Privacy, Monitoring, and Logging
The following shall also apply:
A. Logging:
FVCC computer systems automatically log e-mail and other traffic. Logged information generally includes user addresses and other header information, logon and logoff times, workstation IDs, etc. This information is required by system administrators to verify consistent and proper system operation. E-mail message bodies are not logged normally, but may be monitored as specified under "Lawful searches".
In the case of http/web traffic, FVCC web servers automatically log the following information whenever a file is requested:
- the Internet Protocol (IP) address from which the request came;
- the date and time of the request;
- the file requested;
- the referring page (if available);
- the type of browser used (if available);
Other personal information may be requested on specific pages for specific purposes.
B. Lawful searches:
Manual searching by system administrators of user e-mail or other user files for the purpose of investigating violations of this AUP or other matters that may lead to disciplinary action or criminal charges requires written authorization from one of 3 people:
- The Director of Management Information Services
- The Vice President/Dean of Instruction and Student Services
- The President of Flathead Valley Community College
This authorization should be obtained prior to beginning such a search and must be obtained within 1 business day of the beginning of such a search.
C. Session and keystroke monitoring:
If it is necessary for a system administrator to monitor a user's keystrokes or other form of input for the purpose of determining problems with the computer systems, the user shall be notified that such monitoring is occurring. However, if such monitoring is part of an investigation as detailed under "Lawful searches", such session monitoring may occur without notifying the user.
D. Scanning for viruses and other malware:
Virus and file scanners may be used to locate programs or files that pose a threat to FVCC computer systems or the users thereof. System administrators may move or lock programs or files that they believe pose a threat to FVCC computer systems or the users thereof.
E. Business documents:
A supervisor of an unavailable FVCC employee may request, in writing, with specificity, that a system administrator access the unavailable employee's computer files and obtain a copy of the requested document.
F. Former employees:
A former employee's computer system files will be transferred to the appropriate supervisor and/or the person who replaces the former employee.
G. Offensive material:
FVCC is not responsible for protecting users of the FVCC computer systems from objectionable material and will not block access to commonly available computer resources on the basis of content, unless such access would violate the computer system's security or FVCC privacy policies.
H. Electronic publishing:
FVCC disclaims responsibility for information published electronically via FVCC computer systems or other computer systems except as specified in the "Electronic Publishing" section. Complaints received regarding information transmitted or stored on Flathead Valley Community College computer systems shall be addressed as specified in the "Enforcement" section.
Enforcement
Violations of the policy and procedures specified in this document may result in corrective action, which may include any or all of the following:
- a warning to correct the inappropriate activity;
- the use of increased monitoring to gather evidence;
- suspension or removal of account(s) and/or access privileges;
- presentation of gathered evidence to the appropriate authorities.
Corrective action shall first be taken by the system administrator(s) for the affected computer system(s). Suspensions and revocations of a user's account and/or access privileges may be appealed through the office of the president of FVCC.