• Acceptable Use of Computing and Telecommunications Resources: AR-2060-E


  • Section: 2000 General Administration
    Acceptable Use of Computing and Telecommunications Resources
    Administrative Regulation: AR-2060-E
    President’s Cabinet (PC) Approval: 06/11/2013
    1. Applicability:
      This regulation applies to all users of Mt. Hood Community College (MHCC) computing, telecommunications and wireless resources, including but not limited to computers, computer systems, networks, portable digital assistants (PDAs), telephones, pagers, cellular phones, smart phones, electronic tablets, wireless cards, and two-way radios, whether affiliated with MHCC or not, and to all uses of those resources, whether on campus or from remote locations. These resources are hereinafter referred to as "Computing and Telecommunications Resources." Additional guidelines or directives may be established by MHCC to apply to specific computers, computer systems, networks, or applications.
    2. Requirements
      1. Legal A user of Computing and Telecommunications Resources shall comply with all federal, state, and other applicable laws; all applicable MHCC rules and policies; and all applicable contracts and licenses. Examples of such laws, rules, policies, contracts, and licenses include, but are not limited to, the laws of defamation, privacy, copyright, trademark, child pornography and identity theft; the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act, which prohibit "hacking,”"cracking,” and similar activities; Federal Communication Commission regulations; applicable Internal Revenue Service Regulations; Family Educational Rights Privacy Act (FERPA) and all applicable software licenses. Users who engage in communications with persons in other states or countries or on other systems or networks should be aware of and comply with the laws of those other states and countries and the rules and policies of those other systems and networks. Users are responsible for ascertaining, understanding, and complying with the laws, rules, policies, contracts, and licenses applicable to their particular uses.
      2. Authorized A user of MHCC Computing and Telecommunications Resources shall use only those resources that they are authorized to use and use them only in the manner and to the extent authorized. Ability to access computing resources does not, by itself, imply authorization to do so. Users are responsible for ascertaining what authorizations are necessary and for obtaining them before accessing any computing resource. Users should consult with their manager for questions regarding authorized use for their position/assignment.
        1. Accounts and passwords may not, under any circumstances, be shared with, or used by, persons other than those to whom they have been assigned by MHCC. Please refer to the Social Media policy/regulations for requirements related to official social media accounts. BP-8030 Social Media
        2. A user of MHCC Computing and Telecommunications Resources shall respect the privacy of other users and their accounts, regardless of whether those accounts are securely protected. The ability to access other persons' accounts does not, by itself, imply authorization to do so.
      3. Reasonable A user of Computing and Telecommunications Resources shall respect the finite capacity of those resources (including, for example, bandwidth, disk space and Central Processing Unit (CPU) time) and limit use so as not to consume an unreasonable amount of those resources or to interfere unreasonably with the activity of other users.
      4. Personal A user of Computing and Telecommunications Resources shall not use those resources for personal commercial purposes or for personal financial or other gain.
        1. Incidental personal use of Computing and Telecommunications Resources for other purposes is permitted when the use:
          1. Does not unreasonably consume those resources;
          2. Does not interfere with the performance of the user's job or other MHCC responsibilities;
          3. Does not consume an unreasonable amount of the user's time;
          4. Does not concern subjects inappropriate in a work or study environment (e.g. accessing pornographic web sites);
          5. Does not result in unauthorized use or disclosure of confidential MHCC information, including protected student information, through use of electronic media such as blogs, podcasts, discussion forums and other social media;
          6. Is consistent with MHCC's mission; and
          7. Is otherwise in compliance with this and other MHCC policies.
        2. Supervisors may impose further limits upon personal use in accordance with normal supervisory responsibilities.
      5. E-mail and MHCC Communications Announcements, bulletins, and documents deemed by management to be of value and interest to the well being of employees and students are an integral part of the system.
        1. In all cases, messages of a strategic nature should be developed in collaboration with College Advancement.
        2. Communications over the e-mail system shall be professional and appropriate for the workplace or group setting. E-mail may not be used for personal solicitations or advertising or other activities except through MHCC provided electronic news group systems for those types of activities. Propagation of chain letters and forwarding non-business communications are specifically prohibited.
        3. Falsifying e-mail headers (e.g. providing a false sender's address) or routing information so as to obscure the origins of mail or mail routes is forbidden. Altering the content of a message attributed to another is not permitted unless the changes are explicitly noted.
          1. This does not apply to Office of College Advancement when writing and distributing authorized College Communication at the direction of the President or President’s Cabinet.
      6. Representing MHCC A user of Computing and Telecommunications Resources shall not state or imply that they speak on behalf of MHCC or use MHCC trademarks and logos without authorization to do so. Affiliation with MHCC does not, by itself, imply authorization to speak on behalf of MHCC. Authorization to use MHCC trademarks and logos on Computing and Telecommunications Resources may be granted only by the Office of College Advancement. The use of appropriate disclaimers is encouraged.
    3. Remote Access to MHCC Computing Resources
      1. MHCC employees and students may be authorized secure remote access to information assets owned by or in custody of MHCC. The department director or other appropriate authorizing authority may grant remote access where appropriate to fulfill a person's work or other responsibilities.
      2. Remote access for contractors, business partners or other approved users with significant business or educational justification may be approved on a case-by-case basis by an appropriate authorizing authority for limited time periods in accordance with the relevant contractual period.
      3. Applicants for remote access must submit the Telecommuting Agreement and Authorization
      4. Information technology support vendors may also be granted remote access for system and application maintenance as negotiated in the support contracts.
      5. Noncompliance with the requirements of a remote access authorization or with other provisions of this policy, as determined by the authorizing authority, may result in immediate loss of access privileges and possible corrective or legal action against the violator without notification.
    4. Enforcement
      Users who violate this regulation may be denied access to Computing and Telecommunications resources and may be subject to other penalties and disciplinary action, both within and outside of MHCC, including any actions authorized by security policies and regulations or any policy or regulation that applies to personal devices. Violations will normally be handled through MHCC procedures applicable to the relevant user. However, MHCC may temporarily suspend or block access to an account, prior to the initiation or completion of such procedures, when it reasonably appears necessary to do so to protect the integrity, confidentiality, or availability of MHCC or other computing resources or to protect MHCC from liability.