Use of Electronic Mail (Revised) |
| |
|
REVISED DRAFT
|
|
January 2002
|
| |
|
Oklahoma State University
|
| |
|
Use of Electronic Mail
|
| |
|
*Note: Information Technology Policies are in the process of
review and will be updated throughout the year*
|
| |
|
A. Introduction
|
|
With the availability of expanding access to electronic communications, which includes electronic mail (e-mail) comes the need for University policy to inform members of the University community (all those individuals who are using e-mail on university-issued accounts) on issues of appropriate use, privacy, and access of electronic mail. This document sets forth the University's policy regarding the use of this technology in pursuit of the goals of the University.
|
| |
|
B. Scope
|
|
This policy is applicable to all individuals using University owned or controlled computer and computer communication facilities or equipment. It is applicable to all University information resources whether individually controlled or shared, stand alone or networked. It applies to all computer and computer communication facilities owned, leased, operated, or contracted by the University. In addition, a user must be specifically authorized to use a particular computing or network resource by the campus unit responsible for operating the resource.
|
| |
|
Individual units within the University may define "conditions of use" for information resources under their control. These statements must be consistent with this overall Policy but may provide additional detail, guidelines and/or restrictions. Such policies may not relax or subtract from, this policy. Where such "conditions of use" exist, enforcement mechanisms defined therein shall apply. These individual units are responsible for securing appropriate authorization (Per 2-0501 Administrative Information Systems policy) and to furnish Computing Information Services (CIS) with a copy of the approved document. Units must also publicize both the regulations they establish and their policies concerning the authorized and appropriate use of the equipment for which they are responsible. In such cases, the unit administrator shall provide the Executive Vice President with a copy of such supplementary policies prior to implementation thereof. Where use of external networks is involved, policies governing such use also are applicable and must be adhered to.
|
| |
|
C. Authorized Users
|
|
All regularly enrolled students at OSU are created an account on CIS computer systems. Accounts are valid as long as a student is enrolled at OSU. An authorized user is any person who has been granted the privilege by the University to access its computing and network systems and whose usage complies with university policy. Authority to use a particular University computing or network resource should come from the campus unit responsible for operating the resource.
|
| |
|
D. Authorized Use
|
|
As with other University resources, e-mail is made available to faculty, staff and students, to further the teaching, research, service, and extension goals and mission of the University. Use of the University's e-mail services, therefore, is intended to be in furtherance of such goals and mission. "Conduct Expectations and Prohibited Actions" are defined in the University Acceptable Computer Use Policy.
|
| |
|
All materials sent by campus e-mail must be attributed to the individual, office, or organization sending the material. It is a violation of this policy to originate e-mail in such a manner as to create the impression to the recipient that the mail was originated from another source or individual.
|
| |
|
E. Privacy
|
|
Users of University electronic mail services are placed on notice that under the Oklahoma Open Records Act all records that are created by, received by, under the authority of, or coming into the custody, control, or possession of the University or University officials presumptively are public records. Such records include messages stored in an electronic or magnetic format. All e-mail communications, therefore, unless subject to a specific statutory privilege, are subject to production under the Oklahoma Open Records Act and, when relevant, to discovery in civil litigation.
|
| |
|
There is no guarantee for privacy associated with use of e-mail resources. It may be necessary to view electronic data, records, information related to those records or information relating to the use of resources.
|
| |
|
University officers and supervisors shall have the right to read any e-mail when written permission for such access has been given by the individual.
|
| |
|
The OSU Postmaster(s), the Assistant Director, Information and Technology Services, or the OSU Systems Security Officer (SSO) may, in the course of his or her professional duties, access an individual's e-mail for legitimate system management or maintenance purposes.
|
| |
|
If an occasion arises when a University officer or supervisor believes that access to an individual's e-mail account is required for the conduct of University business, the University individual is not available, and a system administrator is required to access the individual's e-mail account, the following procedure shall be followed:
|
| |
- The University official or supervisor shall secure permission to access the e-mail account from the Executive Vice President of this institution.
- An appropriate form with the signature of the Executive Vice President shall be presented to the system administrator allowing the system administrator to proceed to access the e-mail account.
- The individual whose e-mail account has been accessed will be notified as soon as possible by copy of the above referenced form. Where necessary to ensure the integrity of an investigation into the use of University computing resources, such notice, with the approval of the Executive Vice President of the University, may be delayed until such time as such investigation would no longer be compromised.
|
| |
|
Prior to termination or resignation, a faculty or staff member shall make all E-mail files related to University business available to his or her supervisor.
|
| |
|
On termination or resignation, the individual's e-mail account will be terminated and all information not retained by the supervisor will be deleted.
|
| |
|
OSU is not in isolation to other community jurisdictions and laws. As a result, during an investigation, OSU may be required to provide electronic or other records, other information related to those records, or the use of information resources
|
| |
|
F. User Responsibilities
|
|
Users of the University's e-mail services are required at all times to observe all laws relating to copyright, trademark, trade secrets protection, encryption, and/or any other digital communication laws. Users are responsible for removing old mail from their mailboxes. The mail server system will not permit mailboxes to exceed size limitations. If a mailbox reaches size limitations, the system will not permit the owner of the mailbox to utilize electronic mail until the mailbox size is reduced below the limitation.
|
| |
|
Mass mailings and junk mail for non-university business reasons are prohibited. Mass mailings are messages that are sent to large groups of users either inside or outside the University. Examples of such mailings are mail sent to all the electronic mail users with last names ending in A-C, or the entire sophomore class. Junk mail is unwanted or unsolicited mail of a non-academic nature. Chain letters fall into the category of mass mailings and junk mail. Sending, or passing along a chain letter is considered a breech of this policy.
