- User accounts are only created for people entitled to use resources or facilities belonging to your organisation or to which they subscribe. Personal accounts must not be created for shared use.
- User accounts are only to be used in connection with the normal activities of your organisation.
- Reasonable steps are taken to ensure that user accounts are only used to access or use resources or facilities to which your organisation subscribes and for no other purpose.
- Usernames, passwords and personal information are kept confidential and all relevant data protection and privacy legislation is properly observed at all times.
- All information concerning users and administrators required by Eduserv OpenAthens to provide the service is accurate, complete and kept up to date.
- Industry best practice and guidelines issued by Eduserv OpenAthens concerning usernames, passwords and security are complied with.
- No person shall attempt to violate or circumvent any security measures put in place by Eduserv OpenAthens or any service provider, or any supplier of resources or facilities to which your organisation subscribes. Administrators shall report any infringements to Eduserv OpenAthens as soon as they become aware of them.
- Administrators should periodically check for compliance with all of the foregoing requirements and will co-operate with reasonable requests from Eduserv or OpenAthens or suppliers to verify compliance or to investigate where any breach is suspected.
- User access is promptly removed when their entitlement to the resource or facility expires, for example when they leave your organisation.
- User access is promptly removed upon the reasonable request of Eduserv or OpenAthens or the supplier of the resource or facility.