Approved December 2003
Privacy and Related Issues
E-mail is not a confidential medium and users are discouraged from sending any confidential information via the e-mail medium. If it is found necessary to send confidential information via e-mail, the following confidentiality statement should appear in the body of the e-mail:
This communication and any files or attachments transmitted with it may contain information that is confidential, privileged and exempt from disclosure under applicable law. This communication is intended solely for the use of the individual or entity to which it is addressed. If you are the intended recipient of this information, please treat it as confidential information and take all necessary action to keep it secure.
If you are not the intended recipient, you are hereby notified that any use, dissemination, forwarding, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender at once so that appropriate action may be taken to protect the information from further disclosure.
University Attempts to Protect Confidentiality
The university attempts to protect the confidentiality of personally identifiable electronic communications by the following methods:
- Recommending the use of more secure media than standard e-mail for the transmission of confidential information (e.g., PGP Keys or other encryption methods) and providing a "secure mail" option in the Internet email client.
- Requiring a confidentiality statement in each e-mail containing confidential information.
- Requiring all users to obtain a username and password from the university in order to have the ability to use university e-mail.
- To assist in protecting all information, users must adhere to the published password policies and guidelines to ensure strong and consistent password creation.
- Encouraging employees not to leave computers on and unattended.
- Encouraging employees to use encryption software when transmitting confidential e-mail or documents, or "lock files" when appropriate.
- Providing firewalls and other pertinent hardware and software methods to protect the e-mail system from external intrusions.
Additional Information Regarding Privacy
In addition to the provisions outlined in this policy, individuals who expect to have access to confidential information should familiarize themselves with the Family Education Rights and Privacy Act (FERPA) a copy of which is located at the following Web address:
Faculty Staff and Students
All electronic systems owned by the university and the use of electronic tools on them such as e-mail and the Internet are for university business and educationally-related purposes only. All data, communications and information, including information transmitted or stored on the university system are subject to inspection or monitoring at any time by authorized university officials.
Examples where authorized university officials may access or enter electronic files (including e-mail files) and disclose the information contained in them, include, but are not limited to:
- Pursuant to a valid search warrant, court order, or freedom of information act request;
- Emergency situations where the physical safety or well being of a person may be affected or university property may be damaged or destroyed;
- Reasonable cause exists to suspect a violation of law or university policy, including inappropriate use is occurring;
- If necessary to maintain the integrity of the computer system or to protect the rights or property of the university.
Examples of inappropriate use of the university electronic systems include, but are not limited to:
- Creating, transmitting, executing or storing malicious, threatening, harassing, obscene or abusive messages, images, programs or materials;
- Any activity that negatively affects use of university computer resources (eg. Games, excessive chat, etc.);
- Copying or transmitting copyrighted material, including, but not limited to software, music, movies or other material;
- Commercial or profit-making activities, including solicitation, that are unrelated to the university's mission;
- Violating university security, damaging university systems, or using computing privileges to gain unauthorized access to any university computer system or any computer system on the Internet;
- Any activity that violates federal, state, or local laws or university policies or regulations;
- Fundraising for any purpose unless approved by the Vice President for Development;
- Using anyone else's password(s) to gain access to university electronic systems;
- Removing or defacing hardware, software, or manuals from labs, offices, or other university facilities.
Misuse, violation of the university's e-mail policy, or other inappropriate use of the university's e-mail or computer network by faculty or staff may result in disciplinary action as set out in the faculty and staff handbooks and and/or legal action.
Misuse, violation of the university's e-mail policy, or other inappropriate use of the university's e-mail or computer network by students may result in disciplinary action as set out in the student handbook and and/or legal action.
For greater detail regarding appropriate and inappropriate use of university computers, please refer to the posted policy at https://support.atu.edu/link/portal/16084/16101/Article/423/Appropriate-Use-of-Computer-Resources
Computer File Retention
• Computer files, including e-mail backup tapes, more than thirty (30) days old will be destroyed on June 30th and December 31 each year. If the university is involved in any litigation, legal counsel will be consulted before deleting files or
erasing backup tapes related to such litigation.
• E-mail messages, to the extent practicable, should be read and discarded promptly at the personal computer level. If an employee needs to retain a copy of an e-mail message for a longer period of time, it should be printed out or stored on
the computer's hard drive.
• E-mail messages, even though "deleted" by the employee, may be recoverable or may be retained on system backups indefinitely.
• The university will determine how to truly "delete" unwanted files or messages from the system and routinely "delete" those files and messages within thirty (30) days.
• The university will "delete" a previous employee's computer files and e-mail messages as well as any remaining backup tapes of that employee's files and messages within ninety (90) days after departure if the employee departs under normal
circumstances of resignation or transfer. If the employee is terminated for "cause" the university will immediately remove access to electronic communication and any electronic files or messages, including backup tapes, will be deleted as soon
as it is deemed reasonable by the university.
Last Updated (Monday, 03 May 2010 - 2:14:58 pm CDT)