IT-regulations

This regulation applies to students and employees at HVL, as well as others who use HVL's IT facilities.

Goal

The IT regulations aim to:

  • Enhance IT and information security.
  • Ensure that you, as a user of the university's systems and services, are aware of the rules you need to adhere to.
  • Promote a positive culture in the use and management of HVL's IT systems and services.

Area of operations

The IT regulations apply to students and employees at HVL, as well as all others who use the university's IT facilities.

By IT facilities, we mean machines, end-user equipment, mobile devices, networks, software, data, and other resources provided by HVL. The IT regulations also apply to private equipment that contains or has access to HVL's data. The regulations supplement Norwegian laws and other national regulations and rules that are relevant.

Guidelines for acceptable use

As a user, you are required to:

  • Follow the guidelines set by the system or service owner for the use of IT facilities or software.
  • Adhere to guidelines for handling personal data and the management of information subject to confidentiality or exempt from public disclosure.
  • Follow guidelines for ensuring IT and information security.
  • Comply with guidelines and directives given by the IT service.
  • Keep personal passwords, PIN codes, etc., confidential and not provide others with access to personal user accounts.
  • Prevent unauthorized access to IT facilities, software, or information.
  • Report deviations and security breaches, such as theft, damage, or unauthorized access to IT facilities, software, or information.
  • Take responsibility for retrieving personal data/information within specified deadlines upon termination of employment, student status, or user account.
  • Exercise caution when using unknown storage media and when opening emails.
  • Return HVL's equipment, software, and data upon termination of employment, student status, or user account.
  • Delete emails and files from personal user accounts upon termination of employment, student status, or user account.
  • Report violations of the IT regulations.

As a user, you are not allowed to:

  • Attempt to gain access to IT facilities, software, or information without authorization.
  • Engage in any activities that modify the functionality, impair the capacity, or compromise the security of IT facilities without authorization.
  • Use IT facilities or software for commercial purposes without authorization.
  • Use IT facilities to transmit offensive or illegal expressions/material.
  • Use IT facilities to express personal opinions on behalf of HVL or present personal opinions in a manner that may be confused with official statements/information.
  • Engage in activities that violate intellectual property rights, such as making protected materials available to others or copying such materials.
  • Install or use software in violation of licensing rules.
  • Install, distribute, or use software that may cause harm or be detrimental.
  • Download or install software on HVL's IT facilities without authorization.
  • Attempt to identify or exploit security vulnerabilities without authorization.

Ethical guidelines for the public service must be followed when using HVL's IT systems and services.

Knowledge requirements

As a user of HVL's IT facilities, you are obligated to stay informed about the current IT regulations and any additional guidelines. You are also required to familiarize yourself with user guides, documentation, and other guidelines and directives provided by the IT service at HVL.

Data storage at HVL

Click here for detailed information about data storage at HVL.

Control

As a user of HVL's IT facilities, you should be aware that the use of IT facilities may be logged/monitored. This is done when necessary to maintain daily operations or protect other interests at HVL.

Inspection of logs, emails, and personal user accounts in the IT facilities you have access to may be conducted when there is reason to suspect a violation of HVL's rules, obligations, and responsibilities (according to the Personal Data Regulations, Chapter 9).

After the termination of your employment, student status, or user account, any data that you have not removed may be deleted.

Sanctions

Violations of this IT regulation may result in denial of access to all or part of the university's IT facilities for a shorter or longer period of time.

Additionally, violations of the regulation may lead to sanctions under other rules, such as disciplinary measures under the Civil Service Act, warnings or exclusion from studies and examinations under the University and University College Act, liability for damages, criminal liability, and other measures in accordance with the Act on State Employees (Chapter 3) and the Personal Data Processing Act (Chapter 8).