IT & USF Health Computing Policies
Information Systems
  1. Introduction
  2. USF Health Policies
    1. Computer Account Policy and Agreement
      1. Computer Account Policy
      2. Computer Account Agreement
    2. World Wide Web Policy and Guidelines
    3.     USF HIPAA Security Rule Standards
    4.     Network Policy
      1. Electronic Mail
      2. Network Attachment and Remote Access
      3. Network Establishment and Server Operation
      4. Software Integrity
      5. Procedures   
  3. USF Health Information Technology Policies and Procedures
    1. Support Policies
      1. The Scope of  HSC Health IT Support
      2. How to Request Assistance and Find Solutions
      3. How Requests are Prioritized
      4. What Hardware is Supported for USF Owned Equipment
      5. What Software is Supported for USF Owned Equipment
      6. “Loaner” Laptop Program
    2. Web Page Security Policy
      1. Database Access from the Web
    3. Data Backup Policy
    4. Training Policies
    5. Teleconferencing Policies
    6. Storage Array Network (SAN) Storage Allocation Agreement

Introduction

The USF Health and USF Health IT policies and procedures are meant as a supplement to the State and University policies and procedures. They are designed to further define and clarify those resources and systems under the control of USF Health, and, in some cases, go beyond the University's standards. USF Health policy is to comply fully with those policies set down by the State and University. 

There are several basic reoccurring principals that can be summed up as follows:

Every user and device utilizing the USF Health computing facilities must do so in a manner that maintains the integrity and well being of the entire USF Health networking environment. This includes using proper authentication and secure connectivity, properly secured workstations and servers, using proper virus protection, and restrictions on the use of programs and services in a manner that may adversely affect the network and other users.

USF Health networking and computer facilities are to be utilized for the purpose of university academic, research, and business functions. Any utilization of the USF Health computing environment not meeting this criteria is in violation of this policy.

Top of Page

USF Health Policies

USF HEALTH COMPUTER ACCOUNT POLICY & AGREEMENT

Overview

USF Health Computer resources and infrastructure are maintained to support USF Health academic, research and business functions. Any use of these resources for any other purpose, or any activity that directly or indirectly inhibits this purpose, is prohibited. Anyone using USF/USF Health equipment or systems must comply with applicable USF, USF Health, state and federal regulation. Failure to will subject the violator to possible administrative, civil and criminal penalties.

Top of Page

COMPUTER ACCOUNT POLICY

Computer accounts are provided to the faculty, staff, students and designees of USF Health. Such USF Health computer accounts provide access to Email and other information resources provided by USF Health. These accounts are for use only in relevant academic research, educational pursuits, and for USF business. They are not to be used for the pursuit of personal interests or gain. They are not to be used in any attempt to gain access to information or resources other than those for which the holder is specifically designated. Only the person to whom the account is assigned may use the account for any purpose. It is the responsibility of the account holder to keep his or her account secure and access information (password, etc.) secret. It is the responsibility of the account holder to safeguard information and resources entrusted to them, and to guard against the introduction of computer viruses to the USF Health network systems by ensuring that anti-virus software is installed aand up-to-date on all computers used to access the USF Health network. The USF Health Information Technology Department (USF Health IT) will, upon receipt of an account request, authorized by an official designee of one of the USF Health Colleges and/or Departmental units, create one or more computer access accounts. The individual named in the request will be granted specifically designated access privileges (so long as that individual has not had their account terminated in the past without reinstatement under the terms of this policy.) It is the responsibility of the authorizing agent to determine the appropriateness of granting these access rights. Once granted, the account holder is expected to abide by all laws of the United States, and the State of Florida that may pertain to the use of this account. In addition, they are expected to abide by all University of South Florida policies that may pertain to the use of this account. These may be found in full at the USF General Counsel web site: http://usfweb.usf.edu/ogcweb/

Below are several links of particular interest that should be reviewed by all USF Health computer account users:

Although not all-inclusive, following is a list of some of the most prevalent misuse issues that we have seen:

  • Personal use of University resources
  • Sharing of access IDs and passwords
  • Offensive content in email or web pages
  • Chain Letters
  • Commercial use of University resources
  • Spamming (unsolicited mass mailings)
  • Spoofing (misrepresentation of your identity)
  • Harassment
  • Hacking (attempting to breach security of University or external computing resources)

Upon detection of a breach of these policies one or more of the following actions will be taken, depending upon the nature of the breach:

  1. Appropriate offices will be notified of the infraction and USF Health IT response. Such offices will take action in accordance with USF/USF Health policies and procedures in determining suitable action.
  2. Access to computer accounts involved and any other accounts held by the offender may be suspended without notification.
  3. Access to the network by one or more computers used in certain types of security breach may be disconnected.
  4. The University Police will be notified of any suspected criminal activity.

