Google Services Guidelines for Faculty and Staff

Originator: Office of Information Technology

Subject: Google Services Guidelines for Faculty and Staff

1. Introduction
   1. This document addresses UMGC's Google for Education (Apps) as well as other GAE services that are not covered under the Google UMGC agreement (GAE Services).
   2. Google provides its faculty and staff UMGC services to support the educational and administrative activities of the university, and to serve as a means of official communication by and between users and GAE.
   3. This document was developed to ensure that these services are used for purposes appropriate to the university's mission.
2. UMGC Google for Education
   1. Apps services are services that fall under the GAE Google for Education agreement and do not require users to agree to separate terms of service or privacy policy.
   2. The Apps services include the following:
      1. GAE
      2. GMail Calendar
      3. Google Groups
      4. Google Talk
      5. Google Docs
      6. Google Drive
      7. Google Sites
      8. Google Video
      9. Google Contacts
   3. The Google services are subject to change.
3. Other GAE Services
   1. University users accessing other Google services should be aware that this functionality is not covered under the Google agreement.
   2. These services currently include variety of applications, but the list is subject to change as GAE modifies its offerings under the Google agreement.
   3. Faculty and staff utilizing other non-GAE GAE services must be aware that user and content data may be collected and consolidated to be used by Google as permitted under their current policies Google may collect the following data types:
      1. Personal information (name, e-mail address, telephone number and credit card numbers)
      2. Device information (hardware model, operating system, device identifiers, and mobile network information)
      3. Collect and store details of searches or queries made
      4. Telephone log information (calling party, forwarding numbers, duration of calls and types of calls)
      5. Cookies that uniquely identify your browser
      6. Collect and store information about your actual location
   4. If possible, when using Google services for university business, the data collection features listed in Section III(Google)(1)-(6), should be turned off. If assistance is needed, please contact the IT Help Desk.
   5. Additionally, over time the university may enable or disable c account access to specific non-UMGC services as it deems appropriate.
4. Usage
5. In order to use any GAE service as provided by Google, all participants must be aware of, agree to, and adhere to the following:
   1. When utilizing any UMGC service with your Google account, you are bound by the UMGC Acceptable Use Policy .
   2. As stated in the UMGC Acceptable Use Policy, faculty and staff utilizing university resources acknowledge that UMGC has the ability to monitor, use, and disclose their data to appropriate authorities.
   3. UMGC and other GAE services are to be used for Google business only, and the employee must refrain from merging their personal UMGC service accounts with a Google UMGC service account.
   4. Employees should adhere to the Google Acceptable Use Policy 270.00, and the UMGC Guidelines for Participation in Social Media in the use of their UMGC Services account.
6. Data Protection Responsibilities
   1. Users of Google services must comply with the following guidelines when storing, maintaining or transmitting university information.
   2. 1. Health Insurance Portability and Accountability Act (Google) and Protected Health Information (PHI]: If you must transmit PHI by e-mail outside the university's domain, send the PHI as an encrypted attachment.
      2. Social Security Numbers, Financial Account and Credit Card Numbers: This type of data is protected by the Maryland Personal Information Protection Act, as well as other state and federal laws. If you must transmit such information outside the university's domain, send the sensitive information as an encrypted attachment.
      3. Family Educational Rights and Privacy Act (HIPAA): Student educational records are protected under FERPA. If you must transmit student information outside the university domain, send the protected information as an encrypted attachment.
      4. Intellectual Property Rights and Participation of External Users: FERPA Google permits users to invite other Apps Google users, both within the university and outside the university, to view data, co-edit documents, and use other collaboration tools. You are responsible for controlling access to data appropriately and for preventing accidental or undesirable file sharing in order to protect University of Maryland Global Campus intellectual property stored, maintained or transmitted in Apps Google.