1 CLACKAMAS COUNTY EMPLOYMENT POLICY & PRACTICE (EPP) EPP # 59 Implemented: 05/20/10 Clerical Update: Appropriate Use Policy Technology & Information PURPOSE: To establish rules governing use of County information and technology related to the work place. Examples of information and technology covered under this policy include, but are not limited to; computer systems and their attached peripherals, phones, (land lines and cellular), fax machines, voice mail, , network resources, internet usage, pagers and radios. Included is not only the hardware itself but the content/data retained or conveyed by that hardware. Clackamas County provides use of information and technology to enable the County to provide its services in a timely and efficient manner. The intent of this policy is to ensure the efficient, appropriate and safe utilization of technology and information while maintaining its integrity, security and performance. It also is intended to ensure that use of County provided information and technology is consistent with Federal, State and Local laws and public expectations. One purpose of this policy is to protect against the inappropriate disclosure of County information. This purpose should not mislead users into believing what they do or say using County technology is private and protected from disclosure. It is a business necessity that all County information and technology be accessible to properly authorized County representatives, no matter its location or content and regardless of any user s desire that the information not be accessed or disclosed. County systems have been designed to accommodate this need. Because of this, no user has any right to expect that information they create using County technology will not be viewed or disclosed by the County or its authorized representatives. For more details please see Section 9 of this policy. SCOPE: This policy is applicable to any use of County provided technology and information by any person or entity. All County departments, employees, elected officials, contractors, volunteers, partners, interns, other governmental agencies or support vendors that make use of County technology and information are included within those require to comply with this policy. This policy applies to all technology and information that is owned, leased, managed, supported or utilized by Clackamas County or agencies utilizing County information / technology. Under this policy users may be authorized to use personally owned equipment for County business. For example a home computer, PDA or Smart Phone purchased with personal funds. Users are warned that in doing so they may expose that equipment to examination and the information to disclosure in an appropriate proceeding. Further, public record information stored on personal technology retains its status as a public record, disclosure of which may be required under Oregon law and County policy. Personal storage of public record information must also meet security requirements as identified in this policy and other appropriate regulations (HIPAA, CJIS etc).
2 This policy does not supersede, but is in conjunction with all applicable Federal, State and local laws and policies. This policy may supersede established Intergovernmental Agreements or contracts and will be in effect for any future agreements or contracts. This policy establishes minimum standards for the use of County technology and information. County Departments are permitted to issue directives for the use of technology and/or information within that department which are more restrictive so long as they do not conflict with the requirements of this policy. DEFINITIONS: Technology is a term that applies to any equipment, services, licenses or software owned or managed by the County that is used in the acquisition, storage, manipulation, management, movement, control, display, translation, research, transmission, reception, utilization or processing of information. This applies to all equipment regardless of location, including home assigned or portable systems. This also applies to any equipment, such as copiers, that is connected to the County Network or any equipment, such as PDAs that connect directly to a County managed device. Information is a term that applies to all forms of electronic data, regardless of storage or transmission formats. This includes, but is not limited to; databases, transmissions, s, logs, voice mail, files, spreadsheets, pictures, multi media, metadata, backups etc, or any subset, extracted or translated data. Clackamas County Technology Services (CCTS) Authorization means any authorization directly stated by CCTS Management. It is assumed that any alteration or deviation from any portion of this policy is only by CCTS Authorization. County as used in this document is a generic reference to the entity that is Clackamas County including all departments, divisions, and offices of the Clackamas County and is not intended as a reference to any one particular individual, group or political body. GENERAL PROVISIONS: Ownership All Information and Technology covered by this policy (including but not limited to hardware, software, data, licenses etc) is the property of the County. County technology or information may be transferred to private ownership only pursuant to the terms of a lawful contract entered into by the County or as provided by Oregon law governing the disposition County property. Disposal All technology equipment that has become surplus, unusable or outdated must be processed via CCTS for final disposition. CCTS will process all unused equipment and reuse (in whole or part) any components still of use in the County, ensure unused equipment meets guidelines for disposal and coordinate with Purchasing on any potential use elsewhere.
