| 1. | |
Title |
| | These are the Computer Systems Regulations
2005. |
| 2. | |
Purpose |
| | These regulations provide a framework
for the use of the University's computer systems and network, which
are provided for use by the University community for teaching, learning
and research, and to assist with the administration of the University. |
| 3. | |
Date of effect |
| | These regulations are effective from
1 January 2006. |
| 4. | |
Definitions |
| | In these regulations |
| | computer system means |
| |
(i) |
|
any computer system or mobile device and its peripherals owned or
administered by the University, together with any associated electronic or
optical data storage systems, and |
| |
(ii) |
|
any network, including the internet,
intended for the transfer of information in digital form, accessed
on University property or through University facilities, and |
| |
(iii) |
|
any machine connected by physical or
wireless connection to a network administered by the University. |
| | system manager in
relation to a computer system means |
| |
(i) |
|
a Dean |
| |
(i) |
|
a Head of Division (or equivalent) |
| |
(iii) |
|
the Head of Information and Technology
Services. |
| | University means
University of Waikato. |
| | user means
person using a computer system who is |
| |
(i) |
|
a staff member of the
University, whether employed on a fixed-term, continuing, full-time,
part-time or casual basis |
| |
(ii) |
|
a student enrolled at the University |
| |
(iii) |
|
a person authorised by a system manager
to use the system. |
| 5. | |
Requirements of users |
| | (1) | | Users must not use or attempt
to use a computer system without the authorisation of a system manager. |
| | (2) | | Users must take all reasonable precautions
to maintain the integrity of passwords and any other security mechanisms. |
| | (3) | | If a password becomes insecure or
potentially insecure, a user must, as soon as is practicable, implement
a new secure password. |
| | (4) | | Users must not cause costs to be incurred |
| | (i) | | by the University without the
authority of a system manager, or |
| | (ii) | | by any person or organisation without
the consent of that person or organisation. |
| | (5) | | Unless they have the authorisation
of a system manager, users must not |
| | (i) | | do anything that damages, restricts,
jeopardises, impairs or undermines the performance, usability, reliability,
confidentiality or accessibility of any digital information system,
program, or other stored information or data |
| | (ii) | | access, read, alter, delete or in any
other way interfere with, any information, data or files (including
electronic mail) held by another person, or attempt to do any of
these things, regardless of whether the operating system of the
computer permits these acts. |
| | (6) | | Users must |
| | (i) | | comply with any instruction
by a system manager about the use of the University's computer system |
| | (ii) | | respect the rights of other users with
respect to access to computer systems and enjoyment of use |
| | (iii) | | comply with all applicable New Zealand
law, including law on copyright, privacy, defamation, objectionable
material, and human rights. |
| | (7) | | Users must not |
| | (i) | | ignore or breach any lawful
and reasonable instruction by a system manager |
| | (ii) | | use a computer system in any way that
constitutes discrimination, harassment, or sexual harassment as
defined in the University's Sexual Harassment and Harassment Policy |
| | (iii) | | use a computer system in a manner, or
for a purpose, which would bring the University into disrepute,
or, if they are staff, which would otherwise breach the University's
Staff Code of Conduct or Code of Ethics for Academic Staff |
| | (iv) | | assist, encourage or conceal any unauthorised
use, or attempt at unauthorised use, of any computer system. |
| 6. | |
Use of licensed
software |
| | (1) | | Users must comply with the
terms of any licence agreement between the University and any third
party that governs the use of software. |
| | (2) | | Users must not make copies of proprietary
software unless explicit authority is granted by either the software
provider (for example, where the University administers a site licensing
agreement) or, where applicable, by a system manager. |
| | (3) | | Users must not make proprietary software
available for use by any other organisation or individual without
the authority of the software provider or a system manager. |
| | (4) | | A user who intends to distribute outside
the University, in whole or in part, an application program containing
embedded proprietary software, must first obtain the written permission
of the software provider for each instance of distribution. |
| | (5) | | A user who publishes material identifying
proprietary software must include in the publication explicit and
accurate identification of the software provider. |
| 7. | |
Use of internet or other online information repository |
| | (1) | | Users of the internet facility
must conform to any requirements established and notified by the
University for the use of a system or network accessed over the internet. |
| | (2) | | Any publication on the internet or
other online information repository using University facilities
must |
| | (i) | | not be designed to mislead or
deceive |
| | (ii) | | not breach the Copyright Act 1994 |
