Acceptable Use of State Systems Policy
May 2006 (Addendum added November 2006)
Purpose
The purpose of this document is to provide common standards for the use of State of Connecticut Executive Branch electronic communications, including but not limited to electronic mail systems (E-mail), the Internet, computers, laptops and related technologies and equipment (herein referred to as “State systems”).
The intent of this policy is to provide information concerning the appropriate and inappropriate use of State systems. Examples are included in order to assist readers with the intent of specific sections of this policy. However, the examples contained within this policy do not exhaust all possible uses or misuses.
Please refer to the Addendum containing Frequently Asked Questions for additional information.
Definitions (1)
E-mail or electronic mail refers to the electronic transfer of information typically in the form of electronic messages, memoranda, and attached documents from a sending party to one or more receiving parties via an intermediate telecommunications system. E-mail is the means of sending messages between computers using a computer network. E-mail services, as defined by this policy, refer to the use of state-provided electronic mail systems.
Internet refers to a “worldwide system of computer networks - a network of networks in which users at any one computer can, if they have permission, get information from any other computer (and sometimes talk directly to users at other computers). The world-wide web is the most widely used part of the Internet, (often abbreviated "WWW" or called "the Web").
Intranet refers to an internal network or website within an organization. The main purpose of an intranet is to share company information and computing resources among employees.
CTNET refers to the equipment and services which provide State of Connecticut agencies, affiliates, and authorized users with electronic access to, including but not limited to, the internet and e-mail
(1) Some definitions provided via the http://whatis.techtarget.com website
Scope of Policy
This policy covers all State of Connecticut Executive Branch agencies and employees whether permanent or non-permanent, full, or part-time, and all consultants or contracted individuals retained by an Executive Branch agency using State of Connecticut systems (herein referred to as “users”).
This policy does not apply to the Judicial or Legislative Branches of government. However, these branches may consider adopting any or all parts of this policy for use within their own branches.
Authority
In accordance with C.G.S. §4d-2 (c) (1), the Chief Information Officer of DOIT is responsible for developing and implementing policies pertaining to information and telecommunication systems for state agencies.
Agency Responsibility
Executive Branch agencies are responsible for providing all users with a copy of this policy, obtaining a signed acknowledgment of receipt from each user, and keeping a copy of the signed acknowledgement on file.
Agencies may establish additional restrictions regarding the use of State systems within their local environments. Should conflict exist between this policy and an agency policy, the more restrictive policy would take precedence.
Distribution of software within or between State agencies may be subject to more restrictive agency computer use policies. When in doubt, users are urged to inquire about all applicable restrictions.
The Director of Human Resources (or person serving in this capacity) within each State agency is responsible for addressing individual employee questions concerning this policy and the appropriate use of State systems. The Office of Labor Relations and the Chief Information Officer of DOIT will serve as consultants to agencies in this regard.
Ownership of Messages, Data and Documents
State systems and all information contained therein are State property. Information created, sent, received, accessed or stored using these systems is the property of the State.
No Presumption of Privacy
All activities involving the use of State systems are not personal or private; therefore, users should have no expectation of privacy in the use of these resources. Information stored, created, sent or received via State systems is potentially accessible under the Freedom of Information Act. Pursuant to Public Act 98-142 and the State of Connecticut’s “Electronic Monitoring Notice” the State reserves the right to monitor and/or log all activities without notice. This includes but is not limited to correspondence via e-mail and facsimile. See “Additional Resources” below.
User Responsibilities
As a user, it is important to identify yourself clearly and accurately in all electronic communications. Concealing or misrepresenting your name or affiliation is a serious abuse. Using identifiers of other individuals as your own constitutes fraud. This includes but is not limited to using a computer Logon ID other than the individual User ID authorized. Individuals may not provide their passwords or logon ids to others.
Users should also be mindful that the network is a shared resource and be aware of the impact of their activities on other users. For example, a user with a need to frequently move large files across CTNET should consider scheduling this to occur during off hours so as not to degrade network performance.
Usage of State Systems
State systems are provided at State expense and are to be used solely to conduct State of Connecticut business. This means system usage is in conformance with federal and state laws, agency policies and procedures, and collective bargaining agreements.
System usage must be in accordance with each user’s job duties and responsibilities as they relate to the user’s position with the State of Connecticut at the time of usage. Users who are dually employed must keep in mind the responsibilities of each specific position while engaged in activities involving State systems. Activities must reflect the position duties the employee is performing at the time of State system usage.
