ADMINISTRATIVE REGULATIONS TABLE OF CONTENTS

Transcription

1 ADMINISTRATIVE REGULATIONS TABLE OF CONTENTS 8000 INFORMATION TECHNOLOGY R 8100 Intrductin and Gvernance R R R R R R R 8200 Apprpriate Use 8300 Access 8400 Data Security 8500 Hardware and Sftware Supprt 8700 Electrnic Cmmunicatin 8750 Mbile Cmmunicatins 8910 Privacy Ntificatin

2 INFORMATION TECHNOLOGY Regulatin 8100 Intrductin and Gvernance The Bard f Trustees authrizes the use f infrmatin technlgy t supprt an effective and efficient envirnment fr high-quality instructin and infrmatin and t Enhance cmmunicatin, access, and the Cllege s ability t meet the needs f students and ther stakehlders. The Educatinal Technlgy Services Advisry Cmmittee (ETS-AC) wrks cllabratively with the varius administrative and faculty cmpnents f the Cllege in facilitating, develping and implementing the effective and efficient use f technlgy. The ETS-AC advises the Chief Infrmatin Officer. The Chief Infrmatin Officer submits recmmendatins t the President r the Executive Leadership Team, as apprpriate. The ETS-AC charge includes the fllwing respnsibilities: 1. Review and advise n majr prjects and services utilizing technlgy, especially by setting pririties, bjectives and standards fr prjects and services. 2. Recmmend plicies and prcedures cncerning infrmatin technlgy systems, security, sftware, hardware, and related matters. Develp an appeal prcedure fr deviatins frm these standards. 3. Make recmmendatins regarding technlgy equipment and initiatives. 4. Recmmend pririties fr annual budgets and fr allcatin f funds. 5. Facilitate Cllege-wide cmmunicatin regarding the use f technlgy. 6. Crdinate and disseminate infrmatin n upgrades f central cmputing systems. 7. Serve as a frum fr the exchange f ideas amng cnstituents. 8. Develp annual IT tactical plans based upn the IT Strategic Plan. The ETS-AC membership includes the fllwing members: The Chief Infrmatin Officer, chair Designee appinted by the Vice President fr Business Services Faculty designee appinted by the Vice President fr Educatinal Services Technical dean r department chair designee appinted by the Vice President fr Educatinal Services Designee appinted by the Vice President fr Institutinal Advancement Prfessinal staff designee appinted by the Vice President fr Student Services Classified staff designee appinted by the Vice President fr Student Services Designee appinted by the President AQIP IT Imprvement team representative The ETS Technical Directr, nn-vting, ex-ffici The ETS Manager f Instructinal Technlgy Services, nn-vting, ex-ffici Members will serve a tw year term, with half the members being replaced each year.

3 Infrmatin Technlgy Regulatin 8200 Apprpriate Use State Fair Cmmunity Cllege shall prvide cmputing and netwrking resurces t the campus cmmunity f students, faculty, staff, and the public t supprt its educatinal missin. The cmputing and netwrking facilities are a Cllege resurce. Cmputers and netwrks can prvide access t resurces n and ff campus, as well as the ability t cmmunicate with ther users wrldwide. Such pen access is a privilege, and requires that individual users act respnsibly. Users shall respect the rights f ther users, respect the integrity f the systems and related physical resurces, and bserve all relevant laws, regulatins, and cntractual bligatins. Cmputing and netwrking resurces shall always be used in cmpliance with all internatinal, federal, state, and lcal laws. This regulatin applies t all users f SFCC and cmputing and technlgy resurces including faculty, staff, students, guests, external individuals r rganizatins and individuals accessing external netwrk services, such as the internet via Cllege facilities. Preserving the access t infrmatin resurces is a cmmunity effrt that requires each member t act respnsibly and guard against abuses. Therefre, bth the cmmunity as a whle and each individual user have an bligatin t abide by the fllwing standards f acceptable and ethical use: Use nly thse cmputing and infrmatin technlgy resurces fr which yu have authrizatin. Use cmputing and infrmatin technlgy resurces nly fr their intended purpse. Prtect the access and integrity f cmputing and infrmatin technlgy resurces. Abide by the applicable laws and cllege plicies and respect cpyrights and intellectual prperty rights f thers, including the legal use f cpyrighted sftware. Respect the privacy and persnal rights f thers. Failure t cmply with the apprpriate use f these resurces threatens the atmsphere fr the sharing f infrmatin, the free exchange f ideas and the secure envirnment fr creating and maintaining infrmatin prperty and subjects ne t discipline. Any member f the Cllege cmmunity fund using infrmatin resurces fr unethical and unacceptable practices has vilated this plicy and is subject t disciplinary prceedings including the suspensin f system privileges, expulsin frm schl, terminatin f emplyment, and/r legal actin as may be apprpriate.

4 Regulatin 8200 Page 2 SFCC reserves the right t limit r restrict the use f its cmputing and infrmatin technlgy resurces based n institutinal pririties and financial cnsideratin, as well as when it is presented with evidence f a vilatin f Cllege plicies, cntractual agreements, r state and federal laws. Althugh members f the cmmunity have an expectatin f privacy, if a user is suspected f vilating this plicy, his r her right t privacy may be superseded by the Cllege s requirements t prtect the integrity f infrmatin technlgy resurces, the rights f all users and the prperty f the Cllege. The Cllege, thus, reserves the right t examine material stred n r transmitted thugh its facilities if there is cause t believe that the standards fr acceptable and ethical use are being vilated by a member f the cllege cmmunity. User Respnsibilities: Use f Cllege cmputing and infrmatin technlgy resurces is granted based n acceptance f the fllwing specific respnsibilities: Use nly thse cmputing and infrmatin technlgy resurces fr which yu have authrizatin. Fr example: it is a vilatin t use resurces yu have nt been specifically authrized t use t use smene else's accunt and passwrd r share yur accunt and passwrd with smene else t access files, data r prcesses withut authrizatin t purpsely lk fr r explit security flaws t gain system r data access Use cmputing and infrmatin technlgy resurces nly fr their intended purpse. Fr example: it is a vilatin t send frged t misuse Internet Relay Chat (IRC) sftware t allw users t hide their identity, r t interfere with ther systems r users t use electrnic resurces fr harassment r stalking ther individuals t send bmb threats r "hax messages" t send chain letters t intercept r mnitr any netwrk cmmunicatins nt intended fr yu t use cmputing r netwrk resurces fr advertising r ther cmmercial purpses

5 Regulatin 8200 Page3 t attempt t circumvent security mechanisms t use privileged access fr ther than fficial duties t use frmer privileges after graduatin, transfer r terminatin Prtect the access and integrity f cmputing and infrmatin technlgy resurces. Fr example: it is a vilatin t release a virus r wrm that damages r harms a system r netwrk t prevent thers frm accessing an authrized service t send bmbs that may cause prblems and disrupt service fr ther users t attempt t deliberately degrade perfrmance r deny service t crrupt r misuse infrmatin t alter r destry infrmatin withut authrizatin Abide by applicable laws and Cllege plicies and respect the cpyrights and intellectual prperty rights f thers, including the legal use f cpyrighted sftware. Fr example: it is a vilatin t make mre cpies f licensed sftware than the license allws t dwnlad, use r distribute pirated sftware t perate r participate in pyramid schemes t distribute prngraphy t uplad, dwnlad, distribute r pssess prngraphy Respect the privacy and persnal rights f thers. Fr example: it is a vilatin t tap a phne line r run a netwrk sniffer withut authrizatin t access r attempt t access anther individual's passwrd r data withut explicit authrizatin t access r cpy anther user's electrnic mail, data, prgrams, r ther files withut permissin System Administratr Respnsibilities: System administratrs and prviders f Cllege cmputing and infrmatin technlgy resurces have the additinal respnsibility f ensuring the integrity, cnfidentiality, and availability f the resurces they are managing. Persns in these psitins are granted significant trust t use their privileges apprpriately fr their intended purpse and nly

6 Regulatin 8200 Page 4 when required t maintain the system. Any private infrmatin seen in carrying ut these duties must be treated in the strictest cnfidence, unless it relates t a vilatin r the security f the system. Security Caveat: Be aware that althugh cmputing and infrmatin technlgy prviders thrughut the Cllege are charged with preserving the integrity and security f resurces, security smetimes can be breached thrugh actins beynd their cntrl. Users are therefre urged t take apprpriate precautins such as safeguarding their accunt and passwrd, taking full advantage f file security mechanisms, backing up critical data and prmptly reprting any misuse r vilatins f the plicy. Vilatins: Every member f the Cllege cmmunity has an bligatin t reprt suspected vilatins f the abve guidelines r f the Infrmatin Technlgy Plicies Reprts shuld be directed t the unit, department, schl, r administrative area respnsible fr the particular system invlved. If a suspected vilatin invlves a student, a judicial referral maybe made t the Vice President f Student Services. Incidents reprted t the Dean will be handled thrugh the Cllege Cde f Student Cnduct. If a suspected vilatin invlves a staff r faculty member a referral will be made t the individual's supervisr.

