Information Technology Security, Privacy and Audit Statement
Approved: October 29, 2009Last Reviewed: 08/30/2011
Last Modified: 08/30/2011
Responsible Office: Information Technology Services
Santa Fe College (SF) employs various measures to safeguard its Information Technology (IT) resources and its users’ accounts. Users should be aware, however, that the College cannot guarantee security and confidentiality. Users should therefore engage in safe computing practices by establishing appropriate access restrictions for their accounts, guarding their passwords and changing them regularly.
Users should also be aware that their uses of SF IT resources are not completely private. Although SF makes every effort to ensure privacy and does not routinely monitor or audit individual usage of its IT resources, the normal operation and maintenance of those resources require the backup and caching of data and communications, the logging of activity, the monitoring of general usage patterns and other such activities that are necessary for the continuation of service. SF may also monitor or audit the activity and accounts of individual users of SF IT resources, including individual login sessions and the content of individual communications, without notice, when:
- the user has voluntarily made them accessible to the public, as by posting to a listserv or a web page;
- it reasonably appears necessary to do so to protect the integrity, security, or functionality of College IT resources or to protect the College from liability;
- there is reasonable cause to believe that the user has violated or is violating college policy;
- a user appears to be engaged in unusual or unusually excessive activity; or
- it is otherwise required or permitted by law.
Any such monitoring of communications, other than what is made accessible by the user, required by law, or necessary to respond to perceived emergency situations, must be authorized in advance by the CIO in consultation with at least one college Vice President and/or college legal counsel. SF, in its discretion, may disclose the results of any such general or individual monitoring, including the contents and records of individual communications, to appropriate college personnel or law enforcement agencies and may use those results in appropriate college disciplinary proceedings. Communications made by means of SF IT resources are also generally subject to the Florida Public Records Law to the same extent as they would be if made on paper.
Authority
This policy has been created by Information Technology Services by the authority described in the Santa Fe College Information Security Policy and shall be complied as though it were part of the Information Security Policy document.
References
Florida Public Records Law
Information Security Policy
History
02/02/2001 – Approved with the AUP
09/24/2009 – Removed from the AUP and revised
Information Technology Policies 08/30/2011