Some members of the ITS staff have privileged access to technologies that might give them access to others' confidential information. These individuals have pledged to respect the rights of the system users, to respect the integrity of the systems and related physical resources, and to comply with any relevant laws or regulations. The principles of academic freedom, freedom of speech, and privacy of information are always respected as ITS staff provides appropriate, high-quality, timely, reliable, information technology services.
Specific provisions of the ITS Code of Conduct include:
- Privileged access is granted only to authorized individuals in order to perform assigned job duties, such as system maintenance, individual file recovery, changing passwords upon request by the user or running security checking programs.
- ITS staff does not look at individual files or an individuals' electronic information (eDisk, email, files in folders, etc.) and would only do so if so requested by the user, or in writing by the Vice President responsible for the individual in question or presented with a subpoena for information from federal, state or local law enforcement authorities.
- Privileged access may be used to grant, change, or deny resources, access, or privilege to another individual only for authorized account management activities or under exceptional circumstances.
- Individuals with privileged access shall take necessary precautions to protect the confidentiality of information encountered in the performance of their duties. If, during the performance of their duties, individuals with privileged access inadvertently see information possibly indicating inappropriate use, they are advised to consult with their supervisor. If the situation is an emergency, intervening action may be appropriate.
- Under most circumstances, the consent of the account owners should be obtained, if possible, before accessing their files or interfering with their processes. However, if good faith efforts to obtain consent are not successful, or would unduly interfere with performance of assigned duties, refer to any organizational guidelines or procedures for taking such actions without consent.
--adopted July 2008