3 County employees are prohibited from assuming ownership of disposed County Equipment. Purchasing rules regulate the disposition of disposed equipment. Priority for disposition includes: o Other Clackamas County Departments or Agencies o Established charter organizations in partnership with Clackamas County for processing and disposition of technology to established agencies (County School Districts etc) o Other Local governmental agencies within County, then those outside the County o Other Schools & Non-Profits within County, then those outside the County o Approved Recycling Centers Equipment valued over $5,000 may also be sold via bid in order to recover any potential value for the County. CCTS will process all storage devices, regardless of type or condition, before reallocation or disposal in compliance with Department of Defense standards for data removal. Utilization Access to, and the use of, County information is strictly for the purpose of supporting County business and services. Employees will not view, use, disclose, delete or alter County data in any manner not consistent with County procedures and authorizations. Employees are responsible for the safekeeping and handling of County data they have authorization to use or access to. No unauthorized access shall be given to anyone or any agency at any time. All access must be approved via the appropriate procedures and restricted to the approved information for the defined business function. Use of County information must be inoffensive, professional, accurate, in accordance with all applicable Federal, State and local laws and policy, and must not violate ethics laws and rules. All use and communications must follow Clackamas County Code Sections through Upon termination, all equipment / software must be turned back into the County without any further use. All County equipment / software, except as approved by CCTS, must be maintained by CCTS to County standards.
4 Distribution/Transfer Information transferred must be approved by the appropriate department management and other County management (such as County Counsel etc) as required depending on the type of information and associated regulations. For questions related to required approval, contact department management or CCTS. Information may be transmitted only to agencies or individuals authorized to receive that information in support of County business. The Oregon Public Records Law defines what records requesters under that law are authorized to receive. Transmission of County information is authorized to comply with that law once the requirements of County Policy and departmental procedures are followed. All transmissions must be secure and reliable utilizing CCTS approved technology and procedures. Accounts Distribution and/or transmission of data must be via approved technology and procedures as defined by all applicable regulations, laws, County policies and CCTS standards. All user accounts are the property of the County. Employees are prohibited from accessing information or equipment to which they have not been granted permission. Employees are prohibited from accessing information from another account without permission from the appropriate department director (or designee) and CCTS. The County may revoke or limit account permissions at any time without warning. All accounts are to be requested via the appropriate County procedure with approval from the Department (or sponsor) and with a CCTS Account Request Form. Contact the CCTS Call Center for more information or Request Form. Upon termination from working with or for the County, the account will be disabled and further access of any kind, or release of any County information, is prohibited. Upon termination of an account the Department or sponsor shall designate another user to be granted access rights to the terminated account. Within 30 days that user shall review all and electronic documents of the terminated user and assure their proper retention or destruction. After 30 days the account shall be removed from the server and any user files not on a shared drive will be deleted. Security It is the responsibility of all users of County technology and information to maintain the highest possible degree of security and confidentiality.
5 CCTS configures accounts with the minimum level of access deemed necessary to permit the user to perform their required functions. If you feel your access is insufficient, please have your manager contact the CCTS Call Center. Department Directors may authorize the retention of password lists within their department where they find in necessary to carry out business during users absence from work. Passwords may not otherwise be disclosed to anyone without permission from CCTS. CCTS will not release password information to departments. If a department needs access to information for which a particular user s password is required, and the department is unable to obtain the required information in a timely manner, CCTS may reset the user password and provide that password to an authorized representative by request of the department director. Exceptions to this procedure may be made upon request of the Director of Employee Services or County Counsel as part of an investigation or because of pending or anticipated litigation. Maintain account security; including passwords that are difficult to guess, logging out of applications when not in use, and not leaving data displayed openly for others to see, etc. Attempts to forge, spoof or otherwise inappropriately misrepresenting and/or impersonating another user and/or account is strictly prohibited and can result in disciplinary action. Report any concern regarding unauthorized utilization or suspected tampering to CCTS immediately via the CCTS Call Center. County information may be transferred to portable data devices only as required for the efficient conduct of County Business. Approval of the transfer must be obtained from the County department responsible for the data. Portable data device used to contain County information must be approved for that purpose by CCTS. Equipment not owned or leased by the County may not be used to transport County information. The only exception is that with a supervisor s permission an employee may use a PDA or Smart Phone / Device to access and transport calendars, notes, contacts and . A PDA or Smart Phone / Device used for this purpose must be password protected and encrypted when technically possible. Any equipment containing County information must be kept secure from theft or unauthorized use, especially portable and publicly accessible equipment. All such equipment must be CCTS approved and used in accordance with CCTS security procedures. This includes the use of approved encryption and security utilities.
