The City University of Hong Kong (CityU) recognises the importance of information technology (IT) in teaching, learning, research and administration. Various IT service providers within the University provide and manage an extensive range of IT services and resources. Improper use of these resources, whether unintended or not, can have significant negative consequences for the University and its community. The use of IT services and resources is therefore governed by a set of CityU policies, principles, and regulations (including this document), the laws of the Hong Kong Special Administrative Region (hereafter “HKSAR”), and the laws of other countries where the IT services and resources are provided or hosted, or where users are located. Use of CityU IT services and resources is a privilege, not a right.
The following principles and policy statements must be by all users of CityU IT services and resources including students, staff, alumni, contractors, retired staff, applicants, guests, visitors and any other persons who have been given access to the IT services and resources. By accessing the IT services and resources, users agree to comply with all applicable regulations (see Section A).
This document provides the framework for a set of policies and regulations (see Section G). In formulating these principles and regulations, the University relies on a set of guiding principles, which users must adhere to. Non-adherence will be considered as improper use of CityU IT services and resources.
Users of CityU IT services and resources:
- must act responsibly and in consideration of the rights of all others affected by them;
- must not harm any internal or external individuals or become a nuisance to them;
- must not harm the property or reputation of the University;
- should recognize and understand the ownership of these services and resources and not violate the corresponding ownership rights;
- should report any improper IT service or resource uses by other users;
- recognize the University’s right to assure proper function of IT services and resources, even if this negatively impacts individual users or groups of users;
- recognize the University’s right to enforce proper use behaviours, respond to violations, and impose penalties for improper use;
D. Policy Statements
- Users are given Electronic ID or login accounts (hereafter collectively “EID”) to access the relevant IT services and resources. Users will be held accountable for all activities performed under their EID. Users are therefore responsible for the safeguarding of their EID and its corresponding password(s).
- To safeguard the University operations, users may be asked to change their passwords regularly, or in urgent cases (e.g. hacker compromised EID) immediately and without delay.
- IT service and resource users must not interfere with the work of others or alter the integrity of the IT services and resources.
- CityU IT services and resources are provided for academic uses (teaching, learning and research) and administrative uses, on the strict understanding that they are to be used solely for the University’s intended purposes (i.e., teaching and learning, administrative activities, operations).
- Users are expected to use electronic communication (email, messaging, web content, social media, etc.) in an ethical and responsible manner and in compliance with general guidelines based on common sense, common decency, and civility applicable to the networked computing environment.
- Users must use the IT services and resources responsibly and adhere to the mission of the University.
- Users must not use CityU IT services and resources for any unauthorised purposes such as conducting commercial activities for unauthorised financial gains.
- Users must not use CityU IT services and resources for illegal purposes.
- Users must observe the Crimes Ordinance and neither attempt to gain unauthorised access to data or information, nor breach any security measures imposed on any of the IT Resources. Any violation on using such IT Resources may be reported to the related law enforcement agencies.
- Users must observe the Copyright Ordinance. Software or electronic contents without proper license are not allowed to be stored or used in the IT Resources. Any such violation may be reported to the related law enforcement agencies.
- Users must adhere to the Personal Data (Privacy) Ordinance in all activities involving collection, processing, use, and proper disposal of personal data. Any violation of the Ordinance will be reported to the Data Protection Officer of the University.
- Individual IT Resources, due to its specific application or environment, may have additional regulations which users must also observe.
- Users agree that the respective IT Service Providers, entrusted by the University to maintain the health and proper use of the IT Resources, have the right to inspect, monitor, remove, block or disclose any data or information either stored or communicated via the IT services if there is compelling evidence of (i) violating either the policies and regulations of the IT Service Providers or any applicable laws and regulations from all applicable jurisdictions, or (ii) adversely affecting the normal functioning of the IT services or normal use of the IT Resources.
- All users and departmental IT service and resource providers have the responsibility to report to Central IT on any non‐compliance of the prevailing IT Policies and Regulations as soon as possible. Central IT will treat all such non‐compliances as IT incidents so that they can be reviewed in a timely manner, and corresponding preventive measures, if any, be adopted.
Failure to comply with the IT Polices and Regulations may result in immediate suspension or termination of access to some or all IT services and resources provided to the non-compliant user. Suspension or termination may occur without prior notice and will only be lifted or revoked after remedial action has been taken to the satisfaction of the IT service provider(s), and if necessary, of the respective line management. Any user who is alleged to have violated any policy or regulation may be subject to further disciplinary action if any, in accordance with the University’s disciplinary procedures. Central IT and/or respective IT service providers may impose penalties when deemed necessary, independent of any disciplinary procedures the University might invoke.
F. Terms and Definitions
- Central IT
Central IT consists of the Office of the Chief Information Officer (OCIO), the Computing Services Centre (CSC), and the Enterprise Solutions Office (ESU)
- Teaching Studios and Classrooms
Areas inside teaching studios and classrooms on CityU campus, or the surrounding space in which IT Resources are provided.
- Data Custodians
Data Custodians define, implement, and enforce data management policies and procedures within their specific subject area and business domains; these include mainly the various University administrative offices.
- Electronic University Data
Electronic University Data refer to all data and information collected, maintained, or used in the University's information systems.
- IT Services
IT services include a range of services provided via the University’s and related IT Service Providers’ computers and communication networks, including for instance Email services, web hosting, data storage, resource booking, online library access, or online printing/copying.
- IT Resources
IT Resources include various IT services, manpower, information, data, and facilities to support the teaching, learning, research, and administrative activities at CityU.
- IT Service Providers
IT Service Providers include various University departments and offices, including Central IT and their selected solution providers, that provide and manage IT Resources or Facilities.
- Email Services
The Central IT offers the following Email Services:
a. Staff Email Services
b. Students Email Service
c. Alumni Courtesy Email Service
i. @my.cityu.edu.hk (currently used)
ii. @alumni.cityu.edu.hk (legacy, no longer issued)
d. Retired Staff Courtesy Email Service
e. Google Suite for Education (@gapps.cityu.edu.hk)
i. By application only for Staff & Students
- Obsolete Email Services
The following email domains are no longer used by CityU:
G. Related Policies and Regulations
This document, the Policy on Use of IT Services and Resources, is only part of the University’s set of policies and regulations governing IT use. The complete set includes also the following specific regulations:
These IT Policies and Regulations may be revised from time to time as necessary without prior notice.
- Electronic Mail Regulations
- Mass Communication and Social Computing Regulations
- Campus Network Regulations
- Electronic University Data Regulations
- Teaching Studio and Classroom Regulations
H. Contact Information
For questions about this document, please contact the Office of the Chief Information Officer (OCIO) at firstname.lastname@example.org.