Background image
Information Services Support Desk
Phone: 843-792-9700

MUSC Acceptable Use Policy


Welcome to the MUSC Identity Management System!

IMPORTANT: This agreement applies to all individuals who receive access to any of MUSC's computing, electronic, network or print resources regardless of your affiliation with MUSC (employee, faculty, student, contractor, vendor, etc.).

A. Standards:
    a. Applicability
    This policy applies to all members using MUSC computing, telecommunications and wireless resources, including but not limited to computers, computer systems and networks, medical devices, smart phones, portable digital assistants (PDA's), telephones, pagers, cellular phones and two-way radios, whether property of MUSC or not, and to all uses of those resources, whether on campus or from remote locations. These resources are hereinafter referred to as "computing and telecommunications resources." Additional guidelines may be established by MUSC to apply to specific computers, computer systems, networks or applications.
    b. Requirements:

    Legal:
    An individual using MUSC computing and telecommunications resources shall comply with all federal, South Carolina, and other applicable laws; all generally applicable MUSC rules and policies; and all applicable contracts and licenses. Examples of such laws, rules, policies, contracts, and licenses include, but are not limited to, the laws of libel, privacy, copyright, trademark, and child pornography; the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act, which prohibit "hacking", "cracking", and similar activities; Federal Communication Commission regulations; the MUSC Code of Conduct; the MUSC Anti-Harassment policy; and all applicable software licenses. Users who engage in communications with persons in other states or countries or on other systems or networks should be aware that they may also be subject to the laws of those other states and countries and the rules and policies of those other systems and networks. Users are responsible for ascertaining, understanding, and complying with the laws, rules, policies, contracts, and licenses applicable to their particular uses.

    A member using MUSC computing and telecommunications resources shall use only those resources that they are authorized to use and use them only in the manner and to the extent authorized. Ability to access computing resources does not, by itself, imply authorization to do so. Users are responsible for ascertaining what authorizations are necessary and for obtaining them before accessing any computing resources. Accounts and passwords may not, under any circumstances, be shared with, or used by, persons other than those to whom they have been assigned by MUSC. A user of computing and telecommunications resources shall respect the privacy of other users and their accounts, regardless of whether those accounts are securely protected. The ability to access other persons' accounts does not, by itself, imply authorization to do so.

    Reasonable:
    A user of MUSC computing and telecommunications resources shall respect the finite capacity of those resources (including, for example, bandwidth, disk space and CPU time) and limit use so as not to consume an unreasonable amount of those resources or to interfere unreasonably with the activity of other users.

    Email Communications:
    Each member is provided with a MUSC email address. This address is considered their official MUSC email account and all MUSC business conducted via email must use the MUSC email account and email system. Confidential or sensitive information should not be sent through e-mail or exposed to public networks such as the Internet unless adequately secured against unauthorized access and encrypted in transit. Email sent from one musc.edu email address to another musc.edu email address using the MUSC email system is considered secure and no additional steps are needed to encrypt the message.

    Personal Use:
    Personal use of MUSC computing and network resources is restricted by State law. Section 8-13-700(A) of the South Carolina Ethics Code reads as follows: “No public official, public member, or public employee may knowingly use his official office, membership or employment to obtain an economic interest for himself, a member of his immediate family, an individual with whom he is associated, or a business with which he is associated. This prohibition does not extend to the incidental use of public materials, personnel, or equipment, subject to or available for a public official's, public member's, or public employee's use which does not result in additional public expense.”

    Examples of inappropriate personal use include, but are not limited to:

    (1) Interferes with the performance of the user’s job or other MUSC responsibilities;
    (2) Accessing pornographic web sites;
    (3) Unreasonably consumes MUSC resources; or
    (4) Is out of compliance with other MUSC policies.

    Additional restrictions on personal use may be imposed in accordance with normal management or departmental responsibilities.

