Rutgers Acceptable Use Policy for Information Technology Resources

What Does the Policy Do?

• Outlines the acceptable use of university information technology resources
• Defines technology resources at the university
• States user rights and responsibilities while using Rutgers information technology resources
• Outlines violations of the acceptable use of technology resources
• Addresses the correct privacy and safety protocols for users of Rutgers information technology resources
• States the university's responsibilities for protecting its integrity and operations

Policy Excerpt on Protecting University Integrity and Operations

Excerpt from section VIII A of the policy

The university’s obligations in relation to information technology resources include ensuring compliance with applicable laws and university policies and procedures, protecting the integrity and operation of its resources, and preserving information as necessary to protect the interests of the university and to enable it to satisfy these obligations. Accordingly, the university may access Rutgers-related electronic information on any device on which it is stored or may be accessed, and may access a user’s records and information stored on university information technology resources systems or equipment for the above-mentioned purposes. Such access must be for specific, articulable reasons, must be appropriately circumscribed, and is limited to authorized personnel. The university understands that some users may have personal information and/or records on university systems and it respects the privacy of all users as to such information insofar as possible in complying with its above-mentioned obligations.

Standards for Accessing or Monitoring Information and Records: The university may access or monitor any/all information, records, record systems, and/or information technology resources in the following circumstances:

• As necessary or appropriate to avert reasonably anticipated or already apparent threats or hazards to university information, records, or information technology resources.  An example includes scanning to detect computer viruses;
• As and when required by law or to comply with legal or contractual obligations of the university;
•  In connection with a legal proceeding in which the Office of General Counsel is involved or an investigation conducted by or on behalf of the Office of Employment Equity or University Ethics and Compliance, for which access is necessary or appropriate;
• When there is reasonable cause to believe that the employee has engaged in misconduct, has violated university policies or regulations, or may have used university resources improperly and that the information and records to be accessed or monitored are relevant to the misconduct or violation in question;
• When the university otherwise has a legitimate need to access the information, records, or information technology resources.

Reasonable efforts will be made to notify the individual of the need for access to information or records in which the individual has a substantial personal interest in information or records stored on or transmitted through the university’s information technology resources or other electronic system unless prohibited by law, inconsistent with university policy, or inconsistent with the university carrying out its normal operations and/or aforementioned obligations.

• Preserving and Protecting Records:  In circumstances where the university determines that there may be a specific risk to the integrity or security of records, data, information, or information technology resources, the university may take measures to protect or preserve them. For instance, the university may take a “snapshot” of a computing account to preserve its status on a given date, copy the contents of a file folder, or restrict user access to information technology resources in whole or in part.

Read the Full Policy