Office 365/W-Exchange Acceptable Use Policy

Policy number 12-08
Responsible office Information Technology
Classification Board of Trustees-delegated Policy
Category Information Technology and Data Security

Statement of policy

Acceptable use of this software per terms of the contract.

Summary of contents/major changes

Purpose

Western Michigan University has contracted with Microsoft to provide the Office 365/W-Exchange services to all eligible* WMU students, faculty and staff, who may not share the licensed software with others. Use of this service is governed by University policies as well as terms and conditions of the contract with Microsoft.

* Currently enrolled students and currently employed faculty and staff. 

Scope

This policy applies to any student, faculty or staff using the WMU Office 365/W-Exchange services, whether on campus, at home, at regional sites, or via any other means.

Policy statements

  • Any faculty or staff member using Office 365/W-Exchange must ensure that their use will comply with any data storage requirements of their school, department, unit, or Western Michigan University.
  • Office 365/W-Exchange may not be used to store, maintain, or transmit any kind of restricted/confidential data, including, but not limited to social security numbers, driver's license numbers, financial account or credit card numbers, or any other personally-identifiable data.
  • Anyone using Office 365/W-Exchange services for grants should be aware that data may be stored in data centers outside of the US and must abide by the rules and policies set forth in their grant.
  • Student data protected by FERPA is permitted in Office 365/W-Exchange services provided that the information is shared only between the student and those who have a legitimate education-related interest.
  • Western Michigan University does not back up data stored on Office 365/W-Exchange, and cannot restore, or recover, any data or documents that are deleted from these applications.

Justification

Western Michigan University, with broad representation from the campus community, develops policies and procedures to assure that University data assets are secure and protected in compliance with state and federal regulations.

Enforcement

Any person found to be in violation of this policy will be subject to appropriate disciplinary action as defined by current University policy and bargaining agreements.

Reference

References
History
Effective date of current version February 1, 2016
Revision history
Monday, February 15, 2016 - 5:19pm Revised.
Proposed date of next review February 1, 2020