Access to User-Related Electronic Information at Dartmouth

Adopted by: Council on Computing (2019-09-13)

1.   Scope                         

This policy sets out guidelines and processes for Dartmouth’s Access to User-Related Electronic Information stored in or transmitted through any Dartmouth System. This policy applies to:

  • All Dartmouth Systems;
  • All Users;
  • All Electronic Information from all units of Dartmouth, including the Geisel School of Medicine, the Tuck School of Business, the Thayer School of Engineering, and the Guarini School of Graduate and Advanced Studies.

2.   Overview

To support its mission, Dartmouth provides access for its community members to technology, including software, computer-based services, and hardware. Members of the Dartmouth community rely on technology for teaching, research, study, performing day-to-day office functions needed to support the College’s mission (such as record keeping and contracting), and other activities. In doing so, community members use electronic systems, networks, and devices that Dartmouth owns, provides, or administers. To promote trust within the Dartmouth community, Dartmouth shall be transparent about its policy regarding the circumstances in which it may access Electronic Information stored in or transmitted through such systems.

This document establishes a policy guiding the circumstances under which Dartmouth may access Users’ Electronic Information. Dartmouth’s goal is to maintain an environment in which free academic inquiry thrives. This policy establishes an internal framework governing Dartmouth’s Access. It is not meant to create rights that would permit an individual to seek legal redress for actions taken that are inconsistent with this policy.

The principles that guide Access are given below. To the extent that Users wish to keep personal Electronic Information private from Dartmouth, Users are strongly encouraged to use non-Dartmouth resources.

3.   Principles

The policy adheres to the following principles:

  1. Access shall occur only for a Legitimate Institutional Need.
  2. Access shall be limited to the minimum information necessary to satisfy the underlying Legitimate Institutional Need.
  3. Accessed Electronic Information may only be shared with those who have a reasonable need to be involved.
  4. All Access must be approved by appropriate Authorizing Officials.
  5. To the extent permissible and practicable, notice of Access will be given in advance of, contemporaneously with, or after the fact. If notice is not given, Dartmouth will document in writing the Legitimate Institutional Need that precludes providing notice.
  6. Access shall be subject to ongoing, independent oversight by a Dartmouth Oversight Committee.
  7. Sufficient records shall be maintained to enable appropriate review of the Access and decisions associated with User notification.
  8. Except for Passively Gathered Electronic Information, Dartmouth does not routinely monitor the content of information transmitted through or stored in Dartmouth Systems.

4.   Definitions

Definitions are given below, and are hyperlinked at their first appearance for ease of reference.

means the review, use, or disclosure of Electronic Information that is beyond incidental contact with Electronic Information, or the preservation of Electronic Information for possible subsequent review, use, or disclosure in accordance with this policy.

consistent with Section 6, are high-level Dartmouth administrators tasked with exercising their best judgment when a request to Access Electronic Information arises. In deciding whether to approve Access, the Authorizing Official considers whether effective alternative means to obtain the information are reasonably and timely available.

It is the job of Authorizing Officials not only to authorize Access, but also to narrow the extent of Access to be limited to the minimum information necessary to accomplish the intended purpose and to decide if and when notification will be provided.

means all services, networks, and devices owned, provided, or administered by any unit of Dartmouth (e.g., email, Internet access, file servers, voice message services, storage devices and services, laptop and desktop computers, phones and other mobile devices, and usage and access logs).

is transmitted through or stored in Dartmouth Systems, and falls into two broad categories User-Related Electronic Information and Passively Gathered. It does not include (i) records maintained by Dartmouth in the ordinary course of business (e.g., personnel records, student academic records, or information provided by personnel in connection with regular Dartmouth record-keeping, such as entries in a Dartmouth travel registry) and (ii) Passively Gathered Electronic Information that is accessed without identifying or seeking to identify a particular User.

means Dartmouth’s Information, Technology & Consulting unit.

means the standard required for Dartmouth to Access Electronic Information, with internal approval, and furthermore, to elect not to provide advance or contemporaneous notification, or provide any notification of Access; Section 5 contains a representative, but non-exhaustive list of such reasons for Access.

is defined in Section 11.

has many forms, but is generally data gathered by an automated process that is triggered by a User’s activities involving Dartmouth Systems. Some examples include:

  • Geospatial data: The physical location of Users on campus is passively gathered by WIFI connections, card reader access to facilities/controlled spaces, and video cameras scattered across campus.
  • Login information to physical hardware and online systems, including the broad resources of Dartmouth’s libraries.
  • Use of software or access to resources for which Dartmouth has a site license.
  • Email characteristics utilized for “spam” filtering.

is defined in Section 8.

are current and former users of Dartmouth Systems, including (i) students; (ii) faculty, others holding academic appointments at Dartmouth, and staff; and (iii) contractors.

consists of information created or processed by the User that resides on devices connected to Dartmouth Systems, including emails and attachments, voicemail, text messages, calendar files, data and document files, and any associated metadata. This definition includes files handled by an employee while performing the employee’s job responsibilities (e.g., creating financial records, communicating with vendors for Dartmouth or colleagues at other institutions, etc.).

