Information Technology Privacy Policy

1.0 Purpose

Murray State University provides numerous information technology resources for the benefit of all members of the university community.  These resources include frequently accessed programs such as web sites, email, course management systems, and online payment systems as well as computer systems such as myGate which may be more specialized in their use and application.  Members of the public, too, may visit and search MSU web pages and utilize tools which appear there.  The University also provides network and internet access thru the Campus and ResNet networks to members of the campus community.  Of course, MSU also provides numerous computers for use with work and study as well as the basic infrastructure and architecture which enables the system to operate.

All of these resources enable users to communicate with each other, the University, and others off campus; to transact various matters of business; and to gain access to a vast amount of data with greatly increased ease and efficiency. 

MSU has established this policy so that users are aware of the privacy which surrounds their use of technology resources and the information and communications they send and which are received by, and which are stored in, such means.

If you have any questions or concerns about this policy or your information, please contact Information Systems at 809-2155.

2.0 Scope

This policy applies to all users of university information technology resources, which is defined as all information technology/network equipment, facilities, and services made available to users by Murray State University, and the data stored thereon.  The term information technology resources encompasses all university owned and operated computers, software, hardware, and infrastructure.  It further includes all university services and programs such as email, online payment, and MSU web pages.  It also includes: 

  1. Data and other files, including electronic mail, stored in or located or residing on (temporarily or otherwise) university-owned centrally-maintained systems, departmentally-maintained systems, and university-owned systems or computers.
  2. University data and other files stored off campus in systems owned or operated by other entities. These systems may be subject to their own terms and conditions related to privacy and other matters.
  3. Data communicated over Campus and ResNet networks. 
  4. Telecommunications (voice or data) traffic from, to, or between any devices described above including voicemail.

As used in this Information Technology Privacy Policy, “you” and “user” both refer to any individual -- whether student, faculty, staff, or individual external to MSU -- who uses MSU information technology resources.

3.0 Policy

3.1 What Information is Available from MSU’s Technology Resources

3.1.1 Information You Knowingly Provide

You may communicate via Murray State’s information technology resources for many reasons. You may send an email to the Bursar’s Office, Human Resources, a work colleague, or a friend; forward a draft document to a co-worker; submit a class assignment to a professor electronically; or apply for admission to the University via an online form.  Thus, depending upon the nature of any communication the information transmitted and available through information technology resources could include personally identifiable information such as name, telephone numbers, date of birth, permanent addresses, social security number, employment or class information, etc.  Information requested by MSU in forms or applications is needed so MSU can provide the service you need or request. 

3.1.2 Information You May Not Realize You Provide

In addition to the kinds of information referenced above, information may be transmitted and recorded (whether you realize it or not) anytime you use Murray State’s technology resources including simply visiting a Murray State University web site. This information includes but is not limited to:

3.1.3 Documents and files

You may use MSU’s information technology resources to create files, documents, or other compilations of data or information. These items may not be sent to anyone, but may simply be created on a MSU computer at a work station or in a computer laboratory and could remain there without you intentionally saving them on the computer. 

MSU’s information resources are used to create, store, and manage files or documents about employees, students, alumni, contractors, and others.  These documents can contain personally identifiable information including name, address, date of birth, social security number, gender, race, grades, and other personal information, as well as financial information such as salary, banking information, and payroll deductions.  Such information and the compilation of such information are necessary in order to carry on the regular operations of an institution of higher education.

3.1.4 Cookies

Cookies are a technology which can be used to provide you with tailored information from a web site. A cookie is an element of data that a web site can send to your browser, which may then store it on your system.  It can then be read back later by the web site when required. The use of cookies is a convenient way of allowing a computer to remember specific information relating to a web site.  You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it. 

MSU’s systems make use of cookies for the following purposes:

3.1.5 Information from On-Line Payments

It is possible to make on-line payments at MSU with debit and credit cards and e-checks.  In some instances, the user making the payment is directed to a third party website in order to make payment. The third party sites may have their own privacy policies.  In other instances, on-line payments result in the storage of information on MSU servers. 

3.1.6 E-Mail

Emails sent or received using MSU’s information technology resources or sent from or to any email address provided by MSU (eg. or are subject to monitoring and access by MSU. 

MSU may utilize an outside e-mail/service provider. In the event MSU utilizes an outside e-mail/service provider, MSU will maintain on its own servers copies of all e-mail sent or received through that e-mail/service provider; this email will be subject to this Information Technology Privacy Policy. The e-mail/service provider will also monitor and have access to the accounts which it provides. MSU will also have access to emails and other documents/transmissions in those accounts maintained by the provider. The provider will have its own privacy policies.

3.2 Who Has Access to Information Available From MSU’s Information Technology Resources?

3.2.1 MSU Employees

  1. To provide services
  2. Monitoring and Access

3.2.2 Disclosure of information to individuals outside of MSU

  1. MSU may initiate disclosure of information from its information technology resources to persons or entities inside or outside the University if needed in order for MSU to carry on its activities as an institution of higher education or if otherwise consistent with law. MSU employees may need to share information with other agencies in order to implement programs provided at MSU or to assist with a particular request. MSU will advise law enforcement officials, including the University’s Department of Public Safety and Emergency Management, if the regular monitoring of its information technology resources uncovers activity which may be criminal in nature such as downloading child pornography or communications of an illegal nature.
  2. Requests for information from persons or entities outside the University.  The following considerations are relevant in the event MSU receives a request from a person or entity outside the University for information, including personally identifiable information, available from its information technology resources.

3.3 Security of information

Murray State utilizes appropriate and reasonable measures to protect the security of its information technology resources. It cannot, however, guarantee absolute security for information.

MSU has no control over the privacy of information you share on any pages or sites outside of the domain even if they are accessed through or linked to MSU information technology resources. Similarly, MSU cannot guarantee security of data once it is released to a third party.

4.0 Review and Modification

  1. Proposals for amendments to this policy will be forwarded to the Chief Information Officer. The proposals and comments will be brought before the ITAC Policy Review Subcommittee by the Chief Information Officer.
  2. Any amendments to this policy will be approved by the President of the University. All new or amended policies will become effective as soon as Presidential approval is obtained and they have been published on the Policy website.

5.0 Penalty

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

6.0 Acceptance/Consent

Signature on an account application form, acceptance of a user ID, online registration, or use of any information technology resource denotes that the applicant/user has read and understands, accepts and consents to this Information Technology Privacy Policy.

PDF file icon Information Technology Privacy Policy (downloadable PDF)
Requires Adobe Acrobat Reader

Get Adobe Reader