IT Acceptable Use Policy

Introduction

All users of IT services within the Academy of Forensic Medical Sciences have a responsibility as users which are outlined below. The action may also signify a disregard for other Academy policies and regulations. Ignorance of this policy will not be acceptable as an excuse in any situation where it is assessed that you have breached the policy and its requirements.

Students are directed to this policy during their registration each year and are required to acknowledge their agreed adherence to and compliance with the policy.

Staff are advised of this policy during their induction and of the Academy’s requirement for them to adhere to the conditions therein.

For the purposes of this policy the term “computing services” refers to:

• Any IT resource available to staff and students of the academy.
• Any of the network borne services, applications or software products accessible to the staff and students.
• The network/data transport infrastructure used to access any of the services (including access to the Internet).

Students and staff who connect their own IT to the Academy’s network and the services available are particularly reminded that such use requires compliance to this policy.

General Conditions

• All use of the Academy’s computing services must at all times be compliant with the law.
• All use of the Academy’s computing services must not interfere with any others’ use of these facilities and services.
• No computer should be used without authorisation.
• No program or data should be used or accessed which has not been specifically authorised.
• Any data or program belonging to other users should not be used or copied without their express and specific permission.
• Any computer material belonging to another user should not be altered without their permission.
• Academy computing services must not be used to harass, defame, libel, slander, intimidate, impersonate or otherwise abuse another person.
• Academy computing services must not be used for the creation, collection, storage, downloading or displaying of any offensive, obscene, indecent or menacing images, data or material capable of being resolved into such. (There may be certain legitimate exceptions for academic purposes which would require the fullest disclosure and special authorisations).
• You must not use the Academy’s computing services to conduct any form of commercial activity without express permission.

You must not use the Academy’s computing services to disseminate mass (unsolicited) mailings.

You must not install, use or distribute software for which you do not have a licence.

In general, use of Academy “computing services” should be for your study, research, teaching or the administrative purposes of the Academy. Modest use of the facilities and services for personal use is accepted so long as such activity does not contravene the conditions of this policy.

Breaches of This Policy

It is impossible to provide an exhaustive list of contraventions of the policy but each individual breach will be categorised in to one of three categories, with each category carrying its own set of penalties and sanctions.

Minor Breach

Examples:

Behaving disruptively

- Sending junk (spam) email

Sanction:

- Verbal warning – to be held on record for 12 months

Some offences may be deemed serious enough to be elevated directly to one of the higher levels of severity. Not all first offences will be categorised as minor offences.

Moderate Breach

Examples:

- Repeated minor offences within 12 month warning period.

- Assisting or encouraging unauthorised access.

- Sending abusive, harassing, offensive or intimidating email.

Sanctions:

- Senior members of staff will be informed of the nature and consequence of the offence.

- A fine of up to £100 may be levied.

Access to computing facilities and services may be withdrawn pending payment of fine.

Severe Breach

Examples:

- Repeated moderate breaches.

- Theft, vandalism or wilful damage of/to IT facilities, services and resources.

- Forging email. i.e. masquerading as another person.

- Any action, whilst using Academy computing services and facilities deemed likely to bring the Academy into disrepute.

- Loading, viewing, storing or distributing offensive material (other than pornography).

Sanctions:

Access to computing facilities and services may be withdrawn (account suspension) until the disciplinary process and sanctions have been concluded.

It is important to note that loading, viewing, storing or distributing pornographic material will result in instant dismissal without warning.

Process

An investigation will be carried out, in confidence, by staff under the direction of the Director. For staff, that investigative report will be passed to the Director, to be considered within the Academy’s disciplinary procedures. For students, if a verbal warning is appropriate, this will be given by the Course Organiser. If the breach is more serious, the report will be passed to the Academy Secretary to be considered under the preliminary student disciplinary procedures. Each set of disciplinary procedures provide for an appeal stage.