Back to Top

Purpose
The purpose of the Acceptable Use of Information Technology Resources Information Technology Requirement (ITR) and associated guidelines are to outline the acceptable use of Information Technology Resources at the College.

Anne Arundel Community College (“College”) provides information technology resources in order to facilitate the pursuit of excellence in support of the College’s mission. Access to and usage of information technology resources owned and operated by the College is granted subject to College policies, and local, state and federal laws, for the purpose of conducting College business.

Scope
Anne Arundel Community College’s information technology resources are the property of the College and usage is subject to monitoring, without notice, of all activities as necessary for system maintenance, information security, as required by law and/or to support research of law violations or institutional policy.

All Authorized Users of Information Technology Resources

Definitions

  1. Information Technology Resources: Any equipment or interconnected system or subsystem of equipment that is used in the automatic acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission or reception of data or information by the College directly or by a third party under a contract with the College which requires the use of such equipment. The term includes computers, mobile devices, software, firmware, services (including support services), and the College’s network via a physical or wireless connection, regardless of the ownership of the information technology resource connected to the network.
  2. Authorized Users: Any individual, including but not limited to, faculty, staff, students, contractors and guests authorized by the College to access information technology resources.
  3. Electronic Communication: Any means of transmitting and receiving messages over electronic media including, but not limited to, a smartphone, cell phone, telephone, fax, tablet or computer.
  4. Cloud-Based Systems: Include resources that are hosted by third parties on behalf of the College and include, but not limited to, the following use-cases: Infrastructure-as-a-service, Platform-as-a-Service, and Software-as-a-Service.
  5. Confidential Information: An individual’s legal name in combination with data elements, whether contained in hard copy or electronic format that can identify a specific individual. (See Red Flags Identify Theft Prevention Procedures for further clarification)

Acceptable Use of Information Technology Resources

  1. It is the requirement of Anne Arundel Community College that all authorized users of information technology resources are to: 

1.1. Comply with all laws (federal, state, local and other applicable laws, licenses), college policies and procedures.
1.2. Use risk-based decisions to maintain the appropriate level of confidentiality, integrity, availability and resilience of information technology resources. 
1.3. Comply with identity theft and “Red Flag” laws by maintaining technology resources that reduce the loss or breach of confidential and sensitive information.
1.4. Respect the privacy and personal rights of others so as not to constitute an invasion of privacy, harassment, defamation, threat, intimidation, unwarranted annoyance, embarrassment, discrimination based on race, color, age, religion, sex, national origin, marital status, sexual orientation, ability, genetic information and veteran status or the like.
1.5. Use information technology resources in an efficient, effective, ethical and respectful manner. 
1.6. Abide by all applicable, licenses, copyrights, contracts and other limitations on access to and/or use of restricted or propriety information. Use copyrighted software only in compliance with vendor license agreements.

Exemptions
Exceptions to this ITR should be submitted to the vice president for Information and Instructional Technology Division, through the director of Information Security for review and approval. If an exception is granted a compensating security control or safeguard will be documented.

Contingencies
None

Review Process
Information Technology Requirements will be reviewed every 12 months or sooner, if required. Guidelines and Processes will be reviewed every 24 months or sooner, if required.

Guideline Title: Acceptable Use of Information Technology Resources Information Technology Requirement

Guideline Owner: Vice President for Information and Instructional Technology

Guideline Administrator: Director, Information Security

Contact Information: John Williams, [email protected]  

Approval Date: Jan. 8, 2024

Effective Date: Jan. 8, 2024

History: Adopted May 13, 1997; revised April 10, 2001; Jan. 11, 2001; June 9, 2020, Oct. 26, 2023

Applies to: Faculty, staff and students

Related Policies: Acceptable Use of Information Technology Resources Policy

Related Procedures: Acceptable Use of Information Technology Resources Procedures

Related Guidelines: Red Flag Procedures

Forms: N/A

Relevant Laws:

  • Gramm Leach Bliley Act (GLBA)
  • Family Educational Rights and Privacy Act (20 U.S.C. § 1232g; 34 CFR Part 99)
  • MD Code