[an error occurred while processing this directive] Computer Systems Regulations
The University of Waikato - Te Whare Wānanga o Waikato
Archived 2013 Calendar
Waikato Home Waikato Home > Calendar > 2013 Calendar > General Regulations and Policies

Computer Systems Regulations

1.   Title
 These are the Computer Systems Regulations 2005.
2.   Purpose
 These regulations provide a framework for the use of the University's computer systems and network, which are provided for use by the University community for teaching, learning and research, and to assist with the administration of the University.
3.   Date of effect
 These regulations are effective from 1 January 2006.
4.   Definitions
 In these regulations
 computer system means
  (i)   any computer system and its peripherals owned or administered by the University, together with any associated electronic or optical data storage systems, and
  (ii)   any network, including the internet, intended for the transfer of information in digital form, accessed on University property or through University facilities, and
  (iii)   any machine connected by physical or wireless connection to a network administered by the University.
 system manager in relation to a computer system means
  (i)   a Dean
  (i)   a Head of Division (or equivalent)
  (iii)   the Head of Information and Technology Services.
 University means University of Waikato.
 user means person using a computer system who is
  (i)   a staff member of the University, whether employed on a fixed-term, continuing, full-time, part-time or casual basis
  (ii)   a student enrolled at the University
  (iii)   a person authorised by a system manager to use the system.
5.   Requirements of users
 (1) Users must not use or attempt to use a computer system without the authorisation of a system manager.
 (2) Users must take all reasonable precautions to maintain the integrity of passwords and any other security mechanisms.
 (3) If a password becomes insecure or potentially insecure, a user must, as soon as is practicable, implement a new secure password.
 (4) Users must not cause costs to be incurred
 (i)  by the University without the authority of a system manager, or
 (ii)  by any person or organisation without the consent of that person or organisation.
 (5) Unless they have the authorisation of a system manager, users must not
 (i)  do anything that damages, restricts, jeopardises, impairs or undermines the performance, usability, reliability, confidentiality or accessibility of any digital information system, program, or other stored information or data
 (ii)  access, read, alter, delete or in any other way interfere with, any information, data or files (including electronic mail) held by another person, or attempt to do any of these things, regardless of whether the operating system of the computer permits these acts.
 (6) Users must
 (i)  comply with any instruction by a system manager about the use of the University's computer system
 (ii)  respect the rights of other users with respect to access to computer systems and enjoyment of use
 (iii)  comply with all applicable New Zealand law, including law on copyright, privacy, defamation, objectionable material, and human rights.
 (7) Users must not
 (i)  ignore or breach any lawful and reasonable instruction by a system manager
 (ii)  use a computer system in any way that constitutes discrimination, harassment, or sexual harassment as defined in the University's Sexual Harassment and Harassment Policy
 (iii)  use a computer system in a manner, or for a purpose, which would bring the University into disrepute, or, if they are staff, which would otherwise breach the University's Staff Code of Conduct or Code of Ethics for Academic Staff
 (iv)  assist, encourage or conceal any unauthorised use, or attempt at unauthorised use, of any computer system.
6.   Use of licensed software
 (1) Users must comply with the terms of any licence agreement between the University and any third party that governs the use of software.
 (2) Users must not make copies of proprietary software unless explicit authority is granted by either the software provider (for example, where the University administers a site licensing agreement) or, where applicable, by a system manager.
 (3) Users must not make proprietary software available for use by any other organisation or individual without the authority of the software provider or a system manager.
 (4) A user who intends to distribute outside the University, in whole or in part, an application program containing embedded proprietary software, must first obtain the written permission of the software provider for each instance of distribution.
 (5) A user who publishes material identifying proprietary software must include in the publication explicit and accurate identification of the software provider.
7.   Use of internet or other online information repository
 (1) Users of the internet facility must conform to any requirements established and notified by the University for the use of a system or network accessed over the internet.
