support this intent, TVI provides computer access at several computer labs throughout the Institute and offers a variety of computer-related courses. Please check with the individual labs for hours of operation and the category of users they serve. Courses and workshops on computer use and Information Technology are available at TVI to students and employees through the following departments:
1.1 Instructors are encouraged to assign projects and homework that require the use of computer technology. This gives the student an opportunity to prepare for jobs and continuing education as well as partner in the protection of TVI’s Information Technology resources. Instructors should provide an explanation of student responsibilities and encourage students to read the Information Technology Use Administrative Directive which also provides links to TVI Governing Board Policy. 1.2 Employees are encouraged to become familiar with and use the Information Technology resources at TVI. Employees can enroll in TVI courses and workshops. Workshops are also available through the Teaching and Learning Center. These workshops are designed for instructional staff but are open to other TVI employees if space is available. Tuition waivers are available to eligible individuals (link to Professional Development Administrative Directive). 1.3 TVI encourages every student and employee to have a current account, to promote student-faculty dialogue and timely response to business-related communication among the TVI community. TVI accounts are available to eligible individuals. 2. Administration of TVI’s Enterprise Resources and Systems In support of TVI’s mission to provide dynamic education for the community, the Institute has charged TVI’s Computer Information Technology (CIT) Department with the responsibility of maintaining the capacity, performance, security, and stability of TVI’s Enterprise resources. To accomplish this and ensure maximum availability of computing resources, the following applies:
2.1 All systems attached to TVI's networks, including those not
administered by CIT are required to
2.2 Prior to the purchase of new
hardware or software, it is recommended that CIT be involved
2.3 All new systems, and changes to or
deletions of existing systems attached to TVI's networks, 3. TVI Enterprise Resources and Systems This administrative directive governs and protects all communication and computer resources utilized by the TVI community. Information Technology systems at TVI consist of enterprise applications, services, and equipment. The categories and items listed below provide a general overview of the most common resources in use at TVI.
Technology Use 4. Information Technology Users 4.1 By using any of TVI’s resources and systems, users agree to familiarize themselves with, and accept the terms of the Information Technology Use Administrative Directive. 4.2
The individuals and groups who are governed and protected by this directive
include, but are not limited to: 4.3 The general public, while using TVI resources and systems, are subject to all applicable TVI policies, administrative directives, and procedures. The aim of this agreement and compliance is to ensure that TVI's Information Technology resources and systems are used in an appropriate manner. Agreement and compliance with this administrative directive ensures that the TVI community has optimum access to and use of these resources. 5.1 Information Technology standards, directives, and requirements must be in compliance with this administrative directive so that all processes support the integrity of TVI's resources and systems. Users agree to abide by this administrative directive for systems, networks, or services that they may access through TVI's systems.
5.2 Area directives and procedures may be established to further
support appropriate Information Users agree to become familiar with and to abide by all applicable directives in addition to the Information Technology Use administrative directive. 5.3 The CIT Support Center and/or the Policies and Procedure Office staff are available to explain or interpret the information contained in this administrative directive or other applicable area directives that may need clarification. 6. Dissemination of User Information Institutional leadership is encouraged to make every reasonable effort to make the information contained in this TVI policy and administrative directive available to students, employees and the public. By logging into any of TVI’s networks or applications, users agree to comply with this administrative directive. However, it is recommended that users read the TVI Information Technology Use Policy and Administrative Directive to fully understand their rights and responsibilities. 6.1
