Electronic communications policy

Intent and objectives

The University’s Information Technology Systems play a pivotal role in realising the University’s Strategic Plan objectives. The University encourages and authorises staff and students to access the University’s Information Technology Systems appropriate to their respective needs and in a manner consistent with University policies and community expectations. The University is committed to the use of electronic communications in the conduct of University business and affairs, whilst at the same time ensuring that use of electronic communications:

  • protects personal privacy;
  • does not breach applicable laws; and
  • does not adversely affect the University’s commercial interests

The purpose of this policy is to ensure that users of the University’s information systems are aware of their rights and responsibilities.

Scope

This policy will apply to all RMIT University staff and students.

Provisions

General restrictions

(a) The University’s information technology systems must not be used by University staff or students:

  • for the purposes of creating, accessing or transmitting or otherwise dealing with content which may reasonably be regarded as objectionable or offensive (bearing in mind the cultural diversity of the environment in which the University operates), or content which is illegal; or
  • in a manner for the purposes contrary to University policies; or
  • in a manner which may otherwise expose the University to legal liability

Some examples of activities prohibited by the above general restriction include (but are not limited to) activities which relate to:

  • content which would reasonably be regarded as being pornographic;
  • content which contains racial vilification, cruelty or violence;
  • content which is defamatory

(b) The University’s information technology systems must only be used:

  • by staff for the purposes of their employment and their professional development; and
  • by students for purposes directly related to their studies

(c) Use of the University’s information technology systems for private, social or recreational purposes should be avoided. However, staff are allowed reasonable use for such purposes outside of work hours, but such use must at all times comply with this policy. The University regards a total period of less than half an hour per day as reasonable use, subject to access cost incurred by the University.

Use of email

1. The transmission to non-University persons of any internal message or other data prepared for in-house use should be avoided.

2. Where email containing sensitive or confidential information is to be sent to non-University persons, the recipient should be forewarned that University email is not usually encrypted.

3. Where email contains sensitive or confidential information, a notice should accompany the email to advise of that status. A suggested notice is as follows:

“NOTICE – this message contains privileged and confidential information intended for the use only of the addressee named above. If you are not the intended recipient of this message you are hereby notified that you must not disseminate, copy or take any action in relation to it. If you have received this message in error, please immediately notify the sender at the above address”

4. Staff and students must exercise great care when formulating email messages. Appropriate etiquette should be observed in email messages and the use of impolite or inflammatory language should be avoided.

5. Staff and students should not respond to emails received, which are inappropriate or contain impolite or inflammatory language. Such emails should be deleted immediately.

6. The following are prohibited:

  • “Spamming” or sending unsolicited group email.
  • “Spoofing” or deliberately changing the “sender” field of email.
  • Sending of chain letters.

7. Email users must comply with any operational restrictions of the University which may be in place from time to time.

8. Staff and students should be aware that if a court subpoenas email records, the University must comply.

9. Users must be aware that email messages which they send may be construed as representing the University’s position. Where a user does not have authority, is not aware of the University’s position or where his or her personal view may differ from that of the University, the message should state that the opinion expressed is that of the writer and does not necessarily reflect the views of the University.

Internet access

1. Whilst it remains economically viable for the University to do so, the University permits access to the Internet by staff in the course of their employment and by students in the course of their study.

2. All internet access must comply with the Telecommunications Act 1997 regarding the non-commercial activities confined to the University community as defined in the Act and the AARNET charter.

3. Internet access at the University is not considered a private activity. ITS publishes the volumes of internet activity by IP address and cost centre, and recovers costs for the volumes of data retrieved from the internet. ITS can identify the sites visited by IP address.

4. Users must take precautions not to propagate viruses contracted from the internet.

5. Any software downloaded from the Internet should be able to be used legally at the University.

Web site creation

1. Staff and students may only create and publish websites using the University information technology systems under prior arrangement with and holding an account from ITS or Media Communications Group or a Portfolio (“a private website”).

