• Acceptable Use Policy for Information Technology Systems

    I. PURPOSE 

    The purpose of this policy is to ensure that the College's Information Technology Systems (ITS) are used to further the College's mission.

    II. APPLICABILITY 

    A. This policy applies to all individual users accessing and using computing, networking and information resources through any facility of the College. These users include all Hudson County Community College staff, faculty, administrators, and other persons hired or retained to perform College work.

    B. This policy covers all of the College's IT Systems, including computing, networking, and other information technology resources owned or operated by, procured through, or contracted by the College. Such resources include the College's computing and networking systems (including those connected to the College's telecommunications infrastructure – the College-wide and campus-wide backbones – as well as local area networks), public-access sites, shared computer systems, desktop computers, other computer hardware, software, databases stored on or accessible through the network, ITS/MIS facilities, and communications systems and services.

    III. ACCOUNTABILITY 

    The Chief Information Officer and Directors/Managers of ITS/MIS shall ensure that this policy is implemented. Reports of suspected abuse and other complaints shall be directed to the CIO and shall, upon the concurrence of the Vice President for Administration and Finance, be investigated by the CIO. Specifics of procedure are outlined below, in Section IV-G.

    IV. POLICY 

    A. Privacy:

    The College places a high value on privacy and recognizes its critical importance in an academic setting. There are nonetheless circumstances in which, following carefully prescribed processes, the College may determine that other interests outweigh the value of a user's expectation of privacy and warrant the College's access to relevant IT Systems without the consent of the user. The College is committed to protecting the privacy of users up to the point that this does not compromise institutional resources. Circumstances under which the College may need to gain access are discussed below, together with the procedural safeguards established to ensure access is gained only when appropriate.

    Conditions. In accord with state and federal law, the College may access all aspects of IT Systems, without the consent of the User, in the following circumstances:

    1. When necessary to identify or diagnose systems or security vulnerabilities and problems, or otherwise preserve the integrity of the College's IT Systems; or

    2. When required by federal, state, or local law or administrative rules; or

    3. When there are reasonable grounds to believe that a violation of law or a significant breach of College policy may have taken place and access and inspection or monitoring may produce evidence related to the misconduct;

    or

    4. When such access to IT/MIS Systems is required to carry out essential business functions of the College or

    5. When required to preserve public health and safety.

    In accord with the New Jersey Open Public Records Act, the College reserves the right to access and disclose messages, data, files, and e-mail back-up or archives, if such exist, to law enforcement authorities and others as required by law, to respond to legal processes, and to fulfill its obligations to third parties. Even deleted e-mail is subject to legal discovery during the course of litigation by means of message archives, back-up tapes and un-deleting the message.

    Process. Consistent with the privacy interests of users, access by the College without the consent of the user will occur only with the approval of the CIO and the Vice President for Administration and Finance, except when an emergency entry is necessary to preserve the integrity of facilities or to preserve public health and safety. The College, through the CIO, will log all instances of access without consent. A user will be notified of College access to relevant IT Systems without consent. Depending on the circumstances, such notification will occur before, during, or after the access, at the College's discretion.

    B. General Principles:

    1. Access to information technology is vital to the College's mission of providing its students with educational services of the highest quality.

    2. The College owns its computing, networking, and other communications systems.

    The College also has various license-related rights to the software and information residing on, or developed on, these computers and networks. The College has the responsibility for the security, integrity, maintenance, and confidentiality of its communication systems.

    3. The College's IT Systems exist to support staff, faculty, administrators, consultants, and students, as they carry out the mission of the College. Toward these ends, the College encourages and promotes the use of these resources by the College community for their intended purposes. Access to and use of these resources for purposes or activities, which do not support the College's mission are subject to regulation and restriction to ensure that they do not interfere with legitimate work; and any access to or use of these resources and services that interferes with the College's mission and goals is prohibited.

    4. When demand for computing, networking, and information resources exceeds available capacity or resources, priorities shall be established for allocating the resources, with a higher priority given to activities essential to the mission of the College. The Vice Presidents, in conjunction with the Chief Information Officer, shall recommend these priorities to the President.

    5. The College has the authority to control or refuse access to anyone who violates this policy and/or threatens the rights of other users or the availability and integrity of the systems and the information. Actions that may be taken under this authority include deactivating accounts, access codes or security clearances; stopping processes; deleting affected files; and disabling access to computing, networking, and information resources.

    B. Rights of Users:

    1. Privacy and confidentiality: As described more fully in section IV A (above), the College will generally respect users' rights to privacy and confidentiality. However, by their technological nature, electronic communications, especially e-mail connected to the Internet, may not be secure from unauthorized access, viewing, or infringement.
    Although the College employs technologies to secure certain categories of electronic messages, confidentiality of e-mail and other electronic documents cannot always be assured. Therefore, good judgment dictates the creation only of electronic documents that may become public without embarrassment or harm. 

