1203.1 IT Responsible Use Policy
The principal concern is the effective and efficient use of information technology (IT) resources; ensuring the resources are used in a manner that does not impair or impede their use by others in pursuit of the University’s mission.
The policy is intended to ensure:
- The integrity, availability and performance of University resources;
- The user community operates according to established policies and applicable laws;
- These resources are used for their intended purposes; and
- Appropriate measures are in place to assure the policy is honored.
IT resources are provided to support the University’s mission of education, research and service. To ensure these shared and finite resources are used effectively, to further the University’s mission, each user has the responsibility to:
- Use the resources appropriately and efficiently.
- Respect freedom of thought, inquiry and expression
- Respect the privacy of others.
- Protect the stability and security of the resources.
- Understand and fully abide by established California State University and Cal Poly policies and applicable federal and state laws.
This policy applies to all users and all IT resources and services provided by the University to support Cal Poly’s core academic mission and to enable users to access, communicate, store, retrieve and transmit data. Upon initial access and annually thereafter, users must acknowledge they have read and agree to abide by the Responsible Use Policy and applicable standards.
Additional use policies and terms and conditions may be in place for specific campus resources or non-University resources supporting Cal Poly’s mission. Users must become familiar with any policies when agreeing to use such resources.
Users must respect the rights of other users; respect the confidentiality, integrity and availability of the systems and related physical resources they have access to; and observe all relevant laws, regulations, and contractual obligations.
Policy provisions include, but are not limited to:
- Authorized use/access: Access to Cal Poly's information technology resources is a privilege granted to faculty, staff and students in support of their studies, instruction, duties as employees, official business with the University, and/or other University-sanctioned activities. Access may also be granted to individuals outside of Cal Poly for purposes consistent with the mission of the University.
- Data security, confidentiality and privacy: Cal Poly users are responsible for understanding the various data classifications, ensuring the confidentiality and appropriate use of institutional data to which they are given access, ensuring the security of the equipment where such information is held or displayed, ensuring the security of any accounts issued in their name, and abiding by related privacy rights of students, faculty and staff.
- Network and system integrity: Activities and behaviors that threaten the integrity of computer networks or systems are prohibited on both University-owned and privately-owned equipment operated on or through University resources.
- Commercial use: Use of the University’s information technology resources is strictly prohibited for unauthorized commercial activities, personal gain, and private, or otherwise unrelated to the University, business or fundraising.
- Political advocacy: California law makes it illegal for any state employee or consultant to use or permit others to use state resources for any campaign activity not authorized by law.
- Harassment: Harassment of others via electronic methods is prohibited under California State Penal Code and University policies.
- Copyright: Federal copyright law applies to all forms of information, including electronic communication.
- Trademark and patents: Student, faculty and staff use of University information technology resources in the creation of inventions and other intellectual property that must be patented, trademarked or licensed for commercial purposes must be consistent with Cal Poly’s Intellectual Property Policy.
- Electronic communications: University electronic communications are to be used to enhance and facilitate teaching, learning, scholarly research, to support academic experiences, to facilitate the effective business and administrative processes of the University, and to foster effective communications within the academic community.
- Internet/Web use and accessibility of digital content: An official Cal Poly web site is any site on calpoly.edu, or any site paid for by Cal Poly.
All existing laws (federal and state) and University regulations and policies apply, including not only those laws and regulations specific to computers and networks (e.g. malware), but also those that apply generally to personal conduct (e.g. harassment).
1203.1.2 Compliance and Enforcement
Users will be held accountable for their conduct under any applicable University policies, standards, procedures or collective bargaining agreements. Enforcement will be based upon receipt of one or more formal complaints about a specific incident or through discovery of a possible violation in the normal course of administering IT resources and services. Complaints alleging serious misuse will be directed to those responsible for taking appropriate disciplinary action. Appeals of University actions resulting from enforcement of this policy will be handled through existing disciplinary/grievance processes.
First offenses and minor infractions are generally resolved informally by the entity responsible for the resource. Repeat offenses and serious incidents may lead to formal disciplinary action up to and including dismissal or termination. Misuse may result in the loss of computing privileges and prosecution under applicable civil and criminal statutes.
References for CAP 1203.1
- Date approved by the President: April 23, 2020
- Effective Date: April 23, 2020
- Responsible Department/Office(s): Vice President for Information Technology/Chief Information Officer
- Revision History: Not applicable/New
- Related University Policies, Procedures, Manuals and/or Documents:
- Laws, Regulations and/or Codes of practice referred to herein or related to this policy: