Valley Medical Center Computing Resources
Acceptable Use Policy

The following document outlines guidelines for use of the Email and Internet Services at or operated by Valley Medical Center (VMC). The definition of VMC Email and Internet Services will include any computer, server, printer, or network provided or supported by VMC. The user of the system is the person with an account (or accounts) in order to perform work in support of any VMC program or a project authorized by or for VMC. The purpose of these guidelines is to ensure that all VMC users access VMC services in an effective, efficient, ethical and lawful manner.

Valley Medical Center accounts are to be used only for the purpose for which they are authorized and are not to be used for non VMC related activities. Unauthorized use of VMC computing systems and facilities may constitute grounds for either civil action or criminal prosecution.

In the text below, users refers to users of the Valley Medical Center Systems Division computing systems and facilities.

Users will not install unsupported software. Users shall not download, install or run software that has not been purchased or authorized for use at VMC. This includes wallpapers and screen savers and other associated programs.

Solicitation for commercial venture, religious or political causes, outside organizations, or other non-job-related solicitation, is prohibited. Users are responsible for protecting any information used and/or stored on/in their VMC accounts. Consult the Valley Medical Center User Guide for guidelines on protecting your account and information using the standard system protection mechanisms.

Internet browsing shall be conducted in support of VMC’s business needs. Any personal browsing must be minimal and on personal time. All Internet browsing is subject to monitoring to protect the interests of VMC.

Users shall not attempt to access, send or receive any data, patient information or programs contained on VMC’s systems, or any system with which it is connected, for which they do not have authorization or explicit consent of the owner of said data or program.

Users shall not share their VMC account(s) and/or system access with anyone. This includes sharing the password to the account, or providing access via any other means of sharing.

Electronic communication facilities (such as Email or news and Internet Browsing) are in no way to be used in a manner inconsistent with this policy or the mission or values of VMC or for personal, business or entertainment during scheduled work time. Fraudulent, harassing or obscene messages and/or materials shall not be sent to or from, viewed or stored on VMC systems.

Users shall not purposely engage in activity with the intent to harass or offend other users; degrade the performance of systems; deprive an authorized VMC user access to a VMC resource; obtain extra resources beyond those allocated; circumvent VMC computer security measures or gain access to a VMC system for which proper authorization has not been given.

Users are requested to report any weaknesses in Valley Medical Center computer security, or any incidents of possible misuse or other violation of this agreement by sending electronic mail to networksecurity@valleymed.org.

All passwords must be disclosed to an employee’s supervisor upon request.

Employees should not assume that any message transmitted through or stored on electronic communication systems is confidential. The use of passwords does not guarantee confidentiality.

Any electronic communication system hardware provided by Valley Medical Center, including computers, are VMC property. All messages composed, stored, sent, or received on these systems are and remain the property of VMC. They are not the private property of any employee. VMC reserves and intends to exercise the right to review, audit, intercept, access and disclose all messages/documents created, received, stored or sent over electronic communication systems for any purpose. The contents of electronic communications may be disclosed without the permission of the employee.

Any noncompliance with these requirements will constitute a security violation and will be reported to the user’s manager, and may result in disciplinary action, up to and including suspension or termination. Violators of this policy will be subject to discipline, up to and including discharge. Additionally, violations may result in civil action or criminal prosecution, as appropriate.