Office 365/W-Exchange Acceptable Use Policy

Policy number12-08
Responsible officeInformation Technology
ClassificationBoard of Trustees-delegated Policy
Category12. Information Technology and Data Security

Statement of policy

Acceptable use of this software per terms of the contract.


Western Michigan University has contracted with Microsoft to provide the Office 365/W-Exchange services to all eligible* WMU students, faculty and staff, who may not share the licensed software with others. Use of this service is governed by University policies as well as terms and conditions of the contract with Microsoft.

* Currently enrolled students and currently employed faculty and staff. 


This policy applies to any student, faculty or staff using the WMU Office 365/W-Exchange services, whether on campus, at home, at regional sites, or via any other means.

Policy statements

  • Any faculty or staff member using Office 365/W-Exchange must ensure that their use will comply with any data storage requirements of their school, department, unit, or Western Michigan University.
  • Office 365/W-Exchange may not be used to store, maintain, or transmit any kind of restricted/confidential data, including, but not limited to social security numbers, driver's license numbers, financial account or credit card numbers, or any other personally-identifiable data.
  • Anyone using Office 365/W-Exchange services for grants should be aware that data may be stored in data centers outside of the US and must abide by the rules and policies set forth in their grant.
  • Student data protected by FERPA is permitted in Office 365/W-Exchange services provided that the information is shared only between the student and those who have a legitimate education-related interest.
  • Western Michigan University does not back up data stored on Office 365/W-Exchange, and cannot restore, or recover, any data or documents that are deleted from these applications.


Western Michigan University, with broad representation from the campus community, develops policies and procedures to assure that University data assets are secure and protected in compliance with state and federal regulations.


Any person found to be in violation of this policy will be subject to appropriate disciplinary action as defined by current University policy and bargaining agreements.



Effective date of current versionFebruary 1, 2016
Date first adoptedMay 1, 2015
Revision history
Monday, February 15, 2016 - 17:19 Revised.
Proposed date of next reviewFebruary 1, 2020