• Electronic files created, sent, received, or stored on SharePoint owned, leased, administered, or otherwise under the custody and control of [SharePoint Portal Owning Organization] are not private and may be accessed by [SharePoint Portal Owning Organization] SharePoint and Systems Administrators for various purposes at any time without knowledge of the SharePoint user or content owner.
• Electronic files created, sent, received, or stored on computers owned, leased administered, or otherwise under the custody and control of [SharePoint Portal Owning Organization] are the property of [SharePoint Portal Owning Organization].
• To manage systems and enforce security, [SharePoint Portal Owning Organization] may log, review, and otherwise utilize any information stored on or passing through its SharePoint systems in accordance with the provisions and safeguards. For these same purposes, [SharePoint Portal Owning Organization] may also capture User activity such as telephone numbers dialed and WSS sites visited.
• A wide variety of third parties may have entrusted their information to [SharePoint Portal Owning Organization] for business purposes, and all workers at [SharePoint Portal Owning Organization] must do their best to safeguard the privacy and security of this information. The most important of these third parties is the individual customer; customer account data is accordingly confidential and access will be strictly limited based on business need for access.
• [SharePoint Portal Owning Organization] SharePoint users must report any weaknesses in [SharePoint Portal Owning Organization] SharePoint security, any incidents of possible misuse or violation of this agreement to the proper authorities by contacting the appropriate management.
• [SharePoint Portal Owning Organization] SharePoint users must not attempt to access any data or programs contained on [SharePoint Portal Owning Organization] systems for which they do not have authorization or explicit consent.

[SharePoint Portal Owning Organization] SharePoint Privacy Statement on the Use of Information Gathered from the Public

The following statement applies only to members of the general public and is intended to address concerns about the types of information gathered from the public, if any, and how that information is used.

I. Cookies
A “cookie” is a small file containing information that is placed on a user’s computer by a web server. Typically, these files are used to enhance the user’s experience of the site, to help users move between pages in a database, or to customize information for a user.
Any information that [SharePoint Portal Owning Organization] webservers may store in cookies is used for internal purposes only. Cookie data is not used in any way that would disclose personally identifiable information to outside parties unless [SharePoint Portal Owning Organization] is legally required to do so in connection with law enforcement investigations or other legal proceedings.

II. Logs and Network Monitoring
[SharePoint Portal Owning Organization] maintains log files of all access to its SharePoint sites and also monitors network traffic for the purposes of site management. This information is used to help diagnose problems with the server and to carry out other administrative tasks. Log analysis tools are also used to create summary statistics to determine which information is of most interest to users, to identify system problem areas, or to help determine technical requirements.

Information such as the following is collected in these files:
Hostname: the hostname and/or IP address of the computer requesting access to the site
User-Agent: the type of browser, its version, and the operating system of the computer requesting access (e.g., Netscape 4 for Windows, IE 4 for Macintosh, etc.)
Referrer: the web page the user came from
System date: the date and time on the server at the time of access
Full request: the exact request the user made
Status: the status code the server returned, e.g., fulfilled request, file not found
Content length: the size, in bytes, of the file sent to the user
Method: the request method used by the browser (e.g., post, get)
Universal Resource Identifier (URI): the location of the particular resource requested. (More commonly known as a URL.)
Query string of the URI: anything after a question mark in a URI. For example, if a keyword search has been requested, the search word will appear in the query string.
Protocol: the technical protocol and version used, i.e., http 1.0, ftp, etc.
The above information is not used in any way that would reveal personally identifying information to outside parties unless [SharePoint Portal Owning Organization] is legally required to do so in connection with law enforcement investigations or other legal proceedings.

III. Email and Form Information
If a member of the general public sends [SharePoint Portal Owning Organization] an e-mail message or fills out a web-based form with a question or comment that contains personally identifying information, that information will only be used to respond to the request and analyze trends. The message may be redirected to another government agency or person who is better able to answer your question. Such information is not used in any way that would reveal personally identifying information to outside parties unless System Administration is legally required to do so in connection with law enforcement investigations or other legal proceedings.

IV. Links
This site may contain links to other sites. [SharePoint Portal Owning Organization] is not responsible for the privacy practices or the content of such websites.

V. Security
This site has security measures in place to protect from loss, misuse and alteration of the information.
Contacting [SharePoint Portal Owning Organization]
If there are any questions about this privacy statement, the practices of this site, or dealings with this website, contact
xxxxxx@xxxxxxx.xxx

• SharePoint Security awareness by [SharePoint Portal Owning Organization] personnel must be continually emphasized, reinforced, updated and validated.
• All [SharePoint Portal Owning Organization] SharePoint users are responsible for managing their use of SharePoint and are accountable for their actions relating to SharePoint security. Users are also equally responsible for reporting any suspected or confirmed violations of this policy to the appropriate management responsible for SharePoint security incident handling.
• [SharePoint Portal Owning Organization] server custodian departments must provide adequate access controls in order to monitor SharePoint systems to protect business data and associated programs from misuse in accordance with the needs defined by owner departments. All SharePoint access must be properly documented, authorized and controlled, following [SharePoint Portal Owning Organization] standardized processes.

• Copyright Act of 1976
• Foreign Corrupt Practices Act of 1977
• Computer Fraud and Abuse Act of 1986
• Computer Security Act of 1987
• The Health Insurance Portability and Accountability Act of 1996 (HIPAA)