Feb 11, 2025  
2024-2025 Student Handbook 
    
Catalog Navigation
  Catalog Home
  Students Rights and Responsibilities
  Offenses and Sanctions
  Academic Policies
  Administrative Policies
  Conduct Policies
  Student Complaints
  Student Governancy
  School of Medicine Policy Manual
  School of Behavioral and Brain Sciences Handbook
  School of Dental Medicine Handbook
  School of Nursing Handbook
  Public Health Program Policy Manuals
  Infectious and Environmental Hazards Exposure Policy
HELP
2024-2025 Student Handbook

IT‐2 Acceptable Use Policy ‐ Students

Policy It‐2 Information and Technology Resources Acceptable Use Policy - For Students

Overview

The Information Technology Department is committed to preserving the Confidentiality, Integrity, and availability of Information Technology resources. The use of these resources is in support of teaching, research, learning, administrative, and other intellectual pursuits consistent with the aims and objectives of Ponce Health Sciences University (PHSU), Ponce Research Institute (PRI), Tiber Health Corporation (THC), and all related entities (hereinafter the Company). The Company has an obligation to ensure the security and confidentiality of its member records and protect these records against unauthorized access that could result in loss or inconvenience for its members. The protection for the confidentiality of nonpublic information must be consistent with state and federal laws.

Purpose

The purpose of the Acceptable Use Policy (AUP) is to outline the acceptable use of all IT resources across all sites on which the Company operates. This policy also provides the guidelines to identify

situations where unacceptable use of these resources could affect the teaching, learning, research, services, or administrative missions of the Company; or compromises the security of the systems or data.

Definitions and Authority

Authority to Change: Because the Company policies are subject to change, this document may change from time to time. Information Technology (IT) Resources: The complete set of information technology devices, data applications, and network services involved in the process, storage, access, and transmission of information.

Company Systems: All applications and software platforms, either on‐premises or cloud‐based, including email and Internet/Intranet/Extranet‐related systems.

Technology Devices: Computers, laptops, tablets, printers, scanners, photocopiers, servers, networking devices, VoIP phones, corporate smartphones, and hotspots.

Mobile Devices: Portable devices intended primarily for the access to or processing of data, which can be easily carried by a single person and provide persistent storage, including, but not limited to, laptops, smartphones, tablets, e‐readers, and portable computing devices.

Restricted Data: Data in any format collected, developed, maintained, or managed by or on behalf of the University, or within the scope of University activities, which are subject to specific protections under federal or state law or regulations or under applicable contracts. Examples include, but are not limited to, medical records, social security numbers, credit card numbers, driver licenses, non‐directory student records, financial data, research protocols, and export‐controlled technical data.

Users: Account holders or any person who uses a computer or network facility, whether affiliated with the Company or not.

User Account: Username assigned or email address, and password.

Affiliate: Someone officially linked or associated to the Company who is not a student or employee (e.g., contractors, vendors, interns, temporary staffing, volunteers).

Company members: Employees, faculty, students, and affiliates.

Information Technology (IT) Assets: It refers to any information system, operating system, database, software, application, computer, servers, Cloud service, printer, scanner, copiers, VoIP phone, mobile devices, audiovisual, video conference, storage, and network equipment.

IT Department: The Information Technology Department of the Company.

Cloud Storage: A technology that allows you to save files in storage and then access those files via the Cloud. Examples of cloud storage services are Google Drive, Dropbox, and OneDrive. Files stored on these cloud storages can usually be accessed via any web browser, and they synchronize the files to multiple computers and mobile devices. They also offer the feature for sharing files with other people.

MFA: An authentication method that requires the user to provide two or more verification factors to gain access. Example of factors: Password and PIN number.

Chain letter: An email directing recipients to send out multiple copies of it, so its circulation increases exponentially.

Spam: The use of email systems (including most broadcast media and digital delivery systems) to send unsolicited bulk messages indiscriminately.

Peer‐to‐Peer (P2P): A file‐sharing network. It is a networking technology that normally uses a decentralized communication model, where there is no central server involved, and all computers in the network act as both server and client. An example of a pure decentralized P2Pnetwork is BitTorrent.