Reinstatement of accounts and reconnection of any disconnected data lines will require specific approval from the offender's department head and the Chief Information Officer. In some cases additional review and approval may be required.

Requirements on Users and Network Attached Devices under HIPAA

As the USF Health computer network provides services to the designated covered component (under the Health Insurance Portability and Accountability Act (HIPAA)) it is the responsibility of all USF Health computer account holders to comply with USF Health policies and guidelines in order to comply with federal laws governing the confidentiality of Electronic Protected Health Information. Workstations and other devices attached to the USF Health network must also comply with HIPAA requirements for identification and authentication procedures. This includes "workstation security" that ensures basic levels of software patching, virus protection and restriction of known security vulnerabilities. Workstation attaching to the USF Health network may be automatically updated as necessary to insure compliance to these mandates.

Generic account Policy

 

USF Health IT will create one generic account per department, or authorized Center upon the Chair’s, or Center head’s request.  The account must follow a format of the department’s name (i.e.  Internal Medicine@health.usf.edu or Surgery@health.usf.edu, or Ctr_InnovationandTransformation@health.usf.edu. 

 

The accounts need follow the below parameters:

 

·        Each account operates under the personal responsibility of the requesting chair or center head.

·        Each account may be shared and used by no more than three department or center staff members.  These staff members names will be kept in an IT database at all times to insure accountability and integrity.

·        Senior administration will determine on a case by case basis whether a center is authorized for this type of special account.

·        These special generic accounts may be terminated in case of misuse with warning, however should for example a center lose its privilege of having a generic account, USF Health IT guarantees to forward mail for one year to a single staff member (that was not involved in the previous misuse) account, for business continuity reasons.

·        Users sending mail via this account should always include their own personal signature and the phrase “sent on behalf of”

 

Cell Phone Policy

 

Prologue:

Like most IT shops, USF Health IT maintains finite lists of supported software, hardware, services and platforms.  We use our limited staffing and training resources to support certain “standards”, for example Dell computers, but not Sony, Gateway or Hewlett Packard’s; Microsoft Office (but not Open Office) and Microsoft Exchange (but not Lotus Notes or Novell’s Groupwise). Fortunately some technology fields have a solitary choice or only a few choices to select as standards.  In these cases IT tries to support all of them.

 

However in some technology areas, like data cell phones, there are hundreds of choices.  Here we cannot fully support all product offerings in a field, and instead use a “best effort” approach if it meets other relevant standards.  For example we will attempt to network support any printer that maintains an IP address and is ethernet compatible, even though there are many hundreds of printers on the market.  We offer the same support for data/cell phones:

 

Policy:

·        We support cell phones that fully comply with “push” Exchange technology, i.e. that they fully and directly support Exchange e-mail, Exchange Calendar and Exchange Contacts, without need for an intervening server or other proprietary methodology. 

·        On devices that do not technically meet these criteria, aka “pull” technologies, and therefore do not interoperate fully with Microsoft Exchange, like the RIM Blackberry, USF Health will provide limited technical advice from a “best effort” point of view but will not be able to fully support the devices.  We will not guarantee that these phones will send and receive email, synchronize calendars and contacts or fully implement other services.  For the Apple I-Phone 2.0, USF Health IS will fully support email, calendar, and contact features.  However for applications on the I-Phone, USF Health IS will only provide limited technical advice from a “best effort” point of view.

 

(Personal Digital Assistants or “PDA’s” are also considered cell phones for this policy, however most PDA manufacturers have discontinued making such a product in 2007.)

Top of Page

 

COMPUTER ACCOUNT AGREEMENT

In accepting this agreement for use of USF Health computer accounts, the account holder agrees to use these accounts only for USF related academic, research, and business purposes, and to abide by all laws of the United States and the State of Florida and the policies of the University of South Florida and USF Health as they may relate to the use of USF computer accounts.
These policies state in general that:

  • The user MAY use these accounts and the USF/USF Health network only for USF/USF Health related academic, research, or business purposes.
  • The user MUST safeguard University information and resources.
  • The user MUST accept the requirements of the HIPAA Security Rule, including allowing up-to-date anti-virus software is installed and running on any machines used to access the USF/USF Health network, including home machines.
  • The user MUST comply with federal laws governing Student and Identifiable Patient Information as required by FERPA and HIPAA.
  • The user may NOT use these accounts or the USF/USF Health network for personal pursuits.
  • The user may NOT use these accounts or the USF/USF Health network for any commercial pursuits.
  • The user may NOT use these accounts or the USF/USF Health network to attempt to gain access to any computing resources, either at USF or elsewhere, which they do not have proper access authorization.
  • The user may NOT use these accounts or the USF/USF Health network to grant others access to any information or resources that they would otherwise not have available to them.
  • The user may NOT use these accounts or the USF/USF Health network in any way that causes interference with other network users or processes.

