The 07.100 series of policies outlines responsibilities and the appropriate use of the university’s information technology resources and services. Requiring the responsible use of university information technology is necessary to:A. Ensure business continuity capability (administrative as well as teaching and learning) in an effective and efficient manner without interruption of service.B. Ensure proper stewardship of university resources and ensure that resources are not utilized for personal gain.C. Ensure optimum security and integrity of systems and data.D. Ensure the protection of personal identity of students, faculty and staff.E. Ensure resources of the university are not utilized to cause harm to any entity or individual.F. Ensure legality in every aspect of the use of information technology resources at the university.
Board of Trustees
Approved by Board of Trustees February 8, 2019; Approved by Board of Trustees August 3, 2007; revised July 18, 2007; reformatted May 25, 2005; approved by Board of Trustees October 28, 2004; revised October 23, 2003; effective January 18, 2002; replaced policy ITS 1.00
UNC System Office Policy Manual, Chapter 1400 “Information Technology”International Organization for Standardization ISO/IEC 27002
Information Technology Services
Introduction/Purpose
The 07.100 series of policies outlines responsibilities and the appropriate use of the university’s information technology resources and services. Requiring the responsible use of university information technology is necessary to:
Ensure business continuity capability (administrative as well as teaching and learning) in an effective and efficient manner without interruption of service.
Ensure proper stewardship of university resources and ensure that resources are not utilized for personal gain.
Ensure optimum security and integrity of systems and data.
Ensure the protection of personal identity of students, faculty and staff.
Ensure resources of the university are not utilized to cause harm to any entity or individual.
Ensure legality in every aspect of the use of information technology resources at the university.
Scope
The 07.100 series of policies applies to every user of the university’s information technology resources including, but not limited to, students, faculty, staff, and visitors.
“Information technology resources” means information owned or possessed by the university, or related to business of the university, regardless of form or location, and the hardware and software resources used to electronically store, process or transmit that information owned, leased or used by the university and its partners.
Policy
General Statement
The information technology resources of the university are powerful tools, shared among all members of the campus community and designed to support the teaching, learning, instructional, research, administrative, service and other activities of the university. They are intended to be used in useful and productive ways. Individuals using these resources are expected to do so wisely and carefully, with respect and consideration of the rights, needs and privacy of others. Information technology resources and the data they support are used by and accessible to a large number of authorized users. However, since these are typically networked resources they are also subject to unauthorized intrusion, access and attack. It is essential, therefore, that all users understand and follow policies concerning authorized and responsible use. These policies are designed to preserve and protect users, data, other assets, the university, and the information technology resources and communication systems.
Users must act prudently and responsibly to both preserve the freedom to acquire and share information and to sustain the security and integrity of individuals within the community. Access to information technology resources at the university is a privilege, not a right, and must be treated as such by all users of these resources. Every user is responsible for the integrity of these information technology resources. All users must respect the rights of other computer users, respect the integrity of the physical facilities and controls, and respect all pertinent license and contractual agreements related to electronic resources.
Users must also understand the ramifications of illegal use, exchange or display of copyrighted, deceptive, defamatory or obscene materials through electronic communication channels. It is the policy of the university to promptly process and investigate notices of alleged copyright infringement and take appropriate actions under the Digital Millennium Copyright Act, Title 17, United States Code, Section 512 ("DMCA").
All users shall act in accordance with this policy and all relevant university policies, rules and regulations, including adherence to all relevant local, state, and federal laws and regulations.
Accepting any account and/or using university information technology resources shall constitute an agreement on behalf of the individual accessing such information systems to abide and be bound by UNCW policies.
Enforcement / Addressing Concerns
The university reserves the right to place restrictions on the use of its information technology resources in response to evidence of violations of university policies, rules, regulations or codes, or local, state or federal laws and regulations. Actions that violate these policies can result in immediate disabling, suspension and/or revocation of the account owner's privileges pending review for further action. Such unauthorized or illegitimate use of information technology resources including computer accounts, resources or facilities may subject the violators to appropriate disciplinary, criminal and/or legal action, by the university and/or the state. If evidence is established, the university authorities responsible for overseeing these policies and codes will be consulted on the appropriateness of specific actions.
Individuals who have concerns about the conduct of a member of the university community or the propriety of a given situation or activity should notify their department chair, dean, director or an administrator in their supervisory chain at a level sufficient to allow objectivity in evaluating the subject of concern. If action is deemed warranted by this official, the matter shall be referred to the appropriate vice chancellor or senior officer. Prior to taking action, the vice chancellor or senior officer responsible for the situation or activity of concern shall consult with the CIO, who shall, as appropriate, consult with the university's general counsel.
When concern about a given situation or activity involves an imminent threat to individuals, systems or facilities, users are to immediately communicate the concern directly to the University Police.
Concerns involving gender-based discrimination, harassment or sexual misconduct must be reported in accordance with Policy 02.205 Unlawful Discrimination, Harassment, and Sexual Misconduct. Concerns involving minors must be reported immediately to the University Police.
Review and Disclaimer
This is not a comprehensive document covering all aspects of responsible use. It is not possible to anticipate all the conditions and circumstances associated with the use of these resources. This document and its policies seek to link established codes of conduct for the use of information technology resources by members of the university community.
This is a dynamic document that is continuously reviewed by Information Technology Services and the Information Technology Advisory Council.