INTENT: This page is intended to be a relatively simple collection of information about a fairly complex set of Federal and State laws, and State and University policies and guidelines that govern the use of university information resources and computing technology. It is by no means comprehensive, authoritative, nor totally accurate for all instances - to make it so would be to make it as complex as all the underlying laws, policies and guidelines. Therefore, you should use this document as a general guide, and understand that if there are inconsistencies between this and the underlying rules, the rules govern. If you have any questions, please refer to the underlying information and the appropriate UW official (see the More Information section below).
Messages to Faculty and Staff From the UW Administration
Know the Rules
- Be knowledgeable about laws and policies
Your use of University of Washington computing and networking resources is governed by:
- Extensive federal and state law and policy
- Internet acceptable use practices
- UW policy or contractual commitments
- UW Technology policy
All UW policies regarding the appropriate use of University resources, responsibility for University institutional data, and personal conduct apply to your use of UW computing and networking resources. In addition, your use of UW resources must comply with the restrictions and acceptable practices established specifically for these resources and these data. Faculty and staff use of these systems is subject to Washington State law for employees of state agencies. See the More Information section below, which lists applicable laws, policies and UW resources to help you understand the University's and your obligations.
You should be aware that law and policy relating to the use of state resources specifically prohibit faculty and staff from:
- Using UW computers, networks, or other computing services for personal gain. For example, it would be improper to use your account to promote your outside business, to display commercial advertising, or to perform work for profit in a manner not authorized by the University.
- Using UW resources for partisan political purposes, such as using email to circulate advertising for political candidates or to help defeat a ballot measure.
Evidence of illegal activities or policy violations will be turned over to the appropriate authorities as soon as possible after detection. Depending upon their nature, violations of law or policy will be met with responses including revocation of access, suspension of accounts, disciplinary actions, and prosecution.
- Protecting the UW's infrastructure
As the computing and networking infrastructure of the UW underlies many crucial activities for the entire University community, including hospitals and clinics, the UW must protect and sustain the operation of those facilities.
As such, the UW will take all legally allowed steps it deems appropriate to remedy or prevent activities that, in the UW's judgment, endanger the orderly operation of UW networks or systems, and/or that threaten the UW's network connections to the Internet and/or other institutions or networks.
With respect to web site names or URLs defined by individuals using UW-provided services, the University may require site or page owners to change a site name if it conflicts with precedent or policy. For example, picking a site name that equates to someone else's UW NetID poses a policy conflict. The University reserves the right to deactivate a Web page at any time and without notice for violations of policy or for security reasons.
- UW Residence Halls
- Computing and networking services in UW residence halls are provided to support student academic activity. If you are living in UW residence halls, please take the time to familiarize yourself with the rules for using those services.
Protect Your Data and UW Data
- Protect your passwords
Choose your passwords carefully, change them regularly, and protect them from abuse.
Your UW NetID gives you access to many UW services. You are responsible for any use of your UW NetID. You may not share your personal UW NetID password.
- Know your responsibilities
In the course of using UW services you may store and/or transmit data that come from institutional sources. Some data are more sensitive than others. You are responsible for knowing the applicable data security standards and policies, appropriate places to store the data, and controlling who can access the data.
Employees of the University are responsible for protecting institutional data, such as student records, protected health information, and personally identifiable information. Where and how confidential and restricted data is stored matters; for example, if confidential data is stored on a portable device it must be suitably protected. UW has contractual relationships with certain "sanctioned" external service providers to help mitigate institutional risk related to data stored in those off-campus services. If you are unsure if a particular type of information is appropriate for use with a particular service or device, contact the relevant UW Data Trustee or Data Custodian.
- Monitoring and privacy
The UW is committed to safeguarding the privacy of personally identifiable information, including personal financial information, educational records, and health records. For employees, be aware that all email and other electronic information pertaining to UW business is "owned" by the university, regardless of where it is kept, and is subject to disclosure as described below in the Records Management and Release of Information section.
The UW may monitor user activities and access any files or information in the course of performing normal system and network maintenance while investigating policy or violations.
