Policy for Responsible use of CMAA Computers and Information Systems
is the purpose of this Policy to set forth CMAA’s administrative
policy and provide guidance relating to responsible use of CMAA’s
electronic information systems.
strives to maintain access for its members (the "users") to
local, national and international sources of information, and to provide
an atmosphere that encourages sharing of knowledge, the creative process
and collaborative efforts within the scope of CMAA’s mission.
Access to electronic information systems at CMAA is a privilege, not a
right, and must be treated as such by all users of these systems. All
users must act honestly and responsibly. Every user is responsible for
the integrity of these information resources. All users must respect the
rights of other computer users, respect the integrity of the physical
facilities and controls, and respect all pertinent license and contractual
agreements related to CMAA information systems. All users shall act in
accordance with these responsibilities and relevant local, state and federal
laws and regulations. A user’s failure to conduct himself in compliance
with the Policy may result in disciplinary action, up to and including
expulsion for member users.
CMAA is a provider of a means to access the vast and growing amount of
information available through electronic information resources. CMAA is
not a regulator of the content of that information and takes no responsibility
for the content of information, except for that information CMAA itself
and those acting on its behalf create. Any persons accessing information
through CMAA information systems must determine for themselves and their
subordinates whether any source is appropriate for viewing.
Accepting any account and/or using CMAA’s information systems shall
constitute an agreement on behalf of the user or other individual accessing
such information systems to abide and be bound by the provisions of this
CMAA may restrict or prohibit the use of its information systems in response
to complaints presenting evidence of violation of CMAA policies, local,
state or federal laws. When it has been determined that there has been
a violation, CMAA may restrict or prohibit access by an offending party
to its information systems through CMAA-owned or other computers, remove
or limit access to material posted on CMAA-owned computers or networks,
and if warranted, institute other disciplinary action, up to and including
expulsion for member users. Other persons may be prosecuted under applicable
local, state or federal laws or regulations.
purposes of this Policy the following definitions shall apply:
a. "Electronic communications" shall mean and include the use
of information systems in the communicating or posting of information
or material by way of electronic mail, bulletin boards, the World Wide
Web (internet) or other such electronic tools.
b. "Information systems" shall mean and include the computers,
networks, servers and other similar devices that are administered by CMAA
and for which CMAA is responsible.
c. "Networks" shall mean and include video, voice and data networks,
routers and storage devices.
d. "Software" shall mean and include computer software installed
on CMAA servers for use by users.
e. "SPAM" shall mean and include electronic communications directed
to more than one user simultaneously whose content is not CMAA mission-
or business-related, and which an average user applying contemporary community
standards would find the electronic communication objectionable. The CEO, in consultation with the Senior Director of Information
& Technology Systems, shall have the sole authority to determine whether
an electronic communication is SPAM under this policy.
f. "Member user" shall mean and include those members of CMAA
in good standing as defined in the CMAA Bylaws.
g. "Staff user" shall mean and include employees or agents of
CMAA acting on CMAA’s behalf.
4. PERMITTED USE
CMAA Business Use and Limited Personal Use. CMAA information systems are
to be used predominately for CMAA-related business. Personal use is permitted,
however, so long as it conforms to this Policy and CMAA Bylaws, and does
not interfere with CMAA operations or a staff user’s performance
of duties as a CMAA employee. As with permitted use of telephones for
local calls, limited personal use of information systems does not ordinarily
result in additional costs to CMAA and may actually result in increased
efficiencies. Personal use may be denied when such use requires an inordinate
amount of information systems resources (e.g., storage capacity, administrative
workload, hardware and/or software maintenance, etc.).
b. Prior Approval Required for Personal use for Outside Consulting, Business
or Employment. Personal use of CMAA information systems resources or equipment
by any member user for personal financial gain in connection with outside
(non-CMAA) consulting, business or employment is prohibited.
Unauthorized access to information systems is prohibited. No user shall
use the identification (ID or User Name) or password of another user.
No member user shall provide his password to another user, except in cases
necessary to facilitate computer maintenance and repairs.
b. When any user terminates his relationship with CMAA, his ID and password
shall be denied further access to CMAA information systems.
MISUSE OF INFORMATION SYSTEMS
of CMAA information systems is prohibited. Misuse includes, but is not
limited to the following:
a. Attempting to modify or remove computer equipment, software, or peripherals
without proper authorization.
b. Accessing without proper authorization computers, software, information
or networks to which CMAA belongs, regardless of whether the resource
accessed is owned by CMAA orthe abuse takes place from a non-CMAA site.
c. Taking actions without authorization that interfere with the access
of other users to information systems.
d. Circumventing logon or other security measures.
e. Using information for any illegal or unauthorized purpose.
f. Personal use of information systems or electronic communications for
non-CMAA consulting, business or employment, except as set forth in Section
4 of this Policy.
g. Sending any fraudulent electronic communication.
h. Violating any software license or copyright, including copying and
redistributing copyrighted software, without the written authorization
of the software owner.
i. Using electronic communication to violate the property rights of authors
and copyright owners.
j. Using electronic communications to harass or threaten users in such
a way as to create an atmosphere that unreasonably interferes with a member
user’s enjoyment of CMAA membership, or a staff user’s employment
experience. Similarly, electronic communications shall not be used to
harass or threaten other information recipients, in addition to users.
