19.4 Individual Responsibilities

  1. Use resources appropriately. Uses that interfere with the proper functioning of the University's information technology resources are prohibited. Such inappropriate uses would include but are not limited to insertions of viruses into computer systems, tapping a network or running a "sniffer" program, sending e-mail spam or phishing attacks, destruction of another's files, use of software tools that attack IT resources, violation of security standards, and the like.
  2. Respect the rights of others. Interference with the ability of other users to make appropriate use of resources is prohibited. Such inappropriate uses include, without limitation, invading the privacy of another's files or otherwise gaining unauthorized access to the files of another. Such uses would include but are not limited to denial of service attacks, misrepresentation, forgery, password compromise, or the use of resources that affects the rights of others in violation of University policies.
  3. Adhere to the EDUCAUSE Code of Software and Intellectual Rights. The EDUCAUSE Code follows: Respect for intellectual labor and creativity is vital to academic discourse and enterprise. This principle applies to works of all authors and publishers in all media. It encompasses respect for the right to acknowledgment, right to privacy, and right to determine the form, manner, and terms of publication and distribution.

    Because electronic information is volatile and easily reproduced, respect for the work and personal expression of others is especially critical in computer environments. Violations of authorial integrity, including plagiarism, invasion of privacy, unauthorized access, and trade-secret and copyright violations, may be grounds for sanctions against members of the academic community.
  4. Adhere to data access policies. Accessing restricted data without permission or need to know is prohibited. Where access to restricted data is permitted, use of such data shall be limited to the purpose for which access was authorized. Secondary use of University data subject to access restriction, without adhering to the restrictions, is also prohibited. Information that carries specific access restrictions, as defined by state or federal law, statute, or other requirements, will be held confidential as needed to comply with such restrictions. Examples include but are not limited to access restrictions for personal health, education, and financial records as defined by the Health Insurance Portability and Accountability Act (HIPAA), Federal Education Rights and Privacy Act (FERPA), federal regulations on the use of human subjects in research, the Gramm-Leach Bliley Act (GLBA), and Payment Card Industry Data Security Standards (PCIDSS).
  5. Adhere to software licenses. Persons loading software on any University computer or device must adhere to all licensing requirements for the software. Except where allowed by University site licenses, unauthorized copying of software licensed to the University is a violation of this policy. Users are responsible for adhering to agreements for databases licensed by the University. Individual departments are charged with the responsibility of ensuring that licensing requirements are met and for guiding the installation of personal software on departmental computers or devices.
  6. Avoid excessive personal use. Personal use of information technology resources should be kept to a minimum. Personal use may be excessive if it takes place during regularly scheduled work time, if it adversely affects productivity, if it overburdens a network, if it results in substantial use of system capacity, if it subjects the institution to increased operating costs, or if it is otherwise detrimental to the University or members of the University community. Some uses will be plainly excessive in all environments, but the extent to which other uses become excessive may vary. In all instances, supervisors should provide guidance to individual users on what constitutes excessive personal use.
  7. Refrain from prohibited personal uses. Information technology resources, including the University's electronic address (e-mail, web), shall not be used for personal commercial gain, for charitable solicitations unless these are authorized by the appropriate University officer, for personal political activities such as campaigning for candidates for public office, or for lobbying of public officials. (For more information on lobbying, please refer to II-32 Office of Governmental Relations and II-34 Lobbying Restrictions Applicable to Public Employees and Officials. Students should refer to the Code of Student Life.)
  8. Use University name as authorized. Unless authorized to speak for the University, users should avoid creating the impression they are doing so. Electronic exchange of ideas is encouraged. However, users shall take appropriate steps to avoid the possible inference that communication of a message via the University e-mail system or other electronic communication connotes official University authorization or endorsement of the message (see II-33 Use of University Name).
  9. Adhere to other University policies. Inappropriate use of information technology resources may violate a number of generally applicable University policies, including, without limitation, III-15 Professional Ethics and Academic Responsibility, III-16 Ethics and Responsibilities for University of Iowa Staff, V-31 Intellectual Property, II-3 Human Rights, II-4 Policy on Sexual Harassment and Sexual Misconduct, II-10 Violence, II-11 Anti-Retaliation, II-14 Anti-Harassment, V-9 Fund Solicitation, and Section IIA of Policies and Regulations Affecting Students. For example, viewing pornography at work violates several University policies and is therefore prohibited unless being used for a specific academic purpose. In addition, all IT policies under the oversight of the University Chief Information Officer, and published at the location Campus IT Policies are hereby included.
  10. Obey external laws. Information technology resources shall not be used in a manner that violates federal, state, or local law, including without limitation the federal requirement that the University provide employment and educational environments free from race-based or gender-based hostility (see Titles VI and VII, Civil Rights Act of 1964, and Title IX, Educational Amendments of 1972); and state criminal laws forbidding harassment (IC 708.7), exhibition of obscene materials to minors (IC 728.2), rental or sale of hard core pornography (IC 728.4), official misconduct (IC 721), computer crime (IC 716A), and federal and state copyright and fair use laws. University resources used internationally may also be subject to additional laws, regulations, or treaties. Nothing in this policy prohibits the use of appropriate material for educational purposes in any accredited school, or any public library, or in any educational program in which a minor is participating. Nothing in this policy prohibits the presence of minors at an exhibition or display or the use of any materials in any public library.