USF policies may be reviewed via the USF General Council's Web page at:
http://usfweb.usf.edu/ogcweb/

Specifically, the account holder should review these policies:

USF Health computing policies are published on the Information Services web site at:
http://health.usf.edu/it/policies/

Top of Page

USF HEALTH WORLD WIDE WEB POLICY & GUIDELINES

Executive Overview
All web pages published on behalf of official USF Health and University entities fall under the control and copyrights of the University of South Florida. All official USF Health pages must comply with University and USF Health standards for "look-and-feel", operation, and content. All web pages located on state or University equipment are subject to University and USF Health policies and standards. 

Introduction
All web pages published by and/or for USF Health and USF are subject to such rules and guidelines provided here. These rules cover the various aspects of "look-and-feel", operations, ADA compliance, content and subject guidelines, legal requirements for copyright and trademark issues, privacy and security of information, and standards of decency and subject matter.

USF Web Page Standards Link:  http://usfweb2.usf.edu/University-Communications-and-Marketing/marketing/web-services/web-guidelines.asp

USF Health Web Identity Standards Link: USF Health Web Identity Standards

USF General Counsel Link: http://usfweb.usf.edu/ogcweb

Top of Page

USF HIPAA Security Rule Standards

Executive Overview

The University of South Florida and USF Health are committed to the protection of Patient Information and compliance with HIPAA Security Rule regulations. The document below provides the USF & USF Health HIPAA Security Rule Standards. These standards represent the compliance directives for meeting HIPAA regulations.

USF HIPAA Security Rule Standards (PDF)

Top of Page

USF Health Network Policy

Executive Overview
This policy describes the rules and procedures for attaching to and utilizing the USF Health computer network. It recognized the necessity to both manage and control the network infrastructure in order to provide a secure and reliable computing environment within USF Health.

INTRODUCTION (Purpose and Intent)
The purpose of this policy is to define a basic set of rules that USF Health and its related departments shall establish and maintain for the management, use, and protection of the USF Health network and its devices, including workstation-clients and servers. The policy applies to any and all network devices that are part of the USF Health computing environment.

This policy is written as an extension of existing University Policy, specifically the following polices: policy number 0-501 "Using and Protecting Micro-computing Resources"; policy number 0-502 "Appropriate Use of Information Technology Resources"; policy number 0-508 "Information and Communications Security Program"; and 0-511 "Securing Computer Accounts for Terminating Employees". This policy is meant solely to augment these existing campus-wide policies and not meant to replace them or be used in lieu of them.

Further, Florida Statutes, Section 282.318-1984 "Security of Data and Information Resources Technology Act" requires each head of a department to be responsible for ensuring an adequate level of security for all data information technology resources. This "Network Policy" addresses security levels that must be implemented to meet the State Statute and to meet the Federal "Health Insurance Portability and Accountability Act" (HIPAA) on a system-wide basis, but is not intended to supplant the responsibilities of the department heads.

Finally, this policy is to be used as an enforcement tool to meet the campus-wide "Best Practices" document that will be appended to 0-510, and 0-508, and may be amended when that final document is published. This "Best Practices" document will detail specific and technical information regarding proper usage of each Network Operating System (NOS) the University operates. 

STATEMENT OF POLICY
It is the Policy of the USF Health that all network devices, including both multi-user systems, classically referred to as "servers", and single-user systems, classically referred to as "clients" or "workstations" be considered assets to be protected, and as such all administration, faculty, staff and students are responsible and accountable for the systems viability and survivability. This responsibility extends to USF Health Information Technology, as in-place administrators of systems, and includes protection from internal misuse (whether intentional or unintentional) and external abuse. It is Information Technology's responsibility to be aware of known network security defects and to take actions to publicize, correct and eliminate the defects in conjunction with University Policy 0-508 and Policy 0-501. Further it is Information Technology's responsibility through administration of NOS Servers and NOS Clients to take appropriate legal, auditable control steps to protect USF Health assets and information from unauthorized, intentional or accidental disclosure, modification, destruction, denial of service or denial, or misappropriation of said assets.

Information and communication security, being the operational responsibility of the Information Security Manager and Information Security Officers, is to be ensured by following NOS-specific and email application-specific Best Practices. The Best Practices carry the weight and full authority of Policy.