5.   Examples of Reasons for Access

Below is a representative, but non-exhaustive list of circumstances that constitute Legitimate Institutional Needs. Dartmouth may Access User-Related Electronic Information only for a Legitimate Institutional Need, which must be documented in writing and which is subject to review by the Oversight Committee. In each case, the stated reasons for Access shall be considered in light of Dartmouth’s values, such as academic freedom and the Dartmouth community’s internal trust and confidence.

  • Exigent or Emergency Circumstances

There is a Legitimate Institutional Need when time is of the essence and Dartmouth needs to act immediately to protect against threats to the safety of the campus; harm to humans or animals; potential material breach of law or Dartmouth policy; or significant property loss or damage. In such cases, in addition to the officials specified in Section 6, the Provost, or the senior Dartmouth official in charge, may serve as Authorizing Official. If Dartmouth’s Provost does not serve as the Authorizing Official, the matter shall be reported to the Provost’s Office as promptly as possible after such authorization is granted. In such cases, the decision not to provide advance or contemporaneous notification will typically be justified.

  • System Protection, Maintenance, and Management

There is a Legitimate Institutional Need to engage in activities required to protect, maintain, and manage Dartmouth’s Systems. This policy does not alter established ITC policies and procedures. ITC at Dartmouth is responsible for Dartmouth’s computing infrastructure and architecture. It maintains the network (providing access both internal to the campus and gateways to Dartmouth’s internet service providers), computer systems to support academic and administrative efforts, and access to controlled spaces. It scans all Dartmouth Systems to guard against various cyberattacks on such systems. This includes monitoring network traffic, login information to Dartmouth Systems, and backup systems, as well hardware supporting financial, academic, and research endeavors of Dartmouth. If Access to User-Related Electronic Information is needed, the decision to provide notification will depend on the specifics of the individual case.

  • Operational Circumstances

There is a Legitimate Institutional Need under circumstances in which (i) failure to Access the User-Related Electronic Information would likely cause Dartmouth to fail to meet mission-critical governance, administrative, teaching, or research obligations; or (ii) Access is needed in order to ensure continuity in business operations (e.g., Accessing the User-Related Electronic Information of a staff member who is unavailable owing to their absence (which could result from vacation, short-term disability leave, a Dartmouth business trip, etc.)). The decision to provide notification will depend on the specifics of the individual case.

  • Internal Investigations of Compliance, Fraud or Misconduct

There is a Legitimate Institutional Need when Dartmouth is conducting an internal investigation (e.g., financial fraud). The decision to provide notification will depend on the specifics of the individual case. This policy shall not be construed to restrict data access in the course of research misconduct allegations, which is governed bya separate policy.

  • Legal Proceedings

There is a Legitimate Institutional Need arising from threatened or pending litigation, lawful demands for information from law enforcement officials (including search warrants), government investigations, and other legal processes. In such cases, notification may not be permissible or practicable. In these cases, Dartmouth’s Office of General Counsel shall serve as the Authorizing Official.

6.   Authorization of Access

If the User is a Dartmouth faculty member or other holder of an academic appointment at Dartmouth, then the Provost or the dean of the relevant Dartmouth school must authorize Access.

If the User is a Dartmouth employee who is not a faculty member, then:

  • Dartmouth’s Chief Human Resources Officer, or such administrator’s designee for the relevant school or unit, shall authorize access based on “Operational Circumstances,” as described in Section 5.
  • The dean of the relevant Dartmouth school or the senior administrator for the relevant unit (or their designees) shall authorize Access for “Internal Investigations,” or in other cases.

If the User is a student, the dean of the relevant school, or such dean’s designee, shall authorize Access.

Under certain circumstances, it may not be possible to identify a particular User before a search of Electronic Information begins. For example, requests for logs of access to a Dartmouth facility (sometimes called card data) could determine who entered a facility at a particular time; a particular User cannot be identified at the outset because the goal of a search of the Electronic Information would be to ascertain the identities of the Users. Data requests like this may be considered “Exigent or Emergency Circumstances” or “Legal Proceedings,” and be authorized as described above; if such requests do not fall into one of the latter categories, then the dean of the relevant school or a senior administrator from the relevant unit (or their designees) in the school or unit for which the requestor works must authorize the Access.

