Computer Use Policy

Security and Acceptable Use of the Campus Network and Technology Policy

The Information Technology Services department with the oversight of the College’s Executive Council, determines the campus network and technology security and acceptable use policy in accordance with the security and preservation needs of the Emory & Henry College, best practices in the IT industry, and in compliance with federal, state, and local legal requirements.  All students, faculty, staff, and others affiliated with Emory & Henry College receiving a network access account must adhere to the following policies and guidelines. Employment or enrollment at Emory & Henry College signifies agreement to abide by all rules, regulations and policies of the College. Please note that all policies are subject to change. Notification of changes will be posted. This document will be reviewed and published regularly on the College website and in various official College publications such as the Student HandbookFaculty Handbook and the Staff Handbook. All network users must adhere to the most current published revision.

FERPA Policy for Faculty at Emory & Henry College

While Emory & Henry College fosters a community approach to education to support the academic success of students, the College also works diligently to protect the privacy and security of student information.  With this philosophy of holistic education, Emory & Henry identifies those who have a “legitimate educational interest” in student information as those individuals who instruct, advise, and coach students, and staff members who are responsible for fostering student achievement.

Per FERPA guidelines, it is best practice to limit access to and disclosure from personally identifiable student information to faculty and staff at the College who have an educationally legitimate need to know in order to conduct College business. This applies to student records in print or electronic format including systems such as (but not limited to) the Ellucian administrative system, the SoftDocs paperless document system and the Pharos360 retention program employed at the College.

Faculty members have the capability to access student transcripts and other student educational records, both in paper and electronic format, for the purposes of student advisement, department or division statistical research, and other College-related inquiries. Any accessing of student records for other purposes is prohibited by FERPA regulations and College policy. It is the policy at Emory & Henry College that faculty members and other employees who advise students on their educational programs will not access any confidential records, including transcripts and degree audits, of students who are not their assigned advisees. Faculty members who are not the advisor of a student may only access that student’s academic record with the express consent of the student. Faculty members are not authorized to disclose any FERPA-protected student information with any person other than the individual student. 

Students have the right to confidentiality and instructors have the responsibility to protect against improper disclosure of information about students. A violation of this policy is an explicit violation of the Academic Code.

Electronic Records

Electronic records retained on College systems are subject to state and federal privacy acts, the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (US PATRIOT Act), and Commission on Accreditation for Law Enforcement Agencies (CALEA), as well as Freedom of Information Acts (FOIA).  World Wide Web information located in designated web directories will be considered public information if “read” access is granted. Access to and the utilization of data contained within College administrative, academic, and student support administrative systems are also subject to Family Educational Rights and Privacy Act (FERPA) regulations and authorized users agree under this acceptable use policy to adhere to and abide by FERPA privacy and security guidelines. Student and staff medical and counseling records may be subject to Health Insurance Portability and Accountability Act (HIPAA) regulations and must be accessed and handled in accordance with those established guidelines and regulations.

Guest Access

Guests of the College utilizing Internet access through the College’s network are expected to practice good Internet citizenship in their online activities, so as to avoid reflecting negatively on Emory & Henry College. Specifically, they must adhere to all local, state, and federal laws, not download illegally obtained copyright protected materials, and not access websites or materials which are not in keeping with the teaching, research, and educational goals of the institution. Anyone affiliated with Emory & Henry College who allows minor children to utilize public access computers on campus must be responsible for the actions of those children and should remember that Emory & Henry College does not have any filtering hardware or software in place for Internet content.

Network Accounts

All students, faculty, and staff, have a network account assigned to them for their individual use while at Emory & Henry College. Emory & Henry College computerized information systems exist to promote shared access to computing, communication, and information necessary to serve the teaching, research, and administrative needs of the entire campus community. These systems and the data they contain are vital resources of considerable monetary and intellectual value, in addition to important personal information which must be handled in a secure and confidential manner. Access to computer systems and networks, including e-mail and web material placed on or distributed through the systems and networks owned or operated by Emory & Henry College is a privilege, not a right, and requires compliance with College policies and to federal, state, and local laws. Thus, all account holders of the College’s information assets have a responsibility to use these systems in a respectful, ethical, professional, and legal manner. 

The purpose of the network is to support the teaching, research, and administrative needs of the College.  The network is not designed nor intended to support the downloading of copyrighted material, such as, unlawfully obtained music, videos, and software. Such activities are not permitted at any time.  

This policy pertains to all computers, printers, scanners, networks, Internet connections, and communication systems transmitting voice, data, or video information owned or leased by the College or connected to the College network. Appropriate use is always ethical, reflects academic honesty, the security and confidentiality of personal information, and shows restraint in the consumption of shared resources.

All users of College information assets are required to demonstrate respect for intellectual property, ownership of data, system security mechanisms, and the individual’s right to privacy and freedom from intimidation, harassment, and unwarranted annoyance.

While acknowledging a respect for privacy, the College cannot guarantee confidentiality in the use of any College information system. This policy acts as notification that all email accounts are the intellectual property of the College and are for the conduct of College-related business. As such, users are hereby reminded that email accounts should not be used to send or receive emails of a personal nature. Furthermore, the College retains the right to immediately disable or delete all network and email accounts upon either termination of employment or as directed by College officials.

Administrative Rights and Approved Software

The IT Services Department retains administrative rights on all College-owned computer technology. Exceptions must be requested by contacting the IT Director.

The Approved Software list can be found within the Policies and Procedures Manual published on the College’s IT Department website at ******https://www.ehc.edu/sites/default/files/it-services-policies-and-procedures-pdf-082011.pdf.******  Requests for exceptions to the list should be sent to the IT Director. Requests must be approved by the IT Director and the Vice President for Business and Fiance.

Appropriate Use Guidelines

In making appropriate use of resources Emory & Henry students, faculty, and staff must:

  • Be consistent with the purposes of the network. It is designed to support research, education, and administrative needs of students, faculty, staff, and administrative personnel.
  • Assume responsibility for material on personal web pages.
  • Comply with local, state, and federal laws for materials made available on the Internet.
  • Use copyrighted materials only with the prior approval by the copyright holder or in compliance with “Fair Use” guidelines as described in current federal copyright legislation.
  • Use resources only for appropriate purposes, such as, but not limited to, assignments given by instructors, college-related work, and communication. Discontinue use of a College public-access or lab computer for personal or recreational activities if no other resources are available for students to use for class assignments.
  • Protect the individual’s user logon ID (user account) from unauthorized use. The individual is responsible for all activities on his or her user ID.
  • Access only files and data that belong to the individual user, that are publicly available, or to which the individual user has been given authorized access.
  • Use only legal versions of copyrighted software in full compliance with vendor license requirements. Do not make copies of copyrighted software for personal use.
  • Be considerate in the use of shared resources. Refrain from monopolizing systems, overloading the network with excessive data, or wasting computer time, connect time, disk space, printer paper, bandwidth, or other resources. 

In making appropriate use of resources Emory & Henry students, faculty, and staff must NOT:

