Please note that this policy has not yet been revised or converted to the new format .
Also available for download (pdf 129kb)
|Policy Statement||This policy deals with the provision of information technology resources by Monash University and the associated responsibility of authorised users when accessing these information technology resources. These resources include, but are not limited to, the Monash network, computer systems and software, access to the Internet, electronic mail, telephony and related services.|
The policy is based on the following principles, which must be adhered to by all those responsible for the implementation of this policy and to whom this policy applies:
|Application||All University staff, honorary appointees, contractors; and guest/visitors of the University; plus any authorised users or organisations accessing Monash's IT resources.|
|Operative Date||Effective immediately|
|Policy Authorisation||Vice-Chancellor’s Group|
|Policy Administrator||Director - Client Services, eSolutions|
Director, Policy and Consultancy, Human Resources Division
|Definitions||Email and Messaging - Email means the University-provided electronic mail systems and computer accounts. Additional messaging facilities may include but are not limited to calendar and scheduling programs, chat sessions, IRC, newsgroups and electronic conferences.|
Information Technology Resources (IT Resources) – covers all IT facilities including all computers, computing laboratories, lecture theatres and video conferencing rooms across the University together with use of all associated networks, internet access, email, hardware, dial-in access, data storage, computer accounts, software (both proprietary and those developed by the University), telephony services and voicemail.
Monash University Officer/Supervisor – Dean, Head of Organisational Unit or Registrar or other such staff member who has the authority (or delegated authority) to recommend a staff appointment.
Personal information means information or an opinion (including information or an opinion forming part of a database) that is recorded in any form and whether true or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
Personal Web Page –Personal web pages are those pages produced by authorised users that are not directly related to work responsibilities. They may not include any commercial information, and must not under any circumstances be used for business-related activities. They cannot be placed on official web-sites. Any web server that hosts official and personal pages must make a clear and unambiguous distinction between the official site and the personal page area.
Refer to Web page definitions
Publish – to make information available for access by others via any method or format, including, but not limited to, on a web page, email, or the use of peer-to-peer programs.
Authorised User – any person who has been authorized by the relevant Monash University Officer/Supervisor to access any Monash IT system or IT facility, including but not limited to:
For information relating to Acceptable use of information technology facilities by students see Acceptable use of information technology facilities by students
|1. Access To Information Technology Resources||1.0 Lawful Use|
The use of IT Resources must be lawful at all times. Unlawful use will breach this Policy and will be dealt with as a discipline offence.
Unlawful use of IT Resources may also lead to criminal or civil legal action being taken against individual authorised users. This could result in serious consequences such as a fine, damages and/or costs being awarded against the individual or even imprisonment.
The University will not defend or support any authorised user who uses IT resources for an unlawful purpose. For further information on some (but not all) relevant laws, refer to the section of this policy titled Relevant Australian Legislation, Policies and Associated Documentation.
1.1 Granting of Access
Access to IT Resources is authorised by the relevant Monash University Officer/Supervisor, and provided by eSolutions or other organisational unit responsible for managing the IT Resource (eg, the Library). Access is normally based on a need to access that IT Resource and an individual’s current status with the University as recorded in the University’s SAP Human Resources database, University Alumni database or other database managed by eSolutions or the Human Resources Division or Student and Community Services Division.
1.2 User Declaration Form
Users may be required to complete a User Declaration form prior to authorisation being granted for access to certain IT Resources.
1.3 Access on contract expiry or authorised access period
Email and computer access will cease on expiration of contract or end-date as recorded in the SAP Human Resources database. For strictly professional or work-related reasons, staff and other authorised users may request that computer access be extended for a period up to 30 days. Approval must be given by Head of Department or equivalent. Following this approval, an option to forward email to another external email account can be authorised by the Dean/Divisional Director or equivalent and shall not exceed 6 months.