The following details Network Best Practices as of 1/02:

Top of Page

1. Network BEST PRACTICES

Electronic mail (e-mail)

  • All USF Health mail servers are for the specific use of USF Health clients and accounts. As such, the use of USF Health mail servers as mail relays by third party accounts is strictly prohibited.
  • All USF Health faculty, staff, and student mail accounts are required to have a "one to one" relationship with a specific ID and user name. Anonymous or shared accounts not directly tied to an individual's name and responsibility, (i.e. departmental, group or project email accounts) are prohibited. This is a requirement of HIPAA compliance as well. However, "Aliased" accounts, where an existing mail account already tied to a single user's ID is linked to a second generic account, may be approved on a case by case basis.
  • All faculty, staff, and student email accounts are purged every 90 days. This purge deletes all email from the mail server inbox that is both in the Inbox directory and older than 90 days. (User may move their mail to other directories, or their local workstation to avoid purges, or print out their mail to maintain records.) No electronic mail is ever backed up, archived, or restored by USF Health IT. 
  • USF Health IT protects the USF Health electronic mail system and its users by scanning the electronic mail system and preventing "spam" email, (mail that is not solicited, often unwanted by the recipient, and used for outside commercial purposes not related to the University). USF Health IT protects the USF Health electronic mail system and its users by scanning the electronic mail system and preventing viruses and other dangerous files from being sent to USF Health users, or from USF Health users to users outside the USF Health network. This anti-viral effort is a requirement of HIPAA.

E-Mail Forwarding Policy

  • 1)    Third parties

    ·        USF Health IT will forward email to any entity that has a HIPAA Business Agreement in place and current, with USF Health. 

     

    ·        USF Health IT will not forward electronic mail to third party accounts (Gmail, Yahoo, MSN etc) if the entity has not agreed to assume the requirements to conform to HIPAA that USF Health has incurred as a “HIPAA covered entity”.   Proof of liability acceptance must be filed with our Compliance Office and be in writing with signatures from both sides.

     2) Former employees

     

    ·        USF Health will forward mail from a former employee to another management-designated employee solely for business resumption purposes under the below parameters.  (Note: use of individual email accounts for critical departmental business should always be discouraged.  Departmental shared mail accounts (alias’s) are the recommended alternative).

     

    ·        The former employee must either appear in person, or send a written signed letter to IT authorizing someone else receiving email in their name, and sending email in their name.

    ·        The forwarding will be done for a maximum of 90 days.

    ·        The department involved will work with IT at that time to create a generic departmental mail ID so that individuals email accounts are not being used for overall departmental business ongoing.

    Top of Page

 

Network Attachment/Remote Access Policy 

 

·        HSCNet attached customers are prohibited from having private, wireless or peer-to-peer networks operational or installed under any operating system, and from running their own electronic mail, FTP or web servers.  All servers on the HSCNet cabling are required to be running under USF Health IT administration or by their designates due to HIPAA rules and liabilities.   Any user, Department or Center that legitimately needs to run multi-user computer (commonly called a "server") must notify IT (CIO, Asst CIO or Network Services Director) who will assist the customer regarding security hardening, access controls and support.   These users will become “IT designates” and will have best effort support from IT for their server mission

USF Health IT recognizes that customers often need network access from remote sites and will work to provide connectivity wherever feasible and secure.

Top of Page

USF Health Network Establishment and Operation of a Server Policy

In order establish a private or departmental File server on the network; the following six areas need to be adequately addressed. In no case are WEB or EMAIL servers allowed on the USF Health network cable plant that are not managed, housed and maintained by USF Health IT. 

1) Hardware: The group needs to have available a "server-class" computer to put their NOS (network operating system) on. The USF Health IT Standards section of their web site contains the current minimum configuration. It includes items such as…

     RAID 5 drive arrays 
     Multiple CPU's or processors
     Redundant hardware such as fans and power supplies
     UPS protection

2) Software: Network Operating System: Sun Solaris or Windows 2003 and Workstation licenses to handle the number of users both at time of implementation and for future growth. Besides license compliance, USF Health IT also requires anti-viral software that is current, and has a subscription service to maintain its suitability to protect the rest of the network. Backup software to provide protection for data files and users, along with a backup schedule, must also be installed and used on the server.

3) Infrastructure/Connectivity:  Servers will be established on an ethernet jack at 100-megabit speed. This is not what is normally specified for a "workstation" jack and requires special consideration. Some physical locations do not have 100-megabit service available and may require an upgrade in wiring or the purchase of an additional switch at the requester's expense. We will not authorize servers on non-switched ports. Second, special color-coded cabling must be used in the telecom closet to identify that the port is running a server not a workstation. (Red cabling versus yellow) Private or departmental servers shall not connect to the HSCNET domain. Issues such as trust between domains and rights will be determined on a case-by-case basis by USF Health IT.

4) Staffing:  Probably the most important requirement is that the requester commit to putting a server administrator in place. The admin person(s) should be certified in the NOS they are running, or at least have 2 full years' experience running the particular NOS. At least 0.5 FTE should be dedicated to the task. (USF Health IT asks for both 4 years experience and certification for our administrators as a point of reference.). The admin will also serve as point of contact with the Network Services group of USF Health IT. The requester agrees to maintain this level of staffing or to increase it if the need arises.

5) Permissions and Monitoring:  Because of this interaction, permissions, passwords, domain names, traffic, and directory structure need to be discussed with the USF Health IT Networking Director first. IT reserves the right to disconnect any server that does not address all of these areas or which may have potential adverse impact on other network customers. 

