2,654
edits
No edit summary |
No edit summary |
||
Line 27: | Line 27: | ||
Policy No.: '''6051'''<br /> | Policy No.: '''6051'''<br /> | ||
Effective Date: '''04/25/07'''<br /> | Effective Date: '''04/25/07'''<br /> | ||
Revised Date: '''08/ | Revised Date: '''08/20/13'''<br /> | ||
Reviewed Date: '''08/ | Reviewed Date: '''08/20/13'''<br /><br /> | ||
<big>'''Computer Use and Electronic Information Security Policy'''</big> | <big>'''Computer Use and Electronic Information Security Policy'''</big> | ||
== Introduction == | == Introduction == | ||
Line 56: | Line 56: | ||
##The department chair or section chief is responsible for ensuring that the individual is aware of all UNMC policies and procedures relating to the use of the electronic resources. | ##The department chair or section chief is responsible for ensuring that the individual is aware of all UNMC policies and procedures relating to the use of the electronic resources. | ||
##The department chair or section chief is responsible for coordinating with ITS to ensure that all software license regulations are honored by granting this account. | ##The department chair or section chief is responsible for coordinating with ITS to ensure that all software license regulations are honored by granting this account. | ||
##ITS is responsible for maintaining a log of | ##ITS is responsible for maintaining a log of | ||
###Individual name | |||
###Contact information | |||
###Sponsoring Department Chair or Section Chief | |||
###Resources accessed | |||
###Reason for account/relationship to UNMC | |||
##The Assistant Vice Chancellor or designee will approve requests for these types of accounts. | ##The Assistant Vice Chancellor or designee will approve requests for these types of accounts. | ||
====UNMC email accounts ==== | ====UNMC email accounts ==== | ||
UNMC email accounts will only be issued to the following individuals: | UNMC email accounts will only be issued to the following individuals: | ||
#Faculty (excluding volunteer appointments) staff and students of UNMC | #Faculty (excluding volunteer appointments) staff and students of UNMC | ||
##Upon an employee’s entry into SAP or a student being admitted to a program, an email account will automatically be generated. It is the expectation that all faculty/staff/student will read and maintain their UNMC email account. Important information regarding the activities of UNMC | ##Upon an employee’s entry into SAP or a student being admitted to a program, an email account will automatically be generated. It is the expectation that all faculty/staff/student will read and maintain their UNMC email account. Important information regarding the activities of UNMC is communicated via email. | ||
#Retired faculty who have an emeritus appointment | #Retired faculty who have an emeritus appointment | ||
#If a department identifies the need for an individual who does not meet the criteria to have an email account, a request for a policy exception can be made: | #If a department identifies the need for an individual who does not meet the criteria to have an email account, a request for a policy exception can be made: | ||
Line 68: | Line 73: | ||
##The department chair or section chief is responsible for coordinating with ITS to ensure that all software license regulations are honored by granting this account. | ##The department chair or section chief is responsible for coordinating with ITS to ensure that all software license regulations are honored by granting this account. | ||
##ITS is responsible for maintaining a log of | ##ITS is responsible for maintaining a log of | ||
###Individual name | ###Individual name | ||
###Contact information | |||
###Sponsoring Department Chair or Section Chief | |||
###Resources accessed | |||
###Reason for account/relationship to UNMC | |||
##The Assistant Vice Chancellor or designee will approve requests for these types of accounts. | ##The Assistant Vice Chancellor or designee will approve requests for these types of accounts. | ||
NOTE: If an individual is a volunteer, please refer to UNMC Policy No. 6053, [[Volunteer]].<br /> | NOTE: If an individual is a volunteer, please refer to UNMC Policy No. 6053, [[Volunteer]].<br /> | ||
Line 88: | Line 97: | ||
It is the responsibility of the workforce to protect confidential information at all times including but not limited to when stored electronically (at rest) and when the data is being transferred outside of the facility such as on a mobile device or a diskette (See [http://www.unmc.edu/its/images/security_enduserdevice.pdf ITS Security Procedure: End User Device]).<br /> | It is the responsibility of the workforce to protect confidential information at all times including but not limited to when stored electronically (at rest) and when the data is being transferred outside of the facility such as on a mobile device or a diskette (See [http://www.unmc.edu/its/images/security_enduserdevice.pdf ITS Security Procedure: End User Device]).<br /> | ||
<br /> | <br /> | ||
UNMC’s information technology resources are to be used predominately for completing UNMC work related business. Misuse of University information systems is prohibited. Misuse includes the following (see | UNMC’s information technology resources are to be used predominately for completing UNMC work related business. Misuse of University information systems is prohibited. Misuse includes the following (see Executive Memorandum No. 16, [http://nebraska.edu/docs/president/16%20Responsible%20Use%20of%20Computers%20and%20Info%20Systems.pdf Policy for Responsible Use of Information Resources]) | ||