|
| |
|
The use of University computing systems for commercial purposes is strictly forbidden. The sending of electronic mail, which is commercial in character, is a violation of this acceptable use policy.
|
| |
|
G. Special Notifications:
|
|
The University cannot protect individuals against the existence or receipt of material that may offend them. Those who make use of electronic communications are warned that they may willingly or unwillingly come across, or be recipients of, material that they may find offensive. Members of the University community are expected to demonstrate good taste and sensitivity to others in their communications. It is a violation of this policy to use e-mail to libel, harass, or threaten other individuals. The University has the need, under certain circumstances, to issue messages as official university communication through the OSU electronic mail service. These messages will be reviewed and approved by the Executive Vice President or through the Public Information Office.
|
| |
|
H. Access
|
|
Unauthorized access to information systems is prohibited. No one should use the ID or password of another; nor should anyone provide his or her ID or password to another. A password should never be shared, not even with computer support personnel. Users are personally responsible for all activities on their User ID or computer system, including security of their own passwords and may be subjected to disciplinary action and/or loss of privileges for misuse of computers or computing systems under their control, even if not personally engaged in by the person controlling the computer or system.
|
| |
|
I. Conduct Expectations and Prohibited Actions:
|
|
OSU provides computing resources and worldwide network access to members of the OSU community for legitimate academic and administrative pursuits to communicate, access knowledge, and retrieve and disseminate information. All members of the OSU community (faculty, staff, students, and authorized guests) sharing these resources also share the rights and responsibilities for their use. Examples of misuse are listed in the Appropriate Computer Use Policy.
|
| |
|
J. Consequences of Misuse
|
|
Misuse of computing, networking, or information is unacceptable, and users will be held accountable for their conduct. Serious infractions can result in temporary or permanent loss of computing and/or network privileges and/or Federal or State legal prosecution. Appropriate corrective action or discipline may be taken in conformance with applicable personnel policies and student policies. Some computer abuses are a crime, (such as illegal reproduction of software protected by U. S. copyright law) and penalties can include a fine and/or imprisonment.
|
| |
|
Abuse of computing privileges is subject to disciplinary action, including termination of employment. If system administrators have strong evidence of misuse of computing resources, and if that evidence points to the computing activities or the computer files of an individual, they have the obligation to pursue any or all of the following steps to protect the user community:
|
| |
- Notify the SSO.
- Notify appropriate departmental administrators
The SSO:
- Will notify the user's instructor, department or division chair, or supervisor of the investigation, when appropriate.
- May suspend or restrict the user's computing privileges during the investigation.
- May inspect the user's files, diskettes, tapes, and/or other computer-accessible storage media.
- Will refer issues, when appropriate, to the appropriate University department for possible disciplinary action, i.e., this may include but not be limited to the Office of the Assistant Vice President of Computing and Information Services, the Office of the Vice President for Student Affairs, the unit administrator for staff, and the Dean of the School for faculty.
|
| |
|
Users, when requested, are expected to fully cooperate with system administrators or the SSO in any investigations of system abuse. Failure to cooperate may be grounds for cancellation of access privileges or disciplinary action, including dismissal.
|
| |
|
When individual privileges to access University computing resources have been suspended, a user may request that the Assistant Vice President of Computing and Information Services, or his/her designee, review the suspension. The Assistant Vice President of Computing and Information Services, or designee, in his/her discretion, may reinstate privileges, alter any restrictions that have been imposed, or refuse to interfere with the administrative action taken to that time. Further appeals may be filed with the Office of Student Conduct, the University Personnel Office, or the Chair of the Faculty Council, as appropriate.
|
| |
|
Failure to comply with these policies, rules and regulations may result in disciplinary action, up to and including dismissal. Any violation of local, state or federal laws may carry the additional consequence of prosecution under the law, where judicial action may result in specific fines or imprisonment, or both; plus the costs of litigation or the payment of damages or both; or all.
|
| |
|
K. Notification
|
|
References to this policy will be in the OSU Catalog, the Student Rights and Responsibilities policy, the CIS web site and the OSU Policies and Procedures Letters.
|
| |
|
L. Application and Enforcement
|
|
Each University campus shall be responsible for enforcing this Policy in a manner best suited to its own organization. It is expected that enforcement will require cooperation between such departments as computer systems administration, personnel, affirmative action, academic affairs and student affairs.
|
| |
|
Users who abuse or violate this policy may be subject to disciplinary action, including termination. Any violation of local, state or federal laws may carry the additional consequence of prosecution under the law, where judicial action may result in specific fines or imprisonment, or both; plus the costs of litigation or the payment of damages or both; or all.
|
| |
|
References
|
| |
OSU Administrative Policies & Procedures
- Appropriate Computer Use Policy
- Family Educational Rights and Privacy Act-Buckley Amendment
- CIS World Wide Web Publishing
- Copyrightable Educational Material and Other Intellectual Property
- Handling Gifts to the University
- Incident Reporting Of Computer Security Violations
- Open Records
- Microsoft Campus Agreement (MCA) Overview
- Network Security Policy
- Password Guidelines
- Sexual Harassment
- Use of Electronic Mail
- Use of the University Name
Other:
- Digital Millennium Copyright Act
- Federal Computer Intrusion Laws
- Federal Electronic Communication and Privacy Act of 1986
|
| |
| View other policies |
| |