Authorization for Access to User-Related Electronic Information may be provided by the User.

7.   Notification of Access

Reasonable efforts will be made to give notice in advance of Access, contemporaneous with Access, or as soon as possible after Access. Under certain circumstances, the Authorizing Official may decide not to give notice. All authorizations for Access will be documented. Such records may be reviewed by the Oversight Committee.

Individual notice is not required when Dartmouth is subject to legal constraints on its ability to give notice. The Office of General Counsel is responsible for determining that such constraints exist.

As determined by the Authorizing Official(s), notification may be given to the User’s supervisor prior to Access of the User’s Electronic Information.

8.   Record of Access

Access to Electronic Information and the Legitimate Institutional Need that justifies such decisions shall be documented in writing. In all cases, Access should comply with applicable legal requirements. The records documenting Access, and decisions not to provide notification shall be reviewed by the Oversight Committee.

Both the Authorizing Officials as well as those who facilitate and provide Access to Electronic Information shall create a reasonable record of the authorization, which may include logs and other records in addition to the Report Record. The Report Record will include, where applicable:

  • A description of the Electronic Information Accessed;
  • A short description of the Legitimate Institutional Need;
  • The Authorizing Official(s);
  • Whether advance or contemporaneous notification was provided and the rationale for the decision that supports the Legitimate Institutional Need; and
  • If advance or contemporaneous notification was not provided, whether notification was provided after the fact and the rationale for the decision that supports the Legitimate Institutional Need.

9.   Retention of Records

In all instances of Access under this policy, records adequate to permit effective review by the Oversight Committee shall be kept.

Electronic Information is subject to any and all applicable Dartmouth records management policies, procedures and retention schedules. Copies of Electronic Information Accessed pursuant to this policy for a Legitimate Institutional Need, and any other records created related to authorizing Access, or facilitating or providing Access, shall be retained for a period of time to be determined by Dartmouth’s Records Management Policy Committee (or its designee) after they have been presented to, and reviewed by, the Oversight Committee.

  • Any records created during the course of authorizing Access, or facilitating or providing Access to Electronic Information shall be considered confidential, and fall under Level 3 of the DISC Data Security Level Definition. These records shall be retained by either the Dartmouth Chief Information Security Officer or College Records Manager.
  • Copies of the Accessed Electronic Information shall be retained as needed to effectuate the purposes of the Access.

10.                 Scope of Access

Accessed Electronic Information shall only be shared with those who have a reasonable need to be involved.

Dartmouth shall take reasonable measures, when practicable, to restrict the scope of Access to User Electronic Information that is related to the Dartmouth purpose in obtaining Access.

11.                 Oversight

The Provost, or the Provost’s designee, will appoint an oversight body that will be composed of a group that includes faculty and senior administrators at Dartmouth. The Oversight Committee will meet to review cases of Access of Electronic Information, as well as to amend this existing policy and review its implementation as needed. The Oversight Committee shall make recommendations to the President and Provost as to the implementation of the policy and possible amendments to the policy. The Oversight Committee shall make periodic public reports on the implementation of this policy. In carrying out its responsibilities, the Oversight Committee may review the records described in Section 8, subject to redaction as necessary to protect individual Users.

References to Relevant Dartmouth Policies

This policy does not alter existing ITC policy regarding network security and monitoring. For more detail, refer to the document defining the Dartmouth Information Security Policy.

This policy does not alter Dartmouth’s Research Misconduct Policy and Procedures.

Effectiveness of Policy, Amendments and Dispute Resolution

This Policy is effective as of September 13, 2019.  This Policy may be revoked or amended by Dartmouth, in whole or in part, from time to time, via the Provost (or the Provost’s designee), who is authorized to make revocations or amendments on behalf of Dartmouth, in consultation with the Council on Computing.  Any such revocation or amendment shall become effective upon adoption by the Provost or the Provost’s designee, or as of such other time as such person shall specify and will be reflected in the current version of the Policy posted within Dartmouth's ITC knowledge base policy archive.  Questions or disputes regarding the application, interpretation or implementation of this Policy shall be resolved by the Provost or the Provost’s designee; the decision of such person on the matter shall be binding on Dartmouth and all individuals subject to this Policy.

 

Details

Article ID: 87108
Created
Mon 9/16/19 2:57 PM
Modified
Mon 9/16/19 11:39 PM