6 Software Downloading software / licenses from the internet is restricted and can only be for official County business with approval by CCTS. This includes, but not limited to; games, utilities, screen savers, music, freeware, shareware etc. All software on County systems must be licensed by the County and approved by CCTS. Copying of any program or software from the County is prohibited. Violators may be subject to County discipline as well as civil / criminal penalties. BUSINESS USE: In General Use of County technology and information must be inoffensive and contain no demeaning, threatening or intimidating language. County technology and information may not be used in a manner that violates any provision of law including but not limited to laws against discrimination and harassment. County technology and information may not be used for personal gain. County technology and information may not be used in a manner that would bring discredit upon the County if made public. All use and communications must conform to Clackamas County Code Sections through Information is subject to the requirements of Oregon law governing public records and record retention. It is each user s obligation to assure compliance with these laws. To assure business continuity TS makes back-up copies of some the information contained within County technology. These back-up s are for disaster recovery purposes only and do not relieve the user of the obligation to comply with record retention schedules. CCTS encourages users to contact the CCTS Call Center with any question or concerns related to the access, security, utilization or policies for County technology and information. County employees with questions related to appropriate conduct or related issues should contact the Clackamas County Department of Employee Services. County employees with questions related to personal use should contact their management for policy issues and the CCTS Call Center for technical issues. Technology is constantly changing; the services listed in this policy are just some examples of more common services available. All technical services must comply
7 with the basic rules listed in this policy for all technology. Some of the more common services are listed below. If you have any questions about specific technical services, or need an exemption to a rule, please contact the CCTS Call Center. Internet Use of the Internet is for communications with web based applications, and / or in support of County business, research, purchasing and development and so forth. Departments may further restrict personal internet usage. County employees may utilize chat rooms, blogs or other related internet communication services only in the support of County Business. Any nonbusiness use is governed by the personal use section of this policy. Appropriate Use is a primary business and communication tool for the support of County business, communications and services. Maintaining a secure and responsive system is crucial for the efficient processing of County business. should not be used to transmit any confidential or sensitive information, or any information that should not become subject to Records Retention or Public Record. Limit the size of and attachments to just what is required. This includes limiting large attachments, photos, video / sound clips etc. Also limit the distribution list to just those that really need the correspondence to reduce SPAM and wasted resources. Be accurate, concise, professional and courteous in all correspondence. It is very easy to misinterpret an and draw wrong conclusions or emotions. If it doesn t belong in an don t send it. All is subject to Public Record & Retention Laws and must be handled accordingly. This includes storage of in the appropriate retention schedules. CCTS utilizes an Retention and Storage System to facilitate the automatic storage of for archiving / discovery purposes. This does not relieve the user of their obligation to meet retention obligations. For more information, see the Records Retention Policy or call Records Management. Wireless Wireless service, whether provided by CCTS or an authorized vendor, is for the promotion of County business. If inappropriately utilized, it can present a significant security threat.
8 All County equipment utilizing wireless services to the County must be configured by CCTS. Any device utilizing the secure County Wireless Services must be County owned and managed equipment configured or approved by CCTS. All secure wireless communication with the County must be secure and encrypted. By default, all secure wireless capability is disabled until requested and configured. For activation of wireless equipment, or questions on usage, call the CCTS Call Center. This policy does not apply to wireless PDAs or Smart Phones / Devices using cell phone based systems to access the County . Please see EPP-50 Cell Phone Usage Policy. In some locations the County provides an open non-secure wireless network for use by vendors and citizens when working with the County. This non-secure connection is NOT for use in the support of County business, County applications or to access County Information. Instant Messaging (IM) Instant messaging, or other related utilities, is a useful tool for communication with other key personnel within the County. However, IM is also a potential security threat. IM usage in the County will be limited to one County Enterprise IM System that allows management of security issues, standardized training and ability for all County users to communicate with each other. Personal use of IM with other County IM users is permitted for limited communications as long as it does not impact work. Confidential or sensitive information should not be used with IM. IM is logged, so all communication should be appropriate for discovery and retention. IM usage with external IM users is permitted, for both personal and business use, as long as the communication is appropriate, secure and the external IM is compatible with the County IM system. Personal use must conform to Clackamas County Code Sections through FTP (or any other secure File Transfer Process) FTP should only be used to send / receive appropriate and approved data in the support of County business. FTP should not be used to transfer personal files or data. All FTP needs to be secure (SFTP), via the County FTP server when appropriate, and with FTP utilities as supplied and configured by CCTS.