#Attempting to modify or remove computer equipment, software, or peripherals without proper authorization. | #Attempting to modify or remove computer equipment, software, or peripherals without proper authorization. | ||
#Accessing without proper authorization computers, software, information or networks which the University belongs, regardless of whether the resource accessed is owned by the University or the abuse takes place from a non-University site. | #Accessing without proper authorization computers, software, information or networks which the University belongs, regardless of whether the resource accessed is owned by the University or the abuse takes place from a non-University site. | ||
Line 149: | Line 158: | ||
*Provide warranty information or product recall or safety/security information with respect to a product or service used or purchased by the recipient | *Provide warranty information or product recall or safety/security information with respect to a product or service used or purchased by the recipient | ||
*Notify the recipient about substantive changes in an existing subscription or related benefit plan in which the recipient is currently participating. | *Notify the recipient about substantive changes in an existing subscription or related benefit plan in which the recipient is currently participating. | ||
*Deliver | *Deliver goods or services, including upgrades or updates, which the recipient has previously requested or ordered from the sender.<br />'' | ||
For more information, see Contro<big>lling the Distribution of Non-Solicited Marketing E-mail Procedures.</big> | For more information, see Contro<big>lling the Distribution of Non-Solicited Marketing E-mail Procedures.</big> | ||
===Campus-wide e-mail announcements=== | ===Campus-wide e-mail announcements=== | ||
Line 157: | Line 166: | ||
===Audits of Electronic Protected Health Information (PHI)=== | ===Audits of Electronic Protected Health Information (PHI)=== | ||
Patient information including demographic and medical data contained in, or obtained from any UNMC information system is confidential data. Individual access to this data may be audited in order to ensure compliance with federal and state law and [[Policies and Procedures|UNMC Policies and Procedures]]. | Patient information including demographic and medical data contained in, or obtained from any UNMC information system is confidential data. Individual access to this data may be audited in order to ensure compliance with federal and state law and [[Policies and Procedures|UNMC Policies and Procedures]]. | ||
====Information Systems | ====Information Systems==== | ||
Each information custodian is responsible to: | Each information custodian is responsible to: | ||
#Manage and approve access to the information. | #Manage and approve access to the information. | ||
Line 177: | Line 186: | ||
UNMC web pages should consistently meet the highest standards of writing, content accuracy, image and presentation, keeping in mind that these documents create an image of UNMC to the world. UNMC shall reserve the right to monitor web pages and to remove any material that is unlawful or in violation of UNMC policies. Originators will be notified in the event that their page is removed.<br /> | UNMC web pages should consistently meet the highest standards of writing, content accuracy, image and presentation, keeping in mind that these documents create an image of UNMC to the world. UNMC shall reserve the right to monitor web pages and to remove any material that is unlawful or in violation of UNMC policies. Originators will be notified in the event that their page is removed.<br /> | ||
<br /> | <br /> | ||
UNMC procedures and guidelines for web page development should be observed. The web handbook is also a useful tool. These guidelines are not intended nor do they supersede in anyway the well recognized rights of academic freedom. | UNMC procedures and guidelines for web page development should be observed. The web handbook is also a useful tool. These guidelines are not intended nor do they supersede in anyway the well-recognized rights of academic freedom. | ||
UNMC web pages are required to show: | UNMC web pages are required to show: | ||
#Date of the last revision | #Date of the last revision | ||
Line 243: | Line 252: | ||
*UNMC Policy No. 6036, [[Reproducing_Copyrighted_Materials|Reproduction of Copyrighted Materials]] | *UNMC Policy No. 6036, [[Reproducing_Copyrighted_Materials|Reproduction of Copyrighted Materials]] | ||
*UNMC Policy No. 6045, [[Privacy/Confidentiality|Privacy, Confidentiality and Information Security Policy]] | *UNMC Policy No. 6045, [[Privacy/Confidentiality|Privacy, Confidentiality and Information Security Policy]] | ||
*UNMC Policy No. 6053, [[Volunteer]] | |||
*UNMC Policy No. 6055, [[Fraud]] | |||
*UNMC Policy No. 6057, [[Protected Health Information (PHI)|Use and Disclosure of Protected Health Information]]). | *UNMC Policy No. 6057, [[Protected Health Information (PHI)|Use and Disclosure of Protected Health Information]]). | ||
*UNMC Policy No. 6065, [[Fax Transmissions|Facsimile Transmissions]]). | *UNMC Policy No. 6065, [[Fax Transmissions|Facsimile Transmissions]]). |