7 Infrmatin Technlgy Regulatin 8300 Access Cmputing and netwrking resurces shall be prvided fr the educatinal, academic, and administrative purpses f the Cllege. Sme cmputer labs, netwrks, systems, and ther resurces shall be restricted t students wh are enrlled in specific curses r prgrams r emplyees wh have specific wrk assignments. Cmputer users shall learn and fllw the access regulatins fr each resurce used and shall use the resurces apprpriately and cnsistently with access regulatins. The use f these cmputers/netwrks is a privilege granted t members f the cllege cmmunity. When using this accunt, yu are agreeing t: 1. Take n actins which vilate the Infrmatin Technlgy Apprpriate Use regulatin 8200, Emplyee Handbk, r ther applicable plicy r law. 2. Use these resurces nly fr purpses cnsistent with the Cllege's missin and applicable plicy r law. Inapprpriate use includes, but is nt limited t: a. sending harassing messages r in any way harassing ther cmputer users; b. gaining OR attempting t gain access t accunts r files withut permissin n any cmputer r netwrk system; c. making unauthrized cpies f any cpyright prtected sftware, r ther cpyrighted r trademarked material, regardless f surce; d. taking actins which threaten the security r capacity f cmputer r netwrk systems, r which destry, damage r verlad these resurces; e. vilating any applicable law r plicy. Failure t abide by these plicies will result in revcatin f yur privileges t use cmputing and netwrk resurces. Althugh we have backup prcedures in place, use f these facilities is at yur wn risk since recverability and security f data cannt be guaranteed. Files, data and disks may be cnsidered SFCC prperty and are therefre subject t access by the Cllege. Certain data may als be subject t access pursuant t Missuri Public Recrds statutes, via subpena, r cnsistent with ther state r federal law.

8 Regulatin 8400 Infrmatin Technlgy Data Security & Retentin Infrmatin systems cntain data necessary t cnduct business f the Cllege. This plicy establishes data security practices fr the privacy f Cllege emplyees, students, alumni, and dnrs. Data is an institutinal resurce and must be prtected frm unauthrized change, destructin, r disclsure, whether accidental r intentinal. Staff wh maintain data and handle cmputer-generated dcuments must: use data and data access nly as required in the perfrmance f their jbs, r disclse cnfidential Cllege data t ther staff nly n a need-t-knw basis, r exercise due care t prtect data frm unauthrized use, disclsure, alteratin, r destructin, r utilize disk encryptin sftware fr all SFCC laptps, and fr ffice PC and prtable strage fr Banner INB users, r fllw established data prcessing practices when cnnected t the database - including the fllwing: d nt leave wrkstatins unattended after lgging-in d nt write dwn r display the passwrd near the wrkstatin d nt disclse a lgin accunt and passwrd t anyne, including ETS persnnel The Infrmatin Technlgy department, ETS, is respnsible fr: maintaining a netwrk and cmputer system that prvides safeguards against unauthrized access f these data, and maintaining sftware and hardware encryptin sftware fr the enterprise, and prviding a custdial envirnment fr the maintenance f the database. It is nt the respnsibility f ETS t disseminate data t anyne n r ff campus. Within the guidelines f this plicy, that respnsibility belngs t the head f the department which maintains the desired data, and maintaining and identifying the fllwing infrmatin classificatins fr all Cllege data: Unclassified. Infrmatin r dcuments which are available t the public. Internal Use Only. Infrmatin r dcuments restricted fr use within the Cllege which related t the institutin's business. Cmputer generated reprts listing students, staff, financial data and telephne directries are primarily fr internal use nly. Dcuments and data f this kind need nt be kept under lck and key althugh reasnable care shuld be made t keep it frm public view. Precautins must be taken when these data are transferred t anther individual r destryed.

9 Regulatin 8400 Page 2 Cnfidential. Sensitive data that wuld breach reasnable privacy expectatins r data that culd be detrimental t students, staff members r the Cllege if imprperly disclsed. These data are made available nly t thse individuals whse jb respnsibilities require such data. This kind f data when printed n paper must be kept under lck and key and carefully safeguarded. Precautins must be taken when these data are transferred t anther individual r destryed. Selling r transferring f addresses, mailing labels, r ther serial data by anyne t utside agencies r vendrs is prhibited unless apprved by the department head. Retentin Educatinal technlgy Services des dcument the back-up and retentin prcedures and ensure that thse plicies prcedures are fllwed cnsistently. The retentin plicy specifies the amunt f time that a particular item f ESI can be recvered after it has been deleted but in n case shall it exceed 120 days fr data, r 183 days fr . Respnsibilities Educatinal Technlgy Services (IT) The central IT rganizatin at the Cllege and at each Cllege lcatin will establish and publish retentin schedules fr any back-up and deleted Electrnically Stred Data managed by thse grups. This will include, but is nt limited t, systems such as the central servers and Banner. Legal Custdians The legal custdian f the infrmatin remains respnsible fr ensuring that Electrnically Stred Data that cnstitutes a Cllege recrd is handled apprpriately. IT system administratrs are NOT the legal custdians f infrmatin that may be cntained in back-up r deleted files. Nn-central IT rganizatins Administrative, academic and ther divisins r departments that prvide r manage central strage service fr their users must dcument their back-up and retentin plicies r prcedures. Media Destructin Departments must ensure that tapes r ther frms f media scheduled fr destructin are dispsed f prperly. Electrnically Stred Data The specific retentin perids fr each type f Electrnically Stred Data maintained by the Educatinal Technlgy Services are listed in the table belw. This applies nly t deleted data and nt data stred fr archive purpses.