Cloud backup: Also known as online backup, it is a strategy for backing up data that involves sending a copy of the data over a public network (Internet) to an off‐site server

Social media: Any Web site in which visitors can publish information to a larger group. Such destinations include large, branded entities such as Facebook, Twitter, YouTube, My Space, Google+, LinkedIn, and similar.

Moonlighting Work: Paid work that you do in addition to your regular job, especially without telling your employer.

Scope

This policy applies to the use of any Company Information Technology resources by any student who uses a computer or network facility, whether affiliated with the Company, its subsidiaries, and parent companies or not. By using these resources, all Users agree to comply with this policy. Use of the Company Network and Technological Services with Personal Devices (e.g., smartphones, laptops, tablets, etc.) abide by the same policies.

All students will receive a copy of this policy, and a signed copy of the agreement will be filed in the Students Affairs Department. However, the use of the Company Computers, Network, and

Internet/Intranet/Extranet‐related systems implied that the user understands and agrees to abide by this policy.

Policy

User Rights and Responsibilities

  1. User access to Information and Technology (IT) resources is contingent upon prudent and responsible use.
  2. Users are responsible for ascertaining what authorizations are necessary and for obtaining them before using PHSU System.
  3. Users are responsible for any activity originating from their user accounts or company system. In cases when unauthorized use of user accounts or resources is detected or suspected, the account owner should change the password and report the incident to the IT Department.
  4. Occasional personal use of Information and Technology resources is allowed, while such personal use does not interfere with work performance or violate any policy, regulation, or law.
  5. Users should consider the Company and community standards when determining if an activity is appropriate. Imprudent use of IT Resources can lead to consequences affecting many other users.
  6. Users of the Company’s IT resources must comply with federal and state laws, Company rules, policies, and procedures. Examples of applicable laws, rules, and policies include; the laws of libel, privacy, copyright, trademark, obscenity, and child pornography; the Electronic Communications Privacy Act, and the Computer Fraud and Abuse Act, which prohibit “hacking, cracking”, and similar activities; the PHSU’s Student Code of Conduct; Faculty Manual, Employee

Manual

All users shall review and refer to all IT policies and procedures. For more information regarding specific policies for Wireless access, Mobile Devices, social media, and other IT general guidelines and procedures, please go to Information Technology Policies or contact the IT Department, ext. 5002, or by email itsupport@psm.edu.

General Guidelines

Acceptable Use

In making acceptable use of resources, you must:

  1. Use IT resources only for authorized purposes.
  2. Protect your Account and System from unauthorized use. Accounts cannot be used by other than to whom they have been assigned. Use effective passwords and safeguard those passwords.
  3. Access only information that is your own, that is publicly available, or to which you have been given authorized access.
  4. Use email in a responsible and productive manner that reflects well on the Company.
  5. Use only legal versions of copyrighted software in compliance with vendor license requirements.
  6. Show consideration for the consumption and utilization of IT resources.
  7. Save all work‐related documents on the Server. However, an employee can keep a copy on their computers.
  8. Encrypt emails when sending protected or confidential information, such as documents with social security, credit card numbers, payment claims for patient services, and patient referrals.
  9. Request authorization from IT prior to downloading any software.

Unacceptable Use

The following activities and behaviors are Inappropriate and prohibited:

  1. Use another person’s account.
  2. Use another person’s system, files, or data without the proper authorization of the IT Director and the corresponding Dean or designee.
  3. Download or save restricted, confidential, or sensitive data on personal devices.
  4. Use of faculty and administrative computers, except on special and authorized occasions (e.g., Match Activities). Permission must be requested from the IT Department prior to use.
  5. Disclosure of restricted, confidential, or sensitive data to a third party without proper Authorization.
  6. Engage in any activity that might be purposefully harmful to the Company System or to any information stored thereon, such as creating or propagating viruses, disrupting services, damaging files, or making unauthorized modifications to the Company data.
  7. Make or use illegal copies of copyrighted materials or software. Install or store such copies on the Company system or transmit them over the Company networks.
  8. Use of Peer‐to‐Peer (P2P) or other technology for illegal uploading, downloading, or sharing of copyrighted material, such as music and software. Sharing or downloading copyrighted files without permission over the Company’s network is illegal and a violation of the Company’s Acceptable Use Policy.
  9. Attempt to alter any Company computing and networking components, including data drops connections or wireless infrastructure.
  10. Connect network equipment (including, but not limited to, bridges, routers, hubs, and wireless access points) to open network ports. Any student who needs to connect laptops or network equipment to any network drop on the campus must request approval from the IT Department.
  11. The use of devices to provide unauthorized services or as gateways to provide alternative means of access to Network Services.
  12. Attempt to circumvent or subvert Company systems or network security measures, e.g., using computer programs to decode passwords or scanning of networks for security vulnerabilities.
  13. Engage in any activity that alters the integrity or might be purposefully harmful to systems or to any information stored thereon. For example, creating or propagating viruses, disrupting services, damaging files or making unauthorized modifications to the Company data, attempting to capture or decode passwords, attempting to get additional access, or altering data that belong to other users.
  14. Monopolize the Company systems, overload networks with excessive data, degrade the services, waste computer or connection time, disk space, printer paper, manuals, or other resources.
  15. Make or use illegal copies of copyrighted materials or software, store such copies on PHSU systems, or transmit them over Company networks.

Use the Company Information Technology Resources for the following:

  1. To Impede, interfere, impair, or cause harm to the activities of others.
  2. For commercial or partisan political purposes.
  3. To harass, intimidate, or discriminate against another person.
  4. To send chain letters, unsolicited mass mailings, virus hoaxes, “spamming” (spreading email widely without good purposes), or “bombing” (flooding another’s email with numerous or large email messages)
  5. To do “moonlighting” work using the Company’s IT resources.
  6. For illegal or any other purpose that is against institution policy or contrary to the Institution’s best interests.
  7. For entertainment purposes, non‐work‐related activities, or non‐academic‐related activities, including the use of streaming video services like Netflix, Hulu, Disney+, HBO, etc., during work hours or academic class sessions.
  8. For personal gain, for example, by selling access to your account or Company systems or networks, or by performing work for profit with Company resources in a manner not authorized by the Institution.
  9. Waste computing resources or network resources, for example, by intentionally placing a program in an endless loop, printing excessive amounts of paper, or sending chain letters or unsolicited mass mailings.
  10. Any activity that violates any other Company policy or code, or violates federal, state, or municipal laws or regulations.
  11. Release, disclose, post, display, communicate, confidential or protected information or information that might be considered offensive on social media pages (Refer to IT Policy IT‐3 social media Acceptable Use Policy).
  12. All users who use cloud storage for processing, storing, and sharing Company information must use OneDrive for Business under the Company’s Office365 subscription.

Engage in any activity that violates any other Ponce Health Sciences University policy or code, or violates federal, state, or municipal laws or regulations.

Institutional Website and Web Pages

All requests regarding the institutional website and social media pages should be referred to the Marketing Department.

Social Media

Social media includes any Web site in which visitors can publish information on destinations that are viewed by more than one person. Information shared may include but is not limited to, personal information, opinions, research, commentary, or business information. Examples of such destinations include large, branded entities such as Facebook, Twitter, YouTube, My Space, Google+, LinkedIn, WhatsApp, and similar sites or applications developed in the future. However, blogs, special interest forums, and user communities’ web pages are also considered social media.

The Company recognizes that users must conduct institutional business within social media. Accessing social media for personal purposes during work hours is prohibited. Please refer to the IT4‐Social Media Acceptable Use Policy for more information and guidelines.

Educational Technology Resources

Laptops

All students must have personal laptop computers that meet the following minimum requirements. Although Windows laptops are strongly recommended, Apple Macintosh laptops are acceptable when configured to meet the specified software requirements.