9 Music / Video (MP3, MP4, FLV, AVI, CD, DVD, P2P, Streaming etc.) The downloading of music or video files is limited to that necessary in support of County Business. Streaming of music for the purpose of listening to music while working is allowed on a limited basis and with supervisor approval. Streaming of non-work related video is not authorized. Listening should only be done when not disturbing others or impacting work. County equipment may not be used as music libraries for such devices as ipods and other MP3 type devices. No Audio listening / Video playing utilities are to be installed on County equipment unless approved by CCTS. Audio CDs may only be played on properly equipped systems with CD/DVD Player. County Equipment may not be used to compile or burn Audio / Video CDs or DVDs for personal use. County Equipment may not be used for any type of file sharing (Peer-to-Peer or P2P) that may violate copyright laws or use open communication channels. Such examples include, but not limited to; Napster, Kazza, WimMx, etc. P2P (or related service) clients may not be downloaded except as approved by CCTS. Video Conferencing Video Conferencing; for dedicated sites, mobile units or desktop / laptop usage, should utilize the County standard video conferencing technology and licensing. For questions on required equipment contact the CCTS Call Center. Other video conferencing technologies (Skyp etc) may be approved upon review and installation by CCTS. Other Any other form of technical service, communication or utility must be in support of County business, maintain secure connections and be configured by CCTS. For questions or requirements for other technical services, contact the CCTS Call Center. PERSONAL USE: Personal Use County employees are permitted limited personal use of County technology. Any use must NOT interfere with official business, must add virtually no cost to the County. County Technology cannot be used for personal gain and must comply with all laws and County policies including state ethics / conduct laws and similar
10 County / Departmental rules. County employees may make personal use of internet resources if they already have a personal ISP at home, follow all rules otherwise applicable to business use of the internet including Clackamas County Code Sections through It is not possible to create a comprehensive list of permitted or excluded uses. Each employee should discuss their intended use with their supervisor to assure that such use complies with this and departmental policy. Personal use of County technology must take place during employee s non-work time. The County and departments may further limit personal use of specific technology beyond the scope of this policy as deemed required. This personal use policy applies to all equipment, including off site equipment such as home assigned systems or laptops. Personal use has risks. County technology should not be used to access personal or confidential information or to send or receive s containing such information. Personal internet usage and may be subject to disclosure under the Oregon Public Records law and the county reserves the right to access, use and disclose all information contained on County Systems. If you don t want to possibly see it on the front page of the newspaper - don t access it using County Equipment. Personal Equipment / Software Employees may not load privately owned software, shareware or freeware on County systems unless otherwise authorized. Some examples of unauthorized software are games, personal finance or business software, screen savers, MP3 players, utilities etc. Employees may not connect privately owned equipment to County equipment or network (this includes but is not limited to USB devices, memory devices / cards, non-wireless PDAs, cameras, MP3 devices etc). The exception is the use of privately owned and CCTS approved wireless PDAs and Smart Phones having access to the County system via their cell phone vendor. Contact the CCTS Call Center for more information. Any sort of data capturing devices, network monitors or related software is strictly prohibited. Any type of remote access software and/or equipment being used and/or connected to County equipment is strictly prohibited except by CCTS authorization and installation. Home computers are not to be used for County business except as permitted under the remote access request / policy. WARNING: Use of a home computer for County business may make its contents subject to inspection or discovery in litigation. The County has adopted software and procedures under the remote access policy that minimizes this risk.
11 Personally owned equipment is not supported by CCTS. Utilization of CCTS supplied remote access utilities is supported. CCTS will assist as appropriate with issues / questions related to the installation and/or use of remote access utilities. CCTS will not directly work on personal equipment except in the support of the remote access software when possible. The County is not liable for the use of personal equipment which is at the risk of the owner. PROCUREMENT: Standards CCTS, working in conjunction with purchasing, departments, industry standards and trends, vendors, manufactures, other agencies, and legal guidelines; is responsible for establishing and maintaining all technical standards for the County. Standards include, but not limited to: o Equipment vendors, models, versions, configuration and specifications. o Software licensing and versions. o All protocols, communications, security parameters and interface. o Installation configurations, etc. CCTS will maintain published standards on the CCTS web site. Purchasing When appropriate CCTS will review proposed standards with the departmental liaisons, as well as process requests for updates and/or changes in standards. All technology procured in the County must be reviewed, approved and processed through the CCTS Purchasing Agent except where exempted by CCTS Authorization. This process is to: o Verify the technology meets CCTS standards o Utilize CCTS purchasing capability, agreement and contracts to ensure the best price o Manage licensing to ensure compliance o Track warranties and maintenance contracts o Ensure proper installation and support of equipment o The requested equipment meets proposed business and technical specifications o Prevent unnecessary orders and full utilization of available resources Exempt technology includes specialized equipment (such as diagnostic or lab measurement equipment) that does NOT connect or interface to County supported technology such as the network or PCs. Further exemptions may be requested for approval by CCTS. In order to place a purchase request, or to get more information about a potential purchase such as quotes, standards, options etc; please call the CCTS Purchasing Agent at 8518.
