82 Institution Privacy Policies INDIANA UNIVERSITY BLOOMINGTON Privacy of Electronic Information and Information Technology Resources https://policies.iu.edu/policies/it-07-privacy-it-resources/index.html This PDF created on: 10/02/2017 1 Privacy of Electronic Information and Information Technology Resources IT-07 About This Policy Effective Dates: 01-31-2008 Last Updated: 08-17-2011 Responsible University Administrator: Office of the Vice President for Information Technology & Chief Information Officer Policy Contact: University Information Policy Office, uipo@iu.edu Scope This policy applies to all authorized users of Indiana University information technology resources, irrespective of whether those resources or data are stored on or accessed from on-campus or off-campus locations. Unauthorized users are not protected by this policy. Policy Statement Stored electronic files and voice and data network communications may not be accessed by someone other than: • the person to whom the account in which the information has been stored is assigned or • the person from whom the communication originated, or to whom the communication was sent or • the person to whom the device containing the stored electronic files has been assigned except in certain limited circumstances in which access is appropriate to serve or protect other core values and operations within the university as outlined in this policy. In accessing or granting access to electronic information and information technology resources, university personnel will comply with all applicable laws and university policies. Reason For Policy Indiana University cherishes the diversity of values and perspectives inherent in an academic institution and is therefore respectful of intellectual freedom and freedom of expression. The university does not condone censorship, nor does it endorse the routine inspection of electronic files or monitoring of network activities related to individual use. At times, however, legitimate reasons exist for persons other than the account holder to access computers, electronic files, or data related to use of the University network, including but not limited to: ensuring the continued confidentiality, integrity, and availability of university systems and operations securing user and system data ensuring lawful and authorized use of university systems providing appropriately de-identified data for institutionally approved research projects and responding to valid legal requests or demands for access to university systems and records. This policy seeks to balance individual freedom and privacy with the need for access by persons other than the account holder when necessary to serve or protect other core values and operations within the university or to meet a legal requirement. Procedure