Policies and Procedures Manual

Chapter 8: Information Technology

08:01:00   Acceptable Use Policy
Related Policies and Guidelines

TBR Policy (formerly G-053) Personally Identifiable Information (PII)

NeSCC Policy 03:07:00 Family Educational Rights and Privacy Act

NeSCC Policy 03:07:01 Directory Information

NeSCC Policy 04:50:00 Safeguarding of Customers' Nonpublic Financial Information

  1. Users who are employees and independent contractors shall not make use of Northeast State Community College information technology resources for purposes which do not conform to the purposes, goals, and mission of Northeast State and to the user’s job duties and responsibilities.
  2. Users shall not use Northeast State information technology resources for solicitation for religious or political causes.
  3. Electronic data entry forms that collect and store data to be used in the business of the College must only be created on software applications and systems approved by TBR and/or the Northeast State Computer Resource Committee.
  4. Electronic data entry forms not managed by the Office of Information Technology that collect and store sensitive or protected data must be approved by the Vice President for Finance and Administration before being published.
  5. Administrative logins for data collection applications that reside on external systems and use email address for validation or secondary authentication must only use the department’s Northeast State email address.
  6. Data collection applications that are used in the business of the College should have two administrators at a minimum, if possible.
  7. Storage of nonpublic college data, including student personally identifiable information (PII) as defined by the Family Educational Rights and Privacy Act (FERPA) must be stored on campus or cloud servers managed by the Northeast State Office of Information Technology. Sensitive or protected data may be stored on shared drives where access is restricted to only those who need access to that data. Any exceptions must be approved by the Vice President for Finance and Administration.
  8. No sensitive or protected data may be stored on external storage devices, including but not limited to USB drives and detachable hard drives.

Back to Top

Divisional Review Responsibilities Checklist: Finance and Administration

Revision History: April 2023