GUIDELINES
1) Personnel records and information fall within the scope of the University Policy HR-36 “Confidential Information”. Use of this data is also limited by the University Policy VPERSG-9 “Policy Concerning the Protection of Personal Information” and An Act respecting access to documents held by public bodies and the Protection of personal information, R.S.Q. c. A-2.1.
2) Records in IDSS may be accessed by users only for defined purposes for which access to IDSS was issued, e.g. course assignment. Any use for any other purpose, including but not limited to a personal purpose, is prohibited.
3) Access to IDSS will be supplied by the Instructional & Information Technology Services(IITS) to specified individuals in a unit. In the event of a change of personnel or work assignment(s) that require changes to access privileges, the IITS must be promptly notified, via e-mail at: help@concordia.ca, in order to modify or delete the account.
4) Passwords should be memorized and must never be given to another individual. If passwords are written down, they should be stored in a locked and secure place.
5) Once a computer is logged onto IDSS, the user may not leave it unattended.
6) Any records that are printed from IDSS must be kept in a secure place or they must be promptly shredded and discarded. If records are not shredded, then they must be disposed of in a secure fashion (i.e. compacted and clearly identified).
7) Approval must be obtained from an employee’s unit head and the Instructional & Information Technology Services(IITS) prior to any and all disclosure of personnel records and/or information contained in IDSS where such a disclosure is not required in order to carry out said employee’s duties.
8) Any apparent mishandling of information contained in IDSS must be reported to the IITS. Abuse or negligence in handling information contained in IDSS will result in the withdrawal of access privileges, cancellation of the account and appropriate disciplinary measures.
9) The actions of each user on IDSS are logged. System administrators reserve the right to view user actions at any time.