USF Health IT has overall responsibility for the network. As such, they run monitoring software, which, will need to access all nodes on the network. 

6) Noncompliance:  It is possible that at some time a Group may become unable or unwilling to comply with the policy for some reason. Should this noncompliance result in the need for intervention for the health and safety of the network or the needs of the group, an appropriate account belonging to the group will be charged at the rate of $50.00 per hour for work required. If the server cannot be brought into compliance, it will be removed from the network. This policy will be reviewed and revised periodically by the appropriate oversight body as technology and the needs of USF Health dictate. 

Top of Page

USF Health Software Integrity Policy

All software on USF Health IT servers shall be installed and maintained by the USF Health IT staff in compliance with the software licensing agreements. All software changes and modifications shall be made in accordance with professional standards of testing and implementation. Software upgrades and changes occur at two levels; base system software (i.e. operating systems, database systems, programming development tools), and end user software (i.e. WordPerfect, Lotus, E-mail software, developed end user programs).

Some software may not be suitable or appropriate for the USF Health Server environment, and its purchase should be discussed in advance with USF Health IT.

Operating system software shall be upgraded and changed at the discretion of the USF Health IT staff in order to maintain current levels of compatibility and functionality.

For user provided software, a copy of the software must be supplied to USF Health IT along with proof of license. Upgrades to such software must, be scheduled by the requestor along with a copy of the upgrade files.

Storage Array Network Policy

USF Health IT provides departments with the ability to purchase additional data storage allocation for their Group (generally the G:) or Video storage drives.

This means that a department may purchase additional disk storage to meet its needs beyond the space normally allocated. The purpose of this option is to provide an inexpensive alternative to having to go out and purchase their own server just for data storage. The agreement is that Information Technology will provide additional departmental data storage based on the cost for the additional equipment in any Storage Array Network or SAN server.

This will provide increased storage allocation in the departmental Group folder based on the number of blocks purchased. The purchase of additional storage blocks will represent a permanent increase in the storage allocation. This increase will not affect the storage allocation on other drives or servers.

As of the writing of this document (9/2007), the current blocks are set at approximately 100 GB (Giga Bytes), which represents the size of the drive to be purchased, which cost $995 per 100 gig.  300 Gigabytes may be purchased at one time at a rate of $ 2.500. This cost will be billed to the department.  (Prices will vary over time as hardware costs fluctuate. )

Upon purchase and installation of the disk drive(s) the department will then have ongoing rights to the amount of space purchased. The disk drive itself, will remain the property of IT and not be returnable or the money refundable once installed in the SAN.

The actual size and cost for the additional storage will be quoted at the time or (of) purchase by USF Health Information Technology.  USF Health I.T. guarantees to provide alternative storage if the drive fails and to back it up nightly, and virus check all data. 

USF Health I.T. further guarantees that this data will be present at the offsite disaster recovery (DR) site in Louisville, Kentucky and loaded and available in case of local disaster at the DR site.The costs are a one time purchase, no further or ongoing charges will be incurred by the department in subsequent years. In case of drive failure, USF Health IT will replace the drive at their costs.

 

Top of Page

PROCEDURES

USF Health Information Technology will maintain the network to meet this policy or others that are applicable. As with all policies, exceptions may need to be made for business reasons, including temporary and permanent exceptions. The monitoring of these exceptions, and prevention of exception abuse shall further be the responsibility of the direct end-user, their department head and the USF Health IT department.

USF Health E.V.E.N.T.S Policies and Procedures

              I.      Policy – Only content directly related to University events, promotions, activities. USF Health Computer Resources and infrastructure are maintained to support USF Health academic, research and business functions may be placed on the EVENTS system.

 

Any use of these resources for any other purpose, or any activity that directly or indirectly inhibits this purpose, is prohibited. Anyone using the USF/USF Health EVENTS system must comply with applicable USF, USF Health state and federal regulation. Failure will subject the violator to possible administrative, civil and criminal penalties.

 

      II.      Guideline – Content should be appropriate to the audience that sees it as well as appropriate use of time and will be regulated by local administrator of location.

    III.      Roles –

a.      IT – administrators

b.      ASK IT – training

c.       Local department head (designated by dean) for each location

   IV.      Accounts – will be created using current account request and approval procedure using online form and authorized signer.

     V.      User agreement

In accepting this agreement for use of USF Health computer accounts, the account holder agrees to use these accounts only for USF related academic, research, and business purposes, and to abide by all laws of the United States and State of Florida and the policies of the University of South Florida and USF Health as they may relate to the use of USF computer accounts.

 

These policies state in general that:

 

·         The user MAY use these accounts and the USF/USF Health network only for USF/USF Health related academic, research, or business purposes.