  • Use another person’s user logon ID and password at any time.
  • Allow another person other than the actual user to access a user account.
  • Use another person’s files or data without permission.
  • Use computer programs to decode passwords or access control information.
  • Attempt to circumvent or subvert system security measures.
  • Engage in any activity that might be harmful to computers or to any information stored thereon, such as creating or propagating viruses, disrupting services, or damaging files.
  • Use College systems for partisan political purposes, such as using electronic mail to circulate advertising for political candidates.
  • Transmit, distribute, upload, post, or store any material in violation of any applicable law or regulation, or that encourages conduct that could constitute a criminal offense, gives rise to civil liability or otherwise violates any applicable local, state, national or international law or regulation.  This includes, without limitation, material protected by copyright, trademark, trade secret or other intellectual property right used without proper authorization.
  • Transmit, distribute, upload, post, or store any material that is obscene, defamatory, libelous, unlawful, harassing, abusive, threatening, harmful, vulgar, constitutes an illegal threat, violates export control laws, hate propaganda, fraudulent material or fraudulent activity, or invasive of privacy or publicity rights.
  • Use College resources to create personal web pages containing (1) pornography or (2) abusive and/or profane language.
  • Place digital photographic or recording equipment of any kind in any public space on campus without the prior written permission of the Dean of Students.
  • Waste computing resources, for example, by intentionally placing a program in an endless loop or by printing excessive amounts of paper.
  • Use the College’s resources for moneymaking activities as these can jeopardize Emory & Henry’s non-profit status. The network may not be used to advertise a commercial business, or to support a personal business interest. Neither may electronic mail be utilized to circulate advertising for products.
  • Engage in any other activity that does not comply with the general principles presented above.
  • Peer-to-peer file sharing is now prohibited at Emory & Henry College in compliance with the U.S. Higher Education Act. Downloading movies, music, or other copyrighted materials without permission of the copyright holder is strictly forbidden. There are numerous legal and legitimate sites in the World Wide Web for the downloading of materials, such as iTunes.com and Rhapsody.com. The College recommends that anyone wishing to download music or other copyrighted materials utilize legal means to do so.
  • Any non-computing device must be approved and registered before it can be connected to the network.  The IT Services Department reserves the right to restrict devices accessing the network. The BYOD (Bring Your Own Device) policy is enumerated below.
  • The E&H wireless network does not accept non-College access points.  Personal wireless access points, hubs, and routers are strictly forbidden.
  • Any computers connected to the Emory & Henry network are strictly forbidden to function as hosts for network services such as peer-to-peer, file-sharing, local area networks (LAN), etc.

Policy Regarding the Registration and Use of Mobile Technology Devices on the Network

With the proliferation of mobile technology devices such as Smart Phones, iPhones, iPads, iPods, gaming consoles, tablet devices, and other mobile technology, the Emory & Henry Information Technology Department has developed and implemented the following policy:

  • Network users are limited to registering a maximum of three individual items of computer, mobile, and gaming technology each.
  • Users with more than three devices or computer assets must remove one or more devices in order to register another device.
  • The 3 technology device limit pertains to computers, gaming consoles, tablet PC’s, iPads, iPods, SmartPhones, Android devices, iPhones, e-readers, and other similar technology.
  • Exceptions to this policy must be arranged with the Director of Information Technology.
  • The online form for device registration can be found on the Emory & Henry IT department website.
  • Assistance in registering devices and removing them from the network can be obtained at the IT Help Desk.

Abuse of Email Privileges

E-mail and network connectivity are a privilege, not a right. These privileges can be revoked for violations of this Acceptable Use policy. Unacceptable behavior includes, but is not limited to:

  • Infringement on others’ privacy
  • Interference with others’ work
  • Copyright infringement
  • Illegal activity
  • Use of mass e-mail for commercial or political mailings
  • Use of distribution lists for purposes other than teaching, research, and administrative needs of the College. 

Penalties for unacceptable behavior range from deactivation of the account through College judicial action or referral to law enforcement authorities.  For minor first offenses, the Director of Information Technology will notify the offender with a simple email warning.

Mass Email Guidelines

The ability to send mass email messages to all employees is currently available to each employee with an Emory & Henry email address. In addition, a few individuals have the ability to send mass email messages to all students. Mass electronic mailings shall be concise and to the point, and shall consist of a plain-text message without graphics or bolding, italics, or another formatting. The use of attachments should be limited to small size files, such as MS Word and Excel files. Larger files can be posted on the password-protected section of the website or on the learning management system. To post a document on the web site, please contact Public Relations. If you need assistance with the learning management system, please contact the Instructional Technologist.

Using the All E&H Employees Email Distribution List

Mass email is recognized as an important medium for facilitating communication within the Emory & Henry community. However, the potential misuse of mass email is also recognized. The policies and procedures found in this document attempt to provide guidance for the appropriate use of the All Employees email distribution list.  Please note that there is a list “EHC Community” that was created for community members who wish to advertise or announce items such as garage sales, items for sale, babysitting services, etc. Membership on that list is voluntary and can be joined by contacting the IT Help Desk.

