Chapter 3339-19 Information Technology

3339-19-01 Information technology, computer peripherals and software acquisition.

(A) General

Provided such additions do not substantially degrade service to other users, it is the policy of Miami university to permit the acquisition of computer peripheral devices and/or software within the limits of the operating budget and/or available extramural funding; the university statement of preferred, supported, and approved manufacturers; and the capacity or security of the host computers.

For purposes of this policy, computer peripheral devices are defined as any device which contain an electronic processor and which can be linked either directly or indirectly to the Miami computing system network.

Software includes general system programs and libraries, compilers, utilities, and other computer programs requiring central system support. For independently developed or acquired software, which will become an integral part of the university information processing system, a contact person in it services must consult/assist in the development to ascertain that the resulting system will be effective, meet security requirements, and can be maintained by it services should the need subsequently arise.

The implementation of this policy is the responsibility of the vice president for information technology. The information technology policy committee recommends such policies.

(B) Procedures

Requests for acquisition of computer peripheral devices and/or software shall be endorsed by it services in terms of technical compatibility, access security, and central computer system capacity and approved through normal organizational channels.

Requests shall include documentation as to technical specifications, pricing, proposed use, benefits, expected utilization, and anticipated central computer system impacts.

Endorsement by it services is necessary for connection to the Miami computing system communication network and the use of the central computer systems.

Replaces: 3339- 21-01

Effective: 3/6/2015
Promulgated Under: 111.15
Statutory Authority: 3339.01
Rule Amplifies: 3339.01
Prior Effective Dates:

3339-19-02 Responsible use of university computing resources at Miami university.

(A) General statement

(1) University computing resources include, but are not limited to, end-user computing devices, servers, networks, email, software, printers, scanners, video distribution systems, telephone systems, and other computing hardware and software, whether owned by the university or contracted from a third party. All such university computing resources are intended for university-related use, including direct and indirect support of the university's instruction, research, and service missions; of university administrative functions; of student and campus life activities; and of the free exchange of ideas.

(2) The rights of free expression and academic freedom apply to the use of university computing resources; so, too, however, do the responsibilities and limits associated with those rights. All who use the university computing resources must act responsibly, in accordance with the highest standard of ethical and legal behavior. Thus, legitimate use of university computing resources does not extend to whatever is technically possible. Users must abide by all applicable restrictions, whether or not they are built into the operating system or network and/or whether or not they can be circumvented by technical means.

(3) This policy applies to all users of university computing resources, whether or not affiliated with the university, and to all uses of those resources, whether on campus or from remote locations. Additional policies may apply to specific computers, computer systems and/or networks provided and operated by specific units of the university and/or to uses within specific units. Some of these policies are listed in paragraph (H) of this rule and in rule 3339-21-05 of the Administrative Code.

(B) Policy

(1) All university computing resources users must:

(a) Comply with all federal, Ohio, and other applicable law; all generally applicable university rules and policies; and all applicable contracts and licenses. such laws, rules, policies, contracts, and licenses include: the laws of libel, privacy, copyright, trademark, obscenity, and child pornography; the electronic communications privacy act and the computer fraud and abuse act, which prohibit "hacking" "cracking". and similar activities; the university's code of student conduct; the Miami university policy and information manual, the university's sexual harassment policy; and all applicable software licenses. In particular, users must:

(i) Respect the right of others to be free from harassment or intimidation to the same extent that this right is recognized in the use of other communication; and

(ii) Respect copyrights, intellectual-property rights, ownership of files and passwords. Unauthorized copying of files or passwords belonging to others or to the university may constitute plagiarism or theft. Accessing or modifying files without authorization (including altering information, introducing viruses or other malware, or damaging files) is unethical, may be illegal, and may lead to sanctions; and

(iii) Not send unsolicited bulk email (spam) or email designed to trick users into providing their login credentials or other personal information (phishing email).

Users who engage in electronic communications with persons in other states or countries or on other systems or networks should be aware that they may also be subject to the laws of those other states and countries and the rules and policies of those other systems and networks. Users are responsible for ascertaining, understanding, and complying with the laws, rules, policies, contracts, and licenses applicable to their particular uses.