10 Regulatin 8400 Page 3 Type f Recrd Descriptin Official Repsitry Inf Technlgy, Emplyee Educatinal cmmunicatins Technlgy Services Inf Technlgy, data File and Web Educatinal Technlgy Services Inf Technlgy, data Lg files Educatinal Technlgy Services Inf Technlgy, data User files and Educatinal databases Technlgy Inf Technlgy, cmmunicatins Inf Technlgy, cmmunicatins Inf Technlgy, cmmunicatins Phne call detail lgs Vic Instant Messaging Services Educatinal Technlgy Services Educatinal Technlgy Services Educatinal Technlgy Services Duratin 183 days 120 days 120 days 120 days 120 days 0 Days 0 Days The Cllege cmplies with applicable laws and regulatins regarding the disseminatin and prtectin f data that is cnfidential. In particular, it adheres t the Family Educatinal Rights and Privacy Act f 1974, therwise knwn as the Buckley Amendment. Enfrcement: Vilatins f any part f this plicy may result in disciplinary actin as prescribed by Cllege plicies and prcedures.

11 Infrmatin Technlgy Regulatin 8500 Hardware and Sftware Supprt The Cllege shall maintain a list f supprted cmputer hardware and sftware. Purchases f prducts n the Cllege s list will be supprted by Educatinal Technlgy Services in terms f cmpatibility, installatin, training, maintenance, trubleshting, and upgrades. Educatinal Technlgy Services may decline t prvide supprt fr prducts nt n the list. Faculty and staff wh wish t purchase prducts fr institutinal use that are nt n the Cllege list may submit thse prducts t the apprpriate Educatinal Technlgy Services advisry cmmittee fr review and pssible recmmendatin t the President, wh shall review recmmendatins during the annual budgeting prcess. The Vice President f Technlgy Services will apprve all purchases f hardware and sftware. Educatinal Technlgy Services may decline t prvide supprt fr prducts nt n the standards list. Faculty and staff wh wish t purchase prducts fr institutinal use that are nt n the Cllege s standard list may submit justificatin fr the nn-standard prduct t the Educatinal Technlgy Services Advisry Cmmittee fr review and pssible apprval. Appeals t the ETS Advisry Cmmittee decisin may be appealed t the Executive Leadership Team. Please g t the Standards web page fr the up t date hardware standards.

12 Infrmatin Technlgy Regulatin 8700 Electrnic Cmmunicatins The Cllege prvides services fr faculty and staff fr use when engaging in activities related t Cllege business. Incidental persnal use that des nt interfere with Cllege peratins generate incremental identifiable csts, saturate the data netwrks f the Cllege, r negatively impact the individual s jb perfrmance is permitted. may nt be used fr cmmercial purpses r fr persnal financial gain. In additin, users shall accept and cmply with the individual respnsibilities relating t cmputer and infrmatin technlgy set frth in the SFCC Apprpriate Use Plicy and Regulatin This plicy cvers all uses f the Cllege facilities. Any user f Cllege e- mail facilities cnsents t all prvisins f this regulatin and agrees t cmply with all f the terms and cnditins set frth herein, all ther applicable Cllege plicies, regulatins, and prcedures, and with applicable lcal, state, and federal laws and regulatins. Users f Cllege Facilities whse actins vilate this plicy r any ther Cllege plicy r regulatin may be subject t revcatin r limitatin f privileges as well as ther disciplinary actins r may be referred t apprpriate external authrities. Access t SFCC prvides Cllege Facilities fr legitimate Cllege-related activities t faculty, students, staff, and ther individuals and entities granted privileges at SFCC, as well as cnnectins between n-campus electrnic mail systems and external data netwrks. The use f Cllege Facilities -- like the use f any ther Cllegeprvided resurce and like any ther Cllege-related activity -- is subject t the nrmal requirements f legal and ethical behavir within the Cllege cmmunity. Thus, legitimate use f Cllege Facilities des nt extend t whatever is technically pssible. SFCC Accunt: Staff members with access t a Cllege-wned cmputer n campus and faculty are required t activate their Official SFCC Accunt. Users are expected t read, and shall be presumed t have received and read, all fficial SFCC messages sent t their SFCC Accunts.