Regarding Use of Monash University Computer Accounts
Each authorised user is responsible for:
1.5 Restrictions to Access
Users are expressly forbidden unauthorised access to accounts, data or files on Monash IT Resources or any other IT resource. The Administrator of an IT Resource may restrict access to an individual user on the grounds that the user is in breach of this policy.
1.6 Third Party Access
Entities other than eSolutions may neither negotiate nor grant third parties access to the University communications and network infrastructure. Applications for access should be made in writing to the Office of the Executive Director, eSolutions.
1.7 Domain Name Registration
All domain names for Monash projects/activities must be registered through the Office of the Executive Director, eSolutions. This requirement must be observed in all instances. Users should note it is the University who owns and controls the site not the person who registers the name.
1.8 Software License Restrictions
Use of proprietary software is subject to terms of licence agreements between Monash University and the software owner or licensor, and may be restricted in its use. See the Software Catalogue in the Schedule to this Policy.
|2. Personal Use of Information Technology Resources||2.1 Extent of Personal Use|
A user who is authorised to use the IT Resources may also use the IT Resources for limited, incidental personal purposes. Personal use of the IT Resources is permitted provided such use is lawful, does not negatively impact upon the user’s work performance, hinder the work of other users, or damage the reputation, image or operations of the University. Such use must not cause noticeable additional cost to the University.
2.2 Commercial Use
IT Resources must not be used for private commercial purposes except where the paid work is conducted in accordance with the University Practice and Paid Outside Work Policy, or the work is for the purposes of a corporate entity in which Monash University holds an interest.
2.3 Reasonable Use Determination
Whether or not use was reasonable in the particular circumstances will be a matter to be determined by the user’s Head of Department or Administrative Head.
2.4 University Liability
The University accepts no responsibility for:
|3. Internet, Email and Messaging||3.1 Access to the Internet|
3.2 Personal Web Pages
3.3 Email and Messaging
|4. Security of Information Technology Resources and Data||4.1 Authorised User’s Responsibilities|
Authorised Users have a responsibility at all times to:
4.2 Records Management
Authorised Users are required at all times to:
4.3 Confidential Information
Authorised Users have a duty to keep confidential:
Each staff member is under a duty not to disclose University business information unless authorized to do so. Breach of confidentiality through accidental or negligent disclosure may expose a User to disciplinary action.
4.4 Personal Information
Personal information about an individual, including personal information that is also Health Information, must not be disclosed without consent of the individual concerned. However, Privacy legislation does provide for release of personal information without consent in certain circumstances e.g. where the information is requested by the police or where the University has reason to suspect that unlawful activity has been, or is being engaged in, such as intentional infringement of copyright. A decision on the legality of disclosure in the particular circumstances must be made by the University’s Privacy Officer or the University Solicitor’s Office.
4.5 University Liability
The University accepts no responsibility for:
|5. Prohibited use of Information Technology Resources and Possible Consequences||5.1 Monash Name, Crest and Logo|
The Monash Name, crest or logo may only be used with prior approval from the Executive Director, Marketing and Public Affairs. All use must be in accordance with the Monash University Visual Identity Manual or with the prior approval of the Executive Director, Marketing and Public Affairs.
5.2 Advertising and Sponsorship
Paid advertisements are not permitted on any website using a Monash domain name, personal website or any website, which has a substantial connection with the University (such as a website for a research program) except with the written permission of the Senior Deputy Vice-Chancellor and Senior Vice-President.
5.3 No Business Activities
Authorised users are not permitted to run a business or publish a non-Monash journal/magazine (unless prior written authorisation has been obtained from the University) on Monash IT Resources. Users must not publish their Monash e-mail address on a private business card.
5.4 Unauthorised Access
Authorised users are expressly forbidden from unauthorised access or attempting to gain unauthorised access to IT Resources belonging to other organisations.
