Privacy and Confidentiality

Unless otherwise specified, access to Computing Resources at St. John's University will be through a control mechanism that provides for identification of authorized users. In addition, this mechanism will specify the location where authorized users can store or access data files. Users are expected to access only those resources that have been explicitly made available to them through this control mechanism. Users of computing resources are fully responsible for the protection of their user account including system ID codes and passwords.

• Users must not share computer accounts, passwords or other types of authorization.
• Users are afforded exclusive use of all data files, information files and messages stored in their accounts and may expect that their data files and e-mail will remain private. This, however, does not imply that users are necessarily the owners of these data.
• The University may take all reasonable actions to ensure the integrity of its Computing Resources, including prevention of damage to data and equipment, irrespective of any asserted privacy interests.

The Department of Information Technology as the business unit that operates and manages Computing Resources at the University, has instituted commercially acceptable and reasonable internal mechanisms and controls to safeguard the privacy of data stored in our systems although no system is impenetrable to security breaches. These mechanisms require that specific privileges be given to personnel responsible for the maintenance of computer systems. These rights are afforded to ensure proper operation of the systems and will not be used as a method for accessing private information, except as necessary for maintenance of the systems or for investigation of policy violations, or as directed by appropriate legal authorities.