- Records management and release of information
Except as noted by an agreement, a law, or a University policy (such as copyright policy), the UW owns all data and records, and all associated copyrights created by UW employees within the course of employment. All information (including email) relating to University business should be maintained in accordance with records management policy and procedures. This applies to email and other electronic records, regardless of where the records are stored, including on personally-owned computers, "cloud" or externally provided services, personal email services and/or other non-UW computers,
- eDiscovery and Public Records Release
Employee (faculty and staff) email correspondence, as well as other records, are covered by UW Guidelines for the Release of University Records, and the UW Guidelines for Electronic Discovery. Contact the Office of Public Records and Open Public Meetings for more information about "Release of University Records", and the Attorney General's Office for more information about eDiscovery. External provider "End User Agreements" typically do not have necessary compliance provisions, therefore forwarding your UW email to a non-sanctioned service provider could put you and the University at substantial risk. If you store University records in a location where the University does not have legal right or practical ability to access, you must return them to a University controlled location upon request of your supervisor or authorized administrator.
- Email use
Email services at the UW are provided to support you in your work and education, as well as to support communication from the UW administration. Your use of email services at the UW should respect others and must not interfere with the operation of UW computers and networks.
UW administrative email messages will be sent to faculty, staff, students, and affiliates of the UW at their official UW email address. Email sent to large groups of UW NetID holders (i.e. bulk email) requires the approval of a dean or vice president.
Some departments have additional email use restrictions, for example UW Medicine workforce members are prohibited from forwarding their UW Email accounts, except to a UW Medicine approved email system. If you are unsure, please check with your department or organizational unit.
External Email and Cloud Service Providers: Email is inherently insecure. Sending confidential or restricted information (such as protected health information or export-controlled information) by email is unsafe, especially if you forward UW email off-campus to a non-sanctioned external email service provider. External email service providers typically do not provide legal protection or accountability for official UW records and information and do not comply with federal, state and UW regulations. However, the University has contracted with specific external providers to sanction their use for certain official UW records, making them acceptable for most - but not all - students and faculty and staff. UW employees should not forward their UW email to a non-UW email address, unless the destination system is specifically approved by the appropriate UW authority, since doing so may put you and the UW at risk of violating regulations such as FERPA, HIPAA (other regulations are listed in More Information).
HIPAA and UW Medicine Users: Some departments have additional email use restrictions, for example UW Medicine workforce members are prohibited fromforwarding their UW Email accounts, except to a UW Medicine approved email system. Currently, for instance, UW Medicine Users may not utilize external or cloud-based service providers for their work. If you are unsure, please check with your department or organizational unit.
Export-controlled and Classified Data: If you handle export-controlled or classified data, you are prohibited from forwarding this data, unless from a sanctioned email system to a known end-user with a secure system. Export-controlled data and classified data may not be placed on an external commercial server, such as with "cloud service" providers. Contact the Office of Sponsored Projects with any questions.
- Copyright laws apply to you
You may not copy or use any software, images, music, or other intellectual property (such as books or videos) unless you have the legal right to do so. More information about copyright is available on the UW Copyright Connection site.
Educational institutions are not exempt from the laws covering copyrights. Most software, images, music, and files available for use on computers at the UW are protected by federal copyright laws. In addition, software, images, music, and files normally are protected by a license agreement between the purchaser and the software seller. It is UW policy to respect federal copyright and license protections.
- Software and information resources provided through the University for use by students, faculty, and staff may be used on computing equipment only as specified in the various software licenses. It is against University policy for you to copy or reproduce any licensed software on University computing equipment, except as expressly permitted by the software license.
- It is a serious violation of UW policy to make or use unauthorized copies of software on University-owned computers or on personal computers housed in University facilities.
Unauthorized use of software, images, music, or files is regarded as a serious matter and any such use is without the consent of the UW. If abuse of computer software, images, music, or files occurs, those responsible for such abuse will be held accountable.
- More about copyrights
Questions and Complaints
- Whom to contact
If you have questions about these policies, you can contact the UW Information Technology Service Center by calling 206-221-5000, sending email to firstname.lastname@example.org, or using the online Send a Question to UW Information Technology form.
- Allegations of copyright infringement can be sent to email@example.com
- Private information
If your questions or complaints involve sensitive information or you have a need for privacy, please call 206-221-5000 and ask to speak to a supervisor. You will be directed to the most appropriate official. Do not assume that email is private.
More information on appropriate use can be found on the following sites;
- Security and Privacy
Information Security and Privacy Laws and Regulations — Descriptions of over 25 laws and regulations relating to security and privacy, maintained by the Office of the Chief Information Security Officer.
Copyright resources at the UW
- Export Controls
- Records management and release
- Email Spam