Miami university extends these policies and guidelines to systems outside the university that are accessed via the university's facilities (e.g., electronic mail or remote logins using the university's internet connections).

(b) Use only those university computing resources that they are authorized to use and use them only in the manner and to the extent authorized. Ability to access university computing resources does not, by itself, imply authorization to do so. Users are responsible for ascertaining what authorizations are necessary and for obtaining them before proceeding. Accounts, passwords, and other authentication mechanisms, may not, under any circumstances, be shared with, or used by, persons other than those to whom they have been assigned by the university .

(c) Respect the finite capacity of university computing resources and limit use so as not to consume an unreasonable amount of those resources or to interfere unreasonably with the activity of other users. Although there is no set bandwidth, disk space, cpu time, or other limit applicable to all uses of university computing resources, the university may require users of those resources to limit or refrain from specific uses in accordance with this principle. The reasonableness of any particular use will be judged in the context of all of the relevant circumstances.

(d) Limit the personal use of university computing resources and refrain from using those resources for personal commercial purposes or for personal financial or other gain. Personal use of university computing resources is permitted when it does not consume a significant amount of those resources, does not interfere with the performance of the user's job or other university responsibilities, and is otherwise in compliance with this and other university policy. Further limits may be imposed upon personal use in accordance with normal supervisory procedures.

(e) Refrain from stating or implying that they speak on behalf of the university and from using university trademarks and logos without authorization to do so. Affiliation with the university does not, by itself, imply authorization to speak on behalf of the university. Authorization to use university trademarks and logos may be granted only by Miami university. The use of appropriate disclaimers is encouraged. Personal web pages linked to the university web should disclaim association with Miami university.

(C) Enforcement

(1) Whenever it becomes necessary to enforce university rules or policies, an authorized administrator may: disallow network connections by certain computers (even departmental and personal ones); require adequate identification of computers and users on the network; undertake audits of software or information on shared systems where policy violations are possible; take steps to secure compromised computers that are connected to the network; or deny access to computers, the network, and institutional software and databases.

(D) Sanctions

(1) Users who violate this policy may be denied access to university computing resources and may be subject to other penalties and disciplinary action, both within and outside of the university. Violations will normally be handled through the university disciplinary procedures applicable to the relevant user. Alleged violations by students will normally be investigated, and the office of ethics and student conflict resolution will normally impose any penalties or other discipline.

(2) However, the university, through its information managers, may suspend or block access to an account prior to the initiation or completion of such procedures; when it reasonably appears necessary to do so, and in order to protect the integrity, security, or functionality of university computing resources or other computing resources; or to protect the university from liability.

(3) The university may also refer suspected violations of applicable law to appropriate law enforcement agencies.

(E) Privacy and security

(1) The university employs various measures to protect the security of university computing resources and users accounts. However, users should be aware that the university does not and cannot guarantee such security.

(2) Users should also be aware that their uses of university computing resources are not private. While the university does not routinely monitor individual usage of university computing resources, the normal operation and maintenance of university computing resources require the backup and caching of data and communications, the logging of activity, the monitoring of usage patterns, and other such activities that are necessary for the rendition of service. Systems or technical managers, as part of their technical responsibilities, may occasionally need to diagnose or solve problems by examining the contents of particular files. Data from university computing resources may be used to evaluate the efficiency of university operations and personnel.

(3) The university may also monitor the activity and accounts of individual users of university computing resources, including individual sessions and communications, without notice when: the user has voluntarily made them accessible to the public, as by posting to usenet or a web site; it reasonably appears necessary to do so to protect the integrity, security, or functionality of university computing resources or other computing resources or to protect the university from liability; there is reasonable cause to believe that the user has violated, or is violating, any university policy; an account or device appears to be engaged in unusual or unusually excessive activity, as indicated by the monitoring of general activity and usage patterns; or it is otherwise required or permitted by law.

(4) Any such individual monitoring, other than when the user has voluntarily made them accessible to the public, as by posting to usenet or a web site, or required by law, or necessary to respond to perceived emergency situations, must be authorized in advance by the vice president for information technology or a designee of same.

