Web Content Regulation - Interim
|Title||Web Content Regulation|
|Sub-category||Security and Compliance|
ITCS Policy Number 1.700 Effective July 17, 2000 (Information Resources Coordinating Council IRCC Approved); Revised February 22, 2006; Amended December 14, 2009 (Executive Council Approved); Reviewed November 7, 2011; Interim approved September 16, 2014.
U.S. Department of Health and Human Services, Rights Under Section 504 of the Rehabilitation Act
1. Purpose of Regulation
The East Carolina University Web Page Policy provides guidance and minimum content-neutral standards for faculty, staff, and student web developers contributing to the university's web presence by maintaining web pages on university servers or providing web content to students for instructional purposes. University web space is provided to support the academic and administrative functions of the university. University-related websites are an important means of conducting university business, including but not limited to advancement, communication, education, research, and scholarship. Specifically, this regulation is designed to:
a. Promote the use of websites in a manner consistent with the mission of the university;
b. Address security issues associated with university information and equipment, and enable appropriate online transactions of university business;
c. Mandate that the development of websites comply with university policies, and applicable state and federal laws; and
d. Provide necessary management and oversight of the university’s resources.
1.1 Web Pages Subject to This Policy
All websites on university servers are subject to this policy. Websites on university servers are either Official University Web Pages or Unofficial Web Pages.
Official University Web Pages include the East Carolina University home page (www.ecu.edu); academic department and program pages; office, administrative, and support unit pages; news and information pages; and any other World Wide Web address that is otherwise sponsored or endorsed or created on authority of a university department or administrative unit; including course pages residing outside the secure course management system.
Unofficial Web Pages are maintained by individual university computer account holders on university servers, such as personal faculty and staff web pages; individual student web pages and university-recognized student organization web pages.
2. Minimum Requirements for Both Official University Web Pages and Unofficial Web Pages
ECU requires web authors of both official and unofficial faculty and staff web sites at ecu.edu to comply with accessibility requirements mandated by federal and state law. Such requirements include but are not limited to adherence to Section 508. Accordingly, ECU web resources will be accessible to persons with disabilities, where feasible, or a reasonable accommodation will be offered to qualified persons such as providing alternative formats or auxiliary aids and/or making adjustments.
2.2 Affiliation and Disclaimer
Unofficial Web Pages: The appearance or design of an Unofficial Web Page should not create confusion that a reasonable person viewing that page would believe that it is an Official University Web Page, or is otherwise sponsored or endorsed or created on authority of a university department or administrative unit. To reduce the likelihood of confusion, every Unofficial Web Page maintained on a university server must contain the following disclaimer:
This web page is not a publication of East Carolina University, nor is it in any way sponsored or endorsed or created on authority of a university department or administrative unit. The author(s) of this page are solely responsible for its content.
Advertising by external, unaffiliated organizations is not permitted on any university webpage. Advertising is defined as banner ads or other promotional messages being displayed on webpages in exchange for direct compensation (monetary or otherwise) for their delivery.
This regulation does not prohibit the appropriate recognition of sponsors or donors on the webpages of programs supported by their contributions.
2.4 Web Applications and Databases
ITCS must be notified of all intentions to put interactive applications on ECU operated servers. Such applications must be reasonably constrained due to concerns about security, server performance, operational monitoring, and ongoing maintenance. Collecting data received through web applications using applications, such as ColdFusion scripting requires a data source be established on the server. ITCS has the right to deny requests for data sources or to disable existing data sources if security or performance concerns are brought to our attention. Applications that require extensive scripting or involve monetary transactions must be approved by ITCS. Data that is sensitive, private, or requires increased protection is generally not allowed on all public web servers. There are special cases, where information may be collected; however, in all such cases the security requires the approval of ITCS and the data owner. Sensitive information should not be displayed or collected by any website residing outside a secure connection.
2.5 Minimum Requirements for Official University Web Pages Only
2.5.1 General Appearance
All Official University Web Pages must follow the minimum design requirements.
2.5.2 University Content Management System Regulation
Effective July 1, 2011, official websites hosted in the ecu.edu domain are to be created and maintained using the content management tools approved by the University Web Oversight Committee.
Each department, office and academic center must designate one person to be the site’s primary web contact (PWC). The PWC is responsible for ensuring his or her department, office, or academic website adheres to the university web policy. The PWC may delegate steps needed to be in accordance with the policy, such as content creation, but should be prepared to serve as the primary informational contact for inquiries regarding the site. Each area must designate a PWC to obtain space on ECU web servers. In the absence of a PWC, the chair or director will be listed by default.
Official web pages must be kept up to date. Out-of-date information should be removed and new information added on a regular basis. To verify when a site was last updated, all sites will automatically display a "date last modified: mm/dd/yyyy" in the footer of the page. Only active files should be kept on the Internet servers. Inactive sites and files should be removed from official directories and stored either locally or on another campus network.
Oversight of web pages subject to this policy is the responsibility of the University Web Oversight Committee. Violations of the web policy will be made known to the PWC for resolution. Noncompliance with applicable policies and/or laws may result in removal of web pages or directories from the main web server and/or removal of links to the site from the upper level university web pages and site index. Oversight of web pages will be consistent with the First Amendment.
Beginning January 1, 2014, a quarterly sample of web sites will be reviewed by Disability Support Services, ITCS, and Marketing to ensure sites meet ADA, security, and design requirements. The PWC will be notified if sites are out of compliance and be giving a reasonable timeline to make corrective action. If corrective action is not taken, then the site will be removed from ECU servers and as appropriate the Dean, Director, Department Chair, or Vice Chancellor will be notified.
3.1 Responsibility at Termination
An author of an unofficial web page is solely responsible for moving that page to a new non-university server once the employment and/or academic relationship with East Carolina University has ended, such as when an individual leaves university employment, a student graduates or is otherwise no longer enrolled at ECU, or where a student organization ceases to exist. ECU reserves the right to remove unofficial websites authored by an individual and/or group who/that no longer maintains an employment and/or academic relationship with ECU without notice as part of its routine maintenance of university servers.