Information may be conveyed in various ways, some of which are: TVI and the users of TVI's Information Technology resources and systems have certain rights that are in place to safeguard both the Institute and the TVI community. These rights are not intended to be in conflict with each other, but rather to promote a reciprocal relationship between the administrators of TVI's Information Technology resources and their users. Rights of TVI 7.1 TVI’s Information Technology resources and systems are owned and operated by TVI. These resources include systems, networks, software/licenses, facilities, accounts, and information. TVI reserves all rights to these resources, including termination of service without prior notice should an individual violate TVI’s Information Technology Use Administrative Directive. TVI further reserves the right to review all software and files maintained on TVI’s computers. Privileges 7.2 Access to TVI’s resources and systems is a privilege granted to users, not a right. Access privileges are offered to users so they have full use of the technology available for academic or TVI work-related purposes. Access to any system may be denied or revoked at any time without prior notice as a protective measure to ensure TVI's system integrity or compliance with legal mandates. 7.3 Users may not, under any circumstances, transfer or confer these access privileges to other individuals. 7.4 Access privileges to TVI’s Inter/Intranet require responsible behavior by users and their compliance with the Information Technology Use Policy. 7.5 Access privileges may be temporarily suspended, if necessary or appropriate, to maintain the integrity of TVI’s systems or networks. TVI's role in managing Information Technology resources and systems is to administer and support TVI's Information Technology resources and to facilitate the transmission of data. However, TVI’s liability is limited by the following: 8.1 TVI does not represent or
warrant that any computers or software supplied by TVI will
8.2 TVI cannot protect individuals against the receipt of material
that may be offensive to
8.3 The user is solely
responsible for the message transmitted and may be subject to
8.4. TVI is not responsible for monitoring transmissions for
compliance with this administrative
8.5 TVI is not responsible if a user’s data becomes corrupted or is
lost. Locally stored data 9.1 Users are responsible for
backing-up data they consider to be critical to their academic 9.2 Users are solely responsible for any messages transmitted with TVI’s resources and systems. Users may not send messages which are intended to mislead the recipient by suggesting that the message originated from a source other than the person transmitting the message. Further, messages should be appropriate only for a learning environment. Should the transmission be in violation of this administrative directive, the user may also be subject to disciplinary action in accordance with the Student Code of Conduct and/or the Employee Handbook. 9.3 A user who violates intellectual property law may be liable to the owner for actual damages, statutory damages, profits, court costs and attorney fees. In addition, in certain cases the user may be criminally prosecuted and subject to a fine and imprisonment. TVI authorizes the use of its Information Technology resources and systems, per the account eligibility requirements, for the following:
Prudent and responsible use of Information Technology resources and systems begins with common sense and includes respecting the rights and privacy of other users. 11.1 Responsible use of
TVI Information Technology resources and systems includes, but is · proper use of the system per the information provided in this administrative directive · proper use of hardware (e.g., not abusing or misusing keyboards, mice, etc.) · compliance with this administrative directive and other applicable Institute policies and administrative directives as well as processes, procedures and best practices identified by TVI to be necessary to maintain TVI’s resources and systems · use of TVI resources and systems in a manner that respects the privacy of others · protection of TVI’s resources and systems by not engaging in any prohibited or illegal activities. · protection of their user accounts and data (i.e., password protection, not leaving unattended any device they are logged into, backing up critical data) · proper use of their access to Information Technology resources and systems (i.e., not using it beyond the scope of the job duties they are assigned) · keeping information/data confidential as required by the user’s position or relationship to TVI 12.1
The same standards of behavior and etiquette are expected in the use of
e-mail, web, and 12.2
The items listed in the
Example Violations matrix apply to the transmission and
Content of 12.3
TVI reserves the right to take measures to protect the integrity of its
Information 12.4 Electronic mail lists
(personal, public distribution or group lists) are for academic or TVI work- TVI allows incidental personal use of Information Technology resources and systems such as telephones, e-mail, and the Internet, as long as it does not adversely affect the Institute, an employee’s job performance, or other users’ access to resources.