5.5 Infringement of Copyright
Authorised users are expressly forbidden to engage in any of the conduct described in the Schedule as infringing conduct. Wilful or negligent infringement of copyright (for example on personal pages or in breach of the statutory licence (CAL) may attract
5.6 Databases, online journals, ebooks
Use of electronic resources provided by Monash is governed by individual licence agreements and is for non-commercial research and study purposes only. Users are required to comply with use restrictions set out on the specific site or stated in the licence agreement, and must not systematically download, distribute or retain substantial portions of information. Using software, including, scripts, agents or robots is prohibited and may result in loss of access to the resource for the whole Monash community.
5.7 Peer to Peer File Sharing
Installation or use of peer to peer file sharing software such as Kazaa, BitTorrent, DC++ (Direct connect) etc is not permitted on the Monash network. Exceptions for legitimate teaching or research use must be approved by the Head of School or equivalent, and only where no alternative technology is appropriate.
Authorised users are not permitted to utilize the University's IT Resources to access pornographic material or to create, store or distribute pornographic material of any type.
Authorised users are not permitted to utilize the University's IT Resources to gamble.
5.10 Possible Consequences
|6. Privacy and Surveillance||6.1 Security and Privacy|
The accounts, files and stored data including, but not limited to, e-mail messages belonging to users at the University are normally held private and secure from intervention by other users, including the staff of eSolutions.
There are situations in which duly authorised eSolutions staff may be required to intervene in user accounts, temporarily suspend account access or disconnect computers from the network in the course of maintaining the University's IT Resources such as repairing, upgrading or restoring file servers or personal computer systems.
Users should be aware that eSolutions staff may from time to time become aware of the contents of user directories and hard disk drives in the normal course of their work, and they are bound to keep this information confidential.
6.2 Access to and Monitoring
The University does not generally monitor e-mail, files or data stored on University IT resources or traversing the University network. However, the University reserves the right to access and monitor any computer or other electronic device connected to the Monash University network. This includes equipment owned by the University and personal computing equipment (e.g. laptops) that are connected to the network.
Access to and monitoring of equipment is permitted for any reason, including but not limited to, suspected breaches by the user of his/her duties as a staff member, unlawful activities or breaches of University legislation and policies. Access to and monitoring includes, but is not limited to e-mail, web sites, server logs and electronic files.
The University may keep a record of any monitoring or investigations.
6.3 Prior Approval Required
Prior approval must be obtained from the Divisional Director, Human Resources Division (or nominee), before a user's e-mail, files or data may be accessed by authorised staff. Any information obtained under this approval will be treated as confidential, and only disclosed to relevant 3rd parties. Access to the information will be strictly on a need-to-know basis.
|Relevant Australian Legislation, Policies and Associated Documentation|
|Copyright||Copyright Act (1968) (Commonwealth)|
Copyright protects intellectual property rights in literary (including computer programs), dramatic, musical and artistic works (includes photographs/charts/maps) and in films/videos, recordings/tapes and TV and radio broadcasts. Use of any part of a copyright work without permission of the copyright owner will infringe copyright unless the use was for your personal research or study/criticism and review and in accordance with the fair dealing provisions of the Copyright Act OR for the educational purposes of the University and in accordance with the statutory licence in the Copyright Act (1968) (Commonwealth).
Duration of Copyright and Infringement
The duration of copyright protection is generally 70 years following the death of the author. During this period, the copyright owner has the exclusive right to reproduce a work and to communicate (ie transmit electronically) a work to the public. A user will infringe the owner's copyright in a work if he/she copies a work or makes it available on line:
Infringement of copyright will expose a user to personal liability for damages.
Hypertext Links - Users should assume that all materials published on the web are in copyright, unless explicitly stated otherwise. If a user wishes to include material from another webpage in their own webpage, they should create a hypertext link pointing to the material rather than copy it. It is suggested that the permission of other webpage owners be sought prior to creating links to their pages. Permission must always be obtained from the owner prior to directing students to copy/download material from an external web site.