We recommend systems that meet or exceed the following specifications:

  1. WINDOWS MAC
  2. Intel Core i5 or i7 processor (1GHz or higher), Sixth Generation or higher with a TPM
  3. Intel Core i5 or i7 processor (1GHz or higher), Sixth Generation or higher with a TPM
  4. Windows 10 x64 or higher MAC OS v10.14, V10.15, v11.0, v12.0 8GB RAM (16GB of RAM preferred) 8GB RAM (16GB or more of RAM preferred 512 GB internal Solid-State Drive (SSD) or higher 512 GB internal Solid-State Drive (SSD) or higher.
  5. Intel HD Graphics, or discrete graphics card (must have at least one display out option or adapter)
  6. 13” to 15.6” display or higher 13” to 15.6” display or higher
  7. Two USB 3.0 ports or USB adapters Two USB 3.0 ports or USB adapters
  8. 802.11ac 2.4/5 GHz wireless adapter 802.11ac 2.4/5 GHz wireless adapter
  9. Full‐Size Keyboard preferred Full‐Size Keyboard preferred
  10. Trackpad or wireless mouse Trackpad or wireless mouse integrated webcam integrated webcam integrated microphone integrated microphone.

E‐learning platforms

Ponce Health Sciences University uses the educational web‐based platforms Canvas and Moodle, where educational materials, including evaluations, rotation schedules, grades, and other students’ confidential information, are posted. The platform also allows for web‐based examinations. The student is advised that this information is accessed with their user ID and password. PHSU is not responsible for the disclosure of such information when it is accessed by a third party through the use of the student’s user ID and password.

Apple iPads

PHSU provides iPads to all new students to facilitate access to the educational resources available in the Institution. Students must remain active for at least one (1) year before the ownership of the equipment transfers to them. Students who withdraw from PHSU before the year is over must return the equipment to the IT Department. The equipment must be in good condition, including its components or accessories like covers, chargers, etc. The iPads will be used throughout your academic career at PHSU; do not dispose of them.

Microsoft Office 365 Platform

Every student has access to Microsoft Office 365 applications for free as long as they are students at PHSU and the PHSU subscription continues. The applications can be installed on up to 5 compatible devices. MS Office 365 is the official email platform used in the Institution, which also provides a Cloud storage space (OneDrive) and other applications.

Printing Quota

An established number of copies is assigned to every student, every academic period (semester or trimester), as applicable. Unused copies balance will be rolled over to the next academic period. If the student has no balance left or wants to be able to increase the number of copies available, he/she can purchase an additional printing quota. Any unused balance from the quota assigned by the Institution is not refundable. Print refunds might be applied for print jobs that were caused by a technical hardware or software problem, and such refund will apply only when using funds from the additional printing quota purchased by the student. A refund request should be made no more than two (2) days after the incident. It will be investigated, and the student will be notified by email. Print job errors caused by misconfigurations by the user are not refundable.

Software Code of Ethics and Software Policy

Purpose

This code of ethics states Ponce Health Sciences University and the Company policy concerning the installation and acceptable use of the software. Any unauthorized duplication of copyrighted computer software violates the law and is contrary to PHSU standards of conduct. PHSU does not excuse the illegal duplication of software and will not tolerate it. Any violations to this Policy will be handled according to the HR Employee Manual.

Software

Company Software will be used in accordance with their license agreements.

Company staff shall not:

  • Download or upload unauthorized software over the Internet.
  • Give Company software to outsiders, clients, customers, and others.
  • Make unauthorized copies of software under any circumstances.
  • Install software on any institutional computer.
  • Install company‐owned software on personal computers.

Acquisitions

Any software, application, or hardware with a software combination must follow the IT Department’s evaluation and approval process prior to its acquisition. These include any software or hardware that needs to be connected to the Company network or run on a stand‐alone computer.

Shareware or Free‐to‐try software is copyrighted software that is distributed freely through the Internet and online systems. It is the policy of the Company to pay shareware authors the fee they request for the use of their products. Registration of shareware products should be handled the same way as commercial software products.