13.1 Personal use of Information Technology resources and
systems should be kept to a minimum
13.2 Personal use of these resources and systems may be
curtailed by a supervisor if such use
13.3 Supervisors and managers determine, in concert with this
directive, what is acceptable regarding System Access Access privileges fall into four categories – account access, network/system access, access to computer labs, and library resources. Access privileges and eligibility are based on the user’s relationship to the Institute. 14.1 Account access is limited to
systems which allow users to perform specific functions 14.2 Network/system access can be via
Intra/Internet, allowing access to multiple systems 14.3 Access to most computer labs is restricted to certain user populations. 14.4 Library facilities are available
to all users, but some specific resources are Account Access Privileges 14.5
14.5 Access privileges to TVI Information Technology resources and systems are
assigned and 14.6
To be eligible for a TVI account, an individual or group must be one of the
following: Account Management 14.7 Because account access is granted on an individual basis for educational and TVI work-related purposes, usernames and passwords are used to access TVI’s resources. 14.8 Users are required to
log off any device before leaving the area to prevent unauthorized 14.9 TVI accounts must not
be used or constructed in a manner that allows any unauthorized 14.10 Accounts residing on, or accessing TVI’s resources and systems must conform to copyright law. Revocation or Denial of Access Privileges 14.11 Access to resources and systems may be denied or revoked at any time without prior notice to protect and preserve system integrity. TVI offers a variety of computer accounts including, but not limited to, portal, email, and web accounts. 15.1 Portal accounts (TVI Passport) are automatically created for all students, staff, and faculty. 15.2 Student portal groups are subject to approval by the Dean of Students Office. 15.3 Employee portal groups may be created for official TVI business and are subject to approval as follows: Interdepartmental Faculty
Groups - Vice President for Instruction or designee 15.4 Websites must conform to TVI’s Web Administrative Directive available on TVI’s website via The Source. Hard copies of The Source are available from all campus libraries. Any questions regarding Web Policy should be directed to the TVI Webmaster. There are times when events, such as employment separation or a suspected violation of this administrative directive, may necessitate the locking of a user's account to preserve and protect the integrity of TVI’s systems and networks. Employee Accounts 16.1 Accounts are locked upon termination of employment at TVI. It is the supervisor’s responsibility to ensure that the separation checklist is processed through CIT on the same day of the employee’s separation from the Institute. If an employee’s termination results in insufficient time to complete the separation checklist before they leave the Institute, Human Resources can notify CIT via e-mail to lock the employee’s account. However, the separation checklist should be completed as soon as possible. 16.2 Upon separation from the Institute, an employee’s data and system files are, and remain, the property of the Institute. 16.3 Information contained in each locked account is kept for a period of no less than thirty days. At the end of that period, the information may be retained or deleted at the Institute's discretion and in accordance with state statutes and codes regarding record retention. 16.4
Access to information in an employee’s, or separated employee’s locked
account requires approval from the Human Resources Department. 16.5 Any employee whose account is locked as a result of a suspected violation of the Information Technology Use Administrative Directive is notified by the Human Resources Department. Student Accounts 16.6 Student accounts are kept active until the beginning of the next fall or spring term following their last enrollment. At that time, if the user is no longer a registered student, the account is locked. 16.7 Information contained in the account will be kept until the end of the term in which the account was locked and then archived for the duration of the next fall or spring term. If, by the end of that term, the account has not been re-activated due to re-enrollment, the information in the account will be deleted. 16.8 Access to information in a student’s locked account requires approval from the Office of the Dean of Students. 16.9 Any student whose account is locked as a result of a suspected violation of the Information Technology Use policy is notified by the Office of the Dean of Students. It is the responsibility of CIT, and/or departmental staff that provide support, to ensure proper notification to individual users and the TVI community at large of any actions that would impact the use of institutional Information Technology resources and systems. Emergency 17.1 Emergency outages of
network and computer systems occur on occasion due to hardware or 17.2 The CIT Support
Center notifies impacted users of emergency outages, via e-mail or the Non-Emergency 17.3 CIT makes
every reasonable effort to minimize disruptions of service to Enterprise Examples:
Software or hardware upgrades and installations; transferring data
from 17.5 CIT can facilitate notification of
planned outages for non-Enterprise resources and systems Other Disruptions To Resources and Systems
17.6 If technical problems are experienced with TVI computer hardware or
software, contact
17.7 Report detected or suspected viruses on PCs or networks to the CIT
Support Center CIT provides advisement, consulting, hardware and software installation, and support services for users of TVI’s Information Technology resources and systems. 18.1 For questions and information