(5) The university, in its discretion, may disclose the results of any such general or individual monitoring, including the contents and records of individual communications, to appropriate university personnel or law enforcement agencies and may use those results in appropriate university disciplinary proceedings. Communications made by means of university computing resources are also generally subject to Ohio's public records statute to the same extent as they would be if made on paper.

(F) The user's responsibilities

(1) Be aware of the limits of computer security. Although the university employs various measures to protect the security of its computing resources and user accounts, users should be aware that the university cannot guarantee such security. Users should therefore engage in "safe computing" practices by establishing appropriate access restrictions for their accounts, guarding their passwords, and changing them regularly.

(2) Be responsible for backing up and protecting personal files. Although the university under certain circumstances may provide storage space and under certain circumstances that storage may be backed up, Miami university assumes no responsibility for the loss or recovery of personal files.

(3) Be responsible for protecting Miami data. All users have a responsibility to protect Miami data from unauthorized disclosure.

(G) The university's responsibilities

(1) The university owns various computers and the entire internal computer networks used on campus. The university also has various rights to the software and information residing on, developed on, or licensed for, these computers and networks. The university has the responsibility to administer, protect, and monitor this aggregation of computers, software, and networks. Specifically, purposes of the university's information technology management are to:

(a) Manage computing resources so that members of the university community benefit equitably from their use;

(b) Protect university computers, networks and information from destruction, tampering, and unauthorized inspection and use;

(c) Communicate university policies and the responsibilities of individuals systematically and regularly in a variety of formats to all parts of the university community;

(d) Establish and support reasonable standards of security for electronic information that community members produce, use, or distribute. Standards for security and access are elaborated in the document Miami university computing security policy, as well as in documents derived from it;

(e) Monitor policies and propose changes in policy as events or technology warrant.

(H) Other Miami university computing policies

(1) Responsible use of computing resources at Miami university was adapted from the Ohio state university's policy on responsible use of university computing resources. Miami university is grateful to the Ohio state university for allowing us to use its policy as a model.

(2) Additional policies, including the Miami university computing security policy, elaborate the above policies and outline procedures for implementation.

(3) Additional policies that are not in this document may apply to specific computers, computer systems, or networks provided or operated by specific units of the university. Consult the operators or managers of these systems for further information.

Replaces: 3339- 21-02

Effective: 3/6/2015
Promulgated Under: 111.15
Statutory Authority: 3339.01
Rule Amplifies: 3339.01
Prior Effective Dates: 11/4/77, 7/1/97, 9/30/99, 11/14/09, 10/14/11, 9/12/13

3339-19-03 Illegal or unauthorized use of computing resources.

The following prohibited actions apply to faculty, staff, students, and visitors:

(A) Theft or malicious destruction of computing property (including computer hardware, software, account credentials, and/or data) belonging to the university, other corporations, or to any other person:

(B) unauthorized access to. use of. or control of computing facilities or computer data, including circumvention of computing system safeguards:

(C) acts involving computing resources that obstruct or disrupt university functions in teaching, research, or administration: and

(D) use of university property in the performance of illegal or prohibited actions including violation of software copyrights or trade secrets and/or activities conducted for personal financial gain except as provided for by other university policy.

Replaces: 3339- 21 -03

Effective: 3/6/2015
Promulgated Under: 111.15
Statutory Authority: 3339.01
Rule Amplifies: 3339.01
Prior Effective Dates: 11/4/77, 7/1/97, 9/30/99, 11/14/09, 10/14/11

3339-19-04 Unauthorized peer-to-peer file sharing.

(A) Background and purpose of policy

Peer-to-peer (p2p) file sharing applications allow users to download and share electronic files of all types and to use any computer as a server for file sharing requests. Currently, some of the more common files shared in this fashion are audio files (e.g., mp3, wav, midi), video files (e.g., quicktime, jpeg, mpeg, avi), and picture files (e.g., gif, jpeg). When computers are set up in a peer-to-peer model, the computers become connected as peers, and files on each system are subject to access by the other systems. When a university computer is set up for peer-to-peer operations with an outside computer, the university computer is sharing its files, and in some cases its entire hard drive. In most cases, the same computer has also agreed to accept files from an outside computer. Conversely, the outside system could copy individual files from the university computer's shared drive, to the outside server, resulting in the potential for inadvertent disclosure of sensitive information.