Guidelines

  1. Use software in accordance with their license agreements. Must be aware that ALL computer software is protected by copyright unless it is explicitly labeled as PUBLIC DOMAIN.
  2. Must not download or upload unauthorized software over the Internet.
  3. Must not give software or accept unlicensed software from any third party.
  4. Must not make unauthorized copies of software under any circumstances. Shareware or Free‐ to‐try software is copyrighted software that is distributed freely through the Internet and online systems. It is the policy of PHSU to pay shareware authors the fee they request for the use of their products. Registration of shareware products should be handled the same way as commercial software products.
  5. Must not install software on any institutional computer; all software shall be installed by the IT Staff. Generally, institution‐owned software cannot be installed on a student’s personal computer.
  6. Must notify IT Department immediately in case there is a suspected misuse of software within the organization.

Penalties

Any person illegally reproducing software can be subject to civil and criminal penalties, including fines and imprisonment.

Internet and Email Services Policy

Purpose

To establish guidelines that should be followed to ensure proper usage of email and Internet access at Ponce Health Sciences University. Any improper use of these services jeopardizes the PHSU legal standing and, therefore, cannot be tolerated.

Statements and Guidelines

  1. Acceptable Uses of Institution email and Internet Access.
    1. The Institution provides Internet and email access for academic usage. Every student has the responsibility to maintain and enhance the Institution’s public image and to use its email and access to the Internet in a responsible and productive manner that reflects well on the Institution.
  2. Unacceptable uses of Institution email and Internet access.
    1. The Institution’s email and Internet access may not be used for transmitting, retrieving, or storage of any communications of a discriminatory or harassing nature or materials that are obscene or “X‐rated.”
    2. Harassment, threatening, bullying, or making damaging or false statements of any kind is prohibited.
    3. No messages with derogatory or inflammatory remarks about an individual’s race, age, disability, religion, national origin, physical attributes, or sexual preference shall be transmitted.
    4. Abusive, profane, or offensive language is not to be transmitted. Electronic media cannot be used for any other purpose that is illegal or against institution policy or contrary to the Institution’s best interests.
    5. Solicitation of non‐institutional business, or any use of the Institution’s email or Internet for religious and political purposes as personal gain, is strictly prohibited.

Communications

The email provided by the Institution is considered the official mean of communication.

Students are expected to read their emails regularly while being active students in PHSU.

This policy includes students enrolled and those on leave of absence. It is the student’s responsibility to respond immediately, if necessary. Students will be considered responsible for all information posted through the email system while on or off‐site. Also, emergency notices will be published to the psm.edu email and the student’s registered cellphone number. Each student is responsible for the content of all text, audio, or images that he or she places or sends over the PHSU email and Internet system. No email or other electronic communications may be sent that hide the identity of the sender or represents the sender as someone else or someone from another institution. All messages communicated on the PHSU email and Internet system should contain the student’s name.

Wireless Access Policy

Purpose

Establish guidelines for the use of PHSU Wireless Networks by the students, staff, guests, and other Company members.

Guidelines

  1. All general policies within the Acceptable Use Policy for Information and Technology Resources apply to wireless network users.
  2. Only the Information Technology Department (IT) is authorized to attach wireless switches or routers (commonly known as Access Points or AP’s) to the campus cabled network.
  3. Under no circumstances should any user connect any router, Access Point, Bridge, or similar devices to network ports anywhere on campus. Failure to comply with this policy is subject to confiscation of the unauthorized device.
  4. End users are not permitted to use their devices (e.g., computers, mobile devices, etc.) to provide unauthorized services or as gateways to provide alternative means of access to Network Services.
  5. Computer users’ devices, including personal laptop computers with wireless network interfaces capable of acting as bridges between wireless and wired networks, should not be attached to open cabled network ports unless the wireless interface is disabled. Both cabled, and wireless networking capability can be simultaneously active even if the end‐ user is unaware of this. This means that users must actively disable their wireless interfaces (e.g., WiFi cards) before attaching to an Ethernet port.
  6. IT will monitor the local wireless network for unauthorized AP’s and other unauthorized wireless network devices that pose security risks.
  7. IT will be responsible for maintaining a reasonable balance between easy access and proper security for all cabled and wireless network services. In certain cases, some cabled network services may be inaccessible from wireless connections because of security considerations. Individuals wishing to request the addition of a particular service for wireless accessibility or an explanation as to why a particular service is unavailable may contact the IT Helpdesk.

