 |
 |
|
|
|
|
 |
| |
Guidelines for use of IT resources |
||
|
What are the University’s rights to access my computer, accounts and data? And what are my rights to privacy? In general, and subject to applicable law, the University reserves the right to access files and documents (including e-mail and voice mail) residing on University-owned equipment. All contents in storage on data and voice systems are subject to the rules of Princeton University, including the University's ability under certain circumstances to access, restrict, monitor and regulate the systems that support and contain them. This includes access without notice, where warranted. Non-intrusive monitoring of campus network traffic occurs routinely, to assure acceptable performance and to identify and resolve problems. If problem traffic patterns suggest that system or network security, integrity, or performance has been compromised, network systems staff will investigate and protective restrictions may be applied until the condition has been rectified. Some departments that maintain servers or internal networks also collect usage data and may monitor such servers or networks to ensure adequate technical performance. Departments that collect such data are expected to protect the privacy of those using the resources. It is also important to note that the University may be required to produce such data in compliance with a legally enforceable subpoena or court order. Students, for whom the University effectively is a residence during the academic year, normally are afforded a high degree of privacy. University employees, who are provided with the use of University resources for work-related purposes, are afforded a lesser degree of privacy as they may be directed to share certain work files and information with others or to make a computer account accessible to a supervisor to assure effective backup or execution of the work when no other practical means exist for sharing the needed information readily and securely. In the event that business-related files (including e-mail) stored on an employee's account or workstation, or voice mail stored under the employee’s telephone number, become inaccessible because of unexpected absence, death, or termination of employment, such files may be accessed and viewed, or accessed and heard, by the employing department. On employee termination, supervisors are expected to assure that passwords to computers and accounts are obtained and changed if the work of the unit requires access to data or resources previously managed by the employee. If you are a supervisor who has access to an employee’s files or e-mail, or have been designated by a supervisor to access another employee’s files or e-mail, you should be careful to avoid reading personal items that may be stored in the same area. For example, upon learning that an e-mail or voice-mail message is personal, and not business related, the supervisor or designee should immediately exit the file, e-mail, or voice mail message. The supervisor or designate should be careful to avoid examining any personal information the University may provide to the employee via password access, such as benefits or payroll data. When an employee leaves the University, the employee normally should be given the opportunity to remove any personal files or e-mail from University computers before departure. Departing employees are not entitled to remove, destroy or copy any of the business-related documents entrusted to their care or created by them during their employment, unless otherwise permitted by the University. The University's record retention guidelines also must be observed, particularly where the Office of General Counsel has issued a Legal Hold Notice, which may involve retaining records after an employees departure. (A draft version of the University record retention guidelines may be seen at http://www.princeton.edu/records.) In addition to information you may store on computers owned by the University, the University maintains certain system backups and logs of e-mail and network transactions. If the University is presented with a proper subpoena or court order requiring that such information be produced (or preserved), or directing that the University assure that its employees produce (or preserve) such information, the University may be bound by law to comply. Similarly, the University also may be obligated to disclose the identity of an account-holder or identity of the person who owns a computer, is responsible for a University-owned computer, or holds a University-assigned account used in some electronic transaction. Supervisors are encouraged to set reasonable expectations for their employees regarding privacy of employee files and e-mail, and to remind employees of these expectations periodically. Previous Section  |
||
© 2009 by the Trustees of Princeton University. Last modified
9/9/09
|
||