Because there are legitimate academic, research, and personal uses of p2p file sharing applications, Miami university does not ban them from its network. However, Miami recognizes that p2p activity is commonly used for copying music and video files for personal enjoyment which may violate copyright law and that content which does not infringe copyright is typically available through other methods, such as websites and ftp sites. Accordingly, Miami actively blocks all p2p traffic from crossing its network perimeter. If a user has a legitimate need to use p2p software, authorization will need to be obtained from Miami university's information security officer. Before requesting authorization to participate in any p2p file sharing activity, users of university computing and electronic communication resources should consider the following:

(1) Network bandwidth. Most p2p applications are configured so other users can access your hard drive and share your files all the time. This constant file transfer can degrade your computer's performance and generate heavy traffic loads on the university network. The university's network bandwidth consumption is monitored. If your usage impacts the overall performance of the network, your computer may be blocked. If you use a p2p application to share content legally, you should know how to control or disable the application.

(2) Privacy. If you are running a p2p application, you may be inadvertently sharing personal information, such as e-mail messages or credit card information. You need to make sure you know which files and data the application is sharing. You should know how to control or disable your p2p application to ensure that you are not inadvertently sharing personal information.

(3) Security. Viruses are easily spread using p2p applications. Many p2p applications include "malware" in the download, so you may be unintentionally infecting your computer. To protect your computer, keep your anti-virus program up-to-date and only install programs acquired from reputable sources.

(4) Resource use. Some p2p applications use your computer as a computational or storage resource for another organization's use. This may not be an acceptable use of state-owned resources such as the university network or university-owned computers. Do not permit any such use of your system without the consent of Miami university's information security officer.

(B) Prohibition

The use of a p2p application which (1) constitutes a violation of any federal, state or local law, (2) a violation of university policies (including the responsible use policy and the code of student conduct), or (3) interferes with Miami university's network integrity or security is prohibited.

(C) Enforcement

As an internet service provider, Miami university follows appropriate enforcement procedures required by the digital millennium copyright act.

Upon discovery of an apparent violation of this policy by a student, the information security officer will notify the dean of students. The dean of students shall notify the user and require that the user immediately cease the prohibited activity and delete files that this policy. In addition to stopping potential legal violations, the dean of students goal is to educate the student about appropriate p2p use and personal and social responsibility as a p2p user within the learning community. In the event that a user fails to comply with the dean of students' directive or if the same user violates this policy one or more additional times in the same academic year, then the dean of students may initiate appropriate disciplinary action against the student.

Upon discovery of an apparent violation of this policy by an employee, then the information security officer will notify user to immediately cease the prohibited activity and delete files that violate this policy. In the event that a user fails to comply with the information security officer's notice or violates this policy one or more additional times, the information security officer will refer the matter to the department of human resources or academic personnel services for appropriate action.

In addition, if a user violates the copyright laws through unauthorized p2p activities, the user may be found liable for civil or criminal copyright infringement. Penalties for copyright infringement include civil and criminal penalties. In general, anyone found liable for civil copyright infringement may be ordered to pay either actual damages or "statutory" damages affixed at not less than seven hundred fifty dollars and not more than thirty thousand dollars per work infringed. For "willful" infringement, a court may award up to one hundred fifty thousand dollars per work infringed. A court can, in its discretion, also assess costs and attorneys' fees. For details, see section 504 and 505 of title 17 of the United States Code. Willful copyright infringement can also result in criminal.

(D) Review

The dean of students and the information security officer shall periodically (1) review the effectiveness of this policy; and (2) review the legal alternatives for downloading or otherwise acquiring copyrighted material and make the results of the review available to its students through a website or other means.

Replaces: 3339- 21-04

Effective: 3/6/2015
Promulgated Under: 111.15
Statutory Authority: 3339.01
Rule Amplifies: 3339.01
Prior Effective Dates: 11/4/77, 10/1/81, 8/1/88, 7/1/97, 9/30/99, 11/14/09, 11/14/11

3339-19-05 Additional policies and procedures.

