Ursinus College Uniform Employee Agreement Regarding Confidential and Proprietary Information
I understand that my access to confidential data, information, and records (hereinafter
) whether written or maintained in Ursinus College's computer systems (hereinafter
) is limited to my need to know for the purpose of performing my duties as a college employee.
may only be requested by supervisors and data owners via the "Employee Resource and Access Request Form" available at
Access to certain information or specific computer systems may have additional security requirements beyond those contained in this agreement.
includes, but is not necessarily limited to, Social Security numbers, confidential personnel records, confidential medical records (records covered by federal law under the "Health Insurance Portability and Accountability Act of 1996"), student education records (records covered by federal law under the "Family Educational Rights and Privacy Act of 1974" and Ursinus policy under "Confidentiality of Student Records, 1996") and credit card information (records covered by Payment Card Industry Data Security Standard).
By my (electronic) signature below, I acknowledge that I have been advised of, understand, and agree to all the policies outlined in the "Responsible Use of Ursinus College Information Technology Resources" available at
and any policies and legal requirements regarding the distribution of copyrighted material, including unauthorized peer-to-peer file sharing, available
, as well as any pertinent sections of the Faculty Handbook, and any relevant Human Resources policies located
In addition, I understand that I am expected to adhere to the following statements:
I will only use my authorized access to
in the performance of the duties assigned to me as a College employee.
I will avoid disclosure of
to unauthorized persons without the appropriate consent or permission or except as permitted under applicable College policy and/or Federal or State law. I understand and agree that my obligation to avoid such disclosure will continue even after I leave the employment of Ursinus College.
I will promptly report any and all violations or suspected violations of security policies to firstname.lastname@example.org or the CIO. I will also report any inappropriate or non-essential access to
I will maintain all personal
logins and passwords assigned to me in confidence. I will not disclose passwords to any other person or authorize others, whether in the employ of the college or not, to use my passwords and account information for any purpose.
I will utilize my computer(s) in a secure fashion; I will not allow unauthorized individuals to use my workstation or laptop. I will always lock or logout of my workstation when leaving it unattended. In addition, I will select secure passwords that will be changed regularly. Passwords will not be written down and stored in an insecure fashion.
I will never require nor request that individuals send
via an insecure method (e.g. e-mail) for a College related purpose.
I will never send
over the internet to a third party, unless for an authorized and approved business purpose. If I am sending
to an authorized third party, I will only use secure connections and any
will be encrypted.
I will never send documents containing
through postal mail, except on applications or on forms when required by law.
I will not post, copy, enter or otherwise provide
to any unauthorized third party applications or websites. This includes but is not limited to, social media sites, survey services, cloud storage providers, cloud based document editors or third party e-mail systems.
If I am using College provided systems, or approved third party systems, which provide web based access to
I will not use mechanisms that automatically remember my password; I will also ensure that
is not stored in cache files on my computer by clearing my browser’s cache files upon exit.
I will comply with all controls established by Information Technology for the use of
maintained within any
I will exercise care to protect
against accidental or unauthorized access, modifications, disclosures, or destruction.
I will ensure that if I store or travel with any
, whether in electronic or physical form, I will take appropriate security measures to prevent damage, loss or theft. This includes the use of encryption on any files containing
that are stored on a laptop or removable media.
with other employees in the course of my work, I will exercise care to keep the conversation private and not be overheard by others who are not authorized to have access to such
. I will not store nor leave printed or written
in plain sight of third parties.
I understand that any violation of this Agreement, the Responsible Use Guide, Health Insurance Portability and Accountability Act of 1996, "Family Educational Rights and Privacy Act of 1974" and Ursinus policy "Confidentiality of Student Records, 1996") or HEOA statement may result in immediate termination of my access to
and could constitute just cause for disciplinary action including termination of my employment regardless of whether criminal or civil penalties are imposed.