 (2) Any publication on the internet or other online information repository using University facilities must
 (i)  not be designed to mislead or deceive
 (ii)  not breach the Copyright Act 1994
 (iii)  not promote the personal commercial interests, or political, religious or other personal views of a user or a user's acquaintances, friends or family in such a manner that it appears to have the endorsement of the University
 (iv)  conform to lawful and reasonable employer instructions and policies on online publication.
 (3) Unless authorised by a system manager, a user must not request or accept payment, in money, goods, services, favours or any other form of remuneration, either directly or indirectly, for any activity using a computer system.
 (4) The University is not responsible for the content of, or events arising from, communications or interactions between users and others on internet sites where access is not controlled by the University.
8.   Personal use
 Users must not publish online information that is of a personal nature and unrelated to research or career as if it were part of any officially published information; personal information must include a disclaimer that makes clear its unofficial status.
9.   Requirements and authority of system managers
 (1) System managers are responsible for maintaining security of the systems for which they are responsible, sufficient for authorised users to make effective use of the facilities on those systems and to maintain the integrity of their passwords and any other security mechanisms.
 (2) System managers are authorised to monitor the activities of users and to inspect files and other information for the specific and sole purpose of ensuring that the provisions of these regulations are being met.
 (3) System managers must respect the rights of users to privacy and avoid any unnecessary disruption to the legitimate activities of users.
10.   Authority to issue standards
 (1)  The Head of Information and Technology Services has authority to determine and issue standards to ensure appropriate levels of performance, security, compatibility and legal compliance of computer systems.
 (2)  Unless he or she judges it necessary to issue a particular standard urgently because of a serious and imminent threat to the operation or security of a computer system, the determination of a standard by the Head of Information and Technology Services is subject to consultation with the University's ICT Committee.
 (3)  Where the Head of Information and Technology Services believes on reasonable grounds that a standard issued under this section has been breached, he or she may take any immediate action that he or she thinks appropriate to ensure that system performance, security, compatibility and legal compliance are protected; if he or she considers that the breach is sufficiently serious, the Head of Information and Technology Services may refer the matter to the Vice-Chancellor who may arrange for the matter to be dealt with in the terms provided under section 13(3) of these regulations.
11.   Disclosure of Information
 (1) In order to exercise the authority provided under section 9 of these regulations, a system manager is entitled to access personal information about a user and the user's activities on the computer system if there are reasonable grounds for suspecting that the user may have breached these regulations.
 (2) A system manager who accesses personal information about a user under these circumstances may provide the information to relevant authorities, including the Police and staff of the University responsible for cost centre management, student discipline and staff discipline.
12.   Complaints
 A dispute or complaint concerning any matter under these regulations may be referred to a system manager who will determine, on the evidence provided by the complainant and any other evidence that the system manager may obtain at his or her discretion, whether there has been a breach of these regulations.
13.   Breaches
 (1) Where a system manager believes on reasonable grounds that a user has breached these regulations, such that the activities or rights of other users of a computer system or of the University are impeded or prejudiced, the system manager may
 (i)  exclude the user from the system for a period not exceeding two weeks
 (ii)  remove any relevant material
 (iii)  take any other immediate action that he or she thinks appropriate to protect the integrity of the computer system or the rights of other users.
 (2)  If a standard issued under section 10 of these regulations has been breached, the matter must be handled by, or in consultation with, the Head of Information and Technology Services.
 (3) A system manager who has made a decision under this section may, if he or she considers that the breach is sufficiently serious, refer the matter to the Vice-Chancellor, who may arrange for the matter to be dealt with,
 (i)   if the user is a student, under the provisions of the Student Discipline Regulations 2012
 (ii)  if the user is a staff member, under the provisions of the Staff Code of Conduct
 (iii)  in cases other than (i) or (ii), as the Vice-Chancellor thinks fit.
14.   Appeals against decisions by system managers
 A user may appeal to the Vice-Chancellor against any action or decision under these regulations by a system manager.