The Information Technology Services department with the oversight of the College’s Executive Council, determines the campus network and technology security and acceptable use policy in accordance with the security and preservation needs of the Emory & Henry College, best practices in the IT industry, and in compliance with federal, state, and local legal requirements. All students, faculty, staff, and others affiliated with Emory & Henry College receiving a network access account must adhere to the following policies and guidelines. Employment or enrollment at Emory & Henry College signifies agreement to abide by all rules, regulations and policies of the College. Please note that all policies are subject to change. Notification of changes will be posted. This document will be reviewed and published regularly on the College website and in various official College publications such as the Student Handbook, Faculty Handbook and the Staff Handbook. All network users must adhere to the most current published revision.
FERPA Policy for Faculty at Emory & Henry College
While Emory & Henry College fosters a community approach to education to support the academic success of students, the College also works diligently to protect the privacy and security of student information. With this philosophy of holistic education, Emory & Henry identifies those who have a “legitimate educational interest” in student information as those individuals who instruct, advise, and coach students, and staff members who are responsible for fostering student achievement.
Per FERPA guidelines, it is best practice to limit access to and disclosure from personally identifiable student information to faculty and staff at the College who have an educationally legitimate need to know in order to conduct College business. This applies to student records in print or electronic format including systems such as (but not limited to) the Ellucian administrative system, the SoftDocs paperless document system and the Pharos360 retention program employed at the College.
Faculty members have the capability to access student transcripts and other student educational records, both in paper and electronic format, for the purposes of student advisement, department or division statistical research, and other College-related inquiries. Any accessing of student records for other purposes is prohibited by FERPA regulations and College policy. It is the policy at Emory & Henry College that faculty members and other employees who advise students on their educational programs will not access any confidential records, including transcripts and degree audits, of students who are not their assigned advisees. Faculty members who are not the advisor of a student may only access that student’s academic record with the express consent of the student. Faculty members are not authorized to disclose any FERPA-protected student information with any person other than the individual student.
Students have the right to confidentiality and instructors have the responsibility to protect against improper disclosure of information about students. A violation of this policy is an explicit violation of the Academic Code.
Electronic records retained on College systems are subject to state and federal privacy acts, the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (US PATRIOT Act), and Commission on Accreditation for Law Enforcement Agencies (CALEA), as well as Freedom of Information Acts (FOIA). World Wide Web information located in designated web directories will be considered public information if “read” access is granted. Access to and the utilization of data contained within College administrative, academic, and student support administrative systems are also subject to Family Educational Rights and Privacy Act (FERPA) regulations and authorized users agree under this acceptable use policy to adhere to and abide by FERPA privacy and security guidelines. Student and staff medical and counseling records may be subject to Health Insurance Portability and Accountability Act (HIPAA) regulations and must be accessed and handled in accordance with those established guidelines and regulations.
Guests of the College utilizing Internet access through the College’s network are expected to practice good Internet citizenship in their online activities, so as to avoid reflecting negatively on Emory & Henry College. Specifically, they must adhere to all local, state, and federal laws, not download illegally obtained copyright protected materials, and not access websites or materials which are not in keeping with the teaching, research, and educational goals of the institution. Anyone affiliated with Emory & Henry College who allows minor children to utilize public access computers on campus must be responsible for the actions of those children and should remember that Emory & Henry College does not have any filtering hardware or software in place for Internet content.
All students, faculty, and staff, have a network account assigned to them for their individual use while at Emory & Henry College. Emory & Henry College computerized information systems exist to promote shared access to computing, communication, and information necessary to serve the teaching, research, and administrative needs of the entire campus community. These systems and the data they contain are vital resources of considerable monetary and intellectual value, in addition to important personal information which must be handled in a secure and confidential manner. Access to computer systems and networks, including e-mail and web material placed on or distributed through the systems and networks owned or operated by Emory & Henry College is a privilege, not a right, and requires compliance with College policies and to federal, state, and local laws. Thus, all account holders of the College’s information assets have a responsibility to use these systems in a respectful, ethical, professional, and legal manner.
The purpose of the network is to support the teaching, research, and administrative needs of the College. The network is not designed nor intended to support the downloading of copyrighted material, such as, unlawfully obtained music, videos, and software. Such activities are not permitted at any time. Online activities which require disproportionately large amounts of bandwidth (such as online gaming or watching full-length movies online) are strongly discouraged as they require a major portion of the College’s available internet bandwidth for the use of a single individual, which can disrupt the research and other legitimate activities of the College community of network users. Repeated violations of this policy can result in loss of network privileges.
This policy pertains to all computers, printers, scanners, networks, Internet connections, and communication systems transmitting voice, data, or video information owned or leased by the College or connected to the College network. Appropriate use is always ethical, reflects academic honesty, the security and confidentiality of personal information, and shows restraint in the consumption of shared resources.
All users of College information assets are required to demonstrate respect for intellectual property, ownership of data, system security mechanisms, and the individual’s right to privacy and freedom from intimidation, harassment, and unwarranted annoyance.
While acknowledging a respect for privacy, the College cannot guarantee confidentiality in the use of any College information system. This policy acts as notification that all email accounts are the intellectual property of the College and are for the conduct of College-related business. As such, users are hereby reminded that email accounts should not be used to send or receive emails of a personal nature. Furthermore, the College retains the right to immediately disable or delete all network and email accounts upon either termination of employment or as directed by College officials.
