Policy Statement: Guilford College upholds standards of good digital citizenship and stewardship through use of technology and information resources in compliance with campus policies; applicable laws, rules and regulations; and in support of the mission, values, and operational stability of the institution.

Purpose/Reason for Policy: Information and technology resources are critical assets of Guilford College for fulfillment of its educational mission. It is essential that all members of the Guilford community access and use these resources appropriately with understanding and respect for individual and collective rights and responsibilities. Policies governing access to these resources are made with the guiding principle that providing responsible, reliable, and ethical service to the community as a whole is of the highest priority.

Scope/Covered Persons: This policy applies to all users of information and technology resources (i.e., faculty, students, staff, affiliates, guests and visitors), and to all systems owned by the College and to any systems connecting to the College’s network.  Use of College systems or information and technology resources signifies understanding and agreement with these terms. 

Definitions: 
Information and technology resources: Information Technology & Services (ITS), Library & Learning Technologies, Quaker Archives and other Guilford College information system resources include computers, mobile devices, networks, servers, software, online information systems, databases, ebooks and other academic online resources, audiovisual and streaming media, electronic communications and messaging systems, College social media accounts, other digital and analog information sources, and the means by which these resources are accessed.

The Policy: 
Individual Responsibilities and Rights: Individuals must observe the following principles when accessing and using Guilford College information and technology resources:

• Be aware of the shared nature of the College’s information and technology resources and your potential impact on the ability of others to use these resources effectively.
• Be mindful of the academic mission associated with these resources.
• Respect the College's identity and values in your use of  electronic communications.
• Practice good citizenship in your compliance with local, state, and federal laws; as these laws apply to copyright and fair use, intellectual property, and the College’s contractual and licensing obligations and related policies.
• Understand that Guilford College information systems and electronic resources exist to conduct College business. Although reasonable and limited personal use is not prohibited by this policy, such use must be in accordance with College policies and other applicable policies, laws, and regulations, and must not interfere with the educational mission of the College or the security and operational integrity of information and technology resources. 

Information System Accounts: Individuals are responsible for the appropriate use of their Guilford-issued information system accounts, including email and network accounts. Exchange of passwords, email, or network accounts is prohibited; this applies to all persons including friends, acquaintances, associates, and family members.  Unauthorized use of an individual’s email or network account or attempt to gain access to an account other than your own also is prohibited.  Because individuals’ usernames and passwords constitute legally binding unique identities, they are responsible for any action, authorized or unauthorized, performed using their credentials.

Personally Owned Technology: Individuals are responsible for ensuring their personally owned devices are fully updated for protection against viruses, malware, and other threats. Should a device be affected to the extent that it causes network disruption or other risks to Guilford information systems, its connection will be disabled until the problem is resolved.

Confidentiality and Privacy: Guilford takes reasonable steps to protect users from unauthorized entry into their accounts or files, whether by other users or by systems administrators. The College complies with applicable privacy and data protection laws, rules, and regulations; including the Family Educational Rights and Privacy Act (FERPA), the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), and the North Carolina Identity Theft Protection Act.    
The College does not routinely monitor the content and communications created by individuals and accessible through Guilford’s information systems. Access by others may, however, be sanctioned in instances where systems-related, legal, safety or business continuity issues require such entry. This access may be required for reasons that include, but are not limited to:

• troubleshooting hardware and software problems;
• preventing unauthorized access and system misuse;
• providing for the overall efficiency and integrity of the systems;
• protecting the rights, property, and operational continuity of the College;
• ensuring compliance with software and copyright/distribution;
• assuring computer systems meet college requirements for virus protection and operating system updates;
• enforcement of other College policies, including those relating to access to and use of information and technology resources;
• complying with legal and regulatory requests for information.

The College takes reasonable steps to prevent the dissemination of information concerning individual users and their access and use of information and technology resources. It is the policy of the College to disclose neither the contents of electronic mail, data files, or other content stored in or transmitted via institutional information and technology resources, nor the activities of individuals accessing information and technology resources via the campus network, to other individuals within or outside the College community except:

• when required to do so by court order/ subpoena;
• during investigations related to violations of College policies, or other applicable policies, laws, and regulations; 
• in health and safety emergencies;
• when the user of the account is unavailable for an extended period, and the information contained in the account is necessary to conduct college business;
• when the user of the account leaves the College;
• when the user of the account dies;
• by permission of the account holder. 

Examples of inappropriate use of information and technology resources: Conducting illegal activities using the College’s information and technology resources is strictly prohibited and will be acted upon in accordance with the law.  The following are examples – i.e. not all inclusive – of inappropriate use of Guilford College information and technology resources relating to malicious misuse of access privileges, unacceptable use of software and hardware, inappropriate network access, inappropriate use of electronic mail and other messaging systems, and inappropriate internet access.  In all cases, knowingly using systems in ways that violate College policies is strictly prohibited.

