Responsible and Ethical Use Policy

I. Purpose 

Northeast Mississippi Community College uses Banner® by Ellucian® for our Student Information System (SIS). The SIS includes Banner Admin Pages (Application Navigator), and associated self-service applications (Employee Self-Service, Faculty Self-Service, etc.)  The purpose of this policy is to guide employees on how to handle data that is accessible through the SIS. This policy would also apply to any system connected to Banner such as Document Management, Communication Manager, Workflow, Experience (MyNEMCC), Degree Works, Canvas, Slate, Penji, and all Evisions applications. This list is not exhaustive and would also apply to any other applications that may be connected at a later date.

II. General Provisions

By accessing any of these systems, I agree to abide by this policy and understand that access to these systems includes the responsibility for maintaining the privacy of any personal information stored in the system.

Access to confidential financial information of students, employees, and the College should be protected and kept confidential, all information should be used for official College business purposes only.

Computer Services should be notified of any change in personnel that affects a system account.

All Staff and Faculty users having access to information should review the statutory requirements of the Family Educational Rights and Privacy Act (FERPA) and subsequent amendments along with the Gramm-Leach-Bliley Act (GLBA) and its requirements.

Departmentally approved student workers are required to adhere to the same policy standards.

III. System Protection and Privacy

Users should log off all systems anytime a computer will be left unattended for an extended period of time. Do not leave a student or faculty record displayed on an unattended computer. This includes when leaving for the day. Unattended workstations that are left logged in pose an inherent security risk to data.

Workstations should be located so students and visitors cannot see the screen in order to help prevent the unauthorized viewing of records.

Reports and printouts containing any information that should be confidential should be properly stored and protected. When you no longer have use for reports or printouts, please dispose of them promptly and properly. Student records and reports should be shredded before disposal.

Any questions concerning access or release of student academic information should be referred to the Registrar’s Office. Questions concerning access or release of financial information should be referred to the Business Office. 

IV. Violations

Violations of this policy may result in the following penalties:

• Limiting or prohibiting access to files or directories on servers.
• Suspension for varying amounts of time or the permanent revoking of access to Student and Institution Data. NEMCC systems managers reserve the right to immediately restrict the computing privileges of individuals who have violated this policy until suitable, comprehensive disciplinary action is determined.
• Reporting the violation to the appropriate disciplinary organizations for users not directly associated with NEMCC.
• Referral to the appropriate law enforcement agency in cases of violations of state or federal law.

Action may be taken immediately by the NEMCC systems manager in any case of suspected violation of this policy. The affected user will be notified when such action is taken and may file any resulting grievance.