12 REMOTE ACCESS: All requests for Remote Access, defined as any access to County technology from a source not directly on the County network, must meet technical and security standards as defined in the CCTS Remote Access Policy / Request. Any request for Remote Access must also have an approved County sponsor, such as an employee s department director. Any County employee requesting remote access must also qualify, and if required, be approved by the County Teleworking Policy EPP-48. PRIVACY AND MONITORING: Privacy The County has made a substantial investment in security to prevent the inappropriate disclosure of County information. This investment should not mislead users into believing what they do or say using County technology is protected from disclosure. It is a business necessity that all information and technology be accessible to properly authorized individuals, no matter its location or content and regardless of any user s desire that the information not be accessed. County systems have been designed to accommodate this need. The County reserves the right to enter, review, monitor, copy and disclose the information on County provided technology, including but not limited to voice mail, electronic mail and information stored on computer systems or media. The County may do so at anytime, for any reason, and with or without notice either before or after the fact. The County has done so in the past for the purposes of personnel investigations, performance monitoring, compliance assurance, and to respond to public record requests or for the purpose of actual or potential litigation. Such actions will continue to be taken in the future for the same or different reasons. It is current practice to provide users passwords that protect accounts, file systems, drives and other technology. This is done to facilitate the efficient conduct of County business, protect information from inappropriate disclosure and to implement security policies. The user does not have the right to object to the disclosure of any information if such disclosure is made by individuals authorized by the County. In the absence of a compelling business need not to do so, the county will comply with requests from law enforcement authorities to inspect and copy information residing on County equipment. Monitoring The County may audit, log, store, review, access, intercept, block, filter, restrict, screen, or recover any information created, accessed or transported using its technology.
13 Unless prohibited by a provision of law other than a claim of privacy, the County may use, publish, or disclose any information, at any time without notice. Currently the County monitors internet usage and collects sent or received using its mail servers. The County reserves the right to monitor any and all use of technology including but not limited to; s, instant messaging, internet activity, data access and updates, account utilization, voice mail, cell phones or other electronic records. Discovery CCTS may automate some reporting for distribution to appropriate County offices / personnel for review based on the type of data and schedule. Based on the type of information being monitored, County policy will determine the specifics of the report and who is authorized to review the report. Automated reports will not contain confidential information. Some reports that may be automated include, but not limited to: o Weekly reports of basic Internet usage to departments o Periodic reports of remote access usage o County application and / or web page access logs o Disk storage utilization reports etc. CCTS may also generate reports as requested by authorized agencies / departments / personnel in the County. These reports can be customized to fit the requestor s data and format needs. All such requests will be verified for authorization and will be treated as confidential information. Requests Requests for information related to access / usage monitoring must be made via the appropriate process as identified by County Policy which is based on the type of information requested, the requesting source and the format of the data. Since this policy is broad and changing, the specifics are too great to list in the policy. If you are unsure of the process to request a report from CCTS, call the CCTS Call Center with a brief description or your need, details, and they will provide the procedure. Requests for Security Camera logs and/or video needs to be made to County Facilities. While this policy reserves to the County the broadest possible right to access and disclose information stored on County provided technology, it is not intended to define which individual or entity holds the right to deny access or authorize disclosure on behalf of any particular department or division of the county. For example, this policy does not modify the existing public records request process under which elected officials determine which disclosures will be made in response to requests. Modification This section may be modified only by formal amendment of this policy.
14 COMPLIANCE: Expectations The County expects all users to follow and enforce all security, privacy and confidentiality rules and processes in compliance with this policy in order to maintain a secure environment. Sanctions Users who engage in improper use of technology or information under this policy or any other applicable may have their accounts terminated and be directed to return any technology or information to CCTS. County employees are also subject to disciplinary action, up to and including dismissal as defined in Clackamas County Code Section Depending upon the offense, violators of this policy and other related regulations may be subject to civil and/or criminal penalties including fines and imprisonment. EFFECTIVE: This policy shall be effective March 15, 2010.
