Authorization: Board of Governors
Approval Date: Feb 1, 1995
Reformatted: Mar 30, 2001
Amended: Jun 23, 2006
The purpose of this policy is to define acceptable use of the University’s computing facilities and services, and to establish a framework for consistency in campus practices and processes.
The term “facility” includes, but is not limited to: computers, whether networked or stand-alone; networks, whether wired or wireless; software; systems; network ports for access from off-campus; and gateways used to access external networks such as the Internet and the World Wide Web. IT “services” include: e-mail, file storage, portals and other web services, web page hosting and others.
The University provides computing facilities and services to support the business of the University, including teaching, learning, research/scholarly/artistic work and administration.
All faculty, staff , students, retirees and alumni are entitled to use University computing facilities and services for which they have authorization. These facilities and services will be accessed using a computer account. The University may withhold or withdraw this entitlement with cause.
Use of all University computing facilities and services is subject to this policy, whether they are provided and supported centrally or on local facilities (such as those located in and/or supported by colleges or administrative units), and whether the account holder is accessing facilities and services from on campus or off campus.
This policy governs the appropriate use of all computing facilities and services owned and operated by the University, including those purchased through research funds administered by the University, or acquired by the University through some contractual agreement. It covers all University-owned computing facilities and services regardless of where they are located or from where they are being accessed (on campus or off campus). Computing facilities and services owned or operated by a college, department, researcher or administrative unit may have supplemental policies that provide additional detail or introduce specific restrictions regarding appropriate use of those facilities.
The policy has been developed in the context of, and is designed to complement,
The University provides computing facilities and services to faculty, staff and students, to be used in conjunction with their duties or University activities. The University may also provide services to others with whom it does business, including but not limited to alumni, retirees, and visiting faculty. Everyone who uses University computing facilities and services must comply with this policy. Access may be withheld or withdrawn with cause.
Access to the University’s computing facilities and services is provided through an account issued to each individual. No one is authorized to use any University computing facility or service without such an account. Computer accounts and authorization are not transferable. The person to whom authorization is granted is responsible for all use of that account and is expected to take reasonable steps to ensure the security of the account.
Under exceptional circumstances a shared account is permitted, but special arrangements must be made through the service provider. Responsibility for the shared account is assigned to an individual.
Faculty, staff and students may use University computing facilities and services for personal purposes as long as personal use does not compromise the business of the University, will not increase the University's costs, will not expose the University to additional risk, will not damage the University’s reputation and is not part of an activity that the account holder does for personal profit.
Access to information on the Internet is governed by Canadian and provincial laws relating to copyright, privacy, information confidentiality and community standards. Use of the Internet to transmit material that violates any applicable law, regulation or policy is prohibited.
The use of computer facilities and services may be monitored. This may include, but is not limited to, gathering data for diagnosing service problems, capacity planning, service enhancement planning, and investigating violations of this policy, other policies, regulations or laws. Activity logs are kept as part of the operation of many facilities and services.
A user’s reasonable expectation of privacy is subject to the University’s right to examine systems, directories, files or usage logs if there is reason to suspect violation of this policy, other University policies, or of other regulations and laws.
The University also reserves the right to access electronic records, including those which have been deleted by the account holder but which may not yet have been deleted centrally, where there is determined to be a clear business need. This need may relate to the need for business access in the absence of an employee, a request under the Local Authority Freedom of Information and Protection of Privacy Act, or to recover data while investigating allegations of misconduct and managing actual or potential criminal or civil litigation in which the University is or may become a party. Wherever practical, employees will be notified promptly when their records have been accessed.
1. Responsibilities of Account Holders
It is the account holder’s responsibility to
Comply with all laws, University policies, regulations and guidelines regarding use of University computing facilities and services.
Use University computing facilities and services in a responsible manner and only for the purpose for which use has been authorized. Resources are not to be wasted nor used in such a way as to deny or restrict access to others.
Abide by the security measures and restrictions in place.
Respect the policies of external networks and remote sites.
2. Responsibilities of Service Providers
Deans, Department/Unit Heads and faculty members are considered the custodian of all computing facilities and services under their jurisdiction and must take reasonable steps to ensure that those who use the facilities and services are aware of applicable policies and abide by them.
Those responsible for maintaining any University computing facility are responsible for ensuring that institutional standards for security, data backup, user authentication and access control are appropriately applied.
The existence of this policy will be communicated to all computer account holders at the University. New account holders will be informed at the time access to facilities is given.
If there is reason to suspect that laws or University policies have been, or are being violated, or that continued access poses a threat to a facility, other account holders, normal operations, or the reputation of the University, access privileges of any individual may be withdrawn or restricted.
Following due process the University may take one or more of the following actions against anyone whose activities are in violation of the law or of this policy:
There are no other documents associated with this policy.
Contact Person: Director, Information Technology Services Division