3.55.030 Electronic usage policy.
The district respects the individual privacy of all employees; however, all employees should understand and be aware that they have no right to, or expectation of, privacy with respect to the employee’s use of district-provided equipment, supplies, and programs, including but not limited to computer, voice mail, email, text mail, pagers, cell phones and the internet (collectively called the district’s “IT systems and services”). All information stored on and/or transmitted by district-provided equipment, supplies, and programs remain at all times the exclusive property of the district, and the district may monitor and review such information at any time, in the district’s sole discretion. Employees should further understand that their electronic records, including but not limited to emails generated and received and internet usage constitute “public records” which may be subject to public disclosure under the Public Records Act, Chapter 42.56 RCW. All electronic usage should therefore be made with the understanding and expectation that third parties may view such usage.
The district’s IT systems and services are the exclusive property of the district and should be used for district purposes only. Unacceptable and/or inappropriate non-work-related activities, including the downloading, viewing, or sending of insulting, disruptive, offensive, derogatory, profane, or discriminatory messages or materials are strictly prohibited. Examples of forbidden transmissions include, but are not limited to: sexually explicit messages, cartoons or jokes; sexual propositions or love letters; ethnic or racial slurs; or any other message that can be construed to be harmful to morale, harassment or disparagement of others based on their sex, race, age, national origin, religion, creed, sexual orientation, marital status, disability, or any other class protected by law.
General conditions relating to employee use of the district’s IT systems and services include but are not limited to the following:
(1) Employee use of the district’s IT systems and services must at all times comply with all applicable laws and with this policy.
(2) Employee use of the district’s IT systems and services must not interfere with others’ use of such systems and services.
(3) Employees may not use computers for which they have not received prior authorization to use.
(4) Employees must not access any program or data that they have not been specifically authorized to access.
(5) Employees may not use district IT systems and services for purposes of engaging in non-district-related commercial activities.
(6) District IT systems and services may not be used to disseminate mass (unsolicited) emails.
(7) With the exception of district-issued cell phones, modest use of district IT systems and services for personal purposes will be permitted; provided, that such use shall not occur during work time; and provided further, that such use does not interfere with the employee’s or others’ job performance, duties, and responsibilities.
(8) No personal or vendor electronic devices (including but not limited to: cell phones, tablets, USB drives, computers) should be connected to district equipment without being approved first by district IT personnel, as it introduces the risk of infection of the network.
All system passwords and encryption keys must be available to the district. Employees are prohibited from the unauthorized use of passwords and encryption keys of other employees to gain access to other employees’ email messages. Remember that creating a password or hitting the “delete” key does not always mean that messages or material cannot be retrieved. The district regularly backs up its email system.
All email messages sent from the district contain a header identifying the district. Because online communications are not secure, prior to transmitting any information that is of a confidential nature or that may include district trade secrets, authorization must first be obtained and the information must be properly encrypted. All employees are prohibited from creating or sending inappropriate messages or unprofessional communication discussing the district, its employees, customers, or competitors.
The district licenses the use of computer software from a variety of outside sources. The district does not own this software or its related documentation, and it does not have the right to reproduce, use, or otherwise copy that software without the permission of the software provider. Unauthorized copying or use of software or documentation on any medium is strictly prohibited. Anyone aware of any misuse of district software or related documentation must notify his or her supervisor or manager. Software may only be installed on a district computer by district IT staff. No software may be installed on any district computer, including screen savers, without proper authorization. The district may, from time to time, conduct system audits to ensure compliance with this policy.
Remote access to the district network is possible via the internet and the district’s virtual private network (VPN) or remote desktop connection. Remote access from external networks or across the internet must be made via secure methods approved by the district IT department only. This policy applies to all remote connections as well. All remote connection attempts are logged. Nonexempt employees may not remotely log into the district’s network during non-work hours, unless such employee has obtained prior authorization from his/her supervisor or manager to do so. When remotely logging onto the district’s network from a personal computer or any other device, no district files should be stored on the personal device connecting to the network.
Employees are expressly warned that they must respect copyright, trademark, trade secret, patent, license, policy and other proprietary rights and restrictions relating to the use, access or download of software or information. No one may download any software or information unless the following criteria have been met: (1) the information or software to be downloaded is directly related to work; (2) the district authorized the download; and (3) the district determines that the appropriate license fees have been paid.
Employees must also be careful when using electronic communication and/or software or hardware systems outside the office to maintain the confidentiality and integrity of any district information. Electronic communications should only be transmitted using equipment that has been installed with the district’s spyware and security programs. Additionally, employees should at all times be mindful of their audiences in transmitting confidential communications, and should do so only when they are certain that unauthorized individuals (such as seat mates on airplanes, family members, or other people in direct proximity to the employee) will not be privy to such communications.
Any loss of a district-issued mobile device or personal device that has district VPN capabilities shall be immediately reported so that the device can be disconnected from the network and/or remotely wiped of data. All mobile electronic devices conducting district business shall be encrypted and password protected. As with other district computers, no applications shall be installed on mobile phones without proper authorization.
The variety and capabilities of interactive world wide web applications continue to expand. These powerful tools can be used effectively for district business, but can also be misused, resulting in damage to the district. For this reason, these applications should be used by nonexempt and non-IT staff only with supervisor permission. All staff should use web applications with care and only for district-related business.
Employees who violate this policy shall be subject to disciplinary action, up to and including termination. [Res. 728 § 2 (Exh. A), 2016; Res. 648 § 2 (Exh. A), 2010.]