15 Acknowledgement: I hereby certify that I have read the contents of the CCTS Appropriate Use Policy for Technology and Information. Furthermore, I have been given the opportunity to discuss any information contained therein or any concerns that I may have and will ask for clarification if any portion is confusing. I understand that my employment and continued employment is based in part upon my willingness to abide by and follow the County s policies, rules, regulations and procedures. I acknowledge that the County reserves the right to modify or amend its policies at any time, without prior notice. Such modifications will be posted on the CCTS Intranet Site. My signature below certifies my knowledge, acceptance and adherence to the County s policies, rules, regulations and procedures regarding Information and Technology. Signature: Date: Employee ID: Print Name: Account: Department, Agency or Company: Address / Contact Processed By: Date: Initials:
Technology Department 1350 Main Street Cambria, CA 93428 Technology Acceptable Use and Security Policy The Technology Acceptable Use and Security Policy ( policy ) applies to all CUSD employees and any
Pierce County Policy on Computer Use and Information Systems Pierce County provides a variety of information technology resources such as computers, software, printers, scanners, copiers, electronic mail
ELECTRONIC COMMUNICATIONS AND INTERNET ACCESS POLICY 1. PURPOSE: The purpose of the electronic mail system and Internet access is to assist Clinton County s day-to-day conduct of business activities. This
City of Boston Department of Innovation and Technology Policy Title: Information Technology Resource Use Policy Effective Date: April 1, 2011 Purpose and Intent The City of Boston recognizes the importance
1 of 9 PURPOSE: To define standards for appropriate and secure use of MCG Health electronic systems, specifically e-mail systems, Internet access, phones (static or mobile; including voice mail) wireless
Information Security Handbook for Employees Providing our patients with excellence in healthcare includes protecting their information This handbook was prepared by Tom Walsh Consulting, LLC for the Kansas
Virginia Commonwealth University School of Medicine Information Security Standard Title: Scope: Data Handling and Storage Standard This standard is applicable to all VCU School of Medicine personnel. Approval
Chicago Public Schools Policy Manual Title: ACCEPTABLE USE OF THE CPS NETWORK AND COMPUTER RESOURCES Section: 604.1 Board Report: 09-0722-PO3 Date Adopted: July 22, 2009 Policy: THE CHIEF EXECUTIVE OFFICER
MEMORANDUM TO: FROM: RE: Employee Human Resources MISSISSIPPI DEPARTMENT OF HEALTH COMPUTER NETWORK AND INTERNET ACCESS POLICY Please find attached the above referenced policy that is being issued to each
Table of Contents 1 Acceptable use 1 Violations 1 Administration 1 Director and Supervisor Responsibilities 1 MIS Director Responsibilities 1 The Internet and e-mail 2 Acceptable use 2 Unacceptable use
MEMORANDUM INFORMATION TECHNOLOGY SERVICES DEPARTMENT TO: John Phillips, City Manager Number: 04-020 SUBJECT: Computer Network, Internet and E-Mail Access Policy Date: 9/903 Attached is copy of the Information
OCS Internet Acceptable Use and Safety Policy for Students The Opportunity Charter School ( OCS or the School ) provides access to OCS s Internet Systems for its students for educational purposes, in conformance
BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO. 05-050 Adopting Multnomah County HIPAA Security Policies and Directing the Appointment of Information System Security
1. Computer and Technology Use, Cell Phones 1.1. Information Technology Policy Employees are provided with Internet access and electronic communications services (which may include, but are not limited
Policy No: 3008 Title of Policy: Preservation and Production of Electronic Records Applies to (check all that apply): Faculty Staff Students Division/Department College _X Topic/Issue: This policy enforces
Delaware State University Policy Title: Delaware State University Acceptable Use Policy Board approval date: TBD Related Policies and Procedures: Delaware State University Acceptable Use Policy A Message
Authorization for Electronic Network Access AUP and BYOD Policies DEFINITIONS BYOD Bring Your Own Device AUP Authorized Use Policy User includes anyone, including employees, students, and guests, using
Information Technology Security Policies Randolph College 2500 Rivermont Ave. Lynchburg, VA 24503 434-947- 8700 Revised 01/10 Page 1 Introduction Computer information systems and networks are an integral
Page 1 of 5 Purpose This regulation implements Board policy JS by setting forth specific procedures, requirements and restrictions and conditions governing student use of District Information Technology
HIPAA Security Training Manual The final HIPAA Security Rule for Montrose Memorial Hospital went into effect in February 2005. The Security Rule includes 3 categories of compliance; Administrative Safeguards,
Boston Public Schools Guidelines for Implementation of Acceptable Use Policy for Digital Information, Communication, and Scope of Policy Technology Resources ACCEPTABLE USE POLICY AND GUIDELINES Boston
