|Approved by||Council, 14 October 2014|
|Date Regulation Took Effect||15 October 2014|
|Last approved revision|
|Sponsor||Director, Information Technology Services|
1. Title, Approval and Commencement and Revocation
1.1. These regulations are the Information and Communications Technology Regulations 2014.
1.2. These regulations were approved by the University Council at its meeting of 14 October 2014 pursuant to clause 4.3 of the Administration Statute 2011.
1.3. These regulations apply, and the former Computer Regulations are revoked, with effect from 15 October 2014.
2.1. Director means the Director of Information Technology Services or a person acting under his or her delegation.
2.2. ICT means all information and communications technology hardware and software, data and associated infrastructure and devices that are:
(a) owned, controlled or operated by the University;
(b) connected to the University network,
ICT may include, but is not limited to: computers (such as desktops, laptops, tablets), computer systems, storage devices (such as USB and flash memory devices, CDs, DVDs), cameras (such as video, digital, webcams), all types of mobile phones, video and audio players/receivers and telecommunication equipment, networks, software, cloud services, databases and any other similar technologies as they come into use.
2.3. University network means all aspects of the University’s communications networks on and between its campuses or other locations.
2.4. User means any of the University staff, students (whether permanent, temporary or part-time), honorary staff, or any other member of the University and any contractors, sub-contractors, consultants or official visitors to the University permitted to make use of ICT, or using or attempting such use.
2.5. Objectionable Material includes all material which is objectionable as that expression is used in the Films, Videos and Publications Act 1993 and any other material which could reasonably be described as unsuitable or offensive having regard to the circumstances in which, and the persons to whom, it becomes or may become available.
3.1. A User’s entitlement to access and use the University's ICT resources extends to entitlements applying:
(a) by virtue of their status as a member of the University; or
(b) otherwise afforded them by the Director.
3.2. ICT is made available for the academic work and normal University duties of members of the University. Consistent with this purpose, the University has the right to inspect and monitor ICT:
(a) where there are reasonable grounds to suspect there may be a breach of any University statute, regulation or policy, the terms of a University employment agreement or contract for services, or of New Zealand law; or
(b) for systems maintenance, problem resolution and capacity planning purposes or for similar reasons related to security, performance or availability.
3.3. Users acknowledge that information and data held on University ICT resources may be used by the University, and may be required to be disclosed to third parties, under or in connection with University statutes, regulations and policies or under applicable New Zealand law.
3.4. The Director may authorise any person to act otherwise than in accordance with these Regulations in order to carry out a security audit of University facilities.
4.1. Each User of ICT shall:
(a) comply with all applicable New Zealand law, including but not limited to, law on copyright, privacy, defamations, objectionable material, and human rights;
(b) comply with these Regulations and all applicable University statutes, regulations, policies, procedures, guidelines or codes;
(c) comply with the terms of any licence agreement between the University and any third party that governs the use of software or online resources;
(d) take all reasonable precautions to secure his or her passwords, accounts, software and data and no user shall give their password to any other person. If access becomes compromised or potentially insecure, a User must immediately notify Information Technology Services and, as soon as is practicable, implement a new secure password or passcode.
5.1. No User of ICT shall:
(a) use or attempt to use ICT in a manner that will incur costs to the University without the consent of the Head of Department or service unit concerned;
(b) use or attempt to use ICT so as to cause costs to be incurred by any person or organisation without the consent of that person or organisation;
(c) gain access or attempt to gain access to ICT without authorisation as a User by the Director or through use of devices which have not been approved by the Director;
(d) use ICT or any part thereof to attempt to gain unauthorised access to ICT or other information and communications technology of any third party;
(e) use ICT to deceive others including by masquerading as another User;
(f) use the username or password of another User to log into any University system;
(g) use ICT in such a way as to contravene any requirements for its use notified by the Director;
(h) use or attempt to use ICT to bypass University security policies and processes or any University policy or the acceptance of funding for research that is otherwise acceptable under University policy.
(i) divulge a password or code that enables access to ICT unless permitted to do so by the Director;
(j) obtain, modify or remove any information to which they are not entitled to have access, nor attempt to perform these actions;
(k) use or distribute any software, media, data or communications which has been unlawfully obtained;
(l) use ICT to impede the activities of the University or to interfere with the reasonable use of ICT by another person;
(m) connect or attempt to connect equipment to the University network other than in accordance with an authorisation from the Director;
(n) use ICT for the purpose of accessing, sending or attempting to send: Objectionable Material, or abusive, fraudulent, harassing, threatening, or illegal content;
(o) make unreasonable use of ICT for their personal purposes including undertaking private business activity without the consent of the Director;
(p) use ICT in a way that is inconsistent with their conditions of enrolment or conditions of employment.
6.1. Any breach of these Regulations by a student member of the University shall be deemed to be a breach of the University’s Discipline Statute 2011. A breach of the provisions of these Regulations by a member of the staff of the University may be the subject of action under the staff member’s employment agreement into which these regulations are incorporated.
6.2. Any person whom the Director considers to be, or to have been, in breach of these regulations may be immediately excluded from the use of any or all ICT. Exclusion of a student for more than one day when the student is required to use ICT for coursework shall be reported to the Head of the Department involved. Any such exclusion for more than three days shall be reported to the Vice-Chancellor.
6.3. Any person aggrieved by such an exclusion may appeal to the Vice-Chancellor or, if a student, to the Provost for the matter to be reviewed. The Vice-Chancellor or Provost may (but shall not be required to) suspend the operation of an order for exclusion until the appeal has been heard and determined.
6.4. Any person who breaches these Regulations shall be liable to indemnify the University:
(a) for the costs of detection of the breach and of any steps required to remedy ICT security, damage to hardware, loss of data, or any other costs incurred by the University in connection with the breach; and
(b) against any damages claims made against the University in relation to that contravention.