·         The user MUST safeguard University information and resources.

·         The user MUST accept the requirements of the HIPAA Security Rule, including allowing up-to-date anti-virus software is installed and running on any machines used to access the USF/USF Health network, including home machines.

·         The user MUST comply with federal laws governing Student and identifiable Patient Information as required by FERPA and HIPAA.

·         The user may NOT use these accounts or the USF/USF Health network for personal pursuits.

·         The user may NOT use these accounts or the USF/USF Health network for any commercial pursuits.

·         The user may NOT use these accounts or the USF/USF Health network to attempt to gain access to any computing resources, either at USF or elsewhere, which they do not have proper access authorization.

·         The user may NOT use these accounts or the USF/USF Health network to grant others access to any information or resources that they would otherwise not have available to them.

·         The user may NOT use these accounts or the USF/USF Health network in any way that causes interference with other network users or processes.

 

   VI.      Ongoing Admin role – There is a formal grouping of local administrators who will meet monthly to discuss content, policy and procedure.

   VI.      Time distribution – default

     1 hour total loop

a.      Six 10 minute play lists

i.        8 local / 2 admin

ii.      8 local / 2 admin

iii.    7 local / 2 admin / 1 communications

iv.     8 local / 2 admin

v.       8 local / 2 admin

vi.     6 local / 2 admin / communications / 1 Information Technology

vii.   5 seconds of each play list brought to you by IT/COMM

VIII.      Time distribution – emergency

Use of system can be interrupted at anytime for Emergency notification by the Administration (Dean’s offices), the Office of Communications, and Information Technology. These interruptions of default content play will mainly be to announce inclement weather, premise safety hazards, infrastructure emergency, communication systems service crises or other emergency event.

 

 

Top of Page

USF Health IT Policies and Procedures

SUPPORT POLICIES

The Scope of  HSC Health IT Support


Who is considered a USF Health IT Customer?
Faculty, staff and students that have a valid USF Health network account are considered customers of USF Health IT.  Having this account gives access to many services and resources within USF Health IT.  Some of these services include:
 •  Access to phone technical support through the USF Health Help Desk.
 •  Access to participate in free technical training classes.
 •  Access to the wireless and wired network.
 •  Access to software downloads from the USF Health IT website.What equipment is supported?
USF Health IT primarily supports Windows-based PC’s with Dell being the preferred vendor for purchasing computers.  Support is also offered on Macintosh operating system 10.0 or greater.  To read specific information on the equipment and operating systems that are supported, please refer to the hardware standards web page found here:   http://health.usf.edu/is/standards/hardware.htm
Technical support requests for research-specific / specialized computer equipment is handled on an individual basis.  If vendor installation and support services are available for specialized equipment, it is recommended that these services are negotiated and purchased with the equipment.  Otherwise, USF Health IT will make a “best effort” attempt to install and troubleshoot specialized equipment and will dedicate a reasonable amount of time in working towards a resolution. 


Is there support for Non-USF owned equipment?
Faculty, Staff, and non-mandated student personally owned computers
USF Health IT can assist faculty, staff and students with setting up on-campus wireless connectivity, Outlook email configuration, installation of McAfee Virus scan and installation of SecureRemote VPN software.  All of these items are available for download and installation from the USF Health Downloads webpage found here:  http://health.usf.edu/is/download/index.htm .  If faculty, staff or students should experience hardware difficulties with their personally owned computers, it is recommended that the equipment be taken to the vendor of purchase to resolve the issue.  Hardware technical support can be obtained by contacting the USF Computer Store:  (813) 974-1779.
College of Medicine Students with recommended model of Mandated Laptops
Students who have purchased the recommended Dell computer will receive the following services:
•  Dell certified technicians that can expedite warranty replacement orders and provide a full range of hardware and software support.
• Access to technical support via the IT walkup window.
• Availability of loaner machines should your computer require on-site service.
Our in-house technicians are Dell Certified giving the advantage of familiar diagnostic tools, software updates, and the ability to order and install hardware in as little a time frame as next day service.
College of Medicine Students without the recommended model of Mandated Laptops
Equipment purchased that does not meet the mandate will be supported to the level of the Student Support Specialist’s discretion and will be referred to the place of purchase should there be hardware issues.

Top of Page

How to Request Assistance and Find Solutions

USF Health IT Knowledge base
Access to the USF Health IT knowledge base can be found on this website: https://footprints.health.usf.edu/   .  At this site, a key word search function is available to find solution to questions encountered while printing, using various software packages, or attempting complete computing tasks.
Web Portal for Self-Submission
Access to self-enter a technical support assistance request is also available on this website: https://footprints.health.usf.edu/ .  Click the “Submit Requests” button and fill out the web form describing the question or issue that you have and click “submit”.
Email for Technical Assistance
Assistance can be requested by sending an email to support@health.usf.edu .  The email will automatically be turned into a request ticket and the Footprints help desk software will send an email to confirm that the request has been received and entered.
Call the USF Health IT Help Desk Phone Line
To receive telephone technical support, please call 974-6288 (press option 2).  A Help Desk technician will gather contact information and document the technical issue.  If appropriate, the technician may verbally guide a person to the solution or use remote desktop technology to see the screen of the computer experiencing the problem and correct the issue without ever having to come to an office to address the issue.

