Acceptable Use Policy

Medium

Acceptable Use

Scope and Purpose

The North Dakota Center for Distance Education (NDCDE) provides access to various electronic communication devices (ECDs) and an IT infrastructure. This infrastructure supports the operational and educational goals of NDCDE, while maintaining the standards set by both Edutech and the North Dakota Information Technology Department (NDIT). This policy governs the use of NDCDE's technology by both students and staff to ensure compliance with state regulations, protect the integrity of systems, and maintain a respectful digital environment.

General Acceptable Use Guidelines (For All Users) 

NDCDE, as a state educational entity, adheres to the Edutech Acceptable Use Policy. All staff, students, and system users must also adhere to this policy, which is accessible on the Edutech website: Edutech Acceptable Use Policy. If any conflict arises between the NDCDE policy and Edutech's policy, the Edutech policy will supersede.
Key principles include:

  • NDCDE and state technology resources must be used primarily for educational or work-related purposes.
  • Unauthorized use of technology resources (e.g., installing unlicensed software, accessing inappropriate content) is prohibited.
  • Users must protect the confidentiality of their accounts and take reasonable steps to secure any device used to access NDCDE systems.

NDCDE employee (B4j) and student (C3e) conduct policies govern online behavior whenever an employee is acting in her/her official capacity on behalf of NDCDE and a student is participating in NDCDE services. These codes of conduct contain the same expectations as are found in standalone netiquette policies including showing respect, use of appropriate language, and adherence to confidentiality requirements under state and federal law. Teachers are encouraged to create course-specific netiquette expectations as necessary, ensuring these are prominently posted in their courses and working with colleagues in their content areas to foster uniformity in these expectations whenever possible.

Monitoring and Privacy 

NDCDE reserves the right to monitor the use of all NDCDE and state technology resources, including internet use, email, and files stored on its systems, without prior notice. Users should have no expectation of privacy when using NDCDE systems. Monitoring may occur for the following reasons:

  • Ensuring compliance with this policy.
  • Safeguarding state resources.
  • Complying with state or federal investigations.
  • When monitoring is necessary for specific cases, including potential policy violations, the following protocols will apply. The NDCDE IT team must receive approval from the NDCDE IT director, NDCDE state director, and Edutech before any individual monitoring is authorized. Monitoring shall occur in accordance with Edutech policies and procedures.

Routine technical support and IT maintenance activities are excluded from this approval process.

Technology Use Guidelines for Staff

  • Use of Electronic Communication Devices (ECDs): It is the state’s and CDE’s policy to limit the use of state ECDs to official business. Employees uncertain of whether use constitutes official business shall consult with their direct supervisor. CDE employees using a State IT resource, including accessing personal accounts, have no expectation of privacy or confidentiality. NDCDE will provide required devices (such as a desktop or laptop computer) and is responsible for the maintenance and replacement of such devices. In addition to a laptop or desktop computer, some positions may require the use of mobile computing devices such as cell phones, smartphones, or tablets. The NDCDE IT Department is responsible for determining if a state-owned mobile computing device should be provided or allowed to sync or directly attach to a personal mobile computing device to the state’s IT infrastructure. Each situation should be considered individually and be based on the team member’s work or position.
  • ECD Cloud Storage: Team members must use OneDrive for Business as a mobility solution for work data. Other cloud storage solutions are not allowed. Files may only be synced via OneDrive for Business to work-managed devices, such as work laptops, work cell phones and personal cell phones managed with Mobile Device Management (MDM). Syncing work and/or personal files from a work laptop to any other cloud storage provider is not allowed.
  • Access to Personal Accounts: Any staff communication concerning NDCDE business on a technology device, regardless of the owner, is subject to the North Dakota Open Records Law (NDCC 44-04-18). Information exchanged on these accounts can be disclosed in legal proceedings or public records requests unless the record is governed by an exception under state law.
  • Social Media: It is the State of North Dakota’s policy that all official communications made through official agency social media accounts, on behalf of or concerning the agency, must be made through or with the permission of the NDCDE state director or designee. Employees are encouraged to review the Employee Speech Policy for guidance on personal social media use.
  • Conducting Business Internationally: Any staff member who plans to conduct NDCDE business from outside the U.S. must obtain supervisor and IT director approval and follow all applicable safeguards as determined by the NDCDE IT team.

Technology Use Guidelines for Students

  • Acceptable Use: Students must use technology in accordance with the Edutech Acceptable Use Policy and NDCDE's Technology Safeguards Policy, which promotes ethical and safe use of technology in educational settings.
  • Academic Honor Code and Student Conduct Policies: Students are required to adhere to these policies whenever engaged in NDCDE activities.

IT Department Oversight and Permissions

The NDCDE IT department is responsible for maintaining the integrity of the system. As NDCDE operates under the state’s IT department (NDIT) and uses services provided by Edutech. The NDCDE IT department is granted an exception under this policy to perform necessary system administration work. This includes, but is not limited to:

  • Account Management: The NDCDE IT department may manage accounts and access requests, provided they operate within the permissions granted by NDIT and Edutech.
  • Systems and account maintenance and security: Conducting routine maintenance and upgrades; monitoring network performance and security; troubleshooting issues related to system access or performance; and accessing data and logs necessary to fulfill operational requirements.
  • Approvals for IT Actions: For certain actions that may involve higher-level system access or sensitive information, the NDCDE IT department must seek approvals from NDIT or Edutech, ensuring compliance with statewide IT security policies.
  • Data Security and Privacy: NDCDE adheres to the Edutech Privacy Policy and the NDIT E-Service Privacy Standard for the protection of data and personal information. All systems are required to comply with these policies to ensure the safety and privacy of staff, students, and organizational data.

All system administration activities will be conducted in compliance with NDIT guidelines and under the oversight of NDCDE leadership. These actions will be limited to the scope necessary for maintaining the integrity of NDCDE’s technology infrastructure and ensuring compliance with state IT standards.
These exceptions are strictly limited to technical system administration tasks and does not extend to unauthorized or non-routine monitoring of user communications or activities, which still requires the appropriate approvals as outlined in the monitoring section of this policy.

Consequences for Violations

The consequences for violations will be commensurate with the severity of the violation administered in accordance with the Employee Discipline and Student Discipline Policies as applicable. While an employee is under investigation for an alleged violation of this policy, his/her access to state technology resources and state ECDs may be suspended.