k. Using electronic communications to disclose proprietary information
without the explicit permission of the owner.
l. Reading of other user’s files or electronic communications without
m. Forging, fraudulently altering or falsifying, or otherwise misusing
CMAA or non-CMAA records (including computerized records, identification
cards, or other documents or property).
n. Using electronic communications to hoard, damage, or otherwise interfere
with resources available electronically.
o. Using electronic communications to steal another individual’s
works, or otherwise misrepresent one’s own work.
p. Launching a computer worm, computer virus, or other rogue program.
q. Downloading or posting illegal, proprietary or damaging material to
a CMAA computer. This includes material containing computer viruses or
worms. Users shall seek competent technical advice before downloading
any questionable material.
r. Transporting illegal, proprietary or damaging material or information
across a CMAA network.
s. Violation of any local, state or federal law or regulation in connection
with the use of any information system.
User Privacy Not Guaranteed. When CMAA information systems are functioning
properly, a user can expect the files and data he generates to be private
information, unless the creator of the file or data takes action to reveal
it to others. Users should be aware, however, that no information system
is completely secure. Persons both within and outside of CMAA may find
ways to access files and data. ACCORDINGLY, CMAA CANNOT AND DOES NOT GUARANTEE
USER PRIVACY and users should be continuously aware of that fact.
b. Repair and Maintenance of Equipment. Users should be aware that on
occasion duly authorized CMAA information systems technological personnel
have authority to access individual user files or data in the process
of performing repair, maintenance, or upgrade of computing equipment CMAA
deems reasonably necessary. Information systems technological personnel
are prohibited by law from exceeding their authority of access for repair,
maintenance and upgrade purposes, or from making any use of individual
user files or data for any purpose other than repair, maintenance or upgrade
services performed by them.
c. Response to a Public Records Request, Administrative or Judicial Order
or Request for Discovery in the Course of Litigation. Certain records,
such as proprietary information or personal information in personnel and
member records are protected from disclosure to sources outside CMAA.
However, other records may require disclosure if a public record request
is made. Users should remember this when creating any electronic communication.
Also, users must be aware that CMAA will comply with any lawful administrative
or judicial order requiring the production of electronic files or data
stored in CMAA’s information systems, and will provide information
in electronic files or data stored in CMAA’s information systems
in response to legitimate requests for discovery of evidence in litigation
in which CMAA is involved.
d. CMAA reserves the right, in its sole discretion, to review any user’s
files, data and usage to the extent necessary to ensure that information
systems are used in compliance with local, state and federal law and regulations,
this Policy and other applicable CMAA policies.
ELECTRONIC MAIL (E-mail)
ALL PROVISIONS OF THIS POLICY ARE APPLICABLE TO E-MAIL. E-mail should
reflect careful, professional and courteous drafting, particularly since
it is easily forwarded to others. Never assume that no one other than
the addressee will read your e-mail.
b. CMAA maintains e-mail broadcast addresses for the convenience of users,
for which one e-mail address is designed to reach all users of an administrative
unit of CMAA, or users engaged in an e-mail discussion of mutual interest.
Use of these broadcast addresses for dissemination of SPAM is specifically
c. Authorized users of the e-mail broadcast address firstname.lastname@example.org
are to be determined by the Board of Directors and the CEO in accordance with Subsection d. below.
d. Access to and use of the broadcast address email@example.com will
be granted to individual users for limited periods of time as determined
by the Board of Directors and CEO.
e. Be careful about attachments and broad publication of messages, particularly
messages addressed simultaneously to more than one user.
f. SPAM, as defined by this Policy, is prohibited.
g. For purposes of timely response, e-mail will be treated the same as
any other written communication received by a user. E-mail will be responded
to in a manner consistent with other received written correspondence.
A shorter response period for e-mail is specifically excluded by the Policy.
h. E-mail may be responded to in any manner the responder deems appropriate.
E-mail may be responded to by e-mail, written correspondence, telephone,
or other means as determined by the responder.
i. Users should be aware that even when an e-mail message is deleted or
erased, it may still be possible to recover the message; therefore, the
ultimate privacy of e-mail is not ensured to anyone
CEO of CMAA may establish standards for information
published on the World Wide Web (Web Pages) considered official CMAA information,
consistent with CMAA Bylaws. All official Web Pages shall include a copyright
notice to identify them as official CMAA Web Pages. No other Web Pages
shall be allowed to use the CMAA logo, except as provided in the CMAA
Bylaws and other policies.
Originators of Web Pages using information systems associated with CMAA
shall comply with CMAA policies and Bylaws and are responsible for complying
with all local, state and federal laws and regulations, including copyright
laws, obscenity laws, laws relating to libel, slander and defamation,
and laws relating to piracy of software.
The users creating a Web Page are responsible for the accuracy of the
information contained in the Web Page. Content should be reviewed on a
timely basis to assure continued accuracy. Web Pages should include a
phone number or e-mail address of the person to whom questions and/or
comments may be addressed.
Policy shall be published on the World Wide Web to fully notify users
of its existence.
APPLICATION AND ENFORCEMENT
Policy applies to all administrative units of CMAA. Each unit shall be
responsible for enforcing this Policy in a manner best suited to its own
organization. It is expected that enforcement will require cooperation
between administrative units and CMAA departments such as Information
& Technology Systems, Chapter/Member Services, Legislative and Regulatory
Resources and Executive Offices.