Privacy Statement
Cheyney University of Pennsylvania respects the privacy of users and does not routinely inspect or monitor the use of computing and networking resources. However, Cheyney University of Pennsylvania does not guarantee the security and privacy of any user’s electronic mail and/or electronic files. Electronic mail can easily be misdirected or forwarded to others. For these reasons, it is not advisable to send information in electronic mail that you would not want to be distributed to others.
Cheyney may access such electronic mail or files in several situations:
- Spam Blocking: Cheyney protects email as a viable communication and business medium by supporting measures to reduce the amount of unsolicited email Spam that crosses their private networks, while ensuring that valid email reaches its destination. To accomplish this task spam blocker filtering software is utilized to quickly identify and separate the hazardous and annoying spam from legitimate email.
- Requests for Public Disclosure: The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (USA PATRIOT Act) expands the authority of local, state, and federal law enforcement to gain access to stored electronic data and communications. The USA PATRIOT Act applies to all faculty, staff contractors, and students.
- Retention of Electronic Mail: Electronic mail is backed up and retained in accordance with CU policy. Additionally, users are advised that electronic messages and other files are not removed from their hard drives when erased by the individual. Material that continues to exist on a hard drive, or another’s computer, also may be subject to disclosure.
- Access for Cheyney Business: CU employees may access all electronic mail or files on another employee’s computer with that employee’s permission, or with a supervisor’s approval when that employee is unavailable and access is for a legitimate business purpose. However, in the interest of faculty collegiality, CU or the authorized employee seeking access to the electronic files shall reasonably attempt to inform or seek approval of the faculty member whose files are being accessed for business purposes.
Supervisors who access electronic files or give permission to access individual files shall do so in a manner that is consistent with any research and/or confidentiality agreements that may apply to those files. In the interest of faculty collegiality, individual departments are encouraged to develop unit protocols for sharing access to electronic files and mail. Individual departments may develop department protocols for sharing and access to electronic mail and files. Any access by a supervisor or co-worker for a legitimate business purpose shall be limited to that purpose.
- Access in Investigation of Misconduct: A supervisor may only access electronic files to investigate an employee’s misconduct when the access is consistent with all legal requirements, including reasonableness under the circumstances. Such access may only be done with the approval of the appropriate dean or director and in a manner consistent with other provisions of this policy. If the person searching is dean/director-level or higher, that person must seek approval from the appropriate next-level administrator. This provision applies to the monitoring of employee accounts when the monitoring is done because of suspected illegal activity or policy violations.
- Monitoring of Accounts: An account may be inspected or monitored when:
- activity from an account prevents access to computing or networking resources by others
- general usage patterns indicate that an account is responsible for illegal activity
- there are reports of violations of policy or law
- it is necessary, in the judgment of CU administration, to do so to protect Cheyney from liability
- Cheyney receives a public records request or a valid subpoena
- it is required by, and consistent with, any other law
User’s Responsibility for Maintaining Privacy
System users are responsible for maintaining appropriate access restrictions for their files, as well as protecting their passwords. An employee or student who knowingly allows another person to use his or her username or password may be found responsible for any inappropriate use on the part of that person.