• Malicious misuse of access privileges includes:
  • using IDs or passwords assigned to others; 
  • disrupting the network; destroying information; tampering with resources available from public computers; and spreading viruses; 
  • sending threatening or harassing email or other electronic messages to others; 
  • invading individuals’ privacy; 
  • using information systems and data access for purposes other than those for which they were intended or assigned;
  • misrepresenting needs to gain access to privileged or confidential data or information;  
  • and providing email addresses, phone numbers, or other contact information of others to electronic mailing lists, bulk mailers, or other mass communication systems without their knowledge and approval.
• Unacceptable use of software and hardware includes:
  • knowingly or irresponsibly running or installing unlicensed software on any college computer system or on the campus network; 
  • running or installing any program that places an excessive burden on a college computer system or the campus network, or compromises the security of the system or network; 
  • use of software no longer supported with updates or patches that is determined to pose a security risk;
  • use of College computers and networks for personal business activity; 
  • violating software licensing agreements, including illegal copying or reproducing of any licensed software; 
  • violating copyright laws and their fair use provisions through inappropriate reproduction or dissemination of copyrighted text, images, or other materials; 
  • using imaging equipment for unauthorized duplication, alteration and subsequent reproduction of official documents.
• Inappropriate access, in some cases, may be considered criminal behavior and includes: 
  • the unauthorized use of a computer account; 
  • providing misleading information to gain access to resources and technology; 
  • using the campus network to gain unauthorized access to any computer system; 
  • connecting unauthorized equipment to the campus network including wireless access points; 
  • unauthorized attempts to circumvent data protection schemes to uncover security loopholes (including creating and/or running programs that are designed to identify security loopholes and/or decrypt intentionally secure data); 
  •  knowingly or recklessly performing an act that will interfere with the normal operation of computing devices, peripherals, or networks; and 
  • intentionally wasting or overloading college computing resources, such as printing an excessive number of copies of a document.
• Inappropriate use of email, text messaging and other electronic messaging systems; of College social media; and of other College information systems includes: 
  • initiating and propagating spam and other inappropriate mass messaging including multiple mailings to newsgroups, mailing lists, or individuals; 
  • forging the identity of a user or machine in an electronic communication or sending anonymous messages; 
  • using another individual’s account or identity to send messages; 
  • attempting to monitor or tamper with another’s electronic communications; 
  • reading, copying, changing, or deleting another’s files or software without the explicit knowledge and agreement of that person; or 
  • using email or other College communication systems to solicit or proselytize others for commercial ventures or for personal gain.

Furthermore, any limited personal use of College information systems and/or electronic resources must not interfere with activities which directly support the College’s educational mission, or interfere with employee job performance and the safety and security of information systems. Use of College resources for personal business or other personal commercial activities is prohibited. The College retains discretion to further restrict or forbid personal use as deemed necessary.

Institutional Responsibilities and Rights: Guilford College reserves the right to appropriately and responsibly allocate information and technology resources and therefore may suspend or terminate individuals’ access privileges without notice when malicious misuse or use inconsistent with this policy, any other College policy, or other applicable policy, law, or regulation is evidenced.  Privileges also may be suspended, without notice, to meet time-sensitive and/or critical operational needs. 
The College reserves the right to review, access, or monitor any communication or data stored on or transmitted through its network to facilitate investigation when there is reason to believe that its information and technology resources are being or have been used in violation of the legal rights of any other person or entity or of any institutional, city, county, state or federal law, regulation or policy.  Except for disclosure to law enforcement officials or as otherwise may be provided by law, Guilford will attempt to provide reasonable notice under the circumstances prior to disclosure to any outside party of such information, communication or data belonging to any holder of a network, email or other Guilford information system account.

Indemnification: Members of the Guilford College community agree, in consideration of access to the College's information and technology resources, to indemnify, defend, and hold harmless the College for any suits, claims, losses, expenses or damages, including, but not limited to, the user's access to or use of the College's computing; networking; and library and learning technologies resources, services, and facilities.

Roles and Responsibilities: All employees, students, affiliates, volunteers, guests and visitors have a duty to abide by the Information and Technology Resources Appropriate Use Policy and abide by all laws and regulations applicable to use of College information and technology resources. Information Technology Services and Library and Learning Technologies, with other campus offices as appropriate, will investigate suspected violations of this policy and take appropriate actions to address violations. Compliance: Violation of this policy may result in disciplinary action being taken against the responsible employee, student worker, affiliate, volunteer, guest or visitor. After investigation, if it is found that an employee intentionally violated this policy, disciplinary action may be taken.  Disciplinary action may include, but is not limited to, revocation of information system accounts and access privileges, access to College-owned technology assets and facilities, demotion, suspension, termination of employment, and/or possible criminal or civil prosecution under Federal or State statutes.

Other related Policies, Regulations, Statutes and Documents:

• Access to Student Records — FERPA
• College Telephones 
• Confidential Information
• Copyright, Fair Use, and Intellectual Property 
• Data Classification (under development)
• Digital Millennium Copyright Act (DMCA), the U.S. Copyright Act, and the Higher Education Opportunity Act (HEOA) Compliance
• HIPAA (Privacy of Health Information)
• Identity Theft Prevention
• Policy Violation Report Form: Appropriate Use of Information and Technology Resources
• Protection of Social Security Numbers
• Social Media

NOTE: Copyright, Fair Use, and Intellectual Property and Digital Millennium Copyright Act (DMCA) policies include summaries of penalties for violation of federal copyright laws. Procedures: Any confirmed or suspected violations of this policy should be reported via the Policy Violation Report Form: Appropriate Use of Information and Technology Resources.

Responsible Offices: Information Technology Services, and Library and Learning Technologies

Approval Authority: Guilford College President

Revision History: November 28, 2022: Policy approved by President.

Supersedes “Computing Resources, Network and Email Use” (rev. June 2018).