Skip to Main Content

Policy Title: Information Technology Resource Use

BOISE STATE UNIVERSITY #8000
Effective Date: November 3, 1997
Revised: June 7, 2004
January 2016

Purpose:
To maximize the value of University Information Technology (IT) resources, permit maximum freedom to use consistent with state and federal law, policies of the Idaho Technology Authority (ITA), and Idaho State Board of Education (SBOE).

Additional Authority:
Family Educational Rights and Privacy Act 34 CFR Part 99
Electronic Communications Privacy Act of 1986 (ECPA)
Idaho Code 67-5745C(3)
Idaho Code Chapter 1, Title 74 (Idaho Public Record Act)
Executive Order 2005-22
Idaho Technology Authority (ITA)
Idaho State Board of Education (SBOE)
University Statement of Shared Values
University Policy 1140 (Copyright Fair Use)
University Policy 1060 (Non-Discrimination and Anti-Harassment)
University Policy 1065 (Sexual Harassment)
University Policy 2020 (Student Code of Conduct)
University Policy 6120 (Payment Card Acceptance Policy)
University Policy 7070 (Employee Political Activities)

Scope:
Applies to all users of University IT Resources.

Responsible Party:
Vice-President of Finance and Administration, 426-1200
Office of Information Technology, 426-4357

Definition:
Information Technology (IT) Resources – An array of products and services that collect, transform, transmit, present, and otherwise make data into usable, meaningful and accessible information. IT Resources include but are not limited to: desktop, laptop, and tablet PC’s; handheld devices including but not limited to, cell phones; e-mail, voicemail, servers, central computers, and networks; cloud storage systems; network access systems including wireless systems; portable hard drives and databases; computer software; printers and projectors; telephone equipment and switches including local and long-distance services; camcorders, TVs, VCR’s, and FAX machines; satellite equipment and any other current or future IT resource adopted by the University as new technologies are developed to add to this array.


Policy

  • I.    Policy Statement
    University IT resources are provided to support the University and its academic, research, and service missions, the University’s business and administrative functions, and its student and campus life activities. Use of University IT resources must comply with state and federal laws and regulations, executive orders and policies of the Idaho Technology Authority (ITA), the Idaho State Board of Education, and University policies.
  • II. Personal Use Limited
  • The primary purpose of University IT Resources is to conduct official University business. University employees may, however, use the Internet and electronic mail on occasion for individual purposes on their personal time. See the Governor’s Executive Order No. 2005-22. See also, the University’s policy on political activity (#7070).
  • III. Academic Freedom and Associated Responsibilities
    • A. The First Amendment rights of academic freedom and freedom of expression, including the responsibilities associated with those rights, apply to the use of University IT Resources.
    • B. These rights and responsibilities are guided by this policy, the University’s Statement of Shared Values, the University’s Non-Discrimination and Anti-Harassment policy (# 1060), the Student Code of Conduct (Policy # 2020) other applicable University policies, the policies of the Idaho State Board of Education and Idaho Technology Authority (ITA), Executive Orders, and other state and federal laws and regulations.
  • IV. Limited Privacy Expectations
  • Boise State University, as a public institution of higher education, is subject to the public records laws of the State of Idaho. While some information may be exempt from disclosure, information or records stored on University IT Resources are generally presumed to be open for review and inspection and are subject to public disclosure requests and examination by University officials in order to determine if exemptions apply to prohibit disclosure. As such, the University will examine and disclose information or records stored on University IT Resources as required by law. In addition, the University may have a business necessity or reason to access and examine information, records, files, communications, and accounts of its employees or students, including but not limited to the investigation of substantiated complaints or other reliable evidence of misuse or violation of law or policy. Therefore, users of University IT Resources should have a limited expectation of privacy in the use of such resources.
  • V. Prohibited Actions
    • A. University IT resources shall not be used for:
      • 1. Commercial or personal profit-making purposes or for personal benefit where such use incurs a cost to the University and is not academic or work related.
      • 2. Accessing or attempting to access another person’s directory, files, or mail, whether protected or not, without permission of the owner. Attempts to access unauthorized IT resources via the computer network, to decrypt materials, or to obtain privileges to which the user is not entitled are prohibited.
      • 3. Visiting, viewing or distributing Internet sites or materials that contain obscenity, as defined under applicable federal and state law; and publishing, displaying, transmitting, retrieving or storing such obscene material.
      • 4. Intentional access to or dissemination of pornography by University employees, temporary staff, contractors or vendors, unless such use is specific to work-related functions and has been approved by the respective manager or such use is specifically related to an academic discipline or grant/research project. This applies to any electronic communication distributed or sent within the University network or to other networks while using the University network.
      • 5. Intentionally or negligently interfering with the proper operation of any system or its use by others.
      • 6. Creating or distributing defamatory material or true threats, as defined under applicable law or other illegal activity, including but not limited to stalking as defined under applicable law.
      • 7. Downloading, disseminating, storing, using, or printing materials in violation of copyright laws including articles, music, videos, games, and software. See Use of Copyrighted Works Policy (#1130) for more details.
      • 8. Causing congestion, overload or disruption of networks or systems, including the distribution of chain letters.
      • 9. Creating or knowingly disseminating unwanted and unsolicited emails or materials (spam) in such a large volume that it tends to disrupt the proper functioning of University IT Resources or individuals’ ability to use such resources.
    • B. Users of University IT resources shall not:
      • 1. Remove, transfer, disable or dispose of computer software licensed to the University. Contact OIT for details. Share University user credentials and passwords with other persons. Each user must have an individual account, passwords must be protected, and the user must not leave a machine logged on when not present unless the machine has been electronically locked and in a secure area, such as a private office.
      • 2. Consume unreasonable amounts of resources. The University may impose restrictions or limits on use of such resources.
      • 3. Falsify e-mail or newsgroup postings.
      • 4. Try to circumvent login or security procedures.
  • VI. Policy Non-Compliance
    • A. Report suspected violations of this policy to the appropriate supervisor, department head, Dean, Vice President, or to OIT.
    • B. Use of these resources is a privilege, not a right, and abuse may result in the immediate removal of privileges pending final resolution.
    • C. Violation of any portion of this policy may result in disciplinary action. Whether a violation has occurred and what the appropriate disciplinary action is will be determined by the appropriate supervisor, department head, Dean, or Vice President. Incidents will be evaluated on a case by case basis and may result in the following sanctions up to:
      • 1. Restricted access or loss of access to the University network or University IT Resources; and/or
      • 2. Suspension or expulsion, in the case of students; and/or
      • 3. Exclusion or dismissal from employment, in the case of faculty and staff; and/or
      • 4. Exclusion from campus, in the case of the public; and/or
      • 5. Civil and/or criminal liability.