Examples of Acceptable Use of State Systems
Examples of acceptable use of State systems include job-related activities involving any of the State systems and in accordance with the above criteria. The following items are examples of acceptable activities:
E-mail: sending and receiving correspondence for job related purposes; communicating with local governments, vendors, other state agencies and/or employees, etc., on work-related issues; collaborating with other organizations, states, and the federal government about initiatives and projects of interest to Connecticut. Note: E-mail messages are considered public records and are, therefore, legally discoverable and subject to record retention policies. See “Additional Resources” below.
Internet: researching state and federal legislation and regulations as they pertain to the user’s State position; obtaining information useful to users in their official capacity;
Misuse of State Systems
State systems are provided at State expense and are to be used solely to conduct State of Connecticut business. Unacceptable system usage is generally defined as any activity NOT in conformance with the purpose, goals, and mission of the agency. Additionally, activities that are NOT in accordance with each user’s job duties and responsibilities as they relate to the user’s position within State service are also unacceptable. Any usage in which acceptable use is questionable must be avoided. When in doubt, seek policy clarification from your agency Director of Human Resources (or person serving in this capacity) prior to pursuing the activity.
Examples of Unacceptable Use of State Systems
Any and all personal activities involving any of the State systems. The following items are examples of prohibited activities; however, users are reminded prohibited activities are not limited to these examples:
Email: creating or forwarding jokes, chain messages, or any other non-work related messages; checking and/or responding to personal e-mail via another (second party) e-mail system such as Yahoo! or Hotmail; sending or forwarding messages referring to political causes or activities; messages concerning participation in sports pools, baby pools or other sorts of gambling activities; religious activities; stock quotes; distribution groups or “listservs” for non-work related purposes; solicitations or advertisements for non-work related purposes.
Internet: pirating software; stealing passwords; hacking other machines on the Internet; participating in the viewing or exchange of pornography or obscene materials; engaging in other illegal or inappropriate activities using the Internet; personal job searches; shopping on-line for non-work related items; checking/viewing stocks or conducting any personal financial planning activities.
Use of a personal Internet account using state systems is strictly prohibited.
Any usage of CTNET for illegal or inappropriate purposes is prohibited. Illegal activities are violations of local, state, and/or federal laws and regulations (please see Connecticut General Statutes, §53a-251). Inappropriate uses are violations of the appropriate use of State systems, as defined in this document.
Failure to identify the author(s) of information accessed and obtained through CTNET (i.e., that which is subject to copyright laws, trademarks, etc.)
Connecting personally owned hardware or installing and/or using non-State licensed software. State policy on downloading software is included in Connecticut Software Management Policy. See “Additional
Resources” below.
Any unauthorized access to any computer system, application or service.
Any activities for private, commercial purposes, such as business transactions between individuals and/or commercial organizations.
Any usage that interferes with or disrupts network users, services, or computers. Disruptions include, but are not limited to, distribution of unsolicited advertising, and deliberate propagation of computer viruses.
Any activities where users engage in acts that are deliberately wasteful of computing resources or which unfairly monopolize resources to the exclusion of others. These acts include, but are not limited to, broadcasting unsolicited mailings or other messages, creating unnecessary output or printing, or creating unnecessary network traffic.
ADDITIONAL RESOURCES
Public Act No. 98-142, An Act Requiring Notice to Employees of Electronic Monitoring by Employers, and the State of Connecticut’s “Electronic Monitoring Notice” -
http://www.das.state.ct.us/HR/Regs/State_Electronic_Monitoring_Notice_11.00.pdf
“Electronic and Voice Mail Management and Retention Guide for State and Municipal Government Agencies” – http://www.cslib.org/email.htm
Connecticut Software Management Policy by the State of Connecticut Office of the State Comptroller, the Office of Policy and Management and the Department of Administrative Services http://www.osc.state.ct.us/manuals/PropertyCntl/chapter07.htm
ADDENDUM
Department of Administrative Services
FAQs Regarding the Acceptable Use of State Systems Policy
11/15/06
Acceptable Use Form
1. Q: We are sending the policy and acknowledgement form to our employees electronically via email. But not all of our employees (or users) have an email address. How should we handle these employees?
A: If you have users who do not have an email address, you will need to ensure they receive a copy of the policy and you should obtain a signed hard copy acknowledgement of receipt form from the users.
2. Q: Some of our employees are refusing to sign the Acknowledgement of Receipt form. How do we handle this?
A: In the event that an employee refuses to sign, retrieve the form from the employee. Write “refused to sign” on the form and record on the form that the policy was issued to the employee and sign and date the form.
