ISU Home | A to Z Listing of Web Sites | Search
Home | Table of Content | A-Z Index | Search Handbook

Part 3. Services, Functions and Facilities Use

Section VIII. Information Technology (5-05)

B. General Provisions

1. Mission Statement

The mission of the Information Technology Policies is to ensure the confidentiality, integrity, and availability of information systems operated by Idaho State University (ISU) as well as the confidentiality and security of all data on those systems while supporting academic freedom and general access for the campus community.

2. Purpose

This policy provides users with general information applicable to all IT policies, including the University's positions on privacy, academic freedom, and liability as well as the procedures for review, incidence response, and sanctions.

3. Incorporated by Reference:

Definitions
ISU Policies and Procedures(http://www.isu.edu/fs-handbook/)
ISU Student Code of Conduct (http://www.isu.edu/references/st.handbook/)

4. Scope

a. ISU's IT system, which may include but is not limited to information systems, networking and telecommunications systems, data processing hardware and software, data transmission equipment and transmission medium, and data storage devices.

b. Information or data processed, stored, or transmitted across ISU's IT system.

c. Authorized users and/or organizations that access ISU's IT systems.

5. Authority

The author of these policies is the Technology Oversight Council. The Technology Oversight Council (TOC) and the Academic Vice President review all changes and updates. Final approval and execution rests with the President of ISU in consultation with university counsel.

6. General Conduct

Idaho State University expects all users to abide by ethical and legal standards at all times. Users are responsible for knowing and understanding these policies. They are also responsible for understanding and respecting the security requirements of the systems they use. Users are responsible for their own behavior.

7. Academic Freedom and Information Technology

The Information Technology Policies recognize that not all communities within the University are the same and that various units within the University use data differently. The principles of academic freedom and the free exchange of ideas apply to these policies, and these policies are not intended to limit or restrict those principles. These policies apply to all units within the University.

8. Privacy

Idaho State University, as an institution of higher education, supports the basic right to privacy for all members of the university community. Nevertheless, as a public institution of higher education, the university is subject to the public records laws of the State of Idaho and of the federal government, under some circumstances. Information or records stored on University IT resources are subject to public disclosure requests. In addition, network maintenance may require the monitoring of network traffic, but the university does not ordinarily review the content of such traffic. The University may have a business necessity or reason to access files and accounts of its employees or students, including the investigation of complaints of misuse. It is therefore unreasonable for users of Idaho State University's IT resources to have an absolute expectation of privacy in the use of such resources. The following are examples of conditions that might require ITA or administrative review of content:

a. The ITA or system administrators may monitor network usage on the ISU information system for which they are responsible and keep appropriate records.

b. System administrators may regulate bandwidth utilization.

c. ISU's ITA reserves the right to access stored records, or data, on the ISU information system in response to a legally executed subpoena or search warrant or in cases where there is reasonable cause for immediate access and such access is approved by legal counsel.

All individually identifiable information obtained through the course of employment at ISU is confidential and cannot be used except for official business. Such information shall not be released outside of the ISU department without management approval, except as permitted by FERPA, other appropriate federal or state laws, and/or university departmental policy.

9. Sanctions

ISU reserves the right to temporarily suspend network access for any user who violates the provisions and restrictions of ISU's Information Technology Policies subject to applicable due process procedures. Violation of ISU's IT policies may result in further disciplinary action as defined by the Student Handbook, Faculty/Staff Handbook, and/or possible prosecution under local, state, and federal laws.

10. Incident response

Anyone who has substantial knowledge of abuse, misuse, and or unauthorized use of ISU's IT system is obligated to promptly report the incident to the appropriate authority: the ITA and/or the appropriate departmental and College administration.

It is strongly encouraged that ISU Public Safety or local law enforcement agencies be notified immediately in the case of any act that may be illegal or could result in physical harm.

11. Limitation of Liability

ISU makes no guarantee that the functions or the services provided by or through the ISU information system will be error-free or without defect. ISU will not be responsible for any damage users may suffer, including but not limited to, loss of data or interruptions of service. ISU is not responsible for the accuracy or quality of the information obtained through or stored on the system. ISU will not be responsible for financial obligations arising through the unauthorized use of the system.

All opinions, advice, services and all other information expressed by students, staff, information providers, service providers, or other third party personnel on ISU's IT system are those of the individual and do not represent the views or position of ISU unless these parties are acting in an official capacity, within the limits of their authority. Users will hold ISU harmless against any claim, lawsuit, or cause of action arising out of the use of ISU's information systems or connection to the Internet. ISU is not liable for any defamatory, offensive, infringing or illegal materials or conduct on the part of, or attributable to, any third party, and reserves the right to remove such materials from its web site without liability.

12. Review Cycle

All Information Technology policies shall be periodically reviewed and revised to meet ISU's needs. Changes to any policy may be made without prior notice, but will be followed by notification to all affected University personnel and students.

13. Conflict Resolution

If any Information Technology Policy is found to be in conflict with any other University policies, the conflict must be resolved by the proper entities with authority covering the policies that are in conflict. Points of conflict between this policy and any other University policy must be addressed and resolved no later than the next policy review appointment.