Responsible and Ethical Use Policy

I. Purpose 

Northeast Mississippi Community College uses Banner® by Ellucian® for our Student Information System (SIS). The SIS includes Banner Admin Pages (Application Navigator), and associated self-service applications (Employee Self-Service, Faculty Self-Service, etc.)  The purpose of this policy is to guide employees on how to handle data that is accessible through the SIS. This policy would also apply to any system connected to Banner such as Document Management, Communication Manager, Workflow, Experience (MyNEMCC), Degree Works, Canvas, Penji, and all Evisions applications. This list is not exhaustive and would also apply to any other applications that may be connected later.

II. General Provisions

By accessing any of these systems, I agree to abide by this policy and understand that access to these systems includes the responsibility for maintaining the privacy of any personal information stored in the system.

Access to confidential financial information of students, employees, and the College should be protected and kept confidential, all information should be used for official College business purposes only.

Information Technology Services should be notified of any change in personnel that affects a system account.

All employees should review the statutory requirements of the Family Educational Rights and Privacy Act (FERPA) and subsequent amendments along with the Gramm-Leach-Bliley Act (GLBA) and its requirements.

All student workers are required to adhere to the same policy standards.

III. System Protection and Privacy

Users should log off all systems anytime a computer will be left unattended for an extended period. Do not leave a student or faculty record displayed on an unattended computer. This includes when leaving for the day. Unattended workstations that are left logged in pose an inherent security risk to data.

Workstations should be located so students and visitors cannot see the screen to help prevent the unauthorized viewing of records.

Reports and printouts containing any information that should be confidential should be properly stored and protected. When you no longer have use for reports or printouts, please dispose of them promptly and properly. Student records and reports should be shredded before disposal.

Any questions concerning access or release of student academic information should be referred to the Registrar’s Office. Questions concerning access or release of financial information should be referred to the Business Office. 

IV. Violations

Violations of this policy may result in the following penalties:

• Limiting or prohibiting access to files or directories on servers.
• Suspension for varying amounts of time or the permanent revoking of access to Student and Institution Data.
• Restriction of computing privileges of individuals who have violated this policy until suitable, comprehensive disciplinary action is determined.
• Reporting the violation to the appropriate disciplinary organizations for users not directly associated with NEMCC.
• Referral to the appropriate law enforcement agency in cases of violations of state or federal law.

Information Technology Services may take immediate action to protect employee and student data in any case of suspected violation of this police.  The affected user will be notified when such action is taken and may file any resulting grievance.

V. Revisions

This policy is subject to revision. It is the user’s responsibility to ensure that the use of the NEMCC computing and communication facilities conforms to current policies. Questions related to this policy should be addressed to the Director of Information Technology.