regarding TVI’s Enterprise Information Technology
System and User Protection Inspections
19.1 TVI does not routinely monitor transmissions, files, or data.
However, to protect TVI and the Audits
19.2 Audits are prompted by compliance concerns that threaten TVI
systems, networks, or
19.3 If there is evidence or suspicion of a violation of this
administrative directive or any other TVI TVI makes every reasonable effort to ensure the security of its systems and networks. While attempts have been made to ensure the privacy of all accounts by assigning individual PINs and passwords, TVI offers no guarantee or representation that any account, electronic mail, or voice mail is private. Users should also note that TVI's systems and networks are not guaranteed to be secure. However, TVI does secure sensitive information such as credit card and/or social security numbers entered for Online Registration through the use of encryption software. There are several internal and external factors that can impact user privacy: federal and state law, protocol intrinsic to computing technology, and standard practices. Federal and State Law Personally identifiable information, as well as certain information pertaining to students is protected by state and federal laws. The following federal and state laws, although not an all-inclusive list, provide additional information regarding privacy.
Protocol
Intrinsic to Computing Technology In the course of performing routine operations and maintenance, as well as in adherence to procedures to secure TVI’s Information Technology resources and systems, systems administrators and other authorized personnel have access to user data and account information. It is incumbent on such personnel to protect the privacy of all user data and account information. The type of information accessed during routine operations and maintenance can be found at this link. Standard Practices It is an expectation of all users of TVI’s Information Technology resources to ensure the privacy and confidentiality of past, present and future members of the TVI community. Users of TVI’s Information Technology resources and systems share the responsibility for keeping their own and the Institute’s data private and secure through standard practices that support Information Technology use at TVI. With the steady advancement and use of Information Technology and the move toward electronic records and record storage, TVI is increasingly dependent on the accuracy, availability, and accessibility of information stored electronically and on the computing and networking resources that store, process, and transmit this information. 21.1 TVI complies with State records retention codes and regulations. Some departments within the Institute may have longer retention schedules that exceed state requirements. 21.2 Requirements for the retention of electronic records (employee files, student records, and business files) are the same as those for paper files, records, or any other academic and/or employment-related material. 21.3 Those who handle electronic records of any kind must protect them from unauthorized modification, disclosure, and destruction to preserve the original integrity of the records. 21.4 Information, including data and software, is to be protected regardless of the form or medium that carries the information. Because technology gives individuals the ability to access and copy information from remote sources, users must be aware of ownership rights and laws concerning intellectual property. The use of TVI’s resources and systems in sending e-mail, creating and maintaining websites, installing software, downloading from the Internet, or uploading to TVI's systems and networks is contingent upon the user agreeing not to violate any of the laws and regulations.
22.1 The owner of a copyrighted work owns the rights to reproduction,
modification,
For instance, copyright law protects "original works of authorship fixed in
any tangible
The Internet has provided easy methods of copying some works which are
protected by the
22.2 The punishment for violation of the copyright laws are very clear
and very strict. Anyone
22.3 User's of TVI's Information Technology resources agree not to use
these resources in any
22.4 There are some exceptions to these laws, such as the fair use
limitation described in The intent of the Institute is to provide an environment that discourages harassment. Each user is responsible for using common sense and good judgment when accessing material via the Internet. Users who access materials that are considered offensive and/or obscene may be subject to disciplinary action in compliance with the Information Technology Use Policy and Administrative Directive, and/or the Sexual Harassment Policy and Administrative Directive and/or the TVI Student Code of Conduct. TVI cannot protect individuals against the existence or receipt of material that may be offensive to them. Offensive Material 23.1 If online material is visible or audible to others and there is a complaint that it is offensive or considered harassing, the offending user is expected to cooperate in resolving the complaint. This may involve turning off the offensive material or moving to a more private location. A refusal to cooperate is considered a violation of the Information Technology Use Policy, subject to disciplinary action. Obscene Material
23.2 Works lacking in literary or artistic value while depicting sexual