It is the responsibility of faculty and staff to be knowledgeable about policies and procedures that apply to the provision and use of university computing resources. Consult the Miami department/division policies and procedures for computer hardware and software document athttps://ithelp.muohio.edu/selfservice/rassp/kplisting/view2.jsp?k2dockey=040972654011948.

Questions may be directed to the it services support desk at 513-529-7900.

Replaces: 3339- 21-05

Effective: 3/6/2015
Promulgated Under: 111.15
Statutory Authority: 3339.01
Rule Amplifies: 3339.01
Prior Effective Dates: 11/4/77, 7/1/97, 9/30/99, 11/14/09, 10/14/11, 9/12/13

3339-19-06 Telecommunications.

Telephone services provided by Miami university are for university business. University telephone services are not to be used to support private business practices. Personal long distance calls may not be charged to university accounts, but may be made from university telephones if the caller has established a personal account through the it services office of telecommunications or places such calls as third party billed or by using a personal telephone credit card. Employees issued telephone credit cards by the university shall limit their usage to university business only.

(A) Policy on use of cellular telephones and photographic imaging devices

(1) Classrooms/exams. Faculty may ban the use of cellular telephones and other communication and storage devices during class periods and/or exam periods. This policy is not meant to conflict with reasonable accommodations for students with disabilities.

(2) Automobiles/dangerous equipment. Cellular telephones should not be used in a manner that interferes with the safe operation of a state-owned vehicle or a personal vehicle on university business. Cellular telephones may not be used by anyone operating dangerous equipment while working for the university.

(3) Restrooms/locker rooms. Due to privacy reasons, taking photographic images of any kind, by means of any device, without permission is prohibited in restrooms and locker rooms. Facilities' managers have the right to ban, by posting appropriate signs, possession of cellular telephones and/or devices with photographic imaging capability from public restrooms and public locker rooms.

(B) Policy on cellular telephone service

(1) The university does not provide employees with mobile devices and/or cellular service used at any time for personal communications. Cellular service includes both voice and data services, regardless of the mobile device used (e.g., cell phone, ipad). Employees will be responsible for the purchase of mobile devices and payment of cellular services.

(a) Cellular service stipend The university will provide to eligible employees a monthly cellular service stipend to partially offset the expense of cellular service. The university will establish the amount of the cellular service stipends for the coming fiscal year and any change in the amount will be announced at least ninety days prior to the effective date of the change. Employees may be eligible for a voice-only or a voice and data stipend. The stipend will be included in the employee's paycheck and is taxable to the employee.

A cellular service stipend may be provided to an employee upon the written approval of his/her department head and may be provided for the following reasons:

(i) The employee travels frequently on university business;

(ii) The employee has duties that require him/her to be out of the office on a regular basis;

(iii) The employee must be accessible to the university in the event of an emergency; or

(iv) The employee has a job function that requires off-site internet access.

(b) University-owned devices and/or university-paid cellular service

(i) A university-owned device and/or university-paid cellular service may be provided to an employee, in lieu of a cellular service stipend, upon the written approval of a vice president or the president when the following conditions are met:

(a) The device and/or cellular service are essential to the employee's ability to perform his or her duties; and

(b) The device and/or cellular service are used exclusively for university business. Department heads are expected to periodically review authorizations for employee cellular service stipends and/or employee use of a university-owned device and/or university-paid cellular service. Cellular service stipends and cellular devices and services may be withdrawn by the university at any time and for any reason.

(c) Obtaining cellular devices/services

(i) Miami employees may purchase mobile devices and/or cellular service through the office of telecommunications. The office of telecommunications has negotiated several favorable mobile device pricing and cellular service options with national service providers for employees in need of cellular devices and/or cellular service. Employees may obtain assistance with their personal cellular needs from the staff of the mitech cellular or visit http://www.mubookstore.miamioh.edu/site_cellular.asp to review available options.

(d) Data and email storage on mobile devices

(i) Employees who use their mobile devices to access Miami email must configure the mobile device to ensure that any email messages sent/received on the device will be retained on Miami's email servers. Employees who use their mobile device to access confidential Miami data must configure the device to meet the university's mobile device security standards. IT services will configure each covered employee's Miami-provided email account to automatically push the security standards to the employee's device(s), and the employee is responsible for contacting it services to resolve any technical issues that prevent the security standards from being successfully applied to the device(s). Upon retirement or separation from employment, employees must ensure that all Miami data is removed from the mobile device.