Top of Page

How Requests are Prioritized

Order in which we receive requests
All technical support requests are entered into the USF Health IT request tracking software called “Footprints”.  Tickets are auto-documented with the date and time that the request was made.  All requests are resolved in the order in which they are received with some consideration for proximity of tickets request locations.
Nature of the technical difficulty
A high priority is give when technical difficulties occur during the course of instruction or when giving a presentation.  Also, a higher priority is given when users’ computers are completely down and unusable.
Maintenance
Request or projects that are considered maintenance are given the lowest priority.  These tasks are often completed at off-peak times to minimize time impact to higher priority tickets.

Top of Page

What Hardware is Supported for USF Owned Equipment

Preferred vendor
The preferred vendor for computer equipment is Dell.  The USF Health IT support staff are all Dell certified which gives the support staff the advantage of familiar diagnostic tools, software updates, and the ability to order and install hardware in as little a time frame as next day. Faculty, staff and students purchasing Dell equipment can expect a higher quality of support, quicker resolution times, a reduced total cost of ownership for the life of the computer, and access to warranty replacement parts.  To read specific information on the equipment and operating systems that are supported, please refer to the hardware standards web page:  http://health.usf.edu/is/standards/hardware.htm
Non-preferred vendor
Equipment that is purchased from another vendor will receive software support as defined in the “Software Support” section.  Should there be technical difficulties with the hardware of a non-preferred vendor; the equipment will need to be returned to the vendor or service center for assistance.
Specialized equipment for research
Technical support requests for research-specific / specialized computer equipment is handled on an individual basis.  If vendor installation and support services are available for specialized equipment, it is recommended that these services are negotiated and purchased with the equipment.  USF Health IT will make a “best effort” attempt to install and troubleshoot specialized equipment and will dedicate a reasonable amount of time in working towards a solution. 
Smartphone / PDA
Cell phones that fully comply with “push” Exchange technology, i.e. they fully and directly support Exchange e-mail, Exchange Calendar and Exchange Contacts, without  need for an intervening server or other proprietary methodology are supported.   On  devices that do not fully with Microsoft Exchange, like the RIM Blackberry, USF Health will provide technical advice on a “best effort” basis.
Apple iPhone
The Apple iPhone is fully supported for connecting to the USF Health Network, and conducting Microsoft Exchange Contacts, Calendar, and Email functions. The 2.0 update is required for 1st generation iPhones to connect to the USF Health IS email systems. 3rd Party software purchased for the iPhone from the Apple Store are not supported.

Top of Page

What Software is Supported for USF Owned Equipment

Standard Support Software Packages
USF Health IT primarily supports Microsoft business software with Office 2003 as the office productivity software most frequently used.  Support is also offered on some Macintosh software packages.  To read specific information on software that is fully supported, please refer to the software standards web page found here:    http://health.usf.edu/is/standards/software.htm 
Limited Support Software Packages
Technical support requests for specialized software are handled on a “best effort” basis and staff will dedicate a reasonable amount of time in working towards a solution.  Often times, USF Health IT can install the software for use, but may not be able to answer specific question on operation of the software.  If the software is unique to a vendor’s hardware product or is not often found on campus computers, vendor support services are recommended to be negotiated and purchased with the software. 
Formatting Computers
Data stored on customer’s computers is very import to USF Health IT support staff.  Formatting a computer is always done in cooperation with the customer.  When a computer does need to be formatted, USF Health It staff will:
• Work with the primary person responsible for the computer to identify the location of user data and direct the user on how to backup the data.  If the customer chooses, the technician will back up the data for them.
• Provide a “Permission to Format” sheet that specifies what USF Health IT will do to the computer and what is required of the customer.
• Reinstall any appropriated licensed software.  This does included department or individually purchased software as long as the media is provided and the license is legitimate.

Top of Page

"Loaner" Laptop Program

The College of Medicine has purchased several “loaner” laptop computers with the intention of providing short-term laptop loans to College of Medicine and School of Physical Therapy students.  These laptops are loaned to students when technical difficulties arise with their Dell mandate computers.  Students are given a loaner computer to use when their Dell mandate computer is checked in for on-site repairs. 

