Google Accounts Policy

Download as PDF

Google Account Policy


This policy applies to all current and prospective students, staff, and faculty of Bryan College of Health Sciences and in conjunction with the Bryan Medical Center Acceptable Use Agreement for Information Technology Resources (BIM.TU117).

Scope
The data retention schedules outlined below apply to data associated with a user's bryanhealthcollege.edu Google account, including:

  • Google Drive
  • Google Calendar
  • Google Sites
  • Gmail
  • Any data stored in other Google apps where the account holder is listed as the "owner"

Account Creation

  • Students: College IT will create new student accounts within two weeks prior of the start date.
  • Staff/Faculty: New accounts for staff and faculty will be created upon receipt of a Change Form by College IT.
  • Storage: All new accounts are limited to 15 GB of storage.
  • Account Limits: Only one account per student/employee. Departmental or group accounts may be requested through College IT.

User IDs and passwords serve as the primary means of authenticating users of the College's electronic resources. These security measures are designed to prevent unauthorized access to resources and any restricted information they contain. Users are prohibited from sharing their passwords with others and must take measures to protect their passwords from disclosure. This includes monitoring access to their accounts and promptly contacting the College’s IT department if they suspect their password has been compromised. Users are accountable for all activity associated with their user ID. Passwords must be strong and contain at least fourteen characters, incorporating a mix of numbers, letters, and symbols, or adhere to system-specific requirements at the time of creation. No one, including IT staff, is authorized to request a user’s password.

Users must maintain their multi-factor authentication (MFA) credentials as instructed and are not permitted to bypass multi-factor authentication or share multi-factor authentication devices with others.

All users share responsibility for protecting the College's electronic resources from unauthorized access. Specifically, users must:

  • Safeguard the security and integrity of information stored on any personal or assigned desktop, laptop, or handheld device.
  • Only access electronic resources from secure environments and log out or lock their devices when leaving them unattended.
  • Keep software and applications up to date by applying security patches when available on devices used to access e-resources.
  • Take necessary precautions when accessing or sharing confidential or restricted College data to ensure it remains secure from unauthorized access and threats to its integrity.
  • Comply with requests from IT staff or other authorized personnel to update or stop using electronic resources that compromise security.
  • Report any unauthorized access, loss, theft, or compromise of sensitive data or electronic resources to College IT.
  • Cooperate with system administrators during investigations of improper use, data breaches, or security incidents.

Without prior authorization, users are prohibited from:

  • Providing others with access to electronic resources.
  • Including sensitive data in emails.
  • Sending chain letters or mass emails that are not related to authorized College business.
  • Altering, removing, or forging email headers, addresses, or messages, or impersonating another individual.
  • Accessing electronic resources beyond their authorization, or attempting to intercept communications not intended for them.
  • Using the College’s network or Internet access maliciously or to obtain, alter, or destroy materials they are not authorized to handle.
  • Tampering with, modifying, damaging, or attempting to defeat security measures on accounts or electronic resources.
  • Damaging computer or network systems, or introducing malicious software (e.g., viruses, worms, Trojan Horses) to any e-resource, or attempting to degrade system performance or deny others access to e-resources.

Program Completion (Students)

For students marked as "program completers" by the Registrar:

  • Alumni are granted a three-month transition period after program completion, during which they retain access to their accounts. After this period, all data associated with the account is permanently deleted.

Inactive, Non-Alumni, Non-Degree Students

For students whose records are inactivated (withdrawn, dismissed, or discontinued) or Non-degree completers:

  • The student's Google account and all associated records will be permanently deleted five days after inactivation.