Employees should conduct all university-related email using their Miami-provided email account. It is also the responsibility of any employee receiving a mobile stipend or university-paid cellular service to ensure that any records, as defined in Miami's records retention policy are maintained in accordance with that policy. These records are university-owned records, may be subject to the Ohio Public Records Act, and the employee may be required to produce them for inspection and copying. If your mobile device contains files and/or information that qualify as university records, it is your responsibility to maintain those records in accordance with the university's records retention policy and to produce them upon request.

Effective: 3/9/2018
Promulgated Under: 111.15
Statutory Authority: 3339.1
Rule Amplifies: 3339.1
Prior Effective Dates: 11/04/1977, 10/24/1986, 03/31/1988, 07/01/1997, 09/30/1999, 10/14/2011, 09/13/2012, 09/12/2013, 03/06/2015

3339-19-08 Accessible technology policy.

(A) Purpose:

Miami university is committed to providing equal opportunity for qualified individuals with disabilities to participate in, and benefit from, Miami university's services, programs, and activities. The purpose of this rule is to acknowledge that Miami university's commitment to equal opportunity for qualified individuals with disabilities includes services, programs, and activities that Miami university delivers through web-based, digital, and emerging technologies.

(B) Definitions:

"Equally effective alternate access," with respect to electronic and information technology, means an alternative format, medium, or other aid that timely and accurately communicates the same content as does the original format or medium, and which is appropriate to an individual's disability. To provide equally effective alternate access, Miami university shall provide appropriate auxiliary aids and services as necessary to afford individuals with disabilities an equal opportunity to obtain the same result, gain the same benefit, or reach the same level of achievement, in the most integrated setting appropriate to their needs, but Miami university need not ensure that qualified individuals with disabilities achieve the identical result or level of achievement as individuals without disabilities. Nothing in this rule requires Miami university to take any action that results in a fundamental alteration in the nature of a service, program, or activity or undue financial and administrative burden. Miami university will, nevertheless ensure, to the maximum extent possible, that qualified students with disabilities receive the benefits or services provided by Miami university.

"Fundamental alteration" means a change to a service, program, or activity that fundamentally alters the nature of the service, program, or activity, which includes academic courses or technology. While not required under this policy to undertake actions that would constitute a fundamental alteration to a service, program, or activity, Miami university will take any other action that would not result in such an alteration, but would nevertheless ensure that, to the maximum extent possible, qualified individuals with disabilities receive the benefits or services provided by Miami university.

"Legacy pages" means web pages created and published before January 2012.

"Timely" and "timeliness" mean access in sufficient time for the person with the disability to have an equal opportunity to obtain the same result, to gain the same benefit, or to reach the same level of achievement as persons without disabilities.

Web content accessibility guidelines ("WCAG") refers to standards for web content accessibility that have been developed by the world wide web consortium ("W3C"), an international community where member organizations, a full-time staff, and the public work together to develop web standards. For purposes of this rule, Miami university utilizes wcag version 2.0, level aa when determining web content accessibility.

(C) Policy

(1) Web content

Beginning December 14, 2016, all new and redeveloped web pages, web applications, and web content, created by Miami university, on websites and subdomains used for Miami' university's academic divisions, academic departments, and administrative offices shall conform to wcag 2.0 aa. A listing of covered websites can be found athttps://miamioh.edu/accessmu/. In addition, for all websites and subdomains used for Miami university's academic divisions, academic departments, and administrative offices, all web pages, web applications, and web content that were created and published on or after January 2012 shall be made to conform to wcag 2.0 aa by June 2018. Legacy pages shall be made accessible upon request of a qualified student with a disability. Exceptions to these requirements for certain types of content may be found athttps://miamioh.edu/accessmu/. Any requests for exceptions for specific content should be directed to the accessible technology coordinator.

