1.0 Introduction

This document constitutes a campus-wide policy intended to allow for the proper use of all Meharry Medical College computing and network resources, protection of individual users, access to information technology resources, and proper management of those resources. These guidelines are intended to supplement, not replace, all existing laws, regulations, agreements, and contracts that currently apply to these services.

Policy Statement: Authorized users of Meharry Medical College computer and network resources have a responsibility not to abuse the technical resources and to respect the rights of others. This policy provides guidelines for the appropriate and inappropriate use of information technologies.

Applicability: This policy is applicable to all Meharry Medical College students, faculty, and staff and to others granted use of Meharry Medical College information resources. This policy refers to all College information resources whether individually controlled or shared, stand-alone or networked. It applies to all computer and computer communication facilities owned, leased, operated, or contracted by the College. This includes word processing equipment personal computers, workstations, mainframes, minicomputers, associated peripherals, and software, regardless of whether used for administration, research, teaching or other purposes.

1.1 Background and Purpose

Access to networks and computer systems owned or operated by Meharry Medical College imposes certain responsibilities and obligations on its users and is granted to these users subject to College policies and local, state, and federal laws. Appropriate use should always be legal, ethical, reflect academic honesty, and reflect community standards. Authorized users should demonstrate respect for intellectual property, ownership of data, system security mechanisms, and individuals' rights to privacy and to freedom from intimidation, harassment, and unwarranted annoyance. In addition, authorized users of information resources must respect software copyrights and licenses, refrain from seeking to gain unauthorized access to systems, and respect the rights of other computer users. Thus, this policy covers appropriate use of computers, networks, and information contained therein.

1.2 Definitions and Abbreviations

1.2.1: Authorized Use: authorized use of Meharry Medical College owned, leased, operated, or contracted computing and network resources is used consistent with the education, research, and administrative mission of the College and is consistent with this policy.

1.2.2: Authorized Users: authorized users are (1) current students, faculty, and staff of the College; (2) anyone connecting to a 'public' Information Technology Station (ITS), and (3) others who have been authorized to use a particular resource by the campus unit responsible for operating that resource.

1.2.3: IT: Information Technology, the developer and enforcing unit for the Computer and Network Usage Policies at Meharry Medical College.

1.2.4: MMC: Meharry Medical College (alias the College) for which the policy manual applies.

2.0 Computer and Network Usage Policies

2.1 General Principles

Computing resources are for instructional, research, and administrative use by students, faculty, and staff of Meharry Medical College. The same ethical standards that apply to other College activities apply to use of computing resources. Use of computing resources is restricted to "authorized users". For the purposes of this document, an "authorized user" shall be defined as an individual who has been assigned a login ID and password by IT staff. Individual users are responsible for the proper use of their accounts, including the protection of their login ID and passwords. Users are also responsible for reporting any activities which they believe are in violation of this policy.

2.2 Individual Privileges

2.2.1: Privacy: To the greatest extent possible in a public setting, the individual's privacy is preserved Electronic and other technological methods must not be used to infringe upon the user's privacy.

2.2.2: Freedom of Expression

The constitutional right to freedom of speech applies to all students, faculty, and staff, no matter the medium used.

2.2.3: Ownership of Intellectual Works

Anyone creating intellectual works using Meharry Medical College computers, licenses or networks should consult with the Legal Office and related MMC policies to determine their rights and equities in intellectual property.

2.2.4: Freedom from Harassment and Undesired Information

All clients and users have the right not to be harassed by computer or network usage by others.

2.3 System Monitoring

 System administrators within Information Technology (IT) will take precautions against theft of or damage to the system components. In order to effective perform this task, regular monitoring of system activities will occur. The following information will be routinely monitored by authorized staff in Information Technology or authorized contractors:

System log files, which contain information pertaining to all processes executed on the system, will be examined. 

1. System directories, temporary storage areas, work areas, and all areas outside of users' home directories and mail files, may be examined.
   
   
2. Mail messages with invalid recipient or sender fields are frequently sent to the "Postmaster", who will examine them to determine the cause of the problem.
   
   
3. All directories will be searched for the presence of contaminated (viruses) and "hidden" files.
   
   
4. Unsuccessful attempts to log into an account will be monitored.
   
   
5. Attempts to disguise the source of electronic mail will be monitored.
   
   
6. Any activity that in the opinion of the IT staff appears to compromise the security or integrity of the operating system will be monitored.

2.4 Responsible Use

Each authorized user is held accountable for their actions as a condition of continued use of computing resources of the College. Thus, each authorized user is responsible for acquiring the skills necessary to use the technology properly and according to the policies set forth in this manual. These skills include an awareness and knowledge about information and the technology used to process, store, and transmit it.

2.5 Prohibited Activities

The following list of activities is prohibited. A user of College information resources who is found to have purposely or recklessly violated any of the following policies will be subject to disciplinary action up to and including dismissal, discharge, expulsion, and/or legal action.

