Web Standards and Responsibilities

These Web Standards pertain to all websites hosted at By using web services on the domain, you are agreeing to adhere to the terms and conditions explained on this page.

In addition to the standards and responsibilities outlined here, website owners are also required to follow the regulations and guidelines found on the Web Compliance page.


Section I. Content Responsibilities & Requirements

The following are the responsibilities and requirements for which you, an owner of content available via a website on the domain, are responsible. These responsibilities include compliance with federal and state laws and applicable ECU policies and the items in the lists below:

Website owners must ensure that all content is:

Additionally, website owners must also ensure that:

  • media content and files recorded by ECU constituents follow the Media Release Consent Guidelines.
  • required approvals for copyrighted material are obtained, and if applicable, that access is limited. For more information, visit ECU's copyright guidelines.
  • public video is closed captioned.

For owners with direct access to their web directory, the administrators' group must not be modified or removed from the web directory permissions. Full administrator control for the administrators' group is necessary to execute application security software and to maintain web services. If the administrators' group is removed or permissions are changed, server administrators will re-add the administrators' group and/or return the permissions to full control, removing individual permissions.


Section II. Web Accessibility Standards

East Carolina University has adopted WCAG 2.0 Level AA as our goal for meeting our IT accessibility commitments. The Level AA success criteria provides a reasonable target for websites and web applications, and additionally serve as a useful metric for products and services.

WCAG 2.0 was published in 2008, and is organized around the following four principles:

  • Perceivable - Information and user interface components must be presentable to users in ways they can perceive
  • Operable - User interface components and navigation must be operable
  • Understandable - Information and the operation of user interface must be understandable
  • Robust - Content must be robust enough that it can be interpreted reliably by a wide variety of user agents, including assistive technologies

WCAG 2.0 has three levels which include (a) Level A establishes a baseline level of conformance and covers a basic set of core accessibility issues (such as alternate text on images and captions on videos), (b) Level AA includes additional success criteria such as providing a visible focus indicator for keyboard users and ensuring sufficient color contrast, and (c) Level AAA is the highest level of conformance.

For more information about WCAG 2.0, please review the Web Content Accessibility Guidelines (WCAG) Overview and the WCAG 2.0 AA guidelines.

If your site has older content that exists for record keeping or historical purposes, and is infrequently accessed and never updated, then we recommend clearly labeling this content as "Archived" and focusing your accessibility improvements on new content and content that is frequently accessed.

If you have an accommodation request, please contact Disability Support Services.


Section III. Minimum Page Requirements

All official university web pages are required to be hosted on university-approved resources and follow the minimum requirements that have been established. These requirements were created to promote consistency and quality.

Official web pages are defined by ECU's Web Regulation, include the following:

"Official university web pages include the East Carolina University home page (; academic department and program pages; office, administrative, and support unit pages; news and information pages; and any other World Wide Web address that is otherwise sponsored or endorsed or created on authority of a University Department or Administrative Unit; including course pages residing outside the secure course management system."

For the purposes of these standards, if the web page includes the wordmark, logo or any approved type treatment or mark of the university, it must adhere to these standards.


A reference to East Carolina University must appear in the top left corner of each web page and link to The wordmark as shown on the ECU home page is preferred. However, if deviation from this wordmark is necessary, then follow the branding guidelines.


The bottom of each web page must contain the following:

Page Layout

  • The page background color must be ECU purple, white or grey.
  • The width of the content area on the page should not exceed the current ECU homepage.
  • The background color must be white with grey scale font color no lighter than #666666.
  • The name of the unit should be prominently displayed.
  • If a menu system is present, it should pertain to your unit, not a replication of the menu for the top site.
  • ADA compliance is required. For assistance in building accessible web pages, review our guidelines.
  • Layout out must be responsive and mobile friendly. We recommend the use of the Bootstrap framework.


Web pages should download quickly and efficiently. If needed, larger documents can be divided into smaller documents. Optimize graphics for rapid loading across typical network connection speeds and mobile devices.


Use of university-related photos is encouraged.


Section IV. Development Standards & Data Usage Requirements

Web development is a serious responsibility, and if not done properly, will expose the website and university networks to security threats. Any development should be completed by trained programmers and follow industry as well as ECU standards.

Development Standards

  • All web development must comply with the web standards in this document, adhere to OWASP security standards and address the current Top 10 for web application security.
  • Development work should have a primary and secondary developer for business continuity purposes.
  • It is the responsibility of the developers to maintain backups of their production work when making changes.
  • Web forms should have input validation, be WCAG 2.0 Level AA compliant, and employ a method to prevent spam.
  • File upload fields must limit the types of accepted files to data files only. Executable file types (e.g.: exe) are not allowed.

Data Collection and Storage

  • An approved privacy statement which clearly indicates how the information will be used is required.
  • If information is used in a mailing list, you must provide a method for the person to opt-out of your mailings. For example, if you send a weekly digest of form submissions, then you must let the submitter know and opt not to include the data they submitted in the mailing.
  • Data should only be stored on university database servers. Microsoft Access databases and flat file storage is not allowed because of the inherent security issues associated with these file types.
  • As a general rule, sensitive data is not approved for collection, display or storage on a public website. If approved, then the data must be password protected and follow any additional security recommendations received from data owners. Sensitive data is not to be collected without permission from IT Security and/or the appropriate data owner. If sensitive data needs to be collected, users need to contact IT Security for information on available resources and best practices.
  • Illegal file sharing is prohibited. For more information, visit the ECU's File Sharing Rules site.


Section V. Storage of Student Information or Assignments on University Websites

  • Any content stored greater than two (2) years must be approved by the Registrar.
  • Any storage of videos, specifically those associated with K-12 students must use the ECU Attorney's approved process and forms. You are required to ensure this process is followed.
  • Videos of K-12 students require a release form signed by the parents.
  • Videos of ECU students require a release form signed by the ECU students.
  • The content owner is responsible for collecting and maintaining the release forms.
  • Videos must be password protected using the ECU PirateID and not publicly available.
  • Videos must be streamed and not downloadable. Streaming is available on
  • Any violation of these rules could be violating FERPA regulations and be subject to the consequences of that law.