Skip redundant pieces
KUMC Policies, Procedures and Operational Protocols  :  Information Resources Policies and Operational Protocols

University of Kansas Medical Center Operational Protocol: Appropriate Use of Information Systems


1. Principles Statement

The University of Kansas Medical Center provides computing, networking, and information resources to its students, faculty, and staff, in support of the University's mission of teaching, research, and public service.

The University of Kansas Medical Center expects all members of its community to use its computing and network resources in a responsible and ethical manner. Information technology equipment and resources at  KUMC are owned by the State of Kansas and administered by the Information Resources Department. Open access to these resources is a privilege subject to appropriate use.

For guidelines which apply specifically to the appropriate use of Internet Resources provided by the University of Kansas Medical Center, refer to the Internet Use Policy.

For guidelines which apply specifically to the appropriate use of the Electronic Mail system provided by the University of Kansas Medical Center, refer to the Electronic Mail Policy.

2. Purpose

The University of Kansas Medical Center seeks to enforce its policies regarding harassment and the safety of individuals; to protect itself against seriously damaging or legal consequences; to prevent the posting of proprietary software or the posting of electronic copies of literary works in disregard of copyright restrictions or contractual obligations; and to safeguard the integrity of computers, networks, and data, either at the University of Kansas Medical Center or elsewhere.

3. Individuals and Groups Covered By This Policy

  • Full-time, part-time and volunteer faculty, administrative and support staff
  • Emeritus faculty
  • Full-time and part-time students
  • Affiliated campus corporations or non-profit groups
  • Other groups and organizations relying on kumc.edu as a host through contractual relationships.

4. Definitions

COMPUTING AND NETWORK RESOURCES- The term 'computing  and network resources' means any information service, system, or access software and hardware that enables computer access by multiple users to a server,  a service or system that provides access to the Internet and such systems operated or services offered by the University of Kansas Medical Center.

UNIVERSITY- The term 'the University' means the University of Kansas Medical Center.

5. Introduction

The University of Kansas Medical Center encourages the use of its computing and network  resources by students, faculty and staff to further its mission:

  • the highest quality instruction
  • high levels of research productivity
  • excellence in patient care
  • service to Kansas, the nation, and the world through research, teaching, and the preservation and dissemination of knowledge
  • preparation of its students for lives of learning and for the challenges that educated citizens will encounter in an increasingly complex and diverse global community
  • fostering a multicultural environment in which the dignity and rights of the individual are respected, and in which intellectual diversity, integrity, and disciplined inquiry into the search for knowledge are of paramount importance.

5.1   General Computer and Network Resources Access Rules 

Generally, access to the University's computing and network resources is provided for use in activities relating to instruction, research, and public service. Limited personal use is also permitted provided that such use does not:

  • interfere with University of Kansas Medical Center operations.
  • generate incremental identifiable costs to the University of Kansas Medical Center.
  • negatively impact the user's job performance.
  • involve other employment, the operation of a personal business, or other similar commercial or business activities without prior approval by the Executive Vice Chancellor (EVC) or the EVC's designate
  • violate the University codes of conduct, regulations, policies, or laws.
  • violate Federal or State laws.
  • display, print, store, or transmit electronic information (text, images, video or sound) that could be offensive to a reasonable person and could create a potentially hostile environment for employees or visitors except as may be appropriate in the educational, research, or clinical contexts.

Users must respect the rights of other users and the integrity of the systems and related physical resources. Users must also respect intellectual property, ownership of data, software licensing and contractual obligations, system security mechanisms, and individuals' rights to privacy and freedom from  harassment.

6. Existing Legal Context

All existing Federal, State and University laws, regulations, and policies apply, including not only those laws and regulations that are specific to computers and networks, but also those that may apply generally to personal conduct.

7. Specific Examples of Inappropriate Use

Examples of  inappropriate use include, but are not limited to:

  1. Using University computer and network resources for illegal activities. (May include obscenity, child pornography, threats, harassment, copyright infringement, defamation, theft.)
  2. Using a University computer account without authorization (attempting to access or accessing another's account, private files, or e-mail without the owner's permission.)
  3. Obtaining a password for a University computer account without the consent of the account owner.
  4. Intentionally creating, modifying, or copying files to or from areas to which the user has not been granted access.
  5. Allowing access to University owned computer resources by unauthorized users.
  6. Altering system software or hardware configurations without authorization.
  7. Using University computer and network resources to gain unauthorized access to computer facilities off-campus.
  8. Knowingly  interfering with the normal operation of computers, terminals, peripherals, or networks. This includes but is not limited to loading programs known as computer viruses, Trojan horses, and worms.
  9. Intentionally using an abnormally large amount of resources, such as processing time or disk space, without prior permission.(e.g. sending campus wide broadcast e-mail.)
  10. Attempting to circumvent data protection schemes or uncover security loopholes.
  11. Violating terms of applicable software licensing agreements or copyright laws (installing, copying, distributing or using software in violation of copyright and/or software agreements.)
  12. Downloading or sharing with others, whether through "peer-to-peer" software or other means, copyrighted movies, music, or other copyrighted multimedia material.
  13. Masking the identity of an account or machine.( Disguising ones identity in any way, including the sending of falsified messages, removal of data from system files, and the masking of process names.)
  14. Posting materials on electronic bulletin boards that violate existing laws or the University's regulations.
  15. Using University computer and network resources for commercial or profit-making purposes without written authorization from the University.
  16. Failing to adhere to individual departmental or unit lab system policies, procedures, and protocol.

NOTE: Activities will not be considered misuse when authorized by  appropriate University officials for security, performance testing or research, or when conducted in an educational, research or clinical context.

 

8. Reporting Alleged Appropriate Use Policy Violations

To report a suspected violation of this  policy, contact the Information Resources Department Security Administrator. Employees who, in the course of their routine duties, encounter clear evidence of use of university equipment for illegal activities are obligated to report that activity to their managers.

9.  Enforcement

Suspected or known misuse of computing, network or information resources will be reported to the appropriate University officials, and may result in:

  • Loss of computing privileges.
  • Accountability for conduct under any applicable University or campus policies, procedures, or collective bargaining agreements.
  • Prosecution under applicable statutes.

Suspected or known violations of University regulations and/or State and Federal law will be processed by the appropriate University authorities and/or law enforcement agencies.

Faculty, staff, students, or other users of University systems and computing resources who knowingly use those systems or resources in ways that infringe the copyrights of others (including, but not limited to, storing or displaying copyrighted materials without express permission of the copyright holder) will lose their system access and may face additional disciplinary action consistent with University policy and procedure.

This policy is in accordance with :

University of Kansas Medical Center.
Handbook for Faculty and Unclassified Staff

University of Kansas Medical Center. Student Handbook

University of Kansas Medical Center. Internet Use Policy

University of Kansas Medical Center.Copyright Policy

Kansas Board of Regents.Policy and Procedures Manual

Kansas Information Technology Office Policy 1200 concerning Acceptable Use of the Internet, sections 5.2 and 6.3.

Any restrictive actions taken by University of Kansas Medical Center  authorities will be in accordance with guidelines and procedures set forth in these policies, codes, or laws.

For information on this policy, please contact:

Jim Bingham
Associate Vice Chancellor for Information Resources
Chief Information Officer
University of Kansas Medical Center
2100 West 39th
Kansas City, Kansas 66160
(913) 588-7300

Revised May, 2003

top of page