13 Individual academic and administrative units may chse t perate their wn facilities as an alternative t the centrally available resurces, but the use f any such facilities shall als be subject t this plicy. Acceptable Use: Regulatin 8700 Page 2 State Fair Cmmunity Cllege prvides Cllege Facilities fr activities and assciated administrative functins supprting its missin f learning, discvery, and engagement. Althugh mdest persnal use f Cllege Facilities is allwed, Cllege Facilities shuld be used fr Cllege-related educatinal and administrative purpses. Any use f Cllege Facilities that interferes with Cllege activities and functins r des nt respect the image and reputatin f SFCC is imprper. Plicies and regulatins that apply t ther frms f cmmunicatins at the Cllege als apply t electrnic mail (Reference Regulatin Apprpriate Use). In additin, the fllwing specific actins and uses f Cllege Facilities are imprper: 1. Cncealment r misrepresentatin f names r affiliatins in messages. 2. Alteratin f surce r destinatin address f Use f fr cmmercial r private business purpses that have nt been apprved. 4. Use f fr rganized plitical activity r plitical slicitatin. 5. Use f t harass r threaten ther individuals. 6. Use f that degrades r demeans ther individuals. Public Recrd and Privacy: Any sent frm users at State Fair Cmmunity Cllege r residing n SFCC Facilities may a public and may be subject t disclsure. SFCC des nt mnitr the cntent f electrnic mail as a rutine prcedure. The Cllege reserves the right t inspect, cpy, stre, r disclse the cntents f electrnic mail messages, but will d s nly when it believes these actins are apprpriate t: prevent r crrect imprper use f Cllege Facilities; ensure cmpliance with Cllege plicies, prcedures, r regulatins; satisfy a legal bligatin; r ensure the prper peratins f Cllege facilities r the SFCC Data Netwrk. Any SFCC administratr wh believes such actins are necessary must first btain the written apprval f an apprpriate administrative authrity: a dean in the case f an academic unit, r a directr in the case f an administrative unit.

14 Regulatin 8700 Page 3 Use f fr SFCC Business: The fficial SFCC accunt shall be cnsidered an fficial means fr cmmunicating Cllege business, and may in sme cases be the sle means f cmmunicatin. Users are expected t read, and shall be presumed t have received and read, all fficial SFCC messages sent t their fficial SFCC accunts. Because the cntents f such are subject t laws gverning public recrds, users will need t exercise judgment in sending cntent that may be deemed cnfidential. Furthermre, transmissins may nt be secure, and cntents that are expected t remain cnfidential shuld nt be cmmunicated via . Cmmn examples f cnfidential cntents include: student grades, persnnel recrds, individual dnr gift recrds, and data subject t the Health Insurance Prtability and Accuntability Act f 1996 (HIPAA), Family Educatinal Rights and Privacy Act (FERPA) regulatins, and the Gramm Leach Bliley Act (GLBA). Deans, vice presidents, and their appintees may send brad-based messages relating t Cllege business withut any prir apprval. The authr f any business messages, hwever, assumes respnsibility fr assuring that messages d nt vilate any Cllege plicies, regulatins, r prcedures. Disclaimers f cnfidentiality included in messages d nt prtect the sender if cnfidential infrmatin is shared r disclsed inapprpriately.

15 Infrmatin Technlgy Regulatin 8750 Mbile Cmmunicatins Cellular telephnes and cellular-based wireless cmmunicatins devices can be an effective resurce fr campus emplyees in the perfrmance f their jb duties. Fr emplyees wh spend cnsiderable time utside f their assigned ffice area, r wh must be accessible utside f scheduled r nrmal wrk hurs, a cellular r mbile device can be a significant benefit. Based n jb duties, certain emplyees may qualify t be prvided a stipend t cver the business use f persnal cell phnes. The cllege prvides access t and calendaring thrugh Blackberry Enterprise enabled phnes. Other phnes are currently nt supprted fr access t these services. Due t the requirement t cmply with IRS regulatins regarding persnal use f institutinally wned devices and the difficulty and time intensive manual labr required t identify, track and determine persnal versus business use, the Cllege will n lnger prvide cell phne service t individual emplyees. In shrt, it will be up t the individual emplyee t claim business use based n apprpriate dcumentatin f persnally wned cell phnes, either as a reimbursement frm the Cllege r as a business deductin n their persnal tax return. The level f institutinal cst fr cell phne service has rapidly increased ver the past few years. T bring csts mre int line with the level f institutinal benefit, a stipend regulatin fr cst sharing has been adpted. This regulatin assumes that fr mst emplyees the device will be used fr bth persnal and business use. Certain emplyees may qualify fr the cllege t prvide an institutinal stipend t cver the presumed business use f persnal cell phnes and service. The stipend will be cnsidered taxable incme t the emplyee. The level f cash subsidy (stipend) will be determined by a persn s jb duties as it relates t cell phne use and access. Guidelines t categrize cellular use as mandatry, beneficial r incidental are determined by the department head. The stipend includes the cst f service plus equipment. The cllege will review and set the amunts t be prvided fr stipends and reimbursement n an annual basis. Institutinal Stipend This regulatin institutes an institutinal stipend t cver presumed business use f persnal cell phnes fr certain emplyees.

16 1. Emplyee respnsibilities: The emplyee will purchase cellular phne service and equipment and assume respnsibility fr vendr terms and Regulatin 8750 Page 2 cnditins. The emplyee is respnsible fr plan chices, service levels, calling areas, service and phne features, terminatin clauses, and payment terms and penalties. The emplyee is als respnsible fr the purchase, lss, damage, insurance, and/r replacement f phne equipment. 2. Guidelines t receive a stipend: Based n jb duties as it relates t cell phnes, three categries are identified t determine if the emplyee shuld be prvided a stipend t ffset the cst f a persnal cell phne and service. a. Mandatry--the institutin requires an emplyee t have a cell phne t fulfill jb duties. The President upn recmmendatin frm an area Vice President will apprve qualifying emplyees in this categry. Emplyees in this categry have duties that require access by the cllege while away frm the ffice r in ff-hur situatins. Service is required fr n-call persnnel t be cntacted in the event f an emergency r service need. Service is prvided fr life r safety requirements. b. Beneficial--the use f a cell phne is nt mandatry but is cnsidered highly beneficial t an emplyee t fulfill jb duties. An area Vice President will apprve the stipend paid t emplyees in their area that qualify under this categry. Service is prvided s that an emplyee can wrk mre efficiently, r that their wrking cnditins require that they are away frm traditinal cmmunicatins resurces. Simple cnvenience is nt sufficient t qualify fr a mnthly stipend. c. Incidental r ccasinal use reimbursement fr business use f a persnal device wuld be allwed at a fixed rate fr all thers. This wuld be in the frm f a business related reimbursement request instead f a mnthly stipend. 3. Levels f stipend payment: There are many cell phne carriers with varying plans fr phne equipment and service. The payment levels are intended t cver a presumed level f business use f persnally wned service and equipment in keeping with institutinal benefit. The regulatin assumes that fr mst emplyees the device will be used fr bth persnal and business use, therefre the verall csts are shared. a. Basic Use/Vice Service this stipend level is intended t cver a prtin f the emplyee s expense fr mnthly service csts and a cntributin tward the cst f equipment and accessries. This

17 stipend level wuld cver basic/vice cellular service t meet institutinal jb duties. Regulatin 8750 Page 3 b. Enhanced Use/Vice + Data Service this stipend level is intended t cver a prtin f the emplyee s expense fr mnthly service csts and a cntributin tward the cst f equipment and accessries. This stipend level wuld include vice service, plus data phne r Smartphne features that prvide access t r web based services that wuld be required t meet institutinal jb duties. This service wuld apply t Caches and managers. c. Mandatry Use/Full Vice + Data Service this stipend level is intended t cver a substantial prtin f the emplyee s persnal expense fr mnthly service csts, equipment and accessries. This stipend level wuld apply t members f the Executive Leadership Team and t apprved directrs. d. Incidental/Occasinal Use this reimbursement level will be a per-minute flat rate with apprpriate dcumentatin prvided by the emplyee. Amunts listed in each categry abve will be reviewed and set annually by the Vice President fr Finance, Administratin and Human Resurces and apprved by the Executive Leadership Team. The stipend amunts will be listed n the annual Cell Phne Stipend Agreement. The reimbursement flat rate can be btained frm the Business Office. 4. Additinal Regulatin Guidelines: a. The stipend amunt will be cnsidered taxable incme t the emplyee and added t their mnthly paycheck. The stipend levels are set t prvide fr the additinal tax burden an emplyee wuld incur. b. The department f an emplyee receiving a mnthly stipend, r incidental use reimbursement will prvide the apprpriate budget funding. c. A Cell Phne Stipend Agreement will be cmpleted by the emplyee and apprved by the area Vice President r President. Updates r changes t cell phne service (phne numbers, vice/data vs. vice nly, stipend amunt, etc ) will be reprted prmptly t the emplyee s department head. The list f users by departments will be apprved fr renewal each year and reprted t the area Vice President r President. d. If the emplyee resigns, is terminated, transfers departments, r n lnger qualifies fr an institutinal stipend; the area Vice President will prmptly ntify the Business Office t discntinue the stipend payment. e. The emplyee s supervisr and area Vice President r President are