    2. Safety: The use by College faculty, staff or administrators of the College's IT Systems to transmit threatening, harassing, or offensive communication (or the display of offensive images or materials) is a violation of College policy and may subject the violator to severe sanction. Threatening, harassing or offensive communications received by College personnel over the network should be reported to the CIO as soon as possible.

    C. Responsibilities of Users:

    1. Individuals with access to the College's computing, networking and information resources have the responsibility to use them in a professional, ethical, and legal manner. Users are required to take reasonable and necessary measures to safeguard the operating integrity of the systems and their accessibility by others, while acting in a manner to maintain an academic and work environment conducive to carrying out the College's mission efficiently and productively. Specifically, responsibilities of users include:

    a. Respecting the rights of others, including their rights to intellectual property, privacy, and freedom from harassment;

    b. Safeguarding the confidentiality of sensitive College information and the privacy of student information in accordance with FERPA and College policy;

    c. Using systems and resources so as not to interfere with or disrupt the College’s normal daily operations;

    d. Protecting the security and the integrity of information stored on College IT/MIS Systems;

    e. Knowing and obeying College and unit-specific policies and procedures governing access and use of College IT Systems and of information on those systems.

    D. Specific Proscriptions on Network Use:

    1. Individuals are prohibited from sharing passwords or log-in IDs or otherwise giving others access to any system for which they are not the individual responsible for the data or system. Users are responsible for any activity conducted with their computer accounts and are responsible for the security of their passwords. Only authorized persons may use the College's IT/MIS Systems.

    2. Individuals may not use another person's network account or try to obtain passwords or access codes to another's network account to send or receive messages.

    3. Individuals may not identify themselves and their affiliation inaccurately or inappropriately in electronic communications and may not disguise the identity of the network account assigned to them or represent themselves as someone else.

    4. The College's communications systems may not be used to harass, intimidate, threaten or insult others; to interfere with another's work or education; to create an intimidating, hostile or offensive working or learning environment; or to conduct illegal or unethical activities, including plagiarism and invasion of privacy.

    5. The College's networks may not be used to gain or attempt to gain unauthorized access to remote networks or computer systems.

    6. Individuals are prohibited from deliberately disrupting the normal operations of the College's computers, workstations, terminals, peripherals or networks.

    7. Individuals may not run or install on any College computer system a program that may result in damage to a file or compromise the integrity of the College's systems or the integrity of other computing environments via the College's network (e.g., computer viruses, personal programs). If a user suspects that a program he or she intends to install or use may cause such an effect, the user must consult with ITS/MIS before any such installation or use.

    8. Individuals are prohibited from circumventing or avoiding access- and use-authentication systems, data-protection mechanisms, or other security safeguards.

    9. Individuals must not violate any applicable copyright laws and licenses, and they must respect other intellectual-property rights. Information and software accessible on the Internet is subject to copyright or other intellectual-property-right protection. College policy and the law forbid the unauthorized copying of software that has not been placed in the public domain and distributed as "freeware." Therefore nothing should be downloaded or copied from the Internet unless express permission to do so is stated by or received from the owner of the material, and the owner's requirements or limitations on use of the material are observed. The use of software on more than the licensed number of computers and unauthorized installation of unlicensed software are also prohibited.

    "Shareware" users must abide by the requirements of the shareware agreement.

    10. Activities that waste or unfairly monopolize computing resources and do not promote the College's mission are prohibited. Examples of such activities include unauthorized mass e-mailings; electronic chain letters, junk mail and other types of broadcast messages; unnecessary multiple processes, output or traffic; exceeding network directory space limitations; game-playing, "surfing" the internet for recreational purposes, or other non-work related applications during business hours; and excessive printing.

    11. Reading, copying, changing or deleting programs or files that belong to another person or to the College without permission is prohibited.

    12. The College's computing resources may not be used for commercial purposes or personal financial gain.

    13. Use of the College's IT Systems that violates local, state or national laws or regulations or College policies, standards of conduct, or guidelines is prohibited. E. E-mail Communications:

    1. The College's e-mail system exists to support the work of the College and the use of this e-mail system must be related to College business. However, incidental personal noncommercial use that does not generate a direct cost for the College and does not interfere with or compete with legitimate College business is also permitted.

    2. Electronic communications whose meaning, transmission or distribution is illegal, unethical, fraudulent, defamatory, harassing, or irresponsible are prohibited. College email systems must not be used for communication of content that may be considered inappropriate, offensive or disrespectful to others.

    3. Appropriate professional standards of civility and decency should be observed in all electronic communication.

    4. All e-mail correspondence relating to College business (including that sent to students and/or prospective students) should be sent with a plain white background and should not use any type of decorative stationery.