| | (iii) | | not promote the personal commercial interests,
or political, religious or other personal views of a user or a user's
acquaintances, friends or family in such a manner that it appears
to have the endorsement of the University |
| | (iv) | | conform to lawful and reasonable employer
instructions and policies on online publication. |
| | (3) | | Unless authorised by a system
manager, a user must not request or accept payment, in money, goods,
services, favours or any other form of remuneration, either directly
or indirectly, for any activity using a computer system. |
| | (4) | | The University is not responsible
for the content of, or events arising from, communications or interactions
between users and others on internet sites where access is not controlled
by the University. |
| 8. | |
Personal use |
| | Users must not publish online information
that is of a personal nature and unrelated to research or career
as if it were part of any officially published information; personal information
must include a disclaimer that makes clear its unofficial status. |
| 9. | |
Requirements and authority
of system managers |
| | (1) | | System managers are responsible
for maintaining security of the systems for which they are responsible,
sufficient for authorised users to make effective use of the facilities
on those systems and to maintain the integrity of their passwords and
any other security mechanisms. |
| | (2) | | System managers are authorised to
monitor the activities of users and to inspect files and other information
for the specific and sole purpose of ensuring that the provisions
of these regulations are being met. |
| | (3) | | System managers must respect the rights
of users to privacy and avoid any unnecessary disruption to the
legitimate activities of users. |
| 10. | |
Authority to issue standards |
| | (1) | |
The Head of Information and Technology
Services has authority to determine and issue standards to ensure
appropriate levels of performance, security, compatibility and legal
compliance of computer systems. |
| | (2) | |
Unless he or she judges it necessary
to issue a particular standard urgently because of a serious and
imminent threat to the operation or security of a computer system,
the determination of a standard by the Head of Information and
Technology Services is subject to consultation with the University's
ICT Committee. |
| | (3) | |
Where the Head of Information
and Technology Services believes on reasonable grounds that a standard
issued under this section has been breached, he or she may take
any immediate action that he or she thinks appropriate to ensure
that system performance, security, compatibility and legal compliance
are protected; if he or she considers that the breach is sufficiently
serious, the Head of Information and Technology Services may
refer the matter to the Vice-Chancellor who may arrange for the
matter to be dealt with in the terms provided under section 13(3)
of these regulations. |
| 11. | |
Disclosure of Information |
| | (1) | | In order to exercise the authority
provided under section 9 of these regulations, a system manager
is entitled to access personal information about a user and the user's
activities on the computer system if there are reasonable grounds
for suspecting that the user may have breached these regulations. |
| | (2) | | A system manager who accesses personal
information about a user under these circumstances may provide the
information to relevant authorities, including the Police and staff
of the University responsible for cost centre management, student
discipline and staff discipline. |
| 12. | |
Complaints |
| | A dispute or complaint concerning
any matter under these regulations may be referred to a system manager
who will determine, on the evidence provided by the complainant and
any other evidence that the system manager may obtain at his or
her discretion, whether there has been a breach of these regulations. |
| 13. | |
Breaches |
| | (1) | | Where a system manager believes
on reasonable grounds that a user has breached these regulations,
such that the activities or rights of other users of a computer
system or of the University are impeded or prejudiced, the system manager
may |
| | (i) | | exclude the user from the system
for a period not exceeding two weeks |
| | (ii) | | remove any relevant material |
| | (iii) | | take any other immediate action that
he or she thinks appropriate to protect the integrity of the computer
system or the rights of other users. |
| | (2) | |
If a standard issued under
section 10 of these regulations has been breached, the matter must
be handled by, or in consultation with, the Head of Information and
Technology Services. |
| | (3) | | A system manager who has made a decision
under this section may, if he or she considers that the breach is
sufficiently serious, refer the matter to the Vice-Chancellor, who
may arrange for the matter to be dealt with, |
| | (i) | |
if the user is a student, under
the provisions of the Student Discipline Regulations 2014 |
| | (ii) | | if the user is a staff member, under
the provisions of the Staff Code of Conduct |
| | (iii) | | in cases other than (i) or (ii), as the
Vice-Chancellor thinks fit. |
| 14. | |
Appeals against
decisions by system managers |
| | A user may appeal
to the Vice-Chancellor against any action or decision under these regulations
by a system manager. |