    Representing MUSC:
    Internal: Misrepresenting or willfully concealing your identity at any point on the MUSC network is prohibited.

    External: A user of computing and telecommunications resources shall not state or imply that they speak on behalf of MUSC or use MUSC trademarks and logos without authorization to do so. Affiliation with MUSC does not, by itself, imply authorization to speak on behalf of MUSC.

    Academic Freedom:
    Freedom to teach and freedom to learn are inseparable facets of academic freedom. The freedom to learn depends upon appropriate opportunities and conditions not only in the classroom, but on the campus as a whole. The responsibility to secure and to respect general conditions conducive to the freedom to learn is shared by all members of the academic community -- faculty, staff, and students. System and network administrators are expected to respect the University's academic freedom policies.

    Security:
    All MUSC members share in the responsibility for protecting MUSC's information systems against threats to availability, integrity and confidentiality. The owners, administrators, and users of all MUSC systems are required to understand and meet their assigned security responsibilities, as defined in this policy, and all other applicable MUSC policies. All members should be familiar with MUSC information security practices, safeguard their system credentials, employ the appropriate physical safeguards to protect information assets, and protect the confidentiality of electronic protected health information.
B. Expectation of Privacy

MUSC computing and telecommunications resources are not private. For example, communications made by means of these resources are subject to South Carolina Public Records Law to the same extent as they would be if made on paper. The normal operation and maintenance of MUSC’s computing and telecommunications resources require the backup and caching of data and communications, the logging of activity, the monitoring of general usage patterns, and other such activities that are necessary for the rendition of service.
    a. Reason to Access Activity
    MUSC may access or monitor the activity and accounts of individual users of MUSC computing resources, including individual log in sessions and communications, without notice, when:

    (1) It reasonably appears necessary to do so to protect the integrity, confidentiality, availability, or functioning of MUSC generally or computing and telecommunications resources in particular, or to protect MUSC from liability;
    (2) There is reasonable cause to believe that the user has violated, or is violating, MUSC policy;
    (3) An account appears to be engaged in unusual or unusually excessive activity, as indicated by the monitoring of general activity and usage patterns;
    (4) The user has voluntarily made them accessible to the public, as by posting to Usenet or a web page;
    (5) It is necessary for MUSC work and business-related reasons (e.g. a person is on vacation or sick leave and access to some files is needed to further institution business); or
    (6) It is otherwise required by law.

    b. Monitoring as a Job Service Requirement
    MUSC may also authorize access and monitoring of an employee's or agent's actual communications over its computing and telecommunications resources where customer service is a primary responsibility of an employee's job duties. Such monitoring must be authorized by Human Resources and employees in positions subject to monitoring shall be notified of such activity.

    c. Access monitoring oversight
    Any access or individual monitoring, specified in B(a)(5) or for any other reason not listed in B(a) or B(b)., must be authorized in advance by three of the following individuals: Human Resources Director or designee, Legal Counsel, Chief Information Officer, and Chief Information Security Officer, or a majority thereof. The head of the unit which employs the individual will be notified of such access when appropriate. MUSC, at its discretion but subject to any applicable laws, may disclose the results of any access or monitoring, including the contents and records of individual communications, to MUSC personnel or law enforcement agencies and may use those results in appropriate MUSC disciplinary proceedings and/or legal proceedings.
C. Enforcement

Violations of the MUSC Acceptable Use of Computing and Telecommunications Resources Policy by faculty, students, and staff are treated as violations of applicable MUSC policies Violations of public law which involve MUSC computer and communication systems may be subject to prosecution by local, state or federal authorities. MUSC faculty, students, or staff who knowingly violate copyright and/or license terms (for example, by making or using an unauthorized copy of a copyrighted or licensed software product) may be personally liable for their actions.

Contact Us: Information Solutions | helpdesk@musc.edu | 843-792-9700 | Harborview Office Tower, 19 Hagood Avenue, Charleston, SC 29425