Service Instructions for the Use of IT Devices and Central University Computer Centre Services
Service Instructions for the Use of IT Devices and Central University Computer Centre Services at the University of Greifswald (SI IT & C-Systems)
The translation is to be seen as a reference and to be used for the understanding of the corresponding German documents.
Only the German version of this document is legally binding.
1.1 Background, Goals
Work IT devices (e.g. PCs, laptops, internet-enabled mobile telephones, tablet PCs) and central University Computer Centre services - CC Services (e.g. internet access, email service, network drives, groupware, webservers) are essential prerequisites for efficient research, teaching and administration. The protection of this IT infrastructure and saved information (data, documents, software etc.) is therefore of utmost importance and can only be guaranteed if all of the University’s employees contribute to attaining this goal by acting consciously and responsibly and in particular by adhering to the following regulations.
1.2 Other Relevant Regulations
- Service Agreement for the Use of IT-Devices and Central Services Provided by the University Computer Centre (SA IT & C Systems)
- Service Agreement for Alternating Home and Teleworking (SA Teleworking)
- Service Agreement / Service Instructions for the Deployment of a Telecommunications System and the Use of Mobile Telephones (SA / SI Telephone Services)
1.3 Scope of Application
The Rector, the Registrar, Head of Administration and Finance, the heads of the faculties, the University Library and the University Computer Centre are responsible for the adherence to the provisions of these service instructions in their respective facilities. They are responsible that the members of staff at their facilities are aware of the contents of these service instructions. Suitable records should be kept of when these service instructions were announced. When signing their contract, new employees shall receive a copy of these service instructions from the HR Department for which they must sign.
2.1 General Principles, Exceptions
- Only IT devices, software and central CC Services provided by the employer should be used for fulfilling work tasks - apart from the exceptions listed below under letter b. Do not use these work IT devices, software and central CC Services (e.g. your work email address) for private use. However, private use of the workplace’s access to the internet is permitted on a minor scale, if you have previously agreed to the SA IT & C Systems (see point 1.2.c above, that can be accessed on the HR Department’s webpage) by submitting the required declaration of consent. This also includes private use of webmail services (e.g. Hotmail, Gmail, Yahoo mail).
- Work use of CC Services is permitted on privately owned IT devices if no work information is saved on the privately owned IT device. This applies for example to the use of the groupware’s webmail, calendar and address book functions via LAN/Wi-Fi/mobile networks.
- More extensive use of privately owned IT devices for fulfilling work tasks can be granted on request if and as long as it can be proven that it is necessary for work and data protection and IT security requirements will not be breached. The approval can be granted subject to certain conditions. The request for registering a privately owned device shall be submitted electronically via the University Computer Centre’s account administration (https://uns.uni-greifswald.de).
- Unless explicitly approved by the University Computer Centre, software that was purchased through the employer cannot be installed on privately owned devices.
- Amendments to the principles and exceptions described above can only be made within the scope of new service instructions.
2.2 Computer Centre Regulations
- In order to meet important requirements for the availability and security of work information, you must adhere to the corresponding University Computer Centre regulations (see 1.2.b above). These regulations might be changed every now and then due to the fact that the requirements and the technical development of IT technology are subject to constant change. It is therefore one of your work duties to regularly - at least once a year - inform yourself of any possible changes.
- The University Computer Centre Regulations can be viewed online at any time (https://rz.uni-greifswald.de/regeln/).
2.3 Internet / email / Data Storage
- Unless explicitly authorised following the involvement of the official Data Protection Officer, personal data and other work information may not be saved using external IT service providers (e.g. Dropbox, Microsoft SkyDrive/OneDrive, Amazon Drive etc.) or on external electronic storage devices (e.g. memory sticks, micro/SD/HC cards, disk drives).
- You may not setup automatic forwarding of emails sent to your work email account to an external email address, due to reasons pursuant to data protection regulations.
- If, due to work purposes, you send confidential information via email or emails containing personal data, they may only be sent to external email addresses if encryption is used. In case of uncertainty, the official Data Protection Officer should be consulted. Information about email encryption can be found on the University Computer Centre’s website (https://rz.uni-greifswald.de/mailsecurity/).
2.4 Special Requirements for Members of Teaching Staff
The procedure defined in § 9 of the SA IT & C Systems concerning the activation of out-of-office email replies is to be applied to members of teaching staff subject to the provision that the Dean or - if s/he is personally affected - the Rector shall take the place of the direct line manager. The General Staff Council shall not be involved. The contents of sentences 1 and 2 also apply to the procedure defined in § 10 of the SA IT & C Systems concerning the inspection of emails and data stored on IT and communication systems.
2.5 If Something Happens
- When using work IT devices and CC Services make sure to pay constant attention to anomalies (e.g. unexplainable system behaviour, virus warnings, lost files, defect hardware).
- Inform the University Computer Centre of any defects, problems or other anomalies (e.g. malfunctions or suspected viruses) and if a work or privately owned IT device that has been authorised for private use in accordance with 2.1.b has been lost, also your direct line manager and the official Data Protection Officer.
3. Monitoring, Violations of these Service Instructions
- Checks to determine whether these service instructions are being observed will be carried out randomly and if there are relevant grounds in accordance with the procedure defined in § 8 of the SA IT & C Systems. If members of teaching staff are affected, the Rector shall take the place of the Registrar, Head of Administration and Finance; the General Staff Council will not be involved in such cases.
- Violations of these service instructions can - depending on the seriousness and frequency of occurrence - lead to consequences pursuant to work and public service law (e.g. warning, official warning, disciplinary measures, termination of contract) or - if claims are made against the University by third parties - recourse against the perpetrator.
4. Entry into Force
These service instructions enter into force on the 01/04/2018.
Prof. Dr. Johanna Eleonore Weber Rector