Remember that the College’s official internal electronic newsletter, The Scoop (not email), should be used for all general College-related announcements and for providing information about programs, projects, and activities.  If you need assistance with including these events in the College’s electronic calendar, please contact Public Relations. In order to have your news or event featured in The Scoop, a request should be submitted to Scoop@ehc.edu by 2 p.m. the day before the announcement should appear in the e-newsletter. If you are unsure about where to post an announcement, please contact the IT Help Desk for assistance.

In addition, discussion forums should be set up through Moodle (not email).  If you need assistance with setting up a Moodle account for a discussion forum, contact Valerie Lewis (vlewis@ehc.edu).

The All E&H Employees list should be used only for the following purposes:

  • Instructions from the faculty marshal for all faculty and/or staff that do not seem appropriate for other communication media.
  • Communication from the chair of the staff affairs committee for all faculty and/or staff that does not seem appropriate for other communication media.
  • Communication from senior administrators for all faculty and/or staff that does not seem appropriate for other communication media.
  • Communication from individual faculty or staff of general interest to a majority of faculty and/or staff that does not seem appropriate for other communication media.
  • Distribution of faculty and staff surveys
  • Reports from faculty or staff committees or task forces of general interest to a majority of the faculty and/or staff.
  • Reports from the faculty or staff representative to the Board of Trustees.
  • Reports from the governance groups (Faculty Advisory Committee, the Staff Affairs Council, etc.).

Urgent Messages

Urgent mass emails are reserved for highly important, time-sensitive emergency notices. In those cases, faculty and staff need to contact one of the following offices and request the message to be distributed to the College-wide community. Urgent messages must be sent in plain text and contain no graphics, bolding, or other HTML formatting. The following is a list of the office authorized to distribute mass e-mails to the campus-wide community:

  • President’s Office — Jake Schrum, Mark Graham
  • Provost — John Wells
  • VP for Student Life — John Holloway
  • Campus Security — Scott Poore
  • VP for Business and Finance — Rick Gaumer
  • Chaplain’s Office — Mary K. Briggs
  • Centralized Student Assistance — Myra Sims
  • Physical Plant — Micah Woods
  • Library — Jane Caldwell
  • IT - Gabriel Dempsey
  • School of Health Sciences - Lou Fincher

Urgent messages include the following:

  • Messages concerning emergency, health and safety: bomb or terrorist threat; natural disaster alert; mechanical failures; weather closures or delays; crime alerts; and computer virus alerts; health alerts.
  • Logistics announcements: construction closures; traffic routing; and ozone or environmental alert notices.
  • Messages pertaining to matters of university-wide policy.
  • Messages of a timely nature having direct impact on large numbers of faculty, staff, or students.

Web Pages and Portal Content on College Servers

The privilege of presenting material on the College web site and the College portal can be revoked, with or without cause, at the College’s discretion.  Web pages and portal sites found to be in non-compliance may be removed immediately by the web administrator or upon failure to revise web pages or portal sites and conform to these guidelines.

Accessing Data in the Administrative Systems of Emory & Henry College

The College recognizes that personnel must have access to student records and other data that is protected under the Family Educational Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability Act (HIPAA) in order to conduct the legitimate business of the College. All Emory & Henry College administrative system users agree that use of systems maintained by partners, consortia arrangements, etc. is governed by the rules and regulations set forth in this policy.  Acceptance of this policy implies cooperation with the spirit and intent of any complimenting acceptable use policies which may be provided by E&H’s service providers. College personnel must adhere to the following policies:

  • Computers logged into Datatel/Raiser’s Edge/Entrinsik Informer, or other administrative system applications, must never be left unattended. All users should log out of these systems whenever it is not in active use.
  • No faculty or staff, office or department, should share administrative system accounts.
  • Student worker access to administrative systems must be strictly supervised and must be conducted only through the use of an authorized student assistant administrative system access account.
  • Administrative users should not store any confidential data on hard drives, flash memory sticks, or other portable storage media. All confidential data derived from administrative systems must be stored and shared via secure password-protected folders on the network.
  • Confidential data in reports, spreadsheets, or other formats must not be emailed to other personnel. It should be stored and retrieved from password-protected folders on the network.
  • Personnel working from remote locations or taking work off campus on laptops or other portable devices must not download any data which falls under the protection of FERPA or HIPAA regulations.
  • Students, faculty, employees, and others authorized by consortia partners on shared systems may be provided an account on the partner’s information networks. Account privileges may include, but are not limited to, secured network storage, networked applications, databases, and Web services.
  • All permanent employees who need access the administrative systems of consortia partners will receive user account information from the consortia partner’s network administrators through the Emory & Henry Library and IT department, which is the liaison between the College and the consortia partner. Access will be revoked immediately upon termination or at the end of the last day of employment.
  • Users shall under no circumstances represent themselves as others for the purpose of circumventing established policies or security measures, or for any reason without explicit permission of the others. Sharing accounts and/or passwords is a violation of this policy.


The IT Director and staff members of the Information Technology Department reserve the right to enforce this policy as deemed necessary to protect the security of the network, data and files, as well as the rights and privileges of its users. These policies have been developed in consultation with IT directors from the Council of the Independent Colleges of Virginia member institutions as well as the information technology security officials at The Ohio State University, the University of Chicago, and Loyola University, and represent widespread practices in public and private institutions of higher education throughout the United States.

Emory & Henry College considers any violation of appropriate use principles or guidelines to be a serious offense and reserves the right to copy, examine, and remove any files or information resident on College systems allegedly related to unacceptable use and behavior.  Violation of these rules will be reported to the appropriate campus office for further action. Punishments may include temporary or permanent suspension of user privileges on the network and/or disconnection from the campus network, or other sanctions as described in the Faculty and Faculty Status handbooks, or the Staff handbook. Offenders may be prosecuted under laws including (but not limited to) the Privacy Protections Act of 1974, the Computer Fraud and Abuse Act of 1986, the Computer Virus Eradication Act of 1989, the Interstate Transportation of Stolen Property statutes, the Virginia Computer Crimes Act, the Electronic Communications Privacy Act, and the Telecommunications Act of 1996.

Cooperation with Law Enforcement Investigations

The proper procedures for staff members in the Emory & Henry Information Technology Services Department regarding cooperation with and participation in investigations of suspected misconduct involving the use of the campus network or technology hardware and/or software are as follows:

  • When seeking technical support assistance from Information Technology staff, each student must sign a waiver which states that the department may look at the student’s personal computer files in the course of completing the requested technical support. The waiver authorizes the department to view the content of the computer’s hard drive(s) in the course of completing any requested technical support assistance, if necessary in assisting the computer user.
  • Should a department staff member discover potentially illegal activities, data, or files on a computer, he or she are to immediately document what he or she saw, why he or she came into contact with that data or file, and how he or she arrived there in terms of the directory structure. The staff member should take no direct action, but should notify the IT Director immediately. If the IT Director is unavailable, then he or she should notify the VP for Student Life without delay if a student is involved, or the VP for Business and Finance if an employee is involved.  If none of these administrators are available, or if there is a genuine threat to public safety inferred in the discovered materials (e.g. bomb threats, plans for violent activities, etc.), then the staff member is authorized to notify Campus Security, or law enforcement officials directly if Campus Security is not available.
  • Staff members are not to confiscate any personal computers or other technology that are not College-owned property.
  • Staff members are authorized to remove College-owned technology and return it to the Information Technology department for removal of materials which violate the Security and Acceptable Use Policy with the approval of the IT Director.
  • Staff members are authorized to boot up computers, open files, or examine directories or folders on College-owned and non-College-owned equipment for College officials, if requested, in the investigation of suspected infractions of the Security and Acceptable Use policy if the equipment in question has been connected to the Campus network.
  • Department staff members are not to release any information, data, or files of any kind to law enforcement authorities without receipt of a properly-executed subpoena compelling the College to cooperate in a criminal investigation.