2.09 Use of Central Piedmont Community College Information Technologies Policy
I. Purpose
This policy addresses the acceptable use of technology resources provided by Central Piedmont Community College. The College expects students, faculty and staff, as well as any other users of the College’s IT Resources (each, a “User” and collectively, “Users”) to use computers, networks, network access, telephones, and other information technologies provided by the College (collectively, “IT Resources”) in a responsible, considerate, ethical, and lawful manner. Compliance with policies that ensure the security and integrity of all College IT Resources is mandatory and critical to ensure continuing provision of technological resources to the entire Central Piedmont community. This policy applies to all Users of IT Resources provided by the College.
Central Piedmont Community College understands that information technology has become vital in its mission of teaching and training. Thus, the College owns a variety of IT Resources which are provided primarily to support the academic and administrative functions of the College. These IT Resources enable users to locate and disseminate information, to communicate and collaborate with others in a global setting, and to build the necessary strategic technologies for the current and future needs of the College community.
II. Policy
Use of Central Piedmont IT Resources shall be consistent with local, state, and federal law and in accordance with all College policies and procedures. All Central Piedmont Users are responsible for using IT Resources in an efficient, responsible, considerate, ethical, and lawful manner.
Disregard for the rights of authorship, including plagiarism, copyright violations, invasion of privacy, abuse of authorized access. Unauthorized access may be grounds for sanctions against members of the College community. Access to IT Resources is a privilege, not a right. As such, access can be withdrawn from those who use it irresponsibly. Users of Central Piedmont IT Resources who are determined by the College to have violated any of the information technologies policies will be subject to disciplinary action, up to and including suspension of access to IT Resources, dismissal, suspension, expulsion, and/or legal action.
Any information distributed by a User of College IT Resources must accurately identify the creator, distributor, and recipient of that information. If Users choose to engage in social media or other Internet communications using IT Resources, they must adhere to the College’s Internet Communications Guidelines.
All agreements, contracts, and licenses with external entities that involve any services related to IT Resources including hosted solutions or the use of College data shall be subject to review and approval by both Information Technology Services and Procurement Services.
III. Acceptable Uses of IT Resources
Acceptable uses of IT Resources include, but are not limited to, the following:
- Official work of the College;
- Instruction;
- Academic research;
- Independent study;
- Service on behalf of the College;
- Professional development; and,
- Occasional non-commercial personal use, provided it does not otherwise violate a provision of this or any other policy of the College.
IV. Unacceptable Uses of IT Resources
Central Piedmont technology resources shall only be used for legal purposes. These resources shall not be used for any purpose which is illegal, immoral, unethical, dishonest, damaging to the reputation of Central Piedmont, inconsistent with the mission of the College, or any purpose that may subject the College to liability. Unacceptable uses of IT Resources include, but are not limited to, the following:
- Unauthorized use of your own or another’s computer accounts, access codes, passwords, or network identities, including email addresses;
- Use of your Central Piedmont password outside the Central Piedmont network account or sharing it with any third party;
- Unauthorized access to Central Piedmont’s IT Resources, the Internet, or other networked or non-networked computers
- Harassment;
- Libel, slander, or cyberbullying;
- Fraud or misrepresentation;
- Misrepresentation of the College via the Internet through the use of websites, social network applications, or other Internet-based tools;
- Destruction of or damage to IT Resources, including, without limitation, equipment, software, or data belonging to the College or to others;
- Disruption or unauthorized monitoring of electronic communications and electronically stored information;
- Infringement of the copyrights or trademark rights of others;
- Use of Central Piedmont's logo without prior approval of the Vice President for Communication, Marketing, and Public Relations;
- Violation or attempted violation of computer system security;
- Connection of unauthorized Network Transmission Devices to the College network;
- Use of computer communications facilities in ways that unnecessarily impede the computing activities of others, such as randomly initiating interactive electronic communications or email exchanges, abuse of interactive network utilities;
- Use of computing facilities for commercial business purposes unrelated to the College;
- Academic dishonesty;
- Violation of software and hosted license agreements;
- Violation of Central Piedmont’s network usage policies and regulations;
- Activities while using a third party’s site which constitute a violation of such third party’s terms and conditions of use;
- Violation of privacy or the release of any confidential or proprietary information about the College, its current or former students, or its employees;
- Use of Central Piedmont IT Resources to send or redistribute unsolicited bulk email;
- Posting, sending, or intentionally accessing pornographic, sexually explicit, offensive material, or material that is contrary to the mission of the College;
- Intentional distribution of computer viruses, Trojan horses, time bombs, worms, or other malware or rogue programming; or,
- Storage by faculty or staff of Central Piedmont of sensitive and protected data unsecured on non-approved solutions, including third-party hosted solutions and local mediums, such as USB flash drives and portable hard drives. Approved third party solutions are noted in section V.C.3 of this policy.
V. Confidentiality
A. While the College does not typically access User files or email, the College reserves the right to do so for any reason. Generally, a User's network and Internet use will not be monitored except in the following types of situations:
- The User gives prior consent;
- The College needs to ensure the security or operating performance of its systems or networks
- The College has a reasonable concern that a violation of College policy or applicable law has occurred and is investigating the possible violation; or,
- The College is complying with a valid subpoena or search warrant issued by a court of competent jurisdiction. While general content review will not typically be undertaken, monitoring of electronic information may occur for these reasons and others as necessary. Notwithstanding the foregoing, all network, computing, and communication activities may be logged for e-discovery and forensic purposes. For these reasons, the College cannot guarantee the privacy of electronic communications.
B. Each employee’s access to information resources will be reviewed annually to ensure that all access is in alignment with the employee’s responsibilities. Student workers will not have access to any personal and/or confidential information of any other employee or student without explicit written approval by their supervisor.
C. Confidential material, such as protected personally identifiable information or data identified by FERPA, HIPAA, and other compliance mandates shall not be (1) transferred over insecure channels, nor (2) transmitted via or stored on personal or non-Central Piedmont-owned computers, desktops, laptops, portable devices, copiers, fax machines, multi-function printers (MFPs), scanners, Internet sites, or software.
- Email, both personal and College-provided, is an insecure channel, so email should not be used to transmit confidential, personally identifiable information, or other protected data. For example, including a student's social security number in an email is prohibited.
- Copiers, faxes, and MFPs store a copy locally; therefore, non-Central Piedmont-owned devices should never be used including for the purposes of scanning and copying. For example, making copies of student applications containing personally identifiable information on a copy machine at a retail store is prohibited.
- Ellucian Colleague, MyCollege (WebAdvisor), Central Piedmont Cloud, and Cornerstone provide a secure connection and therefore can be utilized. For example, entering student grades using MyCollege is acceptable.
Changes
Changes approved by the Board of Trustees on August 29, 2012; May 6, 2020
Changes approved by Cabinet on June 9, 2014; October 3, 2016
Policy approved by Cabinet on December 12, 1994