(2) Textbook and course material accessibility

Miami university will provide individuals with disabilities who register with student disability services (sds) equally effective communication of curricular materials (e.g., textbooks, workbooks, articles, compilations, presentations, collaborative assignments, videos, and images or graphical materials) converted to alternate formats (see procedures for requesting alternative format materials athttps://miamioh.edu/student-life/sds/student-tools/accommodation-procedures/accessible-course-materials/index.html). In selecting texts and book-length course materials, including any supplementary digital applications or content provided by the publishers of such texts and book-length course materials, Miami university academic departments will consider the availability of materials in accessible electronic formats, such as: the daisy consortium's digital accessible information system "DAISY" standard and the international digital publishing forum's epub3 specification for digital publication and documents; wcag 2.0 aa and the w3c's web accessibility initiative accessible rich internet applications suite ("WAI-ARIA") 1.0 for web content; the w3c's authoring tool accessibility guidelines ("ATAG") 2.0 for web authoring tools; the w3c's guidance on applying wcag 2.0 to non-web information and communications technologies ("WCAG2ICT") and section 508- 1194.21 for non-web software and content; the w3c's mathematical markup language ("MathML") 3.0 for materials incorporating digital mathematical and scientific notation; the braille authority of north America's ("BANA") guidelines and standards for tactile graphics (2010) and the bana guidelines for the production of braille materials through the use of braille production software (2007) for hard copy braille; and any successors to these standards.

(3) Student organization websites

The websites, web pages, and web applications (e.g., "The Hub,") that Miami university provides for use by student organizations that have registered with Miami university shall conform with wcag 2.0 aa, and shall not block or interfere with any accessibility features in content uploaded by student organization content providers. These websites, web pages, and web applications shall employ templates with fields designed to assist content providers with producing and uploading wcag 2.0 aa-conforming content, and Miami university will provide other tools and resources to assist student organization content providers with producing and uploading wcag 2.0 aa-conforming content.

(4) Procurement

All web technology or software that Miami university procures for use by its students shall conform to the relevant accessibility standards (a listing of relevant standards can be found at https://miamioh.edu/accessmu/) as long as the technology is commercially available and its purchase does not result in undue financial and administrative burdens or a fundamental alteration. If a product is available and meets some, but not all, of the relevant accessibility standards, Miami university will procure the product that best meets the standard, unless its purchase would result in undue financial and administrative burdens or a fundamental alteration, or unless an exception applies pursuant to Miami university's accessible technology procurement policy. The accessmu website,https://miamioh.edu/accessmu/website contains a listing of exceptions. Exceptions can only be granted by the procurement review committee.

(5) Links to additional resources

Grievance process: Students who believe they have been denied appropriate disability-related accommodations, including appropriate auxiliary aids and services, may file a grievance with Miami university's student disability services or with Miami university's office of equity and equal opportunity: grievance procedures.

Inaccessible digital file conversion submission page: Qualified individuals with disabilities who are students, staff, or applicants for admission to Miami university may submit or upload for Miami's remediation inaccessible documents, images, and multimedia: created by Miami university and published on its websites, or sent to or received at a Miami university email address, or posted to a Miami website (such as the hub https://muhub.campuslabs.com/engage/), by Miami university students or staff in connection with curricular activities, student government, major student publications (Miami Student, Miami Quarterly, and UP Magazine), student organizations that have registered with Miami university, residential life activities (e.g., dorm movie nights) sponsored or organized by Miami's Residence Hall Association, student participation in or attendance at campus theatrical and musical performances, student participation in or attendance at campus art shows, or student participation in or attendance at recreational events and activities (e.g., intramural sports). Remediation may be requested using the inaccessible digital file conversion submission page.

Qualified individuals with disabilities who are former students of Miami university may submit or upload for Miami university's remediation inaccessible files (e.g., documents, images, and multimedia) on websites that Miami university directs former students to use for completion of critical or important functions (e.g., websites used for obtaining transcripts).

Miami university generally will remediate inaccessible files within three business days of submission or upload. If remediation cannot be accomplished within this time frame, Miami university will advise the submitting individual of the steps it will take to remediate the file, as well as the time frame it anticipates it will need to complete the remediation.

Effective: 12/29/2017
Promulgated Under: 111.15
Statutory Authority: 3339.01
Rule Amplifies: 3339.01