Administrative Rights and Approved Software
The IT Services Department retains administrative rights on all College-owned computer technology. Exceptions must be requested by contacting the IT Director.
The Approved Software list can be found within the Policies and Procedures Manual published on the College’s IT Services Department website at https://www.ehc.edu/sites/default/files/it-services-policies-and-procedures-pdf-082011.pdf. Requests for exceptions to the list should be sent to the IT Director. Requests must be approved by the IT Director and the Vice President for Academic Affairs.
In making appropriate use of resources Emory & Henry students, faculty, and staff must:
In making appropriate use of resources Emory & Henry students, faculty, and staff must NOT:
With the proliferation of mobile technology devices such as SmartPhones, iPhones, iPads, iPods, gaming consoles, tablet devices, and other mobile technology, the Emory & Henry Library and Information Technology Department has developed and implemented the following policy:
E-mail and network connectivity are a privilege, not a right. These privileges can be revoked for violations of this Acceptable Use policy. Unacceptable behavior includes, but is not limited to:
Penalties for unacceptable behavior range from deactivation of the account through College judicial action or referral to law enforcement authorities. For minor first offenses, the Chief Information Officer/Director of the Library will notify the offender with a simple email warning.
The ability to send mass email messages to all employees is currently available to each employee with an Emory & Henry email address. In addition, a few individuals have the ability to send mass email messages to all students. Mass electronic mailings shall be concise and to the point, and shall consist of a plain-text message without graphics or bolding, italics, or another formatting. The use of attachments should be limited to small size files, such as MS Word and Excel files. Larger files can be posted on the password-protected section of the website or on the learning management system. To post a document on the web site, please contact Public Relations. If you need assistance with the learning management system, please contact the Instructional Technologist.
Mass email is recognized as an important medium for facilitating communication within the Emory & Henry community. However, the potential misuse of mass email is also recognized. The policies and procedures found in this document attempt to provide guidance for the appropriate use of the All Employees email distribution list. Please note that there is a list “EHC Community” that was created for community members who wish to advertise or announce items such as garage sales, items for sale, babysitting services, etc. Membership on that list is voluntary and can be joined by contacting the Computer Help Desk.
Remember that the College’s official internal electronic newsletter, The Scoop (not email), should be used for all general College-related announcements and for providing information about programs, projects, and activities. If you need assistance with including these events in the College’s electronic calendar, please contact Public Relations. In order to have your news or event featured in The Scoop, a request should be submitted to by 2 p.m. the day before the announcement should appear in the e-newsletter. If you are unsure about where to post an announcement, please contact the Computer Help Desk for assistance.
The All E&H Employees list should be used only for the following purposes:
Urgent mass emails are reserved for highly important, time-sensitive emergency notices. In those cases, faculty and staff need to contact one of the following offices and request the message to be distributed to the College-wide community. Urgent messages must be sent in plain text and contain no graphics, bolding, or other HTML formatting. The following is a list of the office authorized to distribute mass e-mails to the campus-wide community:
The privilege of presenting material on the College web site and the College portal can be revoked, with or without cause, at the College’s discretion. Web pages and portal sites found to be in non-compliance may be removed immediately by the web administrator or upon failure to revise web pages or portal sites and conform to these guidelines.
The College recognizes that personnel must have access to student records and other data that is protected under the Family Educational Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability Act (HIPAA) in order to conduct the legitimate business of the College. All Emory & Henry College administrative system users agree that use of systems maintained by partners, consortia arrangements, etc. is governed by the rules and regulations set forth in this policy. Acceptance of this policy implies cooperation with the spirit and intent of any complimenting acceptable use policies which may be provided by E&H’s service providers. College personnel must adhere to the following policies:
The IT Director and staff members of the Information Technology Department reserve the right to enforce this policy as deemed necessary to protect the security of the network, data and files, as well as the rights and privileges of its users. These policies have been developed in consultation with IT directors from the Council of the Independent Colleges of Virginia member institutions as well as the information technology security officials at The Ohio State University, the University of Chicago, and Loyola University, and represent widespread practices in public and private institutions of higher education throughout the United States.
Emory & Henry College considers any violation of appropriate use principles or guidelines to be a serious offense and reserves the right to copy, examine, and remove any files or information resident on College systems allegedly related to unacceptable use and behavior. Violation of these rules will be reported to the appropriate campus office for further action. Punishments may include temporary or permanent suspension of user privileges on the network and/or disconnection from the campus network, or other sanctions as described in the Faculty and Faculty Status handbooks, or the Staff handbook. Offenders may be prosecuted under laws including (but not limited to) the Privacy Protections Act of 1974, the Computer Fraud and Abuse Act of 1986, the Computer Virus Eradication Act of 1989, the Interstate Transportation of Stolen Property statutes, the Virginia Computer Crimes Act, the Electronic Communications Privacy Act, and the Telecommunications Act of 1996.
The proper procedures for staff members in the Emory & Henry Library and Information Services Department regarding cooperation with and participation in investigations of suspected misconduct involving the use of the campus network or technology hardware and/or software are as follows: