Announcements
Posted: Wednesday, November 2, 2011College Policy on the Use of Electronic Resources
From the Interim Vice President for Finance and Management
Introduction
Buffalo State electronic resources (including such services as e-mail, Internet access, and file and print services) are made available to employees to facilitate the official work of the college. These electronic resources are provided for employees and people legitimately affiliated with the college for the efficient exchange of information and the completion of assigned responsibilities consistent with the mission of the college.
The use of campus electronic resources by any employee or other person authorized by the college must be consistent with this electronic resources policy and other applicable policies.
Principles of Acceptable Use
Buffalo State users of campus electronic resources are required
- to respect the privacy of other users: for example, users shall not intentionally seek information on, obtain copies of, or modify files or data belonging to other users unless explicit permission to do so has been obtained;
- to respect the legal protection provided to programs and data by copyright and license;
- to protect data from unauthorized use or disclosure as required by state and federal laws and SUNY and college regulations;
- to respect the integrity of computing systems: for example, users shall not use or develop programs that harass other users or infiltrate a computer or computing system or damage or alter the software components of a computer or computing system;
- to safeguard their accounts and passwords. Accounts and passwords are normally assigned to single users and are not to be shared with any other person without authorization. Users are expected to report any observations of attempted security violations.
Unacceptable Use
It is not acceptable to use Buffalo State electronic resources
- for activities unrelated to the college mission;
- for activities unrelated to official assignments or job responsibilities;
- for any illegal purpose;
- to transmit threatening, obscene, or harassing materials or correspondence;
- for unauthorized distribution of NYS data and information;
- to interfere with or disrupt network users, services, or equipment;
- for private purposes such as marketing or business transactions;
- for solicitation of religious or political causes;
- for unauthorized not-for-profit business activities;
- for private advertising of products or services;
- for any activity meant to foster personal gain.
E-mail Privacy and Access
E-mail messages are not personal or private. E-mail system administrators will not routinely monitor individual staff members' e-mail and will take reasonable precautions to protect the privacy of e-mail; however, program managers and technical staff may access an employee's e-mail
- for a legitimate business purpose (e.g., the need to access information when an employee is absent for an extended period of time);
- to diagnose and resolve technical problems involving system hardware, software, or communications;
- to investigate possible misuse of e-mail when a reasonable suspicion of abuse exists, or in conjunction with an approved investigation.
Staff members are prohibited from accessing another user's e-mail without his or her permission.
Staff members must not e-mail personally identifiable and protected information (such as Social Security numbers, dates of birth, driver’s license numbers, class schedules, grades, health information, etc.) unless the data is in encrypted format. For information on how to encrypt a Word or Excel document, see www.buffalostate.edu/cts/documents/ext-encryptfiles.pdf.
E-mail messages sent or received in conjunction with college business may
- be releasable to the public under the Freedom of Information Law;
- require special measures to comply with the Personal Privacy Protection Law.
All e-mail messages, including personal communications, may be subject to discovery proceedings in legal actions.
Management and Retention of E-mail Communications
Applicable to all e-mail messages and attachments:
Since e-mail is a communication system, messages should not be retained for extended periods of time. If a user needs to retain information in an e-mail message for an extended period, the message should be transferred from the e-mail system to an appropriate electronic or other filing system.
Applicable to records communicated via e-mail:
E-mail created or received in the normal course of official business and retained as evidence of official operations, functions, policies, procedures, actions, decisions, transactions, or other activities are records subject to records management requirements under the New York State Arts and Cultural Affairs Law (Article 57-A) and specific program requirements. The SUNY policy on records retention and disposition is available at www.buffalostate.edu/recordspolicy.
The Buffalo State e-mail address is the only one that is recognized by the college; therefore, faculty and staff members must use the Buffalo State e-mail address when corresponding via e-mail in an official capacity with students, and must not copy any additional outside e-mail addresses. Inquiries from outside e-mail addresses should be treated as public inquiries—only general information (no student-specific information) may be shared in the response.
The college has developed electronic letterhead to be used for the electronic distribution of official college documents (records). The letterhead is available at www.buffalostate.edu/collegerelations/x861.xml and should be used in Word or e-mail documents that are to be distributed in electronic format only. Questions regarding electronic letterhead usage should be directed to the College Relations Office: Cleveland Hall 307, ext. 4201, or collrel@buffalostate.edu.
Examples of messages sent by e-mail that typically constitute records include
- policies and directives;
- correspondence or memoranda related to official business;
- work schedules and assignments;
- agendas and minutes of meetings;
- any document that initiates, authorizes, or completes a business transaction;
- final reports or recommendations.
Some examples of messages that typically do not constitute records are
- personal messages and announcements;
- copies or extracts of documents distributed for convenience or reference;
- phone message slips;
- announcements of social events.
Record Retention
Records communicated using e-mail need to be identified, managed, protected, and retained in accordance with New York State Law and SUNY policy.
Users should
- delete e-mails after messages and attachments are opened and records have been saved in an appropriate electronic or paper file outside the e-mail system. Messages and attachments that are records should be maintained and disposed of consistent with applicable schedules for those records (www.buffalostate.edu/recordspolicy);
- delete transitory e-mails—those that do not contain records of official operations or functions—when they are no longer needed. Many e-mail communications are not records and are therefore suitable for immediate destruction.
Agency Rights
Pursuant to the Electronic Communications Privacy Act of 1986 (18 USC 2510 et seq.), notice is hereby given that there are NO facilities provided by this system for sending or receiving private or confidential electronic communications.
The college reserves the right to log network use and monitor file server space utilization by users and assumes no responsibility or liability for files lost due to violation of file server space allotments.
The college reserves the right to remove a user account or device from the network.
The college will not be responsible for any damages that result from the use of campus electronic resources. This includes the loss of data resulting from delays, nondeliveries, or service interruptions caused by negligence, errors, or omissions. Use of any information obtained is at the user's risk.
Enforcement and Violations
This policy is intended to be illustrative of the range of acceptable and unacceptable uses of the electronic facilities and is not necessarily exhaustive. Questions about specific uses related to security issues not enumerated in this policy statement and reports of specific unacceptable uses should be directed to the associate vice president for computing and technology services. Other questions about appropriate use should be directed to your supervisor.
The college will review alleged violations of the Policy on the Use of Electronic Resources on a case-by-case basis. Clear violations of the policy that are not promptly remedied may result in termination of network access for the person(s) at fault and referral for disciplinary actions as appropriate.
Policy date: September 2002
Revised: August 2010