Individuals working in NYU information technology and related areas (indicated in this document as "covered individuals") at New York University, at its portal campuses and global academic centers, hold positions of trust. We operate and safeguard NYU’s central information technology assets, including networks, computers, telephones, access controls, information, and databases. We provide technology-related services that are vital to the smooth functioning of the University and to the members of the University community. In these roles, every one of us must adhere to the highest professional and ethical standards.
The Code of Conduct: IT@NYU applies to all covered individuals, including student employees, as well as to all others who work in information technology and related areas at NYU as contractors, temporary staff, visitors, or in any other capacity, on a full-time or part-time basis; it does not form a contract. Failure on anyone’s part to comply with these standards may lead to disciplinary action, up to and including dismissal, as well as referral, as appropriate, to authorities for legal action. NYU IT reserves the right to amend this Code of Conduct: IT@NYU at any time and without notice, in its sole, good faith, discretion.
The purpose of this document is to help all of us become and remain familiar with the Code of Conduct: IT@NYU. Seven guiding principles summarize the Code. Information about each principle is provided in related sections of the Code.
I. Stay familiar and comply with the policies, laws, and regulations that affect your NYU
II. Safeguard the confidentiality, privacy, and security of NYU communications
III. Safeguard the accuracy, privacy, and security of NYU data and records
IV. Safeguard NYU services, systems, premises, property, and equipment from damage, disruption, attack, or intrusion
V. Fulfill requests for information or to conduct investigations concerning NYU data or facilities
only with the express authorization of IT management as listed in the Appendix
VI. Abide by copyright and intellectual property policies and ownership agreements
VII. Prevent personal interests from influencing NYU business dealings
For clarification of any item in the document or of any related University policy, please consult your team leader, supervisor, manager, or director at your portal campus or global academic center (see Appendix to reference your particular location).
Guiding Principle: Stay familiar with and comply with the policies, laws, and regulations that affect your NYU responsibilities.
Relevant policies, laws, and regulations include, but are not limited to, the NYU Code of Ethical Conduct (www.nyu.edu/about/policies-guidelines-compliance/policies-and-guidelines/code-of-ethical-conduct.html), NYU employment policies, and specific NYU information technology policies, as well as e-commerce law, copyright law, the New York State Information Security Breach and Notification Act, the Family Educational Rights and Privacy Act (FERPA) (www.nyu.edu/registrar/university-policies/ferpa.html), the Health Insurance Portability and Accountability Act (HIPAA) (www.nyu.edu/about/policies-guidelines-compliance/policies-and-guidelines/hipaa-policies.html), the Financial Services Modernization Act (GLBA), and trans-border mandates. In addition, different rules exist in other countries in which NYU has global programs that often diverge considerably from those in the United States.
With the increasing complexity and interdependence of job responsibilities across information technology at NYU and more broadly across NYU's educational community, as well as the continuing evolution of associated NYU policy and public policy, it can be a challenge to keep current. Individuals are helped to fulfill their obligations to remain current through information and links on the NYU IT and various other staff sites, briefings about relevant policies, laws, and regulations, as well as guidance and training available through NYUiLearn, Town Halls and other meetings, and departmental announcements.
Guiding Principle: Safeguard the confidentiality, privacy, and security of NYU communications.
The principle of privacy is addressed extensively in United States federal, state, and local laws, and in various laws in the foreign countries in which NYU has global locations. Federal law prohibits unauthorized disclosure of communications of any kind (voice, data, email, or other non-voice communication) transmitted over NYU's networks or the public or private networks that NYU utilizes, or even the fact that a transmission was sent or received.
Guiding Principle: Safeguard the accuracy, privacy, and security of NYU data and records.
Accurate and reliable data are essential for University operations. Data kept on systems managed by NYU IT and/or serviced by individuals from NYU IT or related areas include a wide range of subjects and must be kept accurate and available for authorized purposes at all times. These data should be disclosed only to authorized University personnel with a legitimate need to know. See the NYU Data Classification Table (www.nyu.edu/about/policies-guidelines-compliance/policies-and-guidelines/data-classification.html) and the Reference for Data and System Classification (www.nyu.edu/about/policies-guidelines-compliance/policies-and-guidelines/reference-for-data-and-system-classification.html) for guidance.
Guiding Principle: Safeguard NYU services, systems, premises, property, and equipment from damage, disruption, attack, or intrusion.
Information concerning the facilities, systems, and services that NYU IT and related areas plan, provide, or use could be of interest to someone who seeks to misuse or destroy them. Be careful to prevent inadvertent disclosure of sensitive information, including information about NYU's physical plant, plans for service, future construction, restoration procedures, and security procedures. Privileged access should not be breached. Report any violation or suspected violation to NYU IT management or to the relevant individual for your location referenced in the Appendix to this Code.
Guiding Principle: Fulfill requests for information or to conduct investigations concerning NYU data or facilities only with the express authorization of NYU IT management.
Guiding Principle: Abide by copyright and intellectual property policies and ownership agreements.
Official statements about the use of copyrighted material at NYU, including the Statement of Policy on Intellectual Property effective July 1, 2012 (www.nyu.edu/about/policies-guidelines-compliance/policies-and-guidelines/policy-intellectual-property.html), are published on the University's Policies and Guidelines web site. The Statement of Policy on Educational and Research Uses of Copyrighted Materials (www.nyu.edu/about/policies-guidelines-compliance/policies-and-guidelines/educational-and-research-uses-of-copyrighted-materials-policy-st.html) also may be reached through that site. NYU's copyright and intellectual property policies continue to evolve; NYU IT participates in the ongoing review.
Work products and software created by covered individuals working in NYU IT and related areas at NYU as part of their job responsibilities are owned by New York University.
Guiding Principle: Prevent personal interests from influencing NYU business dealings.
Be aware that relationships with a supplier might create a conflict of interest or might appear to impair independence of judgment on behalf of the University. Purchasing decisions should be made in accordance with the established policies and guidelines of NYU IT or the relevant offices for your location referenced in the Appendix to this Code and of the University. When in doubt, seek guidance from your immediate supervisor. (See also the NYU purchasing services website: www.nyu.edu/employees/resources-and-services/financelink/buying-paying.html).
|Len Peters||Vice President, Information Technology & Chief Information Officer|
||Associate Vice President, Research Technology and Chief Digital Officer|
|Meenakshi Baker||Assistant Vice President, Operations Technology and Support Services|
||Associate Vice President, Digital Accessibility/IT Policy and Compliance|
|Jeff Capuano||Senior Director, Service Operations|
||Associate Vice President and Chief Data Architect|
|Renaud Fournier||Associate Vice President and Chief Business Transformation Officer|
|Ben Maddox||Associate Vice President, Teaching & Learning Technologies, Chief Instructional Technology Officer|
|Annie Merkle||Associate Vice President, IT Strategy, Planning, and Engagement|
|Richard Mikelinich||Chief Technology Officer|
|Sherif Samaan||Associate Vice President and Deputy Chief Operations Officer|
||Senior Director, Business Services|
|Patrick O’Brien||Senior Director - IT|
||Associate Director - IT Services|
|Pan Chang||Director, Information Technology|
|Vanness Zhou||Associate Director, Information Technology|
Effective Date Supersedes N/A Issuing Authority Vice President, Information Technology and Chief Information Officer Responsible Officer Vice President, Information Technology and Chief Information Officer