Top of Page

USF Health IT Web Page Security Policy

Executive Overview
The purpose of this policy is to provide guidelines to ensure the security of USF Health Web Servers. Since certain processes may be used to introduce security holes, this policy provides some restrictions as to what functions may not be performed without permission and review of the USF Health IT department

Top of Page

Database Access From the Web

USF Health Information Technology department does not provide support for personal or departmental database access via any of the USF Health public Web Servers. This means that Web forms running on HSCPrime, HSCEducate, or other USF Health IT supported servers will not be able to connect to any personal or departmental databases. 

Note: The reason for this policy is the issues involved in regulating access to divergent databases in a Web environment. At this time there is no means to provide security for databases not under the direct control of the USF Health IT staff. USF Health IT will provide technical assistance to customers who wish to Web enable their database applications. However, the customer must provide their own Processor, Web Server, and Database software, which will remain the responsibility of the customer/department to purchase, setup, and maintain.

Top of Page

USF HEALTH IT DATA BACKUP POLICY

Executive Summary
USF Health IT performs nightly backups of the files on the servers that it administrates. These backups are for the purpose of a server recovery and can in many cases be used to restore individual files and directories. However, this does not mean that all information is backed up or can be restored, as this process is dependent on many things.

USF Health IT does not backup any user workstations. It is the users responsibility to backup any necessary files on his/her own workstation.

Policy
USF Health IT performs a nightly backup of all of the USF Health IT managed servers. The primary purpose is to maintain the ability to restore a failed server and to be able to restore user data files and directories. However, the ability to restore information to a specific time or some type of partial information will be dependent on the particular situation. Also, while permanent copies of backups are retained it may or may not comply with the states' record retention laws as there is no way for USF Health IT to determine what user information may fall into this category.

Further definition and clarification of policy:

  1. Databases generally require a different procedure to properly backup and restore. The user cannot just make a copy of the files and expect to be able to use them to restore the information. Please follow database procedure for making backup copies of user databases.
  2. Databases managed by USF Health IT are backed up on a daily basis.
  3. Email is not backed up on any USF Health IT server. It is the users responsibility to make backup copies of any email, which may fall under the state or federal retention laws.
  4. The user is responsible for backing up information that is maintained on his/her own workstation. For servers not maintained by USF Health IT, it will be the responsibility of the server administrator's to maintain proper data backups.

Top of Page

USF Health IT Training Policy

Executive Overview
The USF Health Information Technology provides free computer classes to all faculty, staff and students of the USF Health. These classes offer training in the Microsoft suite of products: Access, Excel, FrontPage, PowerPoint and Word; Netscape's package: Calendar, Composer and Messenger; various multimedia tools: scanning text and graphics, digitizing audio, video and images, creating CDs and DVDs, streaming PowerPoint and video;  and other topics relevant within USF Health.

USF Health Information Technology Training
USF Health IT classes are open and free to all faculty, staff and students of the USF Health including USFPG.

A course catalog, describing course content, and containing a schedule of classes is located on the USF Health IT web site. The locations of the classes are stated in italics. Classes will be held in MDC 1055, USF Health Library classes will be held on the 2nd floor, College of Public Health in room 1038B. Some training classes will be held at the University Professional Center in room UPC 420, Davis Island, Children's Research Center, the Bayboro Campus and the Turley Family Health Center, upon request. If you have any questions regarding location or training, feel free to call 974-6288.

Top of Page

USF HEALTH IT TELECONFERENCING RECOMMENDATION AND USAGE PROCEDURES

Executive Overview
This document provides recommendations, based on existing equipment used within the USF Health, for Performing Teleconferencing. The recommendations described here are for, the equipment and methods supported by the USF Health IT department.

Recommendation - Multipoint Conferencing 
All stand alone IP video conferencing units maintained by USF Health IT have the capability of calling three other unique IP locations. Conferences with more than four unique locations or use ISDN may be facilitated with our video conferencing bridge. A multipoint conference can be set up on our bridge to facilitate up to five unique locations as well as bridging  IP and ISDN endpoints. Our ISDN line is capable of receiving three independent incoming ISDN calls at a rate of 384k.USF Health has no outbound ISDN capabilities. The T1 used for ISDN can also be used for phone conferencing and supports up to 18 unique locations.

Recommendation - Desktop Conferencing 
The Polycom PVX is the recommended desktop conferencing package. This software requires a USB webcam and pc microphone. Appropriate network settings on PC will have to be configured and can be done so after purchase upon request.

Recommendation - Distance Learning 
Both the Polycom VSX models and the Tandberg Set-Top MXP series models are good choices for Distance Learning facilities. These can be combined with various software and peripheral packages (overheads and Power Point etc.) to support the lecture. Both pieces of equipment support ISDN and IP based networks.

Recommendation - Medical Consultation 
Medical related teleconferencing software and hardware are reviewed on case by case basis. Please contact the Digital Media and Communication group for further assistance.

Video Conference Considerations
When planning a videoconference the conference rooms where the equipment is located must be scheduled separately. This should be coordinated with the multipoint conference when applicable. 

Top of Page