18 respnsible fr an annual review f the business need fr a cell phne stipend and whether the agreement shuld be cntinued. Regulatin 8750 Page 4 f. Exceptins: there may be rare circumstances where the stipend level must be adjusted due t extenuating cnditins. The President upn recmmendatin frm a Vice President will apprve exceptins. g. Certain departmental assigned phnes will be prvided by the Cllege. h. If the level f expense by the emplyee exceeds the stipend amunts received frm the Cllege, the emplyee culd claim the verage (with sufficient IRS dcumentatin) n their persnal tax return. Guidelines fr Mbile Phne Use 1. Persnal use the stipend regulatin assumes that the cell phne will be used fr bth persnal and business calls. Since the stipend amunt is taxable as incme, the emplyee is nt required t track business vs. persnal use t reprt t the cllege. 2. Institutinal benefit the stipend agreement requires that the persnally wned device is available fr business access. An emplyee receiving a stipend must maintain active cell phne service. The emplyee agrees t carry the cell phne with them, keep it charged and in peratinal cnditin, and be accessible fr business use as required by their department head r supervisr. 3. Apprpriate use the emplyee agrees t use the phne in ways cnsistent with cllege regulatins 8200, 8300, 8400 and all applicable lcal, state r federal laws. Inapprpriate and unlawful use f cell phne features, such as camera equipment, is prhibited. 4. Use f a cell phne while perating a vehicle cell phnes users must be aware f state and municipal laws regarding the use f phnes while driving. The laws vary widely by lcatin. In additin, use f phnes while driving can cause hazardus distractin, especially in adverse weather, heavy traffic, r limited visibility cnditins. 5. Wireless netwrk - The Cllege has prvided wireless access t campus resurces in three its fur lcatins. The wireless netwrk is accessible frm wireless laptps, netbks, Mac s and PC s that have current antivirus sftware and can run the Cisc Clean Access applicatin. Since a phne cannt yet supprt these applicatins it is in the best interest f the cllege t nt allw access t the wireless netwrk with mbile phnes r PDA s.

19 6. Campus resurces Access t cllege and calendaring services is nly supprted with a Blackberry phne that has been enabled t wrk in an enterprise envirnment. Regulatins 8200, 8300 and 8400 apply when Regulatin 8750 Page 5 using a mbile device t access campus resurces. 7. Phne security T help secure the data that culd be stred n the phne it is imprtant t passwrd prtect the Blackberry phne. 8. Lss r theft Reprt lss r theft f phne within 24 hurs. Departmental Prvided Mbile Phnes There are sme circumstances where a departmentally assigned cell phne may be prvided by the Cllege that is nt assigned t a specific individual. In these cases, the Cllege will prvide cell phne service and equipment. 1. Service and equipment prcurement Business Office will arrange fr service and phne equipment as apprpriate. 2. Mnthly billing statements frm the carrier Business Office will prcess the carrier invices fr payment. The invice breaks dwn the csts by individual telephne number including vice and data service plans, special features, plus any equipment that might have been purchased fr that phne number. When new service is rdered Business Office requires a budget number frm the respnsible department t assciate with the new phne number. 3. Departmental bill back Business Office allcates the full amunt f each individual billing statement t the respnsible departmental budget number n a mnthly basis. These charges are submitted electrnically and emplyees will nt get additinal paperwrk r summaries ther than what is available thrugh the nrmal budget review prcess. Hwever, budget managers may cntact Business Office at any time t btain additinal cpies f the detailed billing statements that have been billed t the department. In the event that billing errrs are detected by Business Office, r reprted t Business Office, the carrier representative is cntacted t make adjustments in subsequent billing perids. 4. Usage tracking and review - It is the respnsibility f the department t review mnthly billing statements. Emplyees shuld cnfirm the usage charges and review any additinal features r equipment included n the statement. ( )