Security & Privacy

The Company employs various measures to protect the security of its computing resources and its user’s accounts. However, the users should be aware that the Company cannot guarantee security and confidentiality if the users don’t engage in “safe computing” practices by establishing appropriate access restrictions for their accounts, guarding their passwords, and changing them regularly.

Users should also be aware that their uses of the Company’s computing resources are not completely private. While incidental and occasional personal use of such resources is permissible, personal communications and data transmitted or stored on Company technology resources are treated as business communications; those who use Company’s information technology resources do not acquire, and should not expect, a right of privacy. However, employees should limit their personal use of the telephone and computer during office hours. Because telephone and email systems are provided by the Company at its expense for business use, all messages sent by or received on those systems are company documents. The Company reserves the right to access and disclose the messages that you send or receive on the voice mail or email systems. Deleted messages from the computer screen may not actually be deleted from the email system.

While the Company does not routinely monitor individual usage of its computing resources, the normal operation and maintenance of the Company’s computing resources require the backup and caching of data and communications, the logging of activity, the monitoring of general usage patterns, and other such activities that are necessary for the provision of service. The Network, Internet, and Email activities will be monitored to ensure and safeguard the best use of technological resources and compliance with policies and regulations.

The Company reserves the right to monitor the accounts’ activities of individual users of the Company’s computing resources, including individual login sessions and the content of personal communications, without notice. Such monitoring requires previous approval of the executive management. The most common reasons for monitoring are when:

  1. It reasonably appears necessary to do so to protect the integrity, security, or functionality of the Company or other computing resources or to protect the Company from liability.
  2. There is reasonable cause to believe that the user has violated or is violating this policy.
  3. An account appears to be engaged in unusual activity.
  4. It is otherwise required by law.
  5. 10 Disclaimer

The Company exercises no control whatsoever over the content of the information passing through its network or the Internet. The Company makes no warranties of any kind, whether expressed or implied, for the service it is providing. The Company also disclaims any warranty of merchantability or fitness for a particular purpose. The Company will not be responsible for any resulting damages. This includes loss of data resulting from delays, non‐deliveries, or service interruptions caused by its own negligence, power or telephone company failures, acts of God, or your errors or omissions.

The Company network services may only be used for lawful purposes in accordance with the Telecommunications Act, Higher Education Act, and any applicable law. Transmission of any material in violation of any U.S., Puerto Rico, or any other country regulations is prohibited. You agree to indemnify and hold harmless the Company from any claims resulting from your use of the service, which damages you or another party.

Any access to other networks through the Company’s network must comply with the rules appropriate for that other network. Whenever you are transferring software (or, for that matter, ideas) from one place to another, you must consider intellectual property and license issues. Use of any information obtained via the Company’s network is at your own risk. The Company specifically denies any responsibility for the accuracy or quality of information obtained through its services.

Accountability

Users who violate this policy, abuse the privilege of the Company‐facilitated access of Information Technology Resources, or who make, acquire, or use unauthorized copies of software, will be subject to disciplinary action as appropriate under the circumstance. Such discipline may include the denied access to the Company Information Technology resources and may be subject to other penalties and disciplinary actions, including possible expulsion or dismissal. Alleged violations will be handled through the Company disciplinary procedures applicable to the user. The Company may suspend, block, or restrict access to an account, independent of such procedures when it reasonably appears necessary to do so in order to

protect the integrity, confidentiality, and availability of the Company or other computing resources or to protect the Company from liability. The Company may also refer suspected violations of applicable law to appropriate law enforcement agencies. Any user that is found guilty of illegal distribution of copyrighted material is vulnerable to criminal and civil penalties.

Rev. 08/02/2022