1.0 Introduction

Privacy Policies are mechanisms used to establish the limits and expectations for the users of UTEP Information Resources. Internal users should have no expectation of privacy with respect to Information Resources except as otherwise provided by applicable privacy laws. External users should have the expectation of complete privacy, except in the case of suspected wrongdoing, with respect to Information Resources.

2.0 Purpose

The purpose of the UTEP Information Services Privacy Policy is to clearly communicate the UTEP Information Services Privacy expectations to Information Resources users.

3.0 Scope

The UTEP Information Services Privacy Policy applies to all individuals who use any UTEP Information Resource.

4.0 Policy

4.1 General

Electronic files created, sent, received, or stored on IR owned, leased, administered, or otherwise under the custody and control of UTEP are not private and may be accessed by UTEP IT employees at any time without knowledge of the IR user or owner.

To manage systems and enforce security, UTEP may log, review, and otherwise utilize any information stored on or passing through its IR systems in accordance with the provisions and safeguards provided in the Texas Administrative Code (TAC) S202. For these same purposes, UTEP may also capture user activity such as telephone numbers dialed and web sites visited.

A wide variety of third parties have entrusted their information to UTEP for business purposes, and all workers at UTEP must do their best to safeguard the privacy and security of this information. The most important of these third parties is the individual customer; customer account data is accordingly confidential and access will be strictly limited based on business need for access.

Users must report any weaknesses in UTEP computer security, any incidents of possible misuse or violation of this agreement to the proper authorities by contacting the appropriate management.

Users must not attempt to access any data or programs contained on UTEP systems for which they do not have authorization or explicit consent.

4.2 Public Access Privacy Policy

UTEP web sites available to the general public must contain a Privacy Statement. An example of a good public Privacy Statement follows:

Web site Privacy Statement on the Use of Information Gathered from the General Public

The following statement applies only to members of the general public and is intended to address concerns about the types of information gathered from the public, if any, and how that information is used.

5.0 Disciplinary Actions

Violation of this policy may result in disciplinary action which may include termination for employees and temporaries; a termination of employment relations in the case of contractors or consultants; dismissal for interns and volunteers; or suspension or expulsion in the case of a student. Additionally, individuals are subject to loss of UTEP Information Resources access privileges, civil, and criminal prosecution.