20 Infrmatin Technlgy Regulatin 8910 Privacy Ntificatin The cllege will use reasnable effrts t maintain the privacy f users accessing its Web site and prtal. As with all nline services, hwever, SFCC cannt guarantee users f its Web site and prtal abslute privacy ver their use. In sme cases, user infrmatin may be subject t disclsure under state r federal public recrd r freedm f infrmatin laws. Further, while the cllege has in place a variety f security measures t safeguard against illegal access f infrmatin btained thrugh its Web site and prtal, the cllege cannt prvide cmplete assurance against illegal access. Additinally, infrmatin btained thrugh the cllege s Web site and prtal may be disclsed in the curse f a civil r criminal investigatin. This plicy infrms yu f the infrmatin that we may cllect frm yu, what we d with it, t whm it may be disseminated, and hw yu can access it. Netwrk Traffic In the curse f ensuring netwrk security and cnsistent service fr all users, the cllege emplys sftware prgrams t mnitr netwrk traffic, identify unauthrized access r access t nnpublic infrmatin and t detect cmputer viruses and ther sftware that might damage cllege cmputers r the netwrk. In the curse f such mnitring, these prgrams may detect such infrmatin as headers, addresses frm netwrk packets and ther infrmatin. Infrmatin frm these activities is used nly fr the purpse f maintaining the security and perfrmance f the cllege's netwrks and cmputer systems. Persnally identifiable infrmatin frm these activities is nt released t external parties withut yur cnsent unless required by law. Infrmatin Autmatically Cllected When yu brwse thrugh any Web site and prtal, certain infrmatin abut yu can be cllected. We autmatically cllect and temprarily stre the fllwing infrmatin abut yur visit: the date and time f yur visit; IP address; brwser type, perating system and language; the pages yu visited; and the address f the Web site frm which yu came. We use this infrmatin fr statistical purpses and t help us make ur site mre useful t visitrs. This site makes n attempt t identify individual visitrs frm this infrmatin.

21 Regulatin 8910 Page 2 Ckies Ckies are pieces f infrmatin stred by yur Web brwser n behalf f a Web site. Prtins f ur site may use ckies t carry data abut yur current sessin at the site frm ne Web page t the next. We d nt frward ckies t any external parties. If yu prefer nt t receive ckies, yu may turn them ff in yur brwser, r may set yur brwser t ask yu befre accepting a new ckie. Infrmatin Vluntarily Prvided by Yu We may cllect vluntary infrmatin frm yu n ur Web site r prtal in a variety f ways: thrugh surveys, nline frms and s, an authenticatin feature, and the use f electrnic payment functinality. This infrmatin can be data that culd reasnably be used t identify yu, including yur name, address, telephne number, address, Scial Security number, birth date, bank accunt infrmatin, credit card infrmatin, r any cmbinatin f infrmatin that culd be used t identify yu. Any Web site r ther electrnic means that cnducts nline research with human subjects are required t fllw the prvisins f the cllege s Institutinal Review Bard (IRB) Web sites that cllect individually identifiable infrmatin and prvide services t children 12 and under may als be required t cmply with prvisins f the Children s Online Privacy Prtectin Act (COPPA). Disclsure We will nt sell, exchange r therwise distribute yur persnally identifiable infrmatin withut yur cnsent. Persnal data may be released, hwever, pursuant t a request fr such data in accrdance with state r federal public recrd r freedm f infrmatin laws, r in the curse f a civil r criminal investigatin. Further, if yu are a student at the cllege, any persnal data released by the cllege shall be dne in accrdance with the federal Family and Educatinal Rights and Privacy Act (FERPA). In additin, the infrmatin that yu vluntarily submit will be disclsed nly t SFCC emplyees r fficials, r thse under cntract with SFCC, with a "need t knw" fr purpses f fulfilling their jb respnsibilities. The infrmatin may be used t answer yur questins, respnd t any requests fr assistance, authenticate yu fr access t certain transactins and infrmatin, prcess and give yu credit fr any payment transactins, aid in the planning, design and develpment f the Web site, and fulfill the cllege's legal bligatins.

22 Regulatin 8910 Page 3 Security Because sent t the cllege is nt encrypted, yu shuld nt send messages cntaining infrmatin that yu cnsider highly sensitive t any address n this Web site. We use standard security measures t ensure that infrmatin prvided by yu, including yur persnally identifiable infrmatin, is nt lst, misused, altered, r unintentinally destryed. We als use sftware t mnitr netwrk traffic t identify unauthrized attempts t uplad r change infrmatin, r therwise cause damage. Except fr thse grunds previusly stated, n attempts are made t identify individual users r their usage habits. The transmissin f registratin IDs and passwrds, persnalizatin infrmatin, and payment infrmatin is encrypted. Yur Access The cllege may maintain persnal data yu disclsed during yur use f the Web site r prtal. If yu wuld like t review yur persnal data, please cntact the cllege. Student data is maintained by the Student Services Office and emplyee data is maintained by the Human Resurces Office. External Links Our Web site and prtal have links t many ther nn-prfit, educatinal, and gvernmental institutins, and in a few cases, private rganizatins. Yu are subject t thse sites Privacy Plicy when yu leave this site. Reference in the cllege s Web site r prtal t any specific service, cmpany, r rganizatin des nt cnstitute its endrsement r recmmendatin by State Fair Cmmunity Cllege. SFCC is nt respnsible fr the cntents f any "ff-site" Web page referenced frm ur server. (Apprved 5/19/2008)