UNIVERSITY OF PITTSBURGH POLICY SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA) DATE: March 18, 2005 I. SCOPE This
Created: 2/18/2011 Page 1 of 8 'Namgis First Nation is hereinafter referred to as "the government." 1.0 Overview Though there are a number of reasons to provide a user network access, by far the most common
Software Policy Approved by School Committee General Statement of Policy The Medford Public Schools licenses the use of computer software from a variety of third parties. Such software is normally copyrighted
SEATTLE COMMUNITY COLLEGE DISTRICT PROCEDURE NUMBER: 259.10-40 TITLE: SCCD ELECTRONIC INFORMATION RESOURCES 259.10 Definitions: 259.10.01 Electronic Information Resources (EIRs). All electronic hardware,
DUUS Information Technology (IT) Acceptable Use Policy Issue Date: October 1, 2013 Effective Date: October 1, 2013 Revised Date: Number: DHHS-2013-002 1.0 Purpose and Objectives The purpose of this policy
Page 1 of 5 K-20 Network Acceptable Use Guidelines/Internet Safety Requirements These procedures are written to support the Electronic Resources Policy of the board of directors and to promote positive
Commonwealth Office of Technology ENTERPRISE POLICY Policy Number: CIO-060 Effective Date: 05/15/96 Revision Date: 03/19/08 Policy Statement: The purpose of this enterprise policy is to define and outline
Book Section Title Number Status SCS Policy Manual I INSTRUCTION Acceptable Use of Electronic Network Resources and Internet Safety IIBEA * R Active Legal 18 U.S.C. Sections 1460 and 2256 47 U.S.C. Section
MARIN COUNTY OFFICE OF EDUCATION EDUCATIONAL INTERNET ACCOUNT Acceptable Use Agreement TERMS AND CONDITIONS Please read the following carefully before signing this document. INTERNET access is coordinated
SOUTHERN SLOPES COUNTY COUNCIL COMPUTER & INFORMATION TECHNOLOGY USE POLICY OBJECTIVE To provide users with guidelines for the use of information technology resources provided by Council. SCOPE This policy
General Rules of Behavior for Users of DHS Systems and IT Resources that Access, Store, Receive, or Transmit Sensitive Information The following rules of behavior apply to all Department of Homeland Security
Valmeyer Community Unit School District #3 Acceptable Use Of Computers and Networks The Valmeyer Community Unit School District #3 Board of Education supports the use of the Internet and other computer
`DEPARTMENT OF VETERANS AFFAIRS VA SOUTHEAST NETWORK Automated Information System User Access Notice I understand, accept, and agree to the following terms and conditions that apply to my access to, and
Iowa-Grant School District Acceptable Use and Internet Safety Policy For Students, Staff and Guests The Iowa-Grant School District has invested significantly in technology that offers vast, diverse, and
2 of 10 2.5 Failure to comply with this policy, in whole or in part, if grounds for disciplinary actions, up to and including discharge. ADMINISTRATIVE CONTROL 3.1 The CIO Bureau s Information Technology
Policy for the Acceptable Use of Information Technology Resources Purpose... 1 Scope... 1 Definitions... 1 Compliance... 2 Limitations... 2 User Accounts... 3 Ownership... 3 Privacy... 3 Data Security...
ACCEPTABLE USE POLICY F. Paul Greene Harter Secrest & Emery LLP 1600 Bausch & Lomb Place Rochester, NY 14604 585-231-1435 firstname.lastname@example.org 2016 HARTER SECREST & EMERY LLP THE FOLLOWING TEMPLATE WAS DESIGNED
Groby Community College Achieving Excellence Together Authorised Acceptable Use Policy 2015-2016 Reviewed: Lee Shellard, ICT Manager: May 2015 Agreed: Leadership & Management Committee: May 2015 Next review:
Use of ESF Computing and Network Resources Introduction: The electronic resources of the State University of New York College of Environmental Science and Forestry (ESF) are powerful tools, shared among
OXFORD COMMUNITY SCHOOLS 10 North Washington Street, Oxford, Michigan 48371 ACCEPTABLE USE POLICY 1. Purpose Oxford Community Schools (the District ) recognizes that advancements in technology affect the
Version History Author Approved Committee Version Status date Eddie Jefferson 09/15/2009 Full Governing 1.0 Final Version Body Eddie Jefferson 18/08/2012 Full Governing Body 2.0 Emended due to the change
MCOLES Information and Tracking Network Security Policy Version 2.0 Adopted: September 11, 2003 Effective: September 11, 2003 Amended: September 12, 2007 1.0 POLICY STATEMENT The Michigan Commission on
Page 1 of 6 These procedures are written to support the Electronic Resources Policy of the board of directors and to promote positive and effective digital citizenship among students and staff. Digital
Valmeyer Community Unit School District #3 Acceptable Use Of Computers and Networks The Valmeyer Community Unit School District #3 Board of Education supports the use of the Internet and other computer
EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy ) Background Due to increased threat of identity theft, fraudulent credit card activity and other instances where cardholder
Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information
OVERVIEW This policy is applicable to Ameris Bank and all officers and employees thereof. Employees who violate any of the guidelines set in the policy may be subject to disciplinary action including written
BOARD OF EDUCATION POLICY ADMINISTRATIVE GUIDELINE 6.6.1A(3) BROADALBIN-PERTH CENTRAL SCHOOL ADOPTED 1/22/00 3 RD READING AND ADOPTION 5/21/12 Employee Computer Use Agreement The district is pleased to