2. In addition to complying with the other requirements of this policy a private website must identify the holder of the account and must contain a statement that the account holder is responsible for the web site and its content, and that the content is not authorised by and does not necessarily reflect the views of the University.

3. The University reserves the right to close down any website which the University considers to be detrimental to its interests.

4. The University may issue directions from time to time with respect to continuing use of websites created on the University’s information technology systems.

Electronic commerce

1. All electronic communications which relate to the University’s products or services must comply with the University’s advertising and marketing guidelines.

2. Persons using the University’s information systems must comply with any applicable laws which regulate electronic commerce. Users should also be aware of trade practices and fair trading obligations which apply to the University.

3. Users must comply with the University’s requirements and limitations issued from time to time with respect to on-line transactions.

4. All electronic commerce should conform with the University’s operating procedures relating to delegation of authority.

Surveillance and security

1. The University has the capability to monitor the use of the University’s information technology systems. Staff and students must recognise that whilst the University is committed to maintaining the privacy of personal information, it may be necessary for the University to monitor electronic communications (including email records) in order to comply with applicable laws, or if its suspects there has been a breach of this policy, or to determine ownership or the recipient of lost or misdirected files.

2. Users must comply with the University’s requirements issued from time to time with respect to the use of encryption or secure transmission channels for particular categories of content.

3. Users must not allow access to a site on a University intranet or extranet to a third party if access is blocked to such third parties.

4. Users should not do anything which would or might lead to circumventing or compromising security of any of the University’s information technology systems.

5. The following requirements apply to users in respect of security and system integrity:

  • The University’s corporate IT policy: password security must be complied with at all times
  • ITS rules of use

6. All network access should be authenticated through the Novell Directory Services (NDS).

7. Standard user names and email addresses should be used and the password policy complied with at all times.

8. People’s computer account identifiers are to conform to the following format:

Category

ID

Description

Staff

E99999

Where 99999 is their 5 digit staff number

Fax Machines and General Enquiries Areas

X99999

Where 99999 is a unique number assigned by ITS Client Services Branch

9.Global email addresses are to be in the following format:

firstname.surname@rmit.edu.au

and if there are email addresses to be created for staff with the same first and surname then the following format will be used for all addresses for the staff with the same first and surnames.

firstname.secondinitial.surname@rmit.edu.au

and if no second initial is available

firstname.Z.surname@rmit.edu.au

If identical email addresses will result use of other letters to differentiate between the addresses will be used.

Document retention

1.Users must be aware that deleted files can often be recovered and used in litigation or criminal proceedings.

2. Users supplied with accounts on ITS or Portfolio file servers have their server files backed up in accordance with the procedure for the particular server. All other users are responsible for taking appropriate action in regard to retaining backup copies of their files.

Privacy

1. The University’s information technology systems must not be used to interfere with the privacy of others.

2. Both the University and Users are required to comply with federal and state legislation which may apply from time to time with respect to privacy of personal information.

Intellectual property

Users of the University’s information technology systems should respect the intellectual property rights of others. In particular, users should be conscious of the provisions of the Australian Copyright Act which in general terms (and subject to some exceptions) prevents a person from copying, reproducing, making public, adapting, broadcasting or transmitting copyright material owned by another person without that person’s permission. The Copyright Act will soon be amended to make it quite clear that these restrictions continue to apply in an on-line environment.

Users should be aware that material may still be subject to copyright even if it does not contain a copyright notice or a © symbol.

Complaints/report of breaches

Breaches of this policy should be reported as follows:

  • In the case of breach by an employee – to the line supervisor of the employee or the Executive Director, People and Culture;
  • In the case of breach by a student – to the Director, Student Affairs and Academic Administration.

Consequences if this policy is breached

Disciplinary action may be taken against staff and students who breach this policy, including summary dismissal in the event of what the University considers to be a serious breach by an employee.

Any use of the University’s information technology systems contrary to this policy may result in a withdrawal of access.

[Next: Supporting documents and information]