Acceptable Use of Technology

The following information technology policies apply to all users of Lynn University’s computing assets. In addition to these policies of general applicability, the University has developed employee and student specific information technology policies that must be followed whenever these constituencies utilize University’s computing assets. Should you have questions about University information technology policies, please do not hesitate to contact the Lynn University Information Technology Department.

Acceptable Use Policy

Purpose

The purpose of this Acceptable Use Policy is to outline the acceptable use of the University Technology Resources and to promote the efficient, ethical, and lawful use of such resources.

Policy

It is the policy of Lynn University to maintain access for its community to local, national, and international sources of information and to provide an atmosphere that encourages the open exchange of ideas and sharing of information. Access to this environment and the University’s Information Technology Resources is a privilege and must be treated with the highest standard of ethics and in accordance with all applicable laws.

The University expects all members of the community to use computing and information technology resources in a responsible manner, respecting the public trust through which these resources have been provided, the rights and privacy of others, the integrity of facilities and controls, state and Federal laws, and University policies and standards.

This Policy outlines the standards for acceptable use of University Information Technology Resources by faculty, staff, students, guests, external organizations and affiliated individuals which include, but are not limited to, equipment, software, networks, data, and telephones whether owned, leased, or otherwise provided by the Department of Information Technology (IT) at Lynn University.

IT is responsible for the maintenance and distribution of all University-owned Laptop and Desktop computers. As the owners of the University computers, IT is also responsible for the management, distribution, and approval of all software and software licenses. The installation of any non-University owned or approved software on any University owned computer, unless otherwise specifically allowed under published guidelines for certain University owned computers (such as student designated iPads) is strictly prohibited.

Definitions

Authorized User(s) - are all users of Technology Resources including, but not limited to, employees, temporary employees, faculty, students, alumni, campus visitors, contractors, vendors, consultants and their related personnel, and other users authorized by the University to access its systems and networks.

Customer - any individual (student, parent, faculty, staff, or other third party with whom the University interacts) who receives a financial service from the University and who, in the course of receiving that financial service, provides the University with Personally Identifying Information about themselves.

Directory Information - means information contained in an education record of a student that would not generally be considered harmful or an invasion of privacy if disclosed. The University designates the following categories of student information as public, or directory information: a student’s name, address, telephone listing, date and place of birth, major field of study, participation in officially recognized activities and sports, weight and height of members of athletic teams, dates of attendance, degrees and awards received, the most recent educational agency or institution attended, electronic mail addresses and photographs. It also states that directory information does not include a student’s social security number or student identification number. Directory information however does include, student identification numbers or user identification when such identifiers cannot be used to gain access to education records unless used in conjunction with other factors authenticating the user’s identity.

Information Technology Resources - are assigned computer accounts, email services, and the shared University network(s), which includes resources, staff and facilities operated by the University, whether owned, leased, used under license or by agreement, including, but not limited to: telephones (including Electronic Devices) and telephone equipment, voice mail, SMS, desktop laptop computers, mobile devices, hardware, software, networks, computing laboratories, databases, files, information, software licenses, computing-related contracts, network bandwidth, usernames, passwords, documentation, disks, CD-ROMs, DVDs, magnetic tapes, and other electronic media or storage devices. Email, chat, facsimiles, mail, any connection to the University's network(s) or use of any part of the University’s network(s) to access other networks, connections to the Internet that are intended to fulfill information processing and communications functions, communication services, hardware, including printers, scanners, facsimile machines, any off-campus computers and associated equipment provided for the purpose of University work or associated activities.

Institutional Data - is any information, including Directory Information, PII, and Student and Employee Financial Information, and Public Information that can be linked to any individual, including but not limited to, students, faculty, staff, patients, or contractors. Institutional data and all applications storing and transmitting such data, regardless of the media on which they reside, are valuable assets, which the University has an obligation to manage, secure, and protect.

Employee Financial Information—that information the University has obtained from an employee in the process of offering a benefit or service. Offering a benefit or service includes all University sponsored benefit plans and University financial services such as flexible spending accounts, and personal payroll services. Examples of employee financial information include bank and credit card account numbers, income and credit histories and social security numbers, in both paper and electronic format.

Student Financial Information—that information the University has obtained from a student in the process of offering a financial product or service, or such information provided to the university by another financial institution. Offering a financial product or service includes offering student loans to students, receiving income tax information from a student's parent when offering a financial aid package, and other miscellaneous financial services as defined in 12 CFR 225.28. Examples of student financial information include bank and credit card account numbers, income and credit histories and social security numbers, in both paper and electronic format.

Mobile Device - any handheld or portable computing device including running an operating system optimized or designed for mobile computing. Any device running a full desktop version operating system is not included in this definition.

Personally Identifiable Information (“PII”)- PII is any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual’s identity that is not been designated as directory information, such as social security number, place of birth, mother’s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information relating to an identified or identifiable person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his/her physical, physiological, mental, economic, cultural or social identity.

Public Information - is information, including directory information (unless a student has expressly requested non-disclosure pursuant to FERPA) that is available to the general public.

Procedures/Guidelines

I. Standards of Acceptable and Ethical Use
Preserving the access to information resources is a community effort that requires each member to act responsibly and guard against abuses. Therefore, both the community as a whole and each individual authorized user have an obligation to abide by the following standards of acceptable and ethical use:

1. Use only those computing and information technology resources for which you have authorized;

2. Protect the access and integrity of computing and information technology resources;

3. Abide by applicable laws and University policies and respect the copyrights and intellectual property rights of others, including the legal use of copyrighted software;

4. Use computing and information technology resources only for their intended purpose; and

5. Respect the privacy and personal rights of others.

Failure to comply with the appropriate use of these resources threatens the atmosphere for the sharing of information, the open exchange of ideas, and the secure environment for creating and maintaining information property, and subjects one to discipline. Any member of our community found using information resources for unethical and/or unacceptable practices has violated this policy and is subject to disciplinary proceedings including revocation of system privileges, expulsion from school, termination of employment and/or legal action as may be appropriate.

IT reserves the right to limit or restrict the use of its computing and information technology resources based on institutional priorities and financial considerations, as well as when it is presented with evidence of a violation of University policies, contractual agreements, or state and federal laws.

Although all members of the community have an expectation of privacy, if an authorized user is suspected of violating this Policy, his or her right to privacy may be superseded by the University’s requirement to protect the integrity of information technology resources, the rights of all users and the property of the University. The University, thus, reserves the right to examine material stored on or transmitted through its resources if there is cause to believe that the standards for acceptable and ethical use are being violated by a member of the University community or a trespasser onto its systems or networks.

Authorized users using computer systems owned by the University do so subject to applicable laws and University policies. The University disclaims any responsibility and/or warranties for information and materials residing on non-University systems or available over publicly accessible networks. Such materials do not necessarily reflect the attitudes, opinions, or values of the University, its faculty, staff, or students.

II. Employee Use of Social Media and the Internet during Work Hours
Lynn University acknowledges the growing popularity of social media and other communications as a means for publicly sharing experiences, ideas and opinions. Because of the legal and other ramifications that may stem from public communications, the University has adopted the following policy guidelines that applies during working and non-working time. These guidelines apply to all communications that may be accessed by the public, including, but not limited to blogs, personal web sites, discussion forums, and social media.

All Internet and social media communications activity is subject to the University’s Acceptable Use policies. This activity should not interfere with the employee’s work obligations as determined by the employee’s supervisor.

The following requirements must be met:

Public Internet Communications. This policy applies to all Internet communications that may be accessed by the public, including but not limited to blogs, personal websites, and discussion forums.

Blogging Not Permitted on University Time. All blogging and other Internet activity during work hours and/or using University equipment or connections is subject to the University Internet and Computer Use policies. Blogging and other public internet communications during an employee’s working time should not interfere with the employee’s work obligations as determined by the employee’s supervisor.

During non-working time, the following requirements must be met:

1. Disclaimer required. Any reference to Lynn University, Lynn University employees, or students publicly posted on the Internet must contain a disclaimer indicating that the thoughts and opinions expressed belong to the author and do not necessarily reflect those of the University.

2. Posting of certain protected information prohibited. Employees may not disclose unauthorized trade secrets, confidential business information (e.g., business plans, strategies, customer information, non-directory student records, etc.), or other proprietary information belonging to Lynn University or its customers not otherwise available to persons or firms outside the University to individuals outside the University, including through blogs and other Internet postings.

3. Employees wishing to post blogs or other public internet communications should be aware that copyright and trademark law may restrict the use and copying of material belonging to Lynn University and others. Employees may not violate the intellectual property or privacy rights of others.

4. Other prohibited activities. Lynn University’s Equal Employment Opportunity Policy and its policies against sexual or other harassment apply fully to the use of the Internet, including blogging. If conduct is in violation of our policies and/or is seen as compromising the interest of the University, the University may request that you cease the violative commentary or remove the offensive posting, and may take appropriate disciplinary action.

5. Other guidelines. Employees are reminded that they are personally responsible for material they post on a blog or website. In addition, employees wishing to maintain blogs or websites should be aware that they could be held responsible for content posted by third parties, such as comments. Employees are encouraged to monitor and/or restrict such third party content on any websites or blogs they maintain.

Failure to follow the above guidelines may result in disciplinary action, including possible termination. All blogs and other public Internet communications are subject to the other policies contained in the Lynn University Policy Manual, including but not limited to the Computer Systems Policies, Non-Discrimination and Anti-Harassment Policy, Sexual and Gender-Based Misconduct Policy, and the University’s Political Activities Policy.

To learn more about this policy or the supporting procedures, please contact Information Technology.

Policy updated on: Aug. 21, 2018