About this Tool Information Security for Residents... Purpose: Provide materials to inform and educate Residents in order to reach compliance regarding information security. Audience: New Residents Information
3.28F LICENSED PERSONNEL EMPLOYEE INTERNET USE AGREEMENT Acceptable Use Policy: Staff The Benton School District provides technology to support teaching, enhance learning, and improve productivity. This
PURPOSE The University of Rochester recognizes the vital role information technology plays in the University s missions and related administrative activities as well as the importance in an academic environment
VIRTUAL LEARNING ACADEMY CHARTER SCHOOL POLICY EMPLOYEE ACCEPTABLE USE POLICY GBEA Goals: The goal of Virtual Learning Academy (VLACS) in providing the technology resources, network services, the Internet
TAUNTON PUBLIC SCHOOLS Internet Acceptable Use and Social Networking Policies and Administrative Procedures A. INTERNET ACCEPTABLE USE POLICY OF THE TAUNTON PUBLIC SCHOOLS I. Mission Statement: Academic
North Clackamas School District 12 Code: IIBGA-AR Revised/Reviewed: 3/06/08; 6/21/12 Orig. Code(s): SP IIBGA Guidelines for the Use of the District s Electronic Communication System Definitions 1. Technology
AGREEMENT FOR ACCESS TO PROTECTED HEALTH INFORMATION BETWEEN WAKE FOREST UNIVERSITY BAPTIST MEDICAL CENTER AND THIS AGREEMENT for Access to Protected Health Information ( PHI ) ( Agreement ) is entered
Administrative Procedure 140 Background RESPONSIBLE USE OF TECHNOLOGY AND THE INTERNET This Administrative Procedure is to guide users in the proper use of technology within the Division. The goal of the
Vermont Information Technology Leaders HIPAA COMPLIANCE POLICIES AND PROCEDURES Policy Number: InfoSec 1 Policy Title: Information Privacy and Security Management Process IDENT INFOSEC1 Type of Document:
Appendix A: Rules of Behavior for VA Employees Department of Veterans Affairs (VA) National Rules of Behavior 1 Background a) Section 5723(b)(12) of title 38, United States Code, requires the Assistant
Faculty/Staff/Community Mountain Home School District Computer and Network Appropriate Use Policy Mountain Home School District is responsible for securing its network and computer systems against unauthorized
State of California California Information Security Office Information Security Program Management Standard SIMM 5305-A September 2013 REVISION HISTORY REVISION DATE OF RELEASE OWNER SUMMARY OF CHANGES
Tehachapi Unified School District EMPLOYEE ACCEPTABLE USE POLICY FOR DISTRICT COMPUTERS, ELECTRONIC DEVICES, NETWORK AND All OTHER ELECTRONIC INFORMATION RESOURCES. The Tehachapi Unified School District
Tenth Judicial Circuit of Florida Information Systems Acceptable Use s Polk, Hardee and Highlands Counties as of January 2014 The following guidelines define the acceptable use of information technology
Southern Law Center Law Center Policy #IT0004 Title: Email Policy Authority: Department Original Adoption: 7/20/2007 Effective Date: 7/20/2007 Last Revision: 9/17/2012 1.0 Purpose: To provide members of
CAYUGA COUNTY POLICY MANUAL Section 11 Subject: Electronic messaging and internet 1 Effective Date: 5/25/10; Res. 255-10 Supersedes Policy of: November 28, 2000 Name of Policy: County Computer Hardware-Software
Dublin City School District Network and Internet Access Agreement for Students Property Page 1 of 7 Any student age 18 and older is to read this form (). Page 5 of this form should then be completed and
INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL 1 INTRODUCTION The County of Imperial Information & Technical Services (ITS) Security Policy is the foundation of the County's electronic information
Caldwell Community College and Technical Institute Employee Computer Usage Policies and Procedures I. PURPOSE: The purpose of this section is to define the policies and procedures for using the administrative
Responsible Use of Technology and Information Resources Introduction: The policies and guidelines outlined in this document apply to the entire Wagner College community: students, faculty, staff, alumni
VICTOR VALLEY COMMUNITY COLLEGE DISTRICT ADMINISTRATIVE PROCEDURE GENERAL INSTITUTION Chapter 3 Computer Use - Computer and Electronic Communication Systems AP 3720(a) Contents 1.0 Introduction...1 2.0
Appendix H: End User Rules of Behavior 1. Introduction The Office of Management and Budget (OMB) has established the requirement for formally documented Rules of Behavior as set forth in OMB Circular A-130.
RESPONSIBLE COMPUTER USE POLICY (ADOPTED AUGUST 3, 2006) on-line at www.ccc.edu I. INTRODUCTION All users shall abide by the following provisions contained herein, or otherwise may be subject to disciplinary
United Tribes Technical College Acceptable Use Policies for United Tribes Computer System 1.0 Policy The purpose of this policy is to outline the acceptable use of computer equipment at United Tribes Technical
1.0 PURPOSE: Internet access to global electronic information sources on the World Wide Web is provided by the City of Battle Creek to assist in obtaining work-related data and technology. The following
Page 1 of 8 I. PURPOSE To outline the University's policies for students, faculty, staff and others, concerning the use of the University's computing and communication resources, including those dealing
Riverside Unified School District Acceptable Use Policy for Employee Use of Technology Resources (Based on Rules and Regulations #4040) It is the policy of the Riverside Unified School District (RUSD or