acts in an offensive way and 23.3 Pornography is a severe violation of the Information Technology Use Policy and, in some cases, may be a violation of federal, state and local law, subject to disciplinary action and legal action. Information Technology Use Controls The reporting of Information Technology Use violations is the responsibility of every employee and student at TVI. This includes full and part-time employees, all employees who direct the work of one or more individuals, and employees who are in charge of computer labs or other areas containing Information Technology resources and systems. Enforcing this administrative directive begins with recognizing what constitutes a violation and then strategizing and responding to the violation. A 3-Step response to a violation process has been defined and should be used as a tool when a violation occurs. 25.1 The Human Resources Department and the Office of the Dean of Students conduct any necessary investigations for suspected Information Technology use violations. The system administrator, department supervisors/instructors, CIT, and Campus Security serve as consultants in support of investigations. 26. Information Technology Use Violations To maintain the integrity of TVI's Information Technology resources and systems it is necessary to identify common violations that can be addressed quickly to maintain effective technology use at TVI. Common violations are noted in the Violation Matrix and are identified as minor or major. This list is not intended to be all-inclusive but represents the types of offenses that are considered violations under this administrative directive. Category 1 violations are considered minor and Category 2 or 3 violations are identified as major offenses. These violations apply to any device, whether Institute owned or personal, used to access TVI’s systems and networks. Engaging in activities that violate this, or other administrative directives, may result in loss of access privileges as well as possible disciplinary action (link to IS-2062, Disciplinary Action and Student Code of Conduct). Violation Categories 26.1 Category 1 - Minor Violation A Category 1 (minor offense) is considered a low level offense involving non-threatening action that is offensive or disruptive. Low level offenses can also involve abuse or misuse of TVI technology systems or networks. Minor offenses include such things as drinking or eating in lab settings, or viewing images that may be offensive to another person in the area but are not illegal. 26.1.1 All minor violations
should be addressed using the 3-Step Response to a Violation 26.1.2 Refer to applicable
area directives and Institute policies and procedures to resolve and 26.1.3 Any employee who is
uncomfortable attempting to resolve a violation should contact an 26.1.4 Notification and
documentation of minor violations are done according to 26.1.5 Repeated minor
violations by an individual can be escalated to a major violation 26.2 Category 2 and Category 3 – Major Violations A Category 2 (major offense) involves suspected violations of international, federal, state, or local law, a system/network performance threat caused by reckless activity, or individuals who do not comply with requests to discontinue unacceptable activities identified as Category 1 (minor) violations. This can include individuals who become physically or verbally abusive in response to a request to discontinue minor violations. A Category 3 (major offense) involves obvious violations of federal, state, or local law or a system/network performance threat caused by intentional activity. In most cases it may be difficult to determine whether a violation is a Category 2 or a Category 3 until the investigation is complete. Although they may appear the same, intentional activity that violates Information Technology Use policy (Category 3) can result in more severe disciplinary action than reckless activity (Category 2 violation). 26.2.1 All Category 2 and
Category 3 (major) violations should be addressed using the 26.2.2 Any emergency
situation that involves risk to an individual and/or property may dictate 2.6.2.3 Major violations
require the immediate notification of the next level of supervision in the 26.2.4 Any inappropriate
behavior resulting in students being temporarily removed from facilities 26.2.5 Category 2 and 3
Violations require completion of the Information Technology Use Employee violations are submitted to the Human Resources Department and student violations are submitted to the Office of the Dean of Students. Violations involving individuals from the general public are referred to the Office of the Dean of Students. The Human Resources Department and the Office of the Dean of Students acknowledge receiving Information Technology Use Violation Reports via email response to the submitting individual or area. 26.2.6 The Human
Resources Department or the Office of the Dean of Students conduct
26.2.7 All
documentation and evidence gathered during an investigation is maintained by
the 27. 3-Step Response to a Violation The 3-Step Response to a Violation process is designed to assist TVI employees in responding to an Information Technology use violation. Step 1, Recognize, recommends identification and evaluation of what is actually happening. Step 2, Strategize, involves developing a plan for an appropriate response to the violation. Step 3, Respond, is based upon the category of the violation. Refer to the 3-Step Response to a Violation chart for clarification. 28. Definitions
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
