IT Policies

DoIT computer logging statement

Many of the computer systems and network equipment operated by the Division of Information Technology (DoIT) maintain logs that provide information about the use of those systems. These logs are kept for varying lengths of time*. The logs generally contain identification and summary information (source and destination IP numbers, Web URLs, email addresses, telephone numbers, traffic or use amounts, service type, time stamps, etc.) about use rather than the contents of files or communications.

DoIT staff use log data for the purposes of finding hardware and software errors, tracking resource utilization, capacity planning and security, including the investigation of inappropriate use of University resources.

The BadgIRT Coordinators** will access these logs only upon the receipt of an official complaint of inappropriate use as defined by the University of Wisconsin-Madison Guidelines for Appropriate use of University Information Technology Resources (Appropriate Use Policy).

Requests for usage log information will be released to other parties by the BadgIRT Coordinators only if the request meets the requirements of an existing state statute, federal law, or University of Wisconsin policy (see examples below), as interpreted by Administrative Legal Services. Any questions arising from the application of these statutes and policies by the BadgIRT Coordinators will be directed to Administrative Legal Services.

  1. Family Educational Right to Privacy Act (Buckley Amendment), 20 USC S. 1232g (FERPA).
    FERPA is a federal law establishing legal protection for the confidentiality of student information.

  2. Policies and Procedures Governing Access to Electronic Files.
    This UW policy clarifies the privacy and confidentiality of UW faculty and staff electronic data as well as the procedures for the University to follow in providing access to this information.

  3. Public Records , Wisc. Stat. Section 16.61, and Open Records Law, Wisc. Stat. Section 19.32. Wisconsin law providing definitions and procedures for accessing Public Records.

  4. Subpoena
    Information consistent with received subpoena request can be released when a valid subpoena is received by the BadgIRT Coordinators.

A person who wishes to seek access to log data based on the above statutes, laws or policies may request the BadgIRT Coordinators to preserve data beyond its normal retention period*.

If you have any questions, you may contact security@wisc.edu or Administrative Legal Services (608-263-7400).

 

* In order to learn the retention time for specific DoIT services, please contact the DoIT Help Desk at 608-264-HELP. In turn, the DoIT Help Desk will pass on your query to the appropriate DoIT Staff.

** BadgIRT refers to the Incident Response Team (IRT) for the University of Wisconsin-Madison. The Coordinators are the information technology security staff that work with BadgIRT. In part, the Coordinators process incident reports submitted to BadgIRT.