| Policy number | 12-08 |
|---|---|
| Responsible office | Information Technology |
| Classification | Board of Trustees-delegated Policy |
| Category | 12. Information Technology and Data Security |
Statement of policy
Acceptable use of this software per terms of the contract.
Purpose
Western Michigan University has contracted with Microsoft to provide the Office 365/W-Exchange services to all eligible* WMU students, faculty and staff, who may not share the licensed software with others. Use of this service is governed by University policies as well as terms and conditions of the contract with Microsoft.
* Currently enrolled students and currently employed faculty and staff.
Scope
This policy applies to any student, faculty or staff using the WMU Office 365/W-Exchange services, whether on campus, at home, at regional sites, or via any other means.
Policy statements
- Any faculty or staff member using Office 365/W-Exchange must ensure that their use will comply with any data storage requirements of their school, department, unit, or Western Michigan University.
- Office 365/W-Exchange may not be used to store, maintain, or transmit any kind of restricted/confidential data, including, but not limited to social security numbers, driver's license numbers, financial account or credit card numbers, or any other personally-identifiable data.
- Anyone using Office 365/W-Exchange services for grants should be aware that data may be stored in data centers outside of the US and must abide by the rules and policies set forth in their grant.
- Student data protected by FERPA is permitted in Office 365/W-Exchange services provided that the information is shared only between the student and those who have a legitimate education-related interest.
- Western Michigan University does not back up data stored on Office 365/W-Exchange, and cannot restore, or recover, any data or documents that are deleted from these applications.
Justification
Western Michigan University, with broad representation from the campus community, develops policies and procedures to assure that University data assets are secure and protected in compliance with state and federal regulations.
Enforcement
Any person found to be in violation of this policy will be subject to appropriate disciplinary action as defined by current University policy and bargaining agreements.
Reference
History
| Effective date of current version | February 1, 2016 |
|---|---|
| Date first adopted | May 1, 2015 |
| Revision history |
Monday, February 15, 2016 - 17:19
Revised.
|
| Proposed date of next review | February 1, 2020 |