5150P ACCEPTABLE USE OF THE BELLEVUE COLLEGE NETWORK AND BELLEVUE COLLEGE DATA MANAGEMENT SYSTEMS (PROCEDURES)
Original Date: 6/10/2003 * Last Revision Effective: 9/13/2012
Policy Contact: Vice President, Information Resources
The following procedures are established to meet the requirements for implementing policy #5150 – Acceptable Use of the Bellevue College Network and Bellevue College Data Management Systems Policy.
- These procedures apply to all Bellevue College employees, students and non-employees who may be authorized to use the Bellevue College network and who wish to have an account created to access this resource. In the event of changes to Bellevue College policies, standards or procedures, the vice president of information resources may require Bellevue College account holders to periodically submit an updated network account and e-mail request form located in the Bellevue College forms library.
- Employee and non-employee permission for network use
- Before using the Bellevue College network, employees or authorized non-employees must formally request permission for a login/e-mail/voice mail account. This request must be approved by the administrator to whom the individual reports. This is accomplished by completing and signing a Bellevue College network account and e-mail request form, providing the applicable information.
- After the requestor agrees by signature to the goals and requirements of this policy, the form must be routed to information technology services (ITS) for processing by the ITS staff authorized to create and maintain accounts on the administrative network.
- Once the account has been created by ITS, the individual will be notified of their login name and password.
- The completed Bellevue College network account and e-mail request form and the Bellevue College acceptable use policy agreement form will both be maintained on file in a secure location in ITS. When requesting initial creation of accounts, both forms may be submitted simultaneously to ITS by individuals and/or departments.
- Student permission for network use
- Student accounts will not have sufficient privileges to access the administrative networking domain or administrative computers. Because of this, a formal written request and approval process for creating student accounts is not required.
- The method for creation of student user login/e-mail accounts for use on the academic network will be at the discretion of the academic network administrator, with the approval of the director of computing services. Accounts may be requested by students and processed strictly by electronic means, if feasible.
- However, students are expected to abide by all expectations, responsibilities and guidelines of this policy, any other applicable Bellevue College policies, standards and procedures and applicable state and federal laws and rules. Because of this, a student account may not be created on the academic network until the academic network administrator has ensured that the student has read and agreed with this policy.
- This may be done with the use of a web form requiring electronic acknowledgement by the student when requesting an account (using the information contained in the Bellevue College acceptable use policy agreement form). Login banners that must be acknowledged before use of academic network or computing resources, containing the same textual information, may also be used.
- Computing services will also maintain an electronically accessible copy of this policy and any related procedures and standards on the academic support web site and a printed copy in the open lab in N250 on the main campus.
Data Management Systems Use
- These procedures apply to all Bellevue College employees, students and non-employees who may be authorized to use the Bellevue College data management systems. Compliance with this procedure will assure the integrity and reliability of these resources.
- Employee and non-employee permission for data management system use
- Before using a Bellevue College data management system, employees or authorized non-employees must formally request permission for a user log on. The administrator to whom the individual reports must approve this request. For access to student information, the supervisor must complete and submit electronically a student database access request form (see the Bellevue College IT security standard on student database access requests), providing the requested access. This form must be routed to the Family Education Rights and Privacy Act (FERPA) officer for processing. The FERPA officer will route the form to the appropriate ITS staff authorized to create and maintain accounts on the administrative network.
- Once the account has been created by ITS, the individual will be emailed their login instructions, userid and generic password. The user is to immediately change the generic password. The completed student database access request form will be maintained on file in a secure location in ITS. When requesting changes to created accounts, supervisors may email the FERPA officer the userid and changes/additions requested.
Third-Party Access to Electronic Messages
- Requests for third-party access to stored electronic messages will be handled through the college’s public record procedure (see also Bellevue College Policy #1500, Access to Public Records). Bellevue College may be required to provide third parties with access in order to honor valid legal discovery and public records requests. Both the sender and the recipient will be provided notice of such requests prior to disclosure to the extent deemed feasible by college administrators, depending on the specific circumstance.
Right to Access
- Given sufficient cause, the vice president of human resources, or his/her authorized designees, has the right to obtain access to materials stored on the Bellevue College network which are under the control of Bellevue College employees in their administrative units or work areas when such access is necessary to conduct Bellevue College business. The vice president, or his/her designee, will identify the specific materials required and the employee will be given sufficient opportunity to provide Bellevue College with the requested materials. In the case of an emergency, best efforts will be made to contact the employee prior to accessing the specific materials required.
- Any individual’s network use privileges may be suspended immediately upon the discovery of a possible violation of this policy. Such suspected violations will be confidentially reported to the appropriate supervisors and/or administrators.
- Violation of any of the provisions of this policy will be dealt with in the same manner as violations of other college policies, and may result in disciplinary review. In such a review, the full range of disciplinary sanctions is available, including:
- Loss of computer use privileges;
- Disciplinary action – any disciplinary action will be taken in accordance with appropriate human resources procedures;
- Dismissal from the college; and/or
- Legal action.
- Some violations of this policy may also constitute a state, local or federal criminal offense.
RELEVANT LAWS AND OTHER RESOURCES
- Revised Code of Washington
- Washington Administrative Code
- Washington State OCIO Securing Information Technology Assets Policy
- Washington State Department of Information Services IT Security Audit Standards
- Washington State Ethics Board Rules
- Bellevue College IT Security Policy
- Bellevue College IT Security Strategy
- Bellevue College Acceptable Use of State Resources Policy
Revisions 3/22/2005; 9/20/2005; 5/21/2009; 7/28/2012; 9/13/2012