Conduct that infringes copyright
Examples of conduct that infringes copyright if undertaken without the permission of the copyright owner (eg. the relevant recording company), includes but is not limited to:
Copyright infringement could apply to any file format, including, but not limited to MP3.
|Trademarks and Logos||Trade Marks Act (1955) (Commonwealth)|
A user must not copy a trademark or logo belonging to another party. Trademark infringement may expose the user to liability for damages.
|Misleading and Deceptive Conduct||Trade Practices Act (1974) (Commonwealth)|
The Trade Practices Act contains provisions which prohibit passing off and misleading and deceptive conduct. For example, if a user were to copy material from an external site onto a Monash website (including features such as logos and trademarks) so that persons accessing the website would believe that Monash had been authorised to carry the material, this would constitute passing off or deceptive or misleading conduct.
|Spam||Spam Act (2003) (Commonwealth)|
This legislation sets up a scheme for regulating commercial e-mail and other types of commercial electronic messages. Under the Act, users must not send unsolicited commercial electronic messages, i.e. messages that are sent without the recipient's consent. Any commercial messages that are sent electronically (including email, instant messaging or telephone accounts) must include information about the individual or organisation which authorised the sending of the message and provide for a functional unsubscribe facility.
|Discrimination and Harassment||Anti-Discrimination Legislation|
State and Commonwealth legislation prohibits discrimination on the basis of age, impairment/imputed impairment, industrial activity, lawful sexual activity, marital status, physical features, political belief or activity, pregnancy, race, religious belief or activity, sex, parental status or status as a carer. It is also prohibited to victimise a person who has made a complaint of discrimination under these Acts.
|Defamation||A user must not publish a statement about another person (or entity) which could harm that other person’s (or entity's) reputation. There is no need for the person to have been named specifically if he/she can reasonably be identified. Photographs and cartoons can also be defamatory if they hold someone up to ridicule or contempt. In a defamation case, truth is not always a defence.|
|Illegal material||Commonwealth and State laws prohibit publication of hard core pornography (in particular where it involves children, bestiality, violence, cruelty and/or exploitation). A breach of these laws would constitute a criminal offence and will also result in disciplinary action under the University’s disciplinary procedures.|
|Incitement to commit a crime||Users must not publish material which is an incitement to commit or instruction in crime eg, material on how to prepare explosive devices, or how to steal.|
|Associated Policies and Legislation (including Guidelines & Procedures)|
|Further Information and Policy Review Details|
|Further Information and Assistance||Adherence to this policy will generally ensure compliance with the requirements of Monash University and legislation. However, there may be instances where inadvertent breaches could occur. When in doubt users requiring assistance with interpretation of the policy, or who wish to report a breach of this policy, should contact:|
Links to related University Policies and processes have been identified under Associated Policies and Legislation.
|10||Director, ITS Client Services||August, 2012||Updated ITS references to eSolutions|
|9||Director, ITS Client Services||February 2008||Added DC++ under Section 5.7|
|8||Director, Client Services||October 2006||Updated web addresses|
|7||Manager, Policy and Consultancy, HR Division||August 2006||Amendments re: For Monash University Staff|
|6||Manager, Policy and Consultancy, HR Division||January 2006||Updating titles, web addresses and contact details|
|5||Director, Client Services, ITS||September 2005||New content on the use of library databases|
|4||Director Client Services, ITS||June 2005||Amendments re: Copyright information|
|3||Director, Client Services ITS||March 2005||Amendments re: Software licence restrictions|
|2||UNITPOL||November 2004||Amendments re peer to peer software, personal equipment, personal use, email forwarding and SPAM Act|
|1||Deputy University Solicitor||June 2003||Updated with additional copyright material|
|Information Technology, Acceptable Use, e-mail, internet, network services, guidelines, copyright, privacy, discrimination, ethical, personal use, security, disclosure, confidential information.|