    5. E-mails sent through the College system shall not include tag lines (other than electronic business cards), quotes, animations, or personal affirmations,

    6. Broadcast e-mails shall not be sent to the College Community unless they contain information regarding College policy, College news, a College-sponsored event or otherwise affect the College Community as a whole. Items for sale, donation requests, and other non-College business matters, are prohibited, and shall not be sent from the College’s e-mail system.

    F. World Wide Web:

    1. The Hudson County Community College Web site is an official publication of the College. All information contained on Web pages must be accurate and reflect official College policy.

    2. Official College Web pages are held to the same standards as any College print publication. The CIO, Director of Marketing and College Relations, Web Services Manager and/or the pertinent Vice President or his designee, shall have the ultimate responsibility for the content and design of each page.

    3. The currency and accuracy of Official Hudson County Community College Web pages, shall be regularly reviewed by the Web Services Manager, or College staff responsible for that area of the College. Individual departments are responsible for communicating revisions and updates, as they occur, to the Web Services Manager, who will review them and arrange for their posting.

    G. Non-compliance and Sanctions:

    Non-compliance with this policy may result in denial or removal of access privileges to the College's electronic systems; disciplinary action under applicable College policies and procedures; civil litigation; and/or criminal prosecution under applicable state and federal statutes.

    The process for investigation into suspected abuses and non-compliance with this policy is as follows:

    • Reports of suspected abuse are directed to the CIO.

    • If there is concurrence by the Vice President for Administration and Finance, the
    CIO investigates.

    • If abuse is discovered, the CIO reports it to the appropriate divisional Vice President, who will determine appropriate disciplinary action.

    V. ATTACHMENTS 

    Network, E-mail and Internet Accounts Policy

    E-mail Policy

    Receipt and Acknowledgement of Policy

    Hudson County Community College 

    Network, E-mail and Internet Accounts Policy 

    Eligible for Accounts are the following: 

    1. All salaried Hudson County Community College full-time staff.

    2. All adjunct faculty and other consultants engaged by the College through letters of agreement, memoranda of understanding, or contract.

    3. All members of the Board of Trustees.

    4. Hudson County Community College part-time staff who have a demonstrated need for computer resources available from ITS/MIS (other than general Internet access) in connection with their work at the College-eligible for temporary accounts.

    5. Employees of affiliated educational institutions that have relationships with Hudson County Community College and have a demonstrated need for computer resources available from ITS/MIS (other than general Internet access) in connection with their work at the College - eligible for temporary accounts.

    6. Affiliated organizations with an academic mission whose activities in connection with the College require computing resources the affiliate cannot reasonably supply on its own-eligible for temporary accounts.

    An account will be removed for any of the following reasons: 

    1. The account holder no longer meets the eligibility requirements.

    2. The account is established as temporary and the expiration date has been reached without renewal.

    3. The account has not been accessed in 18 consecutive months.

    Passwords 

    1. Accounts will be opened with a pre-assigned password that must be changed upon logging in for the first time.

    2. It is strictly forbidden to share or divulge passwords.

    Hudson County Community College 

    E-mail Policy 

    Individuals with access to the College's IT Systems have the responsibility to use them in a professional, ethical and legal manner. Users are required to take reasonable and necessary measures to safeguard the operating integrity of the systems and their accessibility by others, while acting in a manner that maintains an academic and work environment conducive to carrying out the College's mission efficiently and productively.

    Electronic communications whose meaning, transmission or distribution is illegal, unethical, fraudulent, defamatory, harassing or irresponsible are prohibited. Electronic communications should not contain anything that could not be posted on a bulletin board, seen by unintended viewers or appear in a College publication. Material that may be considered inappropriate, offensive or disrespectful to others should not be sent or received as electronic communications using College facilities. The CIO will oversee the enforcement of this policy.

    I. Actions Considered Violations of this e-mail policy are as follows: 

    • Sending unauthorized bulk e-mail messages ("junk mail" or "spam").

    • Using e-mail for harassment, whether through language, frequency, content, or size of messages.

    • Forwarding or otherwise propagating chain letters and pyramid schemes, whether or not the recipient wishes to receive such mailings.

    • Malicious e-mail, such as "mail-bombing," or flooding a user site with very large or numerous pieces of email.

    • Forging of sender information other than accountname@hccc.edu or other preapproved header address.

    • Sending e-mail for commercial purposes or personal financial gain.

    The College has the right to remove access to accounts found in violation of this policy.

    II. E-mail Rules and Controls 

    • The College does not archive e-mail.

  • Contact Information

    Information Technology Services
    70 Sip Avenue, Third Floor
    201-360-4310

    its@hccc.edu