2.5.1: Providing any unauthorized user with access to a personal login ID, or in any way allowing others to access the machine, is prohibited. This includes providing access to resources on the College without the express written permission of IT. (Example: a user cannot give their login ID and password to anyone.) Any user who has been authorized to use a password protected account may be subject to both civil and criminal liability if the user discloses the password or otherwise makes the account available to others without permission of the System Administrator and/or CIO. permission of the System Administrator and/or CIO.

2.5.2: Intentionally creating, modifying, or copying files to or from any areas to which the user has not been granted access, is prohibited.

2.5.3: Disguising ones identity in any way, including the sending of falsified messages, removal of data from system files, and the masking of process names, is prohibited.

2.5.4: The establishment of any function that provides unauthorized access, via the Internet connection or otherwise, without the written permission of IT, is prohibited.

2.5.5: Any use not consistent with instructional, research, or administrative purposes is prohibited. This includes but is not limited to use of computing resources to transmit fraudulent, harassing, obscene, threatening, or other messages that are a violation of applicable laws; use of computing resources to send unsolicited information (e.g. via mailing lists); use of computing resources for sending personal or commercial information (advertisements, solicitations, or promotions).

2.5.6: Intentionally developing or using programs which disrupt other computer users or which access private or restricted portions of the system and/or damage the software or hardware components of the system is prohibited. Users must ensure that do not use programs or utilities which interfere with other computer users or which modify the system setup and configuration.

2.5.7: Installation of software is prohibited unless you have permission from the CIO.

2.5.8: Users must not encroach on others' access and use of the College computers. This includes but is not limited to the sending of chain letters or excessive messages, either locally or off-campus; printing excess copies of documents, files, data, or programs; running inefficient programs when efficient alternatives are known by the user to be available; unauthorized modification of system facilities, operating systems, or disk partitions; attempting to crash or tie up a College computer or network; and damaging or vandalizing College computing facilities, equipment, software, or computer files.

2.5.9: Users must not attempt to modify or remove computer equipment, software, or peripherals without proper authorization.

2.5.10: The College is a non-profit, tax-exempt organization and is subject to specific federal, state and local laws regarding sources of income, political activities, use of property and similar matters. Thus, the College must ensure the proper use of property under its control and allocation of overhead and similar costs. Political, Personal, and Commercial use of computing resources is prohibited. College resources must not be used for political activities; personal activities not related to appropriate College functions (except in an incidental manner) are prohibited; use of college resources for commercial purposes is prohibited.

2.5.11: Users must respect copyrights and licenses to software and other on-line information (see section on Software Duplication and Use Policy).

2.6 Disciplinary Actions

Violation of any of the policies will result in the immediate suspension of the user's access. Upon suspending a user's access, IT will notify the user in writing within 24 hours. The notice will clearly state which policy(ies) was violated. The suspended user must contact the Systems Administrator regarding the suspension. Depending on the severity of the violation, the suspension can be removed by the Systems Administrator after discussion, may require notification to the Division Head, or may result in legal action.

2.7 Contacting Information Technology (IT)

To report problems, users should contact the Help Desk at (615) 327-4357 or ext. HELP or email helpdesk@mmc.edu.

3.0 Software Duplication and Use Policy

Meharry MedicalCollege licenses the use of its computer software from a variety of companies. The College does not own that software of its related documentation and, unless authorized by the software developer, does not have the right to reproduce it. Unauthorized duplication or use of software violates the US Copyright Law and exposes the individuals involved and the College to possible civil and criminal liability. While licensing agreements differ slightly from one software company to another, the license fee generally entitles the licensee to use one copy of the software on one computer. It is usually legal to make a working copy to use with a floppy disk system or to copy onto the hard disk. The original may be kept in a safe place as a backup, and it is usually legal to have a copy of the program included with your system backup. Unless specifically authorized by the license agreement, it is not legal to have copies of the software running simultaneously on multiple machines or to use a single copy on a local area network.

3.1 General Policy of Software Usage of MMC Students, faculty, and staff are advised to read the licensing agreement for software that is installed on their system. It is required that each follows the regulations and restrictions set forth in the licensing agreement. The best policy to follow is that copying software from your system or installing software is prohibited unless you are given permission by the appropriate authorized individual (i.e. developer of the software or CIO of MMC).

The College does not condone unauthorized copying or use of computer software by its students, faculty, and staff. As a result, the College cannot provide legal defense for any individual accused of making unauthorized copies of software. If the College is sued or fined because of unauthorized copying or use by students, faculty, or staff, the College will require that the individuals who broke the law pay the penalties. These individuals may also be subject to disciplinary action that may include dismissal. College policy requires that all students, faculty, and staff abide by the law and College contractual obligations.

3.2 Software License Agreement

Most Software License Agreements are included with the distribution of the software diskette's or CDs. In some cases, the Software License Agreement is on-line and be accessed from within the application.

Copies of Software License Agreements for all standard and approved software are kept on file in Information Technology.  

For Additional Information:

Division of the US federal government sheds light on the legal and policy issues related to Internet and computer usage. Web Site: Computer Crime and Intellectual Property Section (CCIPS) of the Criminal Division of the US Department of Justice Web Site, http://www.cybercrime.gov.

[return to top]

Information Technology
(615) 327-6111

Report any problems to: webmaster@mmc.edu
Last updated: 7/26/07