Agency Activity
3. Q: Is it okay to use (State) e-mail to send information regarding an employee’s baby shower or wedding shower, birthday party, etc.?
A: Yes.
4. Q: Is it okay to send information via e-mail concerning Agency functions, such as Agency picnics and parties, fund-raising events for Agency-sponsored events, etc.?
A: Yes.
Announcements
5. Q: Is it okay to use (State) e-mail to send information regarding the death of an employee, the death of an employee’s relative, birth of an employee’s child, etc.?
A: Yes.
6. Q: Is it okay to use (State) e-mail to send information regarding the retirement party for an employee?
A: Yes.
Benefits
7. Q: Is it okay to obtain information concerning State of CT benefits?
A: Yes and no. Yes, provided you are on a State agency website (i.e., Office of the State Comptroller or Department of Administrative Services). It is unacceptable to use the Internet to view your portfolio via a vendor’s website.
8. Q. Is it okay to visit a health insurance company’s website to view the list of participating physicians?
A. Yes.
Cancellations
9. Q: Is it OK for employees to receive e-alerts from their child’s school, including information concerning meetings, early closings, etc?
A: Yes.
10. Q: Can an employee check cancellations, late openings and early releases on websites of local news and radio stations?
A: Yes.
Job Searches
11. Q: Is it okay to conduct job searches via the Internet using a State computer?
A: Yes and no. It is okay to visit the Department of Administrative Services’ (DAS) website (and other State agency websites) for State employment opportunities. It is NOT okay to go to other (non-State of CT) websites to search for jobs with an employer other than the State of CT.
News
12. Q: Is it okay for an employee to use their State computer to read a newspaper online, even if it is during their break period?
A: No. An employee (or any user) may not use State systems for any non-work related purpose whether on break or not.
Personal CDs (Music/Pictures)
13. Q: Can users play personally-owned CDs on their State computer?
A: Provided the CD is commercially-produced, requires no additional installation of equipment or software, and does not disturb coworkers, an employee may use the CD player to play music. HOWEVER, CDs that are NOT commercially-produced are unacceptable. Similarly, CDs containing personal digital photographs are also unacceptable as non-commercial CDs may contain a virus, resulting in a negative impact on system performance.
14. Q: Is it okay for employees to access newspapers online via State systems if their job requires it?
A: Yes.
Professional Organizations
15. Q: Is it okay to distribute events sponsored by professional organizations?
A: Yes and no. If the event includes a meeting, then it is okay. If the event is purely social in nature (i.e., trip to New York City), then it is unacceptable.
16. Q: Is it okay to forward messages from professional organizations that include job announcements?
A: No.
17. Q. Is it okay to communicate with a national, regional or state-wide professional organization that I am a member of through my job duties and responsibilities as they relate to my position with the State?
A. Yes.
Purchasing
18. Q: May I use eBay to purchase items for my State job?
A: No.
Solicitation
19. Q: Is it okay to solicit participation in and/or donations for a charity event using (State) e-mail?
A: Yes, provided the charity is one that is listed in the State Employees’ Campaign for Charitable Giving booklet. Mercy Housing and Shelter and other State-approved, non-profit organizations may also be included for this purpose.
Telephones
20. Q. Can an employee use the state telephone to receive/make calls relating to doctors appointments, union matters and/or check on status of children, etc.?
A. Yes. However, time spent on personal calls should be kept to a minimum.
21. Q. May an employee (or other user) use voicemail to communicate personal information to a specific caller via their voicemail box greeting?
A. No. Employee greetings via State voicemail should be strictly professional.
22. Q. May a caller leave a personal message in an employee’s voicemail box? For example, if a doctor’s office is calling to confirm an appointment?
A. Yes. However these types of situations should be limited to only those requiring prompt attention.
Transportation
23. Q: Is it okay for employees to use State systems to go to the CT Transit website to view bus schedules?
A. Yes.
24. Q: Is it okay for employees to use State systems to go to the Nuride website to view commuter information?
A. Yes.
Tuition
25. Q: Is it okay use State systems to access a college/university’s website to obtain the “proof of payment” documentation required by the Office of the State Comptroller in order to process an employee’s Tuition Reimbursement request?
A: Yes.
Union
26. Q: Is it okay for employees to visit their union’s website using a State computer?
A: Yes.
27. Q: Is it okay for users to distribute Union information via (State) e-mail?
A: No.
28. Q: Is it okay for employees to use